Commit graph

15799 commits

Author SHA1 Message Date
wxiaoguang eaf551b3c1
Do not overwrite the log mode when installing (#25203)
Fix #24861
2023-06-12 10:52:49 +00:00
HesterG 3318001880
Fix fullscreen for action (#25200)
An error occurs when clicking on `show full screen` on action page.

<img width="1440" alt="Screen Shot 2023-06-12 at 13 06 52"
src="https://github.com/go-gitea/gitea/assets/17645053/1d4ded3c-fb77-4dd8-9201-24d0696f96eb">

class name has changed in #25134, so the selector is not working. 
Enhance the selectors to fix this.
2023-06-12 10:18:01 +00:00
HesterG 06557a75db
Adjust style for action run list (align icons, adjust padding) (#25170)
Main changes:

- Moved the icon into `action-item-main`, and make it `position:
absolute` to allow add margin it to align with `issue-item-top-row`.
- Adjusted padding and color of texts.


# Before

<img width="721" alt="Screen Shot 2023-06-09 at 17 04 38"
src="https://github.com/go-gitea/gitea/assets/17645053/3fc00e94-bcd4-4e06-b1d8-93be0576dbc3">


# After

<img width="1421" alt="Screen Shot 2023-06-09 at 18 32 47"
src="https://github.com/go-gitea/gitea/assets/17645053/c2a0f9df-cac4-4197-9cbd-6c16dfef215b">

On hover:

<img width="1431" alt="Screen Shot 2023-06-09 at 18 32 54"
src="https://github.com/go-gitea/gitea/assets/17645053/d0ab6fde-9722-4d76-831b-163fd6a1f560">
2023-06-12 09:36:08 +00:00
wxiaoguang 34498e62c3
Improve some documents: release version, logging, NFS lock (#25202)
Close #23654
Close #24684

@techknowlogick I still think we need to rename
https://dl.gitea.com/gitea/1.20/ to
https://dl.gitea.com/gitea/1.20-nightly/

`/gitea/1.20/` is quite confusing, it needs these words to explain why.
If we call it `1.20-nightly`, the FAQ can be simplified a lot.
2023-06-12 17:05:49 +08:00
GiteaBot d67e411c26 [skip ci] Updated licenses and gitignores 2023-06-12 00:29:16 +00:00
Zettat123 15d238d321
Add WithPullRequest for actionsNotifier (#25144) 2023-06-11 09:06:43 +08:00
GiteaBot c17423e0a1 [skip ci] Updated translations via Crowdin 2023-06-11 00:29:35 +00:00
GiteaBot eb2ba43fa1 [skip ci] Updated translations via Crowdin 2023-06-10 00:25:26 +00:00
Yevhen Pavlov 5fa4415bbb
Update github.com/google/go-github to v53 (#25157)
The new `go-github` version
[53](https://github.com/google/go-github/releases/tag/v53.0.0) has been
released.
2023-06-09 19:42:51 +00:00
Lunny Xiao feb38da259
Fix bug for code search if code is disabled (#25173)
Fix https://github.com/go-gitea/gitea/pull/24189/files#r1224144768
2023-06-09 19:02:33 +00:00
silverwind 96f9c11821
Minor arc-green color tweaks (#25175)
Some minor color tweaks

<img width="1271" alt="Screenshot 2023-06-09 at 13 29 25"
src="https://github.com/go-gitea/gitea/assets/115237/b7b34995-5d34-461f-8d19-4f5755a98109">
<img width="1272" alt="Screenshot 2023-06-09 at 13 31 20"
src="https://github.com/go-gitea/gitea/assets/115237/63c866b4-797e-46ed-ba28-b1162ccd3e15">
<img width="1276" alt="Screenshot 2023-06-09 at 13 32 21"
src="https://github.com/go-gitea/gitea/assets/115237/de7ee02e-d0c7-4979-a8aa-0fd03e8db491">

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-09 15:17:30 +00:00
Cory Todd 179704695c
Fix duplicate Reviewed-by trailers (#24796)
Enable deduplication of unofficial reviews. When pull requests are
configured to include all approvers, not just official ones, in the
default merge messages it was possible to generate duplicated
Reviewed-by lines for a single person. Add an option to find only
distinct reviews for a given query.

fixes #24795

---------

Signed-off-by: Cory Todd <cory.todd@canonical.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-09 16:34:49 +02:00
yp05327 81211db077
Fix #25133 (#25162)
Fix #25133

Thanks @wxiaoguang @silverwind.
I'm sorry I made a mistake, it will be fixed in this PR.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-09 10:27:10 +00:00
silverwind 6a075589bf
Fix mobile navbar and misc cleanups (#25134)
- Fix and improve mobile navbar layout
- Apply all cleanups suggested in
https://github.com/go-gitea/gitea/pull/25111
- Make media query breakpoints match Fomantic's exactly
- Clean up whitespace in class on navbar items

Mobile navbar before and after:
<img width="745" alt="Screenshot 2023-06-08 at 08 40 56"
src="https://github.com/go-gitea/gitea/assets/115237/ca84b239-b10f-41db-8c06-dcf2b6dd9d28">
<img width="739" alt="Screenshot 2023-06-08 at 08 41 23"
src="https://github.com/go-gitea/gitea/assets/115237/09133c54-eb7e-4110-858c-ead23c3b7521">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-09 09:10:51 +00:00
silverwind 623b3b590e
Button and color enhancements (#24989)
- Various corrections to button styles, especially secondary
- Remove focus highlight, it's annoying when it stays on button after
press
- Clearly define ghost and link buttons with demos in devtest
- Remove black, grey and tertiary buttons, they should not be used
- Make `arc-green` slightly darker

<img width="1226" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/8d89786a-01ab-40f8-ae5a-e17f40e35084">
<img width="1249" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/83651e6d-3c27-46ff-b8bd-ff344d70e949">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-09 08:37:47 +00:00
silverwind 3c6aa8d3e1
Fix setup-go actions (#25167)
The `setup-go` actions did not all have `check-latest` which means they
use some cached version of go that currently still resolves to go1.20.4,
as seen in a number of recent runs that currently fail at govulncheck
because of it:

````
Run actions/setup-go@v4
Setup go version spec >=1.20
Attempting to resolve the latest version from the manifest...
matching >=1.20...
Resolved as '1.20.4'
````

Add the
[check-latest](https://github.com/actions/setup-go#check-latest-version)
option which should guarantee that this cache is skipped.
2023-06-09 09:33:48 +02:00
GiteaBot 6d063a81f0 [skip ci] Updated translations via Crowdin 2023-06-09 00:28:43 +00:00
HesterG 63a429581c
Modify OAuth login ui and fix display name, iconurl related logic (#25030)
Close #24808 

Co-Authour @wxiaoguang @silverwind 

1. Most svgs are found from https://worldvectorlogo.com/ , and some are
from conversion of png to svg. (facebook and nextcloud). And also
changed `templates/user/settings/security/accountlinks.tmpl`.

2. Fixed display name and iconurl related logic

# After

<img width="1436" alt="Screen Shot 2023-06-05 at 14 09 05"
src="https://github.com/go-gitea/gitea/assets/17645053/a5db39d8-1ab0-4676-82a4-fba60a1d1f84">

On mobile

<img width="378" alt="Screen Shot 2023-06-05 at 14 09 46"
src="https://github.com/go-gitea/gitea/assets/17645053/71d0f51b-baac-4f48-8ca2-ae0e013bd62e">


user/settings/security/accountlinks (The dropdown might be improved
later)

<img width="973" alt="Screen Shot 2023-06-01 at 10 01 44"
src="https://github.com/go-gitea/gitea/assets/17645053/27010e7e-2785-4fc5-8c49-b06621898f37">

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-08 16:35:29 +00:00
Lauris BH 9aaaf980f0
Fix open redirect check for more cases (#25143)
If redirect_to parameter has set value starting with `\\example.com`
redirect will be created with header `Location: /\\example.com` that
will redirect to example.com domain.
2023-06-08 14:08:14 +00:00
silverwind 263ed09bbf
Update js dependencies (#25137)
- Update all JS dependencies
- Tweak eslint for more generic globs
- Tested mermaid, pdf, monaco

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-08 10:54:31 +00:00
Lunny Xiao 0d47b0ab1d
Remove duplicated functions when deleting a branch (#25128)
Extract from #22743

`DeleteBranch` will trigger a push update event, so that
`pull_service.CloseBranchPulls` has been invoked twice and
`AddDeletedBranch` is better to be moved to push update then even user
delete a branch via git command, it will also be triggered.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-08 10:10:59 +00:00
Vladimir Buyanov 3bdd48016f
Add codeowners feature (#24910)
Hello.
This PR adds a github like configuration for the CODEOWNERS file.

Resolves: #10161
2023-06-08 16:56:05 +08:00
yp05327 b5a2bb9ab3
Fix strange UI behavior of cancelling dismiss review modal (#25133)
Fixes https://github.com/go-gitea/gitea/issues/25130

The old code uses `$(this).next()` to get `dismiss-review-modal`.
At first, it will get `$(#dismiss-review-modal)`, but the next time it
will get `$(#dismiss-review-modal).next();`
and then `$(#dismiss-review-modal).next().next();`.
Because div `dismiss-review-modal` will be removed when
`dismiss-review-btn` clicked.

Maybe the right usage is adding `show-modal` class and `data-modal`
attribute.
2023-06-08 08:52:35 +00:00
Zettat123 679b1f7949
Fix MilestoneIDs when querying issues (#25125)
Fix #25114
2023-06-08 08:08:35 +00:00
yp05327 e4f9eb7e12
Fix incorrect git ignore rule and add missing license files (#25135)
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-08 09:36:53 +02:00
HesterG 206d3fbae9
Change branch name from master to main in some documents' links (#25126)
As title. And needs to backport to 1.19
2023-06-08 07:35:55 +00:00
wxiaoguang 3d020b57f8
Remove incorrect element ID on "post-install" page (#25104)
That ID is a "copy&paste" error, it conflicts with the
`initRepoMigrationStatusChecker` logic, which is the right function for
a real `#repo_migrating` element. That wrong ID causes incorrect page
navigation after installation.
2023-06-08 12:23:39 +08:00
GiteaBot 447ee6620f [skip ci] Updated translations via Crowdin 2023-06-08 00:28:45 +00:00
silverwind b6bcb79987
Improve notification icon and navbar (#25111)
Improvements to the notification icon and `<nav>`:

- Add a opaque color for header hover and use it, allowing the border to
be the right color on hover (sadly, not otherwise possible with CSS, not
even `color-mix`).
- Increase font size by 1px
- Use flexbox for slightly better text centering
- Reduce padding of user and add repo button, add margin on right side
of user menu
- Remove the `following bar` wrapper on navbar

<img width="176" alt="Screenshot 2023-06-07 at 00 07 08"
src="https://github.com/go-gitea/gitea/assets/115237/23cdc3d6-7f63-49df-bec3-f2e75e32a304">
<img width="63" alt="Screenshot 2023-06-07 at 00 07 14"
src="https://github.com/go-gitea/gitea/assets/115237/fae602c2-4467-4d50-b1ec-56317843f9a2">
<img width="84" alt="Screenshot 2023-06-07 at 00 07 36"
src="https://github.com/go-gitea/gitea/assets/115237/c48141b8-0b3c-48cc-846a-3a272524dbdb">
<img width="329" alt="Screenshot 2023-06-07 at 00 25 10"
src="https://github.com/go-gitea/gitea/assets/115237/cda612f1-426e-466b-a351-fc992bfd18fd">
<img width="186" alt="Screenshot 2023-06-07 at 00 35 45"
src="https://github.com/go-gitea/gitea/assets/115237/04484a2e-9bbf-493c-aa26-8e936da008fa">
<img width="797" alt="Screenshot 2023-06-07 at 16 57 40"
src="https://github.com/go-gitea/gitea/assets/115237/e7ccb672-5807-4cb6-b306-b18ae0c7e321">
2023-06-07 22:21:57 +00:00
Denys Konovalov eac1bddb8d
fix swagger documentation for multiple files API endpoint (#25110)
Fixes some issues with the swagger documentation for the new multiple
files API endpoint (#24887) which were overlooked when submitting the
original PR:

1. add some missing parameter descriptions
2. set correct `required` option for required parameters
3. change endpoint description to match it full functionality (every
kind of file modification is supported, not just creating and updating)
2023-06-07 23:49:58 +08:00
wxiaoguang 027014d7de
Fix webauthn regression and improve code (#25113)
Follow:

* #22697

There are some bugs in #22697:

* https://github.com/go-gitea/gitea/pull/22697#issuecomment-1577957966
* the webauthn failure message is never shown and causes console error
* The `document.getElementById('register-button')` and
`document.getElementById('login-button')` is wrong
    * there is no such element in code
    * it causes JS error when a browser doesn't provide webauthn
    * the end user can't see the real error message

These bugs are fixed in this PR.

Other changes:

* Use simple HTML/CSS layouts, no need to use too many `gt-` patches
* Make the webauthn page have correct "page-content" layout
* The "data-webauthn-error-msg" elements are only used to provide locale
texts, so move them into a single "gt-hidden", then no need to repeat a
lot of "gt-hidden" in code
* The `{{.CsrfTokenHtml}}`  is a no-op because there is no form
* Many `hideElem('#webauthn-error')` in code is no-op because the
`webauthn-error` already has "gt-hidden" by default
* Make the tests for "URLEncodedBase64" really test with concrete cases.


Screenshots:

* Error message when webauthn fails (before, there is no error message):

<details>


![image](https://github.com/go-gitea/gitea/assets/2114189/93cf9559-d93b-4f06-9d98-0f7032d9c65b)

</details>

* Error message when webauthn is unavailable 

<details>


![image](https://github.com/go-gitea/gitea/assets/2114189/ffc0fcd9-b93b-4418-979c-c89bb627aaf2)

</details>
2023-06-07 19:20:18 +08:00
HesterG 58536093b3
Add details summary for vertical menus in settings to allow toggling (#25098)
Close #25051
[referenced
answer](https://stackoverflow.com/questions/10813581/can-i-replace-the-expand-icon-of-the-details-element/69722686#69722686)
for marker overwrite. One limitation is that fomantic does not have
hover and active effects for the vertical submenu
([reference](https://fomantic-ui.com/collections/menu.html#sub-menu)).
And we might need to overwrite some styles if hover and active effects
are needed.

Update:
Used `data:image/svg` instead of `marker` content. And adjusted styles
for hover effect.

Take admin settings as an example:

https://github.com/go-gitea/gitea/assets/17645053/63f69823-ef43-47d5-a518-544b5ea35ba6

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-07 10:49:48 +08:00
Jason Song 379ec13030
Fix 500 error caused by notifications without an issue such as repo transfers (#25101) 2023-06-06 23:17:56 +08:00
zeripath 036fb7861f
Clean up WebAuthn javascript code and remove JQuery code (#22697)
There were several issues with the WebAuthn registration and testing
code and the style
was very old javascript with jquery callbacks.

This PR uses async and fetch to replace the JQuery code.

Ref #22651

Signed-off-by: Andrew Thornton <art27@cantab.net>

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-06 13:29:37 +08:00
silverwind c09f747b51
Enable all webpack sourcemaps in dev build, disable all in prod build (#25089)
- Enable all source maps in dev build
- Disable all source maps in prod build
- Provide `ENABLE_SOURCEMAP` env var to override it.

I think the strange error seen in
https://github.com/go-gitea/gitea/issues/24784 is sourcemap related, so
if we enable/disable them all, it might go away. But it's most
definitely a Safari bug.

With all sourcemaps disabled, binary size goes down by around 1-2 MB,
with all enabled it goes up by around 12MB. If +12MB is acceptable, we
could also always enable them by default as fully source maps do have
some debugging benefits.
2023-06-06 12:57:08 +08:00
Yevhen Pavlov 8d7893e817
Don't display select all issues checkbox when no issues are available (#25086)
Before:

![image](https://github.com/go-gitea/gitea/assets/1969460/8830c077-89d4-4897-a6e0-f5dba6830ff7)

After:

![image](https://github.com/go-gitea/gitea/assets/1969460/8fa06878-496b-4f65-87eb-04e1f94d4a3c)
2023-06-06 08:19:24 +08:00
techknowlogick 7c778d6b5e
change placeholders in actions docs 2023-06-05 11:32:56 -04:00
techknowlogick d302a5ee65
change placeholders in actions docs 2023-06-05 11:28:51 -04:00
6543 395a6fabf3
fix "Remove stars when repo goes private #19904" (#25084)
https://github.com/go-gitea/gitea/pull/19904#discussion_r1218111682
2023-06-05 15:23:09 +00:00
sillyguodong 1a5f478ae1
Introduce how to configure cache when starting a Runner with Docker (#25077)
If a user starts a runner using a Docker image without making additional
configurations, the [cache action](https://github.com/actions/cache)
will not work properly.
Therefore, add a section in the documentation that explains how to
configure the cache correctly.
2023-06-05 14:12:55 +00:00
Wim 62ac3251fa
Remove stars when repo goes private (#19904)
Fixes #18600
2023-06-05 13:25:43 +00:00
wxiaoguang 8e63373c01
Use correct selector for hiding RSS icon link in the branch selector dropdown (#25080)
Fix  #25079


![image](https://github.com/go-gitea/gitea/assets/2114189/5d3f2f49-018a-4b75-8c90-ffafd898697a)


![image](https://github.com/go-gitea/gitea/assets/2114189/3e9dcf2e-eca7-4e96-be79-3b26f222cdb9)


![image](https://github.com/go-gitea/gitea/assets/2114189/855fffa4-0220-4ca2-a5e0-58c376fdc378)


![image](https://github.com/go-gitea/gitea/assets/2114189/f5ffa7e6-a974-4698-a45d-e38091903be1)
2023-06-05 12:34:25 +00:00
Lunny Xiao 315124b469
Fix parallelly generating index failure with Mysql (#24567) 2023-06-05 10:33:47 +00:00
Lunny Xiao 3d1fda737b
Use git command instead of the ini package to remove the origin remote (#25066) 2023-06-05 18:05:31 +08:00
Lunny Xiao d851bd9a6b
improve permission documentation (#23942) 2023-06-05 15:43:17 +08:00
Lunny Xiao 11598885b3
Use RepositoryList instead of []*Repository (#25074) 2023-06-05 15:25:47 +08:00
Denys Konovalov ca35dec18b
Add ability to set multiple redirect URIs in OAuth application UI (#25072)
OAuth applications can already have multiple redirect URIs if
created/edited over API.

This change allows for setting multiple redirect URIs through the UI as
a comma-separated list (e. g.
`https://example.org/redirect,https://redirect.example.org`)

<details>
<summary>Screenshots</summary>

![Bildschirmfoto vom 2023-06-04
17-14-40](https://github.com/go-gitea/gitea/assets/47871822/2206dc32-e7e4-4953-9ecb-e098890b3f54)
![Bildschirmfoto vom 2023-06-04
17-14-50](https://github.com/go-gitea/gitea/assets/47871822/cd97c73c-9310-44ee-a83a-b927a1ef94da)

</details>

Closes #25068
2023-06-05 15:00:12 +08:00
JakobDev 7d192cb674
Add Progressbar to Milestone Page (#25050)
This is adds the progress bar, which is already on the Milestone List,
also to the Page of a Single Milestone.


![grafik](https://github.com/go-gitea/gitea/assets/15185051/24e0fa28-369b-4bb9-807a-ee823b46ba81)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-05 14:25:46 +08:00
GiteaBot d63d8108b4 [skip ci] Updated licenses and gitignores 2023-06-05 00:27:49 +00:00
Jack Hay 18de83b2a3
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
    - `activitypub`
    - `admin` (hidden if user is not a site admin)
    - `misc`
    - `notification`
    - `organization`
    - `package`
    - `issue`
    - `repository`
    - `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
  -  `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
  - `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection

### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">

## tokenRequiresScopes  Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error

## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
   -  _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
   - _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
   - _This should be addressed in this PR_
   - For example: 
   ```go
	m.Group("/users/{username}/orgs", func() {
		m.Get("", reqToken(), org.ListUserOrgs)
		m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
   ```

## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default

Closes #24501
Closes #24799

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 20:57:16 +02:00