Commit graph

14181 commits

Author SHA1 Message Date
silverwind 57a0a7ef64
Fix opaque background on mermaid diagrams (#21642)
Browsers introduce a opaque background on iframes if the iframe
element's color-scheme does not match the document's color scheme which
in case of a dark theme results in a mismatch and the browser adds a
white background. Avoid this by specifying the same color scheme outside
and inside the iframe.

See https://fvsch.com/transparent-iframes for more info.

My initial attempt was to make the iframe document the same color-scheme
as the parent page (light or dark) but with that, there was a ugly
background flash on load in Chrome because Chrome apparently always
loads iframe in light scheme initially. Firefox still shows a background
flash on load but this is not possible to get rid of and it's certainly
a browser bug.

Before:
<img width="1147" alt="Screen Shot 2022-10-31 at 13 30 55"
src="https://user-images.githubusercontent.com/115237/199017132-9828aace-bdd0-4ede-8118-359e72bcf2fe.png">

After:
<img width="1152" alt="Screen Shot 2022-10-31 at 13 30 36"
src="https://user-images.githubusercontent.com/115237/199017137-989a9e67-3fe0-445f-a191-df5bf290dabf.png">
2022-10-31 20:57:31 +00:00
Lunny Xiao 9a70a12a34
Merge db.Iterate and IterateObjects (#21641)
These two functions are similiar, merge them.
2022-10-31 23:51:14 +08:00
Jason Song 4ae3f76217
Deal with markdown template without metadata (#21639)
Fixed #21636.

Related to #20987.

A markdown template without metadata should not be treated as an invalid
template.

And this PR fixed another bug that non-template files(neither .md nor
.yaml) are treated as yaml files.

<img width="504" alt="image"
src="https://user-images.githubusercontent.com/9418365/198968668-40082fa1-4f25-4d3e-9b73-1dbf6d1a7521.png">
2022-10-31 17:10:33 +02:00
KN4CK3R 9b3e2c5450 [skip ci] Updated translations via Crowdin 2022-10-31 00:19:34 +00:00
KN4CK3R d33b2d473c [skip ci] Updated licenses and gitignores 2022-10-30 00:19:37 +00:00
KN4CK3R 49436c2c62
Keep languages defined in .gitattributes (#21403)
Fixes #21377

This marks all "defined" languages in the `.gitattributes` file so they
are not removed if they are not of type `programming` or `markup`.


![grafik](https://user-images.githubusercontent.com/1666336/194942021-1e641b60-bb8a-49c6-9a1c-413e7c4ba17d.png)

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-29 15:04:21 +08:00
Jason Song 434622ab6f [skip ci] Updated translations via Crowdin 2022-10-29 00:19:53 +00:00
Jason Song 60dc48dc00
Sync git hooks when config file path changed (#21619)
A patch to #17335.

Just like AppPath, Gitea writes its own CustomConf into git hook scripts
too. If Gitea's CustomConf changes, then the git push may fail.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-10-28 19:53:08 +03:00
Xinyu Zhou 100448a007
Allow disable sitemap (#21617)
This patch provide a mechanism to disable
[sitemap](https://github.com/go-gitea/gitea/pull/18407).

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-10-28 11:17:38 -04:00
kolaente cd5c067abe
fix: PR status layout on mobile (#21547)
This PR fixes the layout of PR status layouts on mobile. For longer
status context names or on very small screens the text would overflow
and push the "Details" and "Required" badges out of the container.

Before:

![Screen Shot 2022-10-22 at 12 27
46](https://user-images.githubusercontent.com/13721712/197335454-e4decf09-4778-43e8-be88-9188fabbec23.png)

After:

![Screen Shot 2022-10-22 at 12 53
24](https://user-images.githubusercontent.com/13721712/197335449-2c731a6c-7fd6-4b97-be0e-704a99fd3d32.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-28 09:49:42 -04:00
Yarden Shoham 5f0cbb3e80
Make rss/atom identifier globally unique (#21550)
This field should be globally unique.

[RSS
reference](https://www.rssboard.org/rss-specification#ltguidgtSubelementOfLtitemgt).

### Before
```xml
    <item>
      <title>abc opened issue &lt;a href=&#34;https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg/issues/1&#34;&gt;abc/defg#1&lt;/a&gt;</title>
      <link>https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg/issues/1</link>
      <description>1#Colors</description>
      <content:encoded><![CDATA[<p><code>#FF0000<span class="color-preview" style="background-color: #FF0000"></span></code></p>
]]></content:encoded>
      <author>abc</author>
      <guid>2</guid>
      <pubDate>Mon, 17 Oct 2022 16:06:08 +0000</pubDate>
    </item>
    <item>
      <title>abc created repository &lt;a href=&#34;https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg&#34;&gt;abc/defg&lt;/a&gt;</title>
      <link>https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg</link>
      <description></description>
      <author>abc</author>
      <guid>1</guid>
      <pubDate>Mon, 17 Oct 2022 16:05:43 +0000</pubDate>
    </item>
```
### After
```xml
    <item>
      <title>abc opened issue &lt;a href=&#34;https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg/issues/1&#34;&gt;abc/defg#1&lt;/a&gt;</title>
      <link>https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg/issues/1</link>
      <description>1#Colors</description>
      <content:encoded><![CDATA[<p><code>#FF0000<span class="color-preview" style="background-color: #FF0000"></span></code></p>
]]></content:encoded>
      <author>abc</author>
      <guid>2: https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg/issues/1</guid>
      <pubDate>Mon, 17 Oct 2022 16:06:08 +0000</pubDate>
    </item>
    <item>
      <title>abc created repository &lt;a href=&#34;https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg&#34;&gt;abc/defg&lt;/a&gt;</title>
      <link>https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg</link>
      <description></description>
      <author>abc</author>
      <guid>1: https://3000-yardenshoham-gitea-3pzuhkduf6t.ws-eu72.gitpod.io/abc/defg</guid>
      <pubDate>Mon, 17 Oct 2022 16:05:43 +0000</pubDate>
    </item>
```

* Fixes #21542

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-10-28 09:49:04 -04:00
Xinyu Zhou 830f5c3736
Fix UI column width, button overflow Fomantic's grid (#21559)
resolved #21310 

Before:

![](https://user-images.githubusercontent.com/76462613/197395358-78698f7f-776a-4ed1-954e-e6c09a648f2b.png)


After:

![](https://user-images.githubusercontent.com/76462613/197395356-63289761-a0d4-47a7-a103-a6e6f4ad2eed.png)

Signed-off-by: baronbunny <its@baronbunny.cn>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-28 09:48:48 -04:00
Yarden Shoham 125e3e3d66
Localize time units on activity heatmap (#21570)
Previously, the months and days were hardcoded into English

* Closes #15541

## Screenshots
### English

![image](https://user-images.githubusercontent.com/20454870/197410352-1b28a637-ce19-41ae-b4e5-27955555b082.png)

### German

![image](https://user-images.githubusercontent.com/20454870/197410455-f243ca84-807f-476e-b8ed-c24e827bfc2d.png)

### Spanish

![image](https://user-images.githubusercontent.com/20454870/197410366-55202ca5-08f9-4152-8f9d-d5eeebd532ef.png)

### Italian

![image](https://user-images.githubusercontent.com/20454870/197410385-75f754dd-e845-4444-8a04-472a8f45b617.png)

### Portuguese
This one has a bit of overflow

![image](https://user-images.githubusercontent.com/20454870/197410414-b91f962e-77e9-4cc7-990b-01c0fc0cbd0b.png)

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-10-28 09:48:24 -04:00
Clar Fon 76e9a4f701
Use right syntax for symbolic-ref command (#21577)
Follow-up to #21352: when testing this out, I found out that the syntax
for the `symbolic-ref` command was different than originally assumed in
that PR. Never got around to submitting a PR until now.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-28 09:41:09 -04:00
silverwind b1dd1ba48f
Update JS dependencies and misc tweaks (#21583)
- Update all JS dependencies to latest version
- Disable two redundant eslint rules
- Adapt stylelint config to codebase
- Regenerate SVGs
- Make file editor spinner "reserve" height so page does not shift
- Tested katex, swagger, monaco

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-10-28 09:40:50 -04:00
Lunny Xiao f337c32e86
Add index for hook_task table (#21545)
Since `hook_id` and `uuid` will become a search condition column. It's
better to add some index for them.
2022-10-28 13:05:39 +02:00
wxiaoguang e09025fdce
Revert: auto generate INTERNAL_TOKEN (#21608)
Follow #19663

Some users do cluster deployment, they still depend on this
auto-generating behavior.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-28 17:58:32 +08:00
silverwind 07178f4d0c
Use CSS color-scheme instead of invert (#21616)
The
[`color-scheme`](https://developer.mozilla.org/en-US/docs/Web/CSS/color-scheme)
property changes the base color of certain form elements like the
datepicker icon in Chrome. Set it and remove the previous invert hack.

Before with invert removed:
<img width="840" alt="Screen Shot 2022-10-27 at 11 42 54"
src="https://user-images.githubusercontent.com/115237/198251927-b742e14e-0c62-492c-b667-ee6c69de4ad8.png">
<img width="238" alt="Screen Shot 2022-10-27 at 12 23 28"
src="https://user-images.githubusercontent.com/115237/198260413-37c1ca85-c2de-4c09-8b37-6aa8a23ab575.png">

After:
<img width="841" alt="Screen Shot 2022-10-27 at 11 43 05"
src="https://user-images.githubusercontent.com/115237/198251934-568fa291-0d18-4cd4-adec-58ae1ad90ab2.png">
<img width="839" alt="Screen Shot 2022-10-27 at 11 44 36"
src="https://user-images.githubusercontent.com/115237/198251936-a435105e-572b-41f6-8262-a53820f1d364.png">
<img width="243" alt="Screen Shot 2022-10-27 at 12 23 42"
src="https://user-images.githubusercontent.com/115237/198260432-5eaffc82-ffb8-4559-b1c2-08a39e8f4427.png">

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-28 13:45:08 +08:00
mpeter50 2cc7408b98 [skip ci] Updated translations via Crowdin 2022-10-28 00:19:53 +00:00
mpeter50 10b8506023
Improve documentation (#21612)
Fix file reference at the FLAGS line at the Log subsections heading,
improve COLORIZE line wording.

The FLAGS line referenced a file that doesn't exist in the repository as
of now. The COLORIZE line's wording implied that it would
unconditionally colorize the log by default.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-27 16:47:19 +08:00
qwerty287 096aed5c1d [skip ci] Updated translations via Crowdin 2022-10-27 00:21:00 +00:00
qwerty287 8430f738e2
Fix 500 on PR files API (#21602)
Fixes an 500 error/panic if using the changed PR files API with pages
that should return empty lists because there are no items anymore.
`start-end` is then < 0 which ends in panic.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
2022-10-26 23:46:11 +08:00
KN4CK3R ed47d0062e
Fix Timestamp.IsZero (#21593)
Our implementation of `IsZero` can't work. An "empty" timestamp (= 0)
calls `time.Unix(int64(ts), 0).IsZero()` which is always `false`. Only
`time.Time{}.IsZero()` is `true`.
We call this method ~~only at one place~~ and there the value
(`UpdatedUnix`) should be always != 0 so this PR may not have
consequences.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-26 21:34:44 +08:00
techknowlogick 49a4e4555a [skip ci] Updated translations via Crowdin 2022-10-26 00:20:58 +00:00
techknowlogick 3f7cab42dc
Revert "Do not send notifications for draft releases (#21451)" (#21594)
This reverts commit a37e8b275d / #21451

Temporarily revert this PR to be able to continue discussion, and
potentially get it into 1.19.0
2022-10-26 00:00:00 +02:00
KN4CK3R 5c2089a01d
Change commits-table column width (#21564)
Fixes #21561

Before

![image](https://user-images.githubusercontent.com/20903656/197388658-0ea1d941-8bc7-4f10-b5db-4ece8602b13a.png)

After

![image](https://user-images.githubusercontent.com/20903656/197388665-78fb8421-105d-408d-84cf-a86b1cc61e2e.png)
2022-10-25 18:00:37 +01:00
Lunny Xiao 5e8e3ecbeb
Fix issues count bug (#21557)
fix #19349 , #19505

Co-authored-by: delvh <dev.lh@web.de>
2022-10-25 14:47:46 +02:00
Gusted 29c00eb1ed
Improve code comment review on mobile (#21461)
- Fix placement of avatar image, this was not placed in the
`comment-header-left` and add CSS to cover the limiting of width+height
of avatar for code-review comment on "Files changed" page. This fixes
the big noticeable avatar issue.
- Apply `margin-bottom` to the "next" button, so it's consistent with
the "previous" button.
- Make sure the "next"/"previous" start at `flex-start` on mobile and
not off-screen at `flex-end`. As well force them to have `flex: 1` so
they won't overflow on x-asis. This also requires the `width: 100%` for
the `.ui.buttons` div.
- Resolves #20074


### Before
<details><img width="512"
src="https://user-images.githubusercontent.com/25481501/195952930-09560cad-419f-43a3-a8a4-a4166c117994.jpg"></details>

### After
<details><img width="512"
src="https://user-images.githubusercontent.com/25481501/197340081-0365dfa8-4344-46b4-8702-a40c778c073f.jpg"></details>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2022-10-25 19:11:49 +08:00
silverwind 06a7ed4e04
Consolidate remaining colors into variables (#21582)
Remove remaining non-color variables in arc-green, so the theme is now
100% defined from variables (excluding inverts). Adjusted red/green to
match previous overwritten colors.

`--color-gold-light` is removed, it was unused and is not part of
fomantic colors.

<img width="772" alt="Screen Shot 2022-10-24 at 20 22 25"
src="https://user-images.githubusercontent.com/115237/197599339-1d1bf6e3-aa90-4f38-9753-24effd4b178d.png">
<img width="275" alt="Screen Shot 2022-10-24 at 20 25 52"
src="https://user-images.githubusercontent.com/115237/197599344-79c1d3ac-c709-4e30-a60b-4738af672c12.png">
<img width="446" alt="Screen Shot 2022-10-24 at 20 26 46"
src="https://user-images.githubusercontent.com/115237/197599346-f2ef6449-7efd-4f81-bbb6-e7bee4528f50.png">

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-25 07:08:54 +03:00
Yarden Shoham 3bd05172d5 [skip ci] Updated translations via Crowdin 2022-10-25 00:20:58 +00:00
Yarden Shoham fc1048a411
Add sqlite vscode extension to Gitpod configuration (#21552)
It allows for quick database inspections in the IDE.


![image](https://user-images.githubusercontent.com/20454870/197355299-222f5027-aba8-4fe2-b1d4-fff93d5ccb3c.png)

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2022-10-24 16:55:59 -04:00
delvh 0ebb45cfe7
Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551)
Found using
`find . -type f -name '*.go' -print -exec vim {} -c
':%s/fmt\.Errorf(\(.*\)%v\(.*\)err/fmt.Errorf(\1%w\2err/g' -c ':wq' \;`

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-24 20:29:17 +01:00
KN4CK3R 7c11a73833
Fix package access for admins and inactive users (#21580)
I noticed an admin is not allowed to upload packages for other users
because `ctx.IsSigned` was not set.
I added a check for `user.IsActive` and `user.ProhibitLogin` too because
both was not checked. Tests enforce this now.

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-10-24 22:23:25 +03:00
Wayne Starr 49a4464160
Allow for resolution of NPM registry paths that match upstream (#21568)
This PR fixes issue #21567 allowing for package tarball URLs to match
the upstream registry (and GitLab/JFrog Artifactory URLs). It uses a
regex to parse the filename (which contains the NPM version) and does a
fuzzy search to pull it out. The regex was built/expanded from
http://json.schemastore.org/package,
https://github.com/Masterminds/semver, and
https://docs.npmjs.com/cli/v6/using-npm/semver and is testable here:
https://regex101.com/r/OydBJq/5

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-24 21:50:22 +08:00
Vladimir Yakovlev 0218fa7cf1
Added missing headers on user packages page (#21172)
User packages page had missing tabs.


![packages-2](https://user-images.githubusercontent.com/183965/190411160-c8138a8c-dbc4-4cf1-af2c-52497a10cee8.png)

![packages-1](https://user-images.githubusercontent.com/183965/190411155-af2cb398-c9a0-4fcc-adcd-1711aaa28345.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-10-24 20:01:05 +08:00
M Hickford 191a74d622
Record OAuth client type at registration (#21316)
The OAuth spec [defines two types of
client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1),
confidential and public. Previously Gitea assumed all clients to be
confidential.

> OAuth defines two client types, based on their ability to authenticate
securely with the authorization server (i.e., ability to
>   maintain the confidentiality of their client credentials):
>
>   confidential
> Clients capable of maintaining the confidentiality of their
credentials (e.g., client implemented on a secure server with
> restricted access to the client credentials), or capable of secure
client authentication using other means.
>
>   **public
> Clients incapable of maintaining the confidentiality of their
credentials (e.g., clients executing on the device used by the resource
owner, such as an installed native application or a web browser-based
application), and incapable of secure client authentication via any
other means.**
>
> The client type designation is based on the authorization server's
definition of secure authentication and its acceptable exposure levels
of client credentials. The authorization server SHOULD NOT make
assumptions about the client type.

 https://datatracker.ietf.org/doc/html/rfc8252#section-8.4

> Authorization servers MUST record the client type in the client
registration details in order to identify and process requests
accordingly.

Require PKCE for public clients:
https://datatracker.ietf.org/doc/html/rfc8252#section-8.1

> Authorization servers SHOULD reject authorization requests from native
apps that don't use PKCE by returning an error message

Fixes #21299

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-24 15:59:24 +08:00
a1012112796 e1ce45eabf
adapt README_{Country}.md stype name in localizedExtensions (#21486)
This stype name is also used in many repos, example:
[``README_ZH.md``](https://github.com/go-gitea/gitea/blob/main/README_ZH.md)

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-10-24 14:12:15 +08:00
Johan Van de Wauw 49874b7aad
dump: Add option to skip index dirs (#21501)
closes #20683

Add an option to gitea dump to skip the bleve indexes, which can become
quite large (in my case the same size as the repo's) and can be
regenerated after restore.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-10-24 11:19:21 +08:00
Yarden Shoham c04ad7632f
Use recommended vscode configuration in gitpod environments (#21537)
To make go tests run in gitpod, the vscode settings.json must be in the
correct place in the filesystem

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2022-10-24 02:24:33 +01:00
silverwind bf2a72d126
Expand "Go to File" button again, fix 'Add File' margin (#21543)
With https://github.com/go-gitea/gitea/pull/21428 we gained some space
so we are again able to show the "Go to File" button as text instead of
icon-only (the old icon was not particularily fitting anyways).

Before:
<img width="328" alt="image"
src="https://user-images.githubusercontent.com/115237/197334423-07731d9d-bf26-4aeb-95fa-490d9d0bf2a2.png">

After:
<img width="339" alt="Screen Shot 2022-10-22 at 12 28 01"
src="https://user-images.githubusercontent.com/115237/197334383-467c4107-09c9-4881-b75f-7f403eab7f3a.png">
<img width="413" alt="Screen Shot 2022-10-22 at 12 28 16"
src="https://user-images.githubusercontent.com/115237/197334384-f7d1fdda-a011-4138-ad1e-b52fc987501f.png">
2022-10-24 02:23:04 +01:00
Yarden Shoham 578b43ddb5
Add yardenshoham to maintainers (#21566)
[List of merged
PRs](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+author%3Ayardenshoham+is%3Amerged)
(with many more on the way!)

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-10-23 12:09:21 -04:00
wxiaoguang dcd9fc7ee8
Refactor git command arguments and make all arguments to be safe to be used (#21535)
Follow #21464

Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
2022-10-23 22:44:45 +08:00
Lunny Xiao 4eeea7b30e
Update binding to fix bugs (#21556)
Fix #19698
2022-10-23 13:50:48 +03:00
Yarden Shoham 88a03a6133
Link mentioned user in markdown only if they are visible to viewer (#21554)
We need to make sure a user can't confirm the existence of a user with
private visibility

* Follow up on #21533 

### Before
#### User

![image](https://user-images.githubusercontent.com/20454870/197357580-340911d7-1659-4fc9-a9f6-7ed6bc3476b4.png)

#### Admin

![image](https://user-images.githubusercontent.com/20454870/197357676-a8f0ae63-8f80-4221-a9b5-b6311552910a.png)

### After
#### User

![image](https://user-images.githubusercontent.com/20454870/197357536-05616edb-7821-469d-8e51-6f8cb84c1362.png)

#### Admin

![image](https://user-images.githubusercontent.com/20454870/197357703-071fe984-de79-43aa-a77c-a85b046292a4.png)

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-23 17:13:52 +08:00
M Hickford afebbf29a9
Require authentication for OAuth token refresh (#21421)
According to the OAuth spec
https://datatracker.ietf.org/doc/html/rfc6749#section-6 when "Refreshing
an Access Token"

> The authorization server MUST ... require client authentication for
confidential clients


Fixes #21418

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-23 13:28:46 +08:00
silverwind f982a71997
CSS color enhancements (#21534)
- Add
[`accent-color`](https://developer.mozilla.org/en-US/docs/Web/CSS/accent-color)
which will change the color of various native HTML elements from
OS-color to specified one. Affects unstyled checkbox, radio, range and
progress
- Change `--color-accent` to `--color-primary-light-1`
- Change progress bar color to `--color-accent`
- Add new `--color-primary-contrast` meant to contrast over primary
- Avoid layout shift on clicking `.viewed-file-form`
- Add styles for `input[type=file]` upload button

<img width="301" alt="Screen Shot 2022-10-21 at 18 05 35"
src="https://user-images.githubusercontent.com/115237/197246896-7b3b5591-2934-4436-bf37-6aebcdfecb13.png">
<img width="98" alt="Screen Shot 2022-10-21 at 19 41 27"
src="https://user-images.githubusercontent.com/115237/197256892-c8fc6a0a-5d2f-4757-a98b-a79f9b7fcbc5.png">
<img width="93" alt="image"
src="https://user-images.githubusercontent.com/115237/197257029-293c02e9-ebf9-448a-a58f-ca418cf36953.png">
<img width="204" alt="Screen Shot 2022-10-21 at 18 21 24"
src="https://user-images.githubusercontent.com/115237/197246957-a99f5178-bbd5-4204-bd32-7a6977026f76.png">
<img width="449" alt="Screen Shot 2022-10-21 at 18 56 59"
src="https://user-images.githubusercontent.com/115237/197249305-d481abb7-9f16-4b48-936a-c75ed29f5b04.png">
<img width="449" alt="Screen Shot 2022-10-21 at 18 57 09"
src="https://user-images.githubusercontent.com/115237/197249309-7ab70c3b-325e-41bc-a4ba-07402c6826b6.png">

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-23 12:05:20 +08:00
KN4CK3R 876ee8c3cd
Allow package version sorting (#21453) 2022-10-23 09:18:15 +08:00
Yarden Shoham 63ebb53fd5
Add link to user profile in markdown mention only if user exists (#21533)
Previously mentioning a user would link to its profile, regardless of
whether the user existed. This change tests if the user exists and only
if it does - a link to its profile is added.

* Fixes #3444

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-23 01:15:52 +08:00
Ashley Nelson 82ecd3b19e
Update milestone counters when issue is deleted (#21459)
When actions besides "delete" are performed on issues, the milestone
counter is updated. However, since deleting issues goes through a
different code path, the associated milestone's count wasn't being
updated, resulting in inaccurate counts until another issue in the same
milestone had a non-delete action performed on it.

I verified this change fixes the inaccurate counts using a local docker
build.

Fixes #21254

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-22 23:08:10 +08:00
KN4CK3R 154efa59a5
Prevent Authorization header for presigned LFS urls (#21531)
Fixes #21525

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-22 21:36:44 +08:00