Commit graph

14773 commits

Author SHA1 Message Date
Loïc Dachary af062d77f0
[DOCS] RELEASE-NOTES: semantic version 2023-03-16 10:11:49 +01:00
Earl Warren d3ebc9449c
[ACTIONS] forgejo actions --registration-token-admin
(cherry picked from commit 481d813539)

address oliverpool comments

(cherry picked from commit d8f313f9e2)

s/Printf/Print/

(cherry picked from commit 6621b04458)

do not run initDB within integration tests

(cherry picked from commit 5a0428ede3)
2023-03-12 15:19:45 +01:00
Loïc Dachary 71d91fdf22
[DOCS] RELEASE-NOTES: 1.19.0
(cherry picked from commit e84e43887b)

[DOCS] RELEASE-NOTES: add scoped access tokens

(cherry picked from commit 688f831853)

[DOCS] RELEASE-NOTES: Scoped labels

(cherry picked from commit 747479a07b)

[DOCS] RELEASE-NOTES: OIDC groups

(cherry picked from commit 10c505fe89)

[DOCS] RELEASE-NOTES: Copy Link is broken

On firefox it fails with Uncaught TypeError: navigator.clipboard is
   undefined
On chromium it fails with Uncaught TypeError: Cannot read properties of undefined (reading 'writeText')

(cherry picked from commit 148b2ff093)

[DOCS] RELEASE-NOTES: Copy citation

(cherry picked from commit d0f217735f)

[DOCS] RELEASE-NOTES: Support org/user level projects

(cherry picked from commit de845c7bcf)

[DOCS] RELEASE-NOTES: v1.19 has a documentation

(cherry picked from commit 9a5b46da32)

[DOCS] RELEASE-NOTES: do not split webhook section

(cherry picked from commit 00ed020321)

[DOCS] RELEASE-NOTES: Incoming emails

(cherry picked from commit 06c455b33b)

[DOCS] RELEASE-NOTES: secrets are an implementation detail

(cherry picked from commit 8236dc3a57)

[DOCS] RELEASE-NOTES: Prohibit fork if user reached maximum

(cherry picked from commit 0f80b8c696)

[DOCS] RELEASE-NOTES: scoped tokens: do not duplicate the docs

(cherry picked from commit 9bc4793c07)

[DOCS] RELEASE-NOTES: rss feed for tags and releases

(cherry picked from commit 599b36fada)

[DOCS] RELEASE-NOTES: protected branches wildcard

(cherry picked from commit 2b316c4950)

[DOCS] RELEASE-NOTES: disable releases

(cherry picked from commit 9a60773f1d)

[DOCS] RELEASE-NOTES: review box

(cherry picked from commit 09867dd122)

[DOCS] RELEASE-NOTES: asciicast support

(cherry picked from commit ea9658379b)

[DOCS] RELEASE-NOTES: attention blocks

(cherry picked from commit 70b387750b)

[DOCS] RELEASE-NOTES: commit cross reference

(cherry picked from commit fe706dad13)

[DOCS] RELEASE-NOTES: strip user completion border case

(cherry picked from commit 33ca51b4b6)

[DOCS] RELEASE-NOTES: card preview

(cherry picked from commit 626cd78ca6)

[DOCS] RELEASE-NOTES: raw copy button

(cherry picked from commit edfb467d64)

[DOCS] RELEASE-NOTES: allow edits by maintainers by default

(cherry picked from commit 7006405bc6)

[DOCS] RELEASE-NOTES: database auto migration is a little arcane

(cherry picked from commit 78030fa9af)

[DOCS] RELEASE-NOTES: fix typos & minor rewording

(cherry picked from commit ae1d47f656)
(cherry picked from commit ad08ca9955)

[DOCS] RELEASE-NOTES: webhook authorization header

(cherry picked from commit c35e2c4f6f)

[DOCS] RELEASE-NOTES: video element in markdown

(cherry picked from commit bcb0bd51d2)

[DOCS] RELEASE-NOTES: move scoped labels to the documentation

(cherry picked from commit c5eedaf4f3)

[DOCS] RELEASE-NOTES: cosmetic improvements

(cherry picked from commit b93df350d9)

[DOCS] RELEASE-NOTES: 1.19.0-0 is really : 1.19.0-2

(cherry picked from commit 60d770c2c9)

[DOCS] RELEASE-NOTES: relevant repositories

(cherry picked from commit de6ed5b87f)
2023-03-12 15:19:38 +01:00
Loïc Dachary 2436acb3d9
[SECURITY] default to pbkdf2 with 320,000 iterations
(cherry picked from commit 3ea0b287d7)
(cherry picked from commit db8392a8ac)
(cherry picked from commit bd2a5fa292)
2023-03-12 15:17:10 +01:00
Earl Warren ec5217b9d1
[API] Forgejo API /api/forgejo/v1
(cherry picked from commit 20b5669269)
(cherry picked from commit 1574643a6a)

Update semantic version according to specification

(cherry picked from commit 22510f4130)

Mise à jour de 'Makefile'

(cherry picked from commit c3d85d8409)
(cherry picked from commit 5ea2309851)
2023-03-12 15:17:10 +01:00
Percy Ma 7f625d25a3
[DOCS] LICENSE: add Forgejo Authors
(cherry picked from commit 7c98a4c54e)
(cherry picked from commit 1ec4a8e6cf)
(cherry picked from commit 79de60a5d8)
(cherry picked from commit e7fbfb34a9)
2023-03-12 15:17:09 +01:00
Loïc Dachary 723ead94cb
[DOCS] RELEASE-NOTES.md
(cherry picked from commit b07123ee7b)
(cherry picked from commit ca85c880b4)
2023-03-12 15:17:09 +01:00
Loïc Dachary bf25d98a98
[WORKFLOW] issues & pr templates
(cherry picked from commit 9dd224f00c)
(cherry picked from commit 710af007bc)
(cherry picked from commit 2ccd6e2bd6)
(cherry picked from commit b90dc5fc4f)
2023-03-12 15:17:09 +01:00
Loïc Dachary 07a7448148
[DOCS] README
(cherry picked from commit a47b474586)
(cherry picked from commit 2fcc61c1d9)
(cherry picked from commit 67debe2247)
(cherry picked from commit b90ffbb309)
2023-03-12 15:17:09 +01:00
Loïc Dachary 9a66b3d70b
[DOCS] CONTRIBUTING
Refs: https://codeberg.org/forgejo/forgejo/issues/8
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153
Refs: https://codeberg.org/forgejo/forgejo/issues/123
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299
(cherry picked from commit 08dcef0c8c)

[DOCS] CONTRIBUTING/RELEASE: https://forgejo.org/docs/admin

Because the version is not displayed on the landing page of Forgejo,
there cannot be a link to a versionned documentation. There must exist
a link that points to the latest version on the website for the
forgejo instance to display.

Better but more complicated approaches could be to:

* Embed the documentation in Forgejo
* Allow the admin to not display the help
* Allow the admin to display a versionned help or not

(cherry picked from commit 83cc389239)
(cherry picked from commit 5df52b8a4f)
2023-03-12 15:17:09 +01:00
Loïc Dachary 3f65dea3e7
delete Gitea specific files that need rewriting for Forgejo
Although it would be possible to modify these files, it would create
conflicts when rebasing. Instead, this commit removes them entirely
and another commit can start from scratch, borrowing content from the
original files.

The drawback of this approach is that some content updates from Gitea
that also need updating in Forgejo will have to be copy/pasted
instead of being merged.

(cherry picked from commit eb85782115)
(cherry picked from commit 34401f2004)
(cherry picked from commit ef43b1c691)
(cherry picked from commit d17fe25e2f)
2023-03-12 15:17:09 +01:00
Loïc Dachary 4cfbf4718d
[CI] [v1.20] tests/pgsql.ini.tmpl: do not use minion
f92e0a4018 added minio to the tests/pgsql.ini.tmpl and Forgejo CI does
not run a minio server. It will if there are external storage related
changes at some point but it is not the case now so it is not worth
the burden.
2023-03-12 14:42:38 +01:00
Loïc Dachary 7180a3222a
[CI] set PASSWORD_HASH_ALGO = argon2 for integration tests
(cherry picked from commit 1d7ce2a39c)
(cherry picked from commit 3af8757583)
(cherry picked from commit 0b81815209)
2023-03-12 12:26:22 +01:00
Loïc Dachary 326174064b
[CI] implementation: forgejo container images
(cherry picked from commit dd1971d4e6)
(cherry picked from commit 3981dbaf8c)
(cherry picked from commit 8dff3cc2d1)
(cherry picked from commit e7673e5d22)
2023-03-12 12:26:22 +01:00
Loïc Dachary 5cfe60baa7
[CI] implementation: Woodpecker based CI
(cherry picked from commit c2a7aaeee8)
(cherry picked from commit 6b6007fbce)
(cherry picked from commit 63608a221e)
2023-03-12 12:26:22 +01:00
Loïc Dachary 290c55517a
[CI] implementation: publish forgejo- binaries instead of gitea-
(cherry picked from commit 6d910daafb)
(cherry picked from commit d447861cc9)
(cherry picked from commit dc6e9d8799)
(cherry picked from commit ef232fa20c)
2023-03-12 12:26:22 +01:00
yp05327 e72290fd9a
Sync the class change of Edit Column Button to JS code (#23400)
In #22767, we changed the class of `Edit Column` button from `red` to
`primary`
But `red` is used to find this button in js.....

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
2023-03-12 19:09:20 +08:00
Peter c6f5029708
Preserve file size when creating attachments (#23406)
When creating attachments (issue, release, repo) the file size (being
part of the multipart file header) is passed through the chain of
creating an attachment to ensure the MinIO client can stream the file
directly instead of having to read it to memory completely at first.

Fixes #23393

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-03-12 03:48:07 -04:00
GiteaBot 023521b016 [skip ci] Updated translations via Crowdin 2023-03-12 00:16:02 +00:00
techknowlogick ab5bcdf98f
Use buildkit for docker builds (#23415)
This switches Docker builds to use build kit which is less prone to
error than legacy docker-in-docker building. It also switches back to
using the upstream docker image again now that it has been updated to a
version that supports alpine 3.14+

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-03-11 23:08:56 +02:00
wxiaoguang 75022f8b1a
Refactor branch/tag selector dropdown (first step) (#23394)
Follow: 
* #23345

The branch/tag selector dropdown mixes jQuery/Fomantic UI/Vue together,
it's very diffcult to maintain and causes unfixable a11y problems. It
also causes problems like #19851 #21314 #21952

This PR is the first step for the refactoring, move `data-` attributes
to JS object and use Vue data as much as possible.

The old selector `'.choose.reference .dropdown'` was also wrong, it hits
`<div class="choose reference"><svg class="dropdown icon">` and would
cause undefined behaviors.

I have done some quick tests and it works. After this PR gets merged, I
will move the code into a Vue SFC in next PR.



![image](https://user-images.githubusercontent.com/2114189/224099638-378a8a86-0865-47d1-bcba-f972506374c7.png)


![image](https://user-images.githubusercontent.com/2114189/224099690-70276cf5-b1e4-404a-b0c6-582448abf40e.png)

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-03-11 12:47:09 +02:00
GiteaBot f20bf2fe3b [skip ci] Updated translations via Crowdin 2023-03-11 00:15:59 +00:00
Zettat123 3de9e63fd0
Hide target selector if tag exists when creating new release (#23171)
Close #22649.

|status|screenshot|
|-|-|
|empty tag name|<img
src="https://user-images.githubusercontent.com/15528715/221490165-fd3abd2e-6dc5-4562-bece-d1d6a305479e.png"
width="300px"/>|
|new tag|<img
src="https://user-images.githubusercontent.com/15528715/221490450-49b2a48e-b206-49f4-bd79-34b1ea64156f.png"
width="300px"/>|
|existing tag|<img
src="https://user-images.githubusercontent.com/15528715/221490301-4d1879dd-4947-4abc-9b9a-e77be1806981.png"
width="300px"/>|
2023-03-10 10:42:38 -06:00
sillyguodong 5155ec35c5
Parse external request id from request headers, and print it in access log (#22906)
Close: #22890.

---
### Configure in .ini file:
```ini
[log]
REQUEST_ID_HEADERS = X-Request-ID, X-Trace-Id
```

### Params in Request Header
```
X-Trace-ID: trace-id-1q2w3e4r
```

![image](https://user-images.githubusercontent.com/33891828/218665296-8fd19a0f-ada6-4236-8bdb-f99201c703e8.png)



### Log output:

![image](https://user-images.githubusercontent.com/33891828/218665225-cc242a57-4ffc-449a-a1f6-f45ded0ead60.png)
2023-03-10 09:54:32 -06:00
yp05327 cf29ee6dd2
Add missing tabs to org projects page (#22705)
Fixes https://github.com/go-gitea/gitea/issues/22676

Context Data `IsOrganizationMember` and `IsOrganizationOwner` is used to
control the visibility of `people` and `team` tab.

2871ea0809/templates/org/menu.tmpl (L19-L40)

And because of the reuse of user projects page, User Context is changed
to Organization Context. But the value of `IsOrganizationMember` and
`IsOrganizationOwner` are not being given.

I reused func `HandleOrgAssignment` to add them to the ctx, but may have
some unnecessary variables, idk whether it is ok.

I found there is a missing `PageIsViewProjects` at create project page.
2023-03-10 09:18:20 -06:00
KN4CK3R 2173f14708
Add user webhooks (#21563)
Currently we can add webhooks for organizations but not for users. This
PR adds the latter. You can access it from the current users settings.


![grafik](https://user-images.githubusercontent.com/1666336/197391408-15dfdc23-b476-4d0c-82f7-9bc9b065988f.png)
2023-03-10 08:28:32 -06:00
zeripath dad057b639
Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397)
When there is an error creating a new openIDConnect authentication
source try to handle the error a little better.

Close #23283

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-03-10 01:14:43 -05:00
John Olheiser f92e0a4018
Split CI pipelines (#23385)
- This PR attempts to split our various DB tests into separate
pipelines.
- It splits up some of the extra feature-related tests rather than
having most of them in the MySQL test.
- It disables the race detector for some of the pipelines as well, as it
can cause slower runs and is mostly redundant when the pipelines just
swap DBs.
- It builds without SQLite support for any of the non-SQLite pipelines.
- It moves the e2e test to using SQLite rather than PG (partially
because I moved the minio tests to PG and that mucked up the test
config, and partially because it avoids another running service)
- It splits up the `go mod download` task in the Makefile from the tool
installation, as the tools are only needed in the compliance pipeline.
(Arguably even some of the tools aren't needed there, but that could be
a follow-up PR)
- SQLite is now the only arm64 pipeline, moving PG back to amd64 which
can leverage autoscaler

Should resolve #22010 - one thing that wasn't changed here but is
mentioned in that issue, unit tests are needed in the same pipeline as
an integration test in order to form a complete coverage report (at
least as far as I could tell), so for now it remains in a pipeline with
a DB integration test.

Please let me know if I've inadvertently changed something that was how
it was on purpose.

---

I will say sometimes it's hard to pin down the average time, as a
pipeline could be waiting for a runner for X minutes and that brings the
total up by X minutes as well, but overall this does seem to be faster
on average.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-03-10 01:13:17 -05:00
Brecht Van Lommel d647e74502
Improve squash merge commit author and co-author with private emails (#22977)
When emails addresses are private, squash merges always use
`@noreply.localhost` for the author of the squash commit. And the author
is redundantly added as a co-author in the commit message.

Also without private mails, the redundant co-author is possible when
committing with a signature that's different than the user full name and
primary email.

Now try to find a commit by the same user in the list of commits, and
prefer the signature from that over one constructed from the account
settings.
2023-03-09 22:17:04 -05:00
wxiaoguang 0141d1667d
Fix broken Chroma CSS styles (#23174)
The CSS styles in Gitea themes are out-of-sync of Chroma's styles.

This PR introduces a `chroma-style-diff.go` tool to compare the diff.
The missing CSS styles have been added manually. They are left as empty
to reduce arguments because there was no color for them before.

And this PR fixes #22348, with just 2 lines changed: `.chroma .kt & .n`,
these colors are taken from GitHub.

It's good enough for #22348


![image](https://user-images.githubusercontent.com/2114189/221551941-0d27d11d-e71e-498f-8e88-92b558fe4a18.png)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-03-09 22:16:16 -05:00
InsanusMokrassar 92d3e2a6f8
Add gradle samples in maven doc of packages (#23374)
Samples for gitea.io docs to help to use maven packages with
gradle-oriented projects

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-09 22:14:59 -05:00
silverwind 17c8a0523a
Fix and move "Use this template" button (#23398)
Before:
<img width="1157" alt="Screenshot 2023-03-09 at 23 21 25"
src="https://user-images.githubusercontent.com/115237/224174168-869966cc-fa59-4231-b449-23bd9db12862.png">

After:
<img width="1145" alt="Screenshot 2023-03-09 at 23 24 34"
src="https://user-images.githubusercontent.com/115237/224174173-7f5b9c22-44c4-4eed-990c-da49d749eb0e.png">

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-03-09 22:14:45 -05:00
GiteaBot c775053476 [skip ci] Updated translations via Crowdin 2023-03-10 00:15:59 +00:00
Lycolia Rizzim 79af6e367c
Add init file for Ubuntu (#23362)
Created an init file for Ubuntu that will be useful when running it on
WSL.
2023-03-09 16:54:37 -06:00
yp05327 e6df743eca
Rename canWriteUnit to canWriteProjects (#23386)
A part of https://github.com/go-gitea/gitea/pull/22865
2023-03-09 13:57:20 -06:00
Brecht Van Lommel 8bdc0acf97
Fix pull request update showing too many commits with multiple branches (#22856)
When the base repository contains multiple branches with the same
commits as the base branch, pull requests can show a long list of
commits already in the base branch as having been added.

What this is supposed to do is exclude commits already in the base
branch. But the mechansim to do so assumed a commit only exists in a
single branch. Now use `git rev-list A B --not branchName` instead of
filtering commits afterwards.

The logic to detect if there was a force push also was wrong for
multiple branches. If the old commit existed in any branch in the base
repository it would assume there was no force push. Instead check if the
old commit is an ancestor of the new commit.
2023-03-09 12:14:22 -06:00
yp05327 689770c928
Fix incorrect NotFound conditions in org/projects.go (#23384)
A part of https://github.com/go-gitea/gitea/pull/22865

user/org project's `RepoID` is always 0, we need to check `OwnerID`
2023-03-09 10:59:50 -06:00
wxiaoguang 542cec98f8
Refactor merge/update git command calls (#23366)
Follow #22568

* Remove unnecessary ToTrustedCmdArgs calls 
    * the FAQ in  #22678
* Quote: When using ToTrustedCmdArgs, the code will be very complex (see
the changes for examples). Then developers and reviewers can know that
something might be unreasonable.
* The `signArg` couldn't be empty, it's either `-S{keyID}` or
`--no-gpg-sign`.
* Use `signKeyID` instead, add comment "empty for no-sign, non-empty to
sign"
* 5-line code could be extracted to a common `NewGitCommandCommit()` to
handle the `signKeyID`, but I think it's not a must, current code is
clear enough.
2023-03-09 09:48:52 -06:00
yp05327 e52ac62d8e
Redirect to project again after editing it (#23326)
A part of https://github.com/go-gitea/gitea/pull/22865

We have edit buttons in projects list page and project view page.
But after user edit a project, it will always redirect to the projects
list page.
2023-03-09 08:38:29 -06:00
Jason Song 8cadd51bf2
Add Gitea Community Code of Conduct (#23188)
The Gitea Community Code of Conduct.

Authored by lunny. Slightly modified from [Go
CoC](https://go.dev/conduct)

---

CC all TOCs:

@go-gitea/technical-oversight-committee 

And we welcome suggestions from everyone.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Nick <nick@kousu.ca>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-03-09 10:49:34 +08:00
Nick 52e24167e5
Test renderReadmeFile (#23185)
Add test coverage to the important features of
[`routers.web.repo.renderReadmeFile`](067b0c2664/routers/web/repo/view.go (L273));
namely that:

- it can handle looking in docs/, .gitea/, and .github/
- it can handle choosing between multiple competing READMEs
- it prefers the localized README to the markdown README to the
plaintext README
- it can handle broken symlinks when processing all the options
- it uses the name of the symlink, not the name of the target of the
symlink
2023-03-09 09:24:23 +08:00
GiteaBot c5573dbc0f [skip ci] Updated translations via Crowdin 2023-03-09 00:15:57 +00:00
Yarden Shoham af0468ed8d
Set X-Gitea-Debug header once (#23361)
Instead of adding it

# Before
On the raw commit page:

![image](https://user-images.githubusercontent.com/20454870/223470744-cdf11898-e023-4198-8c8b-c294e5d78b73.png)

# After

![image](https://user-images.githubusercontent.com/20454870/223470596-af898d66-bd5b-4ddb-b220-ceb1f149bfec.png)

Fixes #23308

---------

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-03-08 15:40:04 -05:00
Jason Song 1960ad5c90
Improve cache context (#23330)
Related to: #22294 #23186 #23054

Replace: #23218

Some discussion is in the comments of #23218.

Highlights:
- Add Expiration for cache context. If a cache context has been used for
more than 10s, the cache data will be ignored, and warning logs will be
printed.
- Add `discard` field to `cacheContext`, a `cacheContext` with `discard`
true will drop all cached data and won't store any new one.
- Introduce `WithNoCacheContext`, if one wants to run long-life tasks,
but the parent context is a cache context,
`WithNoCacheContext(perentCtx)` will discard the cache data, so it will
be safe to keep the context for a long time.
- It will be fine to treat an original context as a cache context, like
`GetContextData(context.Backgraud())`, no warning logs will be printed.

Some cases about nesting:

When:
- *A*, *B* or *C* means a cache context.
- ~*A*~, ~*B*~ or ~*C*~ means a discard cache context.
- `ctx` means `context.Backgrand()`
- *A(ctx)* means a cache context with `ctx` as the parent context.
- *B(A(ctx))* means a cache context with `A(ctx)` as the parent context.
- `With` means `WithCacheContext`
- `WithNo` means `WithNoCacheContext`

So:
- `With(ctx)` -> *A(ctx)*
- `With(With(ctx))` -> *A(ctx)*, not *B(A(ctx))*
- `With(With(With(ctx)))` -> *A(ctx)*, not *C(B(A(ctx)))*
- `WithNo(ctx)` -> *ctx*, not *~A~(ctx)*
- `WithNo(With(ctx))` -> *~A~(ctx)*
- `WithNo(WithNo(With(ctx)))` -> *~A~(ctx)*, not *~B~(~A~(ctx))*
- `With(WithNo(With(ctx)))` -> *B(~A~(ctx))*
- `WithNo(With(WithNo(With(ctx))))` -> *~B~(~A~(ctx))*
- `With(WithNo(With(WithNo(With(ctx)))))` -> *C(~B~(~A~(ctx)))*
2023-03-08 11:57:05 -06:00
yp05327 d949d8e074
add user visibility in dashboard navbar (#22747)
Add private/limited tag to dashboard user/org list dropdown menu

![image](https://user-images.githubusercontent.com/18380374/216752207-5beb5281-1b0b-4e2b-adfc-b39c192c5032.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-08 23:18:10 +08:00
Zettat123 15a1c2d7ef
Fix panic when getting notes by ref (#23372)
Fix #23357 .

Now the `/repos/{owner}/{repo}/git/notes/{sha}` API supports getting
notes by a ref or sha
(https://try.gitea.io/api/swagger#/repository/repoGetNote). But the
`GetNote` func can only accept commit ID.

a12f575737/modules/git/notes_nogogit.go (L18)

So we need to convert the query parameter to commit ID before calling
`GetNote`.
2023-03-08 20:21:23 +08:00
Lunny Xiao b116418f05
Use CleanPath instead of path.Clean (#23371)
As title.
2023-03-08 20:17:39 +08:00
Jason Song 090e753923
Reduce duplicate and useless code in options (#23369)
Avoid maintaining two copies of code, some functions can be used with
both `bindata` and `no bindata`.

And removed `GetRepoInitFile`, it's useless now.
`Readme`/`Gitignore`/`License`/`Labels` will clean the name and use
custom files when available.
2023-03-08 17:31:27 +08:00
JakobDev a12f575737
Clean Path in Options (#23006)
At the Moment it is possible to read files in another Directory as
supposed using the Options functions. e.g.
`options.Gitignore("../label/Default) `. This was discovered while
working on #22783, which exposes `options.Gitignore()` through the
public API. At the moment, this is not a security problem, as this
function is only used internal, but I thought it would be a good idea to
make a PR to fix this for all types of Options files, not only
Gitignore, to make it safe for the further. This PR should be merged
before the linked PR.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-03-08 15:07:58 +08:00
wxiaoguang 7e3b7c2346
Do not recognize text files as audio (#23355)
Close #17108

This PR uses a trick (removing the ID3 tag) to detect the content again
to to see whether the content is text type.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-07 22:40:41 -05:00