4292 Commits

Author SHA1 Message Date
d95408bd5d Use maintained gziphandler (#30592) (#30638)
Replace #27894
Backport #30592

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-23 02:39:27 +00:00
Giteabot
79484e1cb7 Fix HEAD method for robots.txt (#30603) (#30604)
Backport #30603 by wxiaoguang

Fix #30601
2024-04-19 22:43:50 +08:00
667427b4b9 Fix project description rendering for org (#30587) (#30599)
Backport #30587

Manually tested with 1.21:



![image](https://github.com/go-gitea/gitea/assets/2114189/fbe9a2c9-0563-4d69-bcdb-8e5e41f288a1)
2024-04-19 13:28:18 +00:00
a82bf022bf Fix empty field login_name in API response JSON when creating user (#30511) (#30532)
Backport #30511
Fix ci error in #30515
2024-04-17 11:06:12 +02:00
Giteabot
68bd1dd89d Fix rename branch 500 when the target branch is deleted but exist in database (#30430) (#30437)
Backport #30430 by @lunny

Fix #30428

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-04-12 23:09:16 +08:00
55990ebf92 Check the token's owner and repository when registering a runner (#30406) (#30412)
Backport #30406

Fix #30378
2024-04-11 11:29:53 +00:00
6e3aaa9975 Performance optimization for git push (#30104) (#30354)
Agit returned result should be from `ProcReceive` hook but not
`PostReceive` hook. Then for all non-agit pull requests, it will not
check the pull requests for every pushing `refs/pull/%d/head`.

Backport #30104
2024-04-10 14:12:19 +08:00
65d96725bb Fix possible renderer security problem(#30136) (#30315)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-09 00:24:35 +02:00
2172b38d50 Escape paths for find file correctly (#30026) (#30031)
Backport #30026
2024-03-23 17:21:57 +01:00
Giteabot
f91b4dd959 Fix bugs in rerunning jobs (#29955) (#29983)
Backport #29955 by @Zettat123

Fix #28761
Fix #27884
Fix #28093

## Changes

### Rerun all jobs
When rerun all jobs, status of the jobs with `needs` will be set to
`blocked` instead of `waiting`. Therefore, these jobs will not run until
the required jobs are completed.

### Rerun a single job
When a single job is rerun, its dependents should also be rerun, just
like GitHub does
(https://github.com/go-gitea/gitea/issues/28761#issuecomment-2008620820).
In this case, only the specified job will be set to `waiting`, its
dependents will be set to `blocked` to wait the job.

### Show warning if every job has `needs`
If every job in a workflow has `needs`, all jobs will be blocked and no
job can be run. So I add a warning message.

<img
src="https://github.com/go-gitea/gitea/assets/15528715/88f43511-2360-465d-be96-ee92b57ff67b"
width="480px" />

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-03-22 03:57:10 +00:00
6ef986d474 Performance improvements for pull request list page (#29900) (#29972)
This PR will avoid load pullrequest.Issue twice in pull request list
page. It will reduce x times database queries for those WIP pull
requests.

Partially fix #29585
Backport #29900
2024-03-22 09:58:04 +08:00
3fd15aeff2 Add cache for dashbaord commit status (#29932)
backport #29444
2024-03-20 10:34:40 +00:00
5f7b6b55a5 Only do counting when count_only=true for repo dashboard (#29884) (#29905)
Ref: #29878
Backport #29884

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-20 11:02:35 +08:00
Giteabot
408c92938b Fix PR creation via api between branches of same repo with head field namespaced (#26986) (#29857)
Backport #26986 by @norohind

Fix #20175

Current implementation of API does not allow creating pull requests
between branches of the same
repo when you specify *namespace* (owner of the repo) in `head` field in
http request body.

---------

Co-authored-by: norohind <60548839+norohind@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-03-20 09:38:30 +08:00
b9dd5dd471 Fix template error when comment review doesn't exist (#29888) (#29889)
Backport #29888
2024-03-19 15:00:01 +08:00
Giteabot
00ea9af8e1 Editor error message misleading due to re-used key. (#29859) (#29876)
Backport #29859 by @buckybytes

The error message:

`editor.file_changed_while_editing = The file contents have changed
since you started editing. <a target="_blank" rel="noopener noreferrer"
href="%s">Click here</a> to see them or <strong>Commit Changes
again</strong> to overwrite them.`

Is re-used in inappropriate contexts. The link in the key goes to a 404
when the key is used in a situation where the file contents have not
changed.

Added two new keys to differentiate commit id mismatch and push out of
date conditions.

Co-authored-by: buckybytes <158571971+buckybytes@users.noreply.github.com>
2024-03-18 14:45:43 +08:00
85f31eb643 Fix codeowner detected diff base branch to mergebase (#29783) (#29807)
Fix #29763
Backport #29783 

This PR fixes 2 problems with CodeOwner in the pull request.
- Don't use the pull request base branch but merge-base as a diff base
to detect the code owner.
- CodeOwner detection in fork repositories will be disabled because
almost all the fork repositories will not change CODEOWNERS files but it
should not be used on fork repositories' pull requests.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-17 02:40:06 +01:00
61db562a5f Fix user router possbile panic (#29751) (#29786)
regression from #28023
backport #29751
2024-03-14 12:44:14 +08:00
sillyguodong
538efb9df7 Make runs-on support variable expression (#29468) (#29782)
backport #29468 

Close issue: https://gitea.com/gitea/act_runner/issues/445
Follow: https://gitea.com/gitea/act/pulls/91

Move `getSecretsOfTask` and `getVariablesOfTask` under models because of
circular dependency issues.
2024-03-14 10:19:01 +08:00
8c31456a87 Use Get but not Post to get actions artifacts (#29734) (#29737)
backport #29734
2024-03-12 17:31:45 +01:00
a129c0c06c Fix 500 when deleting account with incorrect password or unsupported login type (#29579) (#29656)
Fix #26210
Backport #29579

Co-authored-by: Jason Song <i@wolfogre.com>
2024-03-08 15:43:57 +01:00
5667ef9aab Add missing database transaction for new issue (#29490) (#29607)
When creating an issue, inserting issue, assign users and set project
should be in the same transaction.

Backport #29490
2024-03-05 16:37:55 +00:00
02df269d24 Make "/user/login" page redirect if the current user has signed in (#29583) (#29599)
Backport #29583
2024-03-05 21:03:45 +08:00
4ef7e496b8 Add a trailing slash to dashboard links (#29555) (#29573)
Backport #29555
2024-03-04 13:50:55 +08:00
Giteabot
b84303ef6e Fix 500 when pushing release to an empty repo (#29554) (#29564)
Backport #29554 by @lng2020

As title. 
The former code directly used `ctx.Repo.GitRepo`, causing 500.

22b4f0c09f/routers/api/v1/repo/release.go (L241)

Co-authored-by: Nanguan Lin <nanguanlin6@gmail.com>
2024-03-03 17:10:22 +00:00
2b059f493e Only use supported sort order for "explore/users" page (#29430) (#29443)
Backport #29430

Thanks to inferenceus : some sort orders on the "explore/users" page
could list users by their lastlogintime/updatetime.

It leaks user's activity unintentionally. This PR makes that page only
use "supported" sort orders.

Removing the "sort orders" could also be a good solution, while IMO at
the moment keeping the "create time" and "name" orders is also fine, in
case some users would like to find a target user in the search result,
the "sort order" might help.
2024-03-03 02:28:45 +00:00
Giteabot
5ca2971ccb Fix incorrect cookie path for AppSubURL (#29534) (#29552)
Backport #29534
Regression of #24107

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-03 08:54:33 +08:00
Giteabot
971eab18fa Fix incorrect redirection when creating a PR fails (#29537) (#29543)
Backport #29537 by wxiaoguang

This is only a quick fix to make it easier to backport.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-02 20:01:19 +00:00
Giteabot
8723389028 Fix incorrect relative/absolute URL usages (#29531) (#29547)
Backport #29531 by wxiaoguang

Add two "HTMLURL" methods for PackageDescriptor. 
And rename "FullWebLink" to "VersionWebLink"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-02 18:00:15 +00:00
Giteabot
a86d9337e9 Fix issue & comment history bugs (#29525) (#29527)
Backport #29525 by @wxiaoguang

* Follow #17746: `HasIssueContentHistory` should use expr builder to
make sure zero value (0) be respected.
* Add "doer" check to make sure `canSoftDeleteContentHistory` only be
called by sign-in users.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-02 08:45:48 +08:00
Giteabot
c293e34df0 Fix wrong test usage of AppSubURL (#29459) (#29488)
Backport #29459 by @KN4CK3R

The tests use an invalid `setting.AppSubURL`. The wrong behaviour
disturbs other PRs like #29222 and #29427.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-29 14:40:35 +08:00
Giteabot
2df38af752 Fix missed return (#29450) (#29453)
Backport #29450 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-02-27 23:33:03 +08:00
Giteabot
9456deb512 Not trigger all jobs any more, when re-running the first job (#29439) (#29441)
Backport #29439 by @sillyguodong

Previously, it will be treated as "re-run all jobs" when `jobIndex ==
0`. So when you click re-run button on the first job, it triggers all
the jobs actually.

Caused by #26535.

Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
2024-02-27 16:18:49 +08:00
Giteabot
e75594f7a6 Do not double close reader (#29354) (#29370)
Backport #29354 by @KN4CK3R

Fixes #29346

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-24 12:08:06 +00:00
a1c0b3a02e Display friendly error message (#29105) (#29363)
Backport #29105 

`ctx.Error` only displays the text but `ctx.ServerError` renders the
usual error page.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-24 11:01:18 +00:00
Giteabot
35db5a373b Fix validity of the FROM email address not being checked (#29347) (#29360)
Backport #29347 by @carlosfelgueiras

Fixes #27188.
Introduces a check on the installation that tries to parse the FROM
address. If it fails, shows a new error message to the user.

Co-authored-by: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-24 08:23:21 +00:00
5043ad54c7 Fix project counter in organization/individual profile (#28068) (#29361)
Fix #28052
Backport #28068 
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/5f299983-4b38-4d68-ac0e-4be3c62c0558)

![image](https://github.com/go-gitea/gitea/assets/18380374/f0e12afd-483b-4882-80e9-0261beb3fe0c)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/47cccb7b-bb35-4a7d-9c5b-83133be0323a)

![image](https://github.com/go-gitea/gitea/assets/18380374/77825c0c-4bf2-4762-83a2-1a5a173cc22d)

Co-authored-by: yp05327 <576951401@qq.com>
2024-02-24 07:58:43 +00:00
511298e452 Use general token signing secret (#29205) (#29325)
Backport #29205 (including #29172)

Use a clearly defined "signing secret" for token signing.
2024-02-22 17:07:41 +00:00
dcb9c38568 Fix error display when merging PRs (#29288) (#29309)
Backport #29288
Partially fix #29071, regression of Modernize merge button #28140 

Fix some missing `Redirect` -> `JSONRedirect`.

Thanks @yp05327 for the help in
https://github.com/go-gitea/gitea/issues/29071#issuecomment-1931261075
2024-02-22 03:32:54 +01:00
Markus Amshove
78f41e4fc4 Disallow merge when required checked are missing (#29143) (#29268)
backport #29143

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-19 20:48:17 +00:00
e2eac7574f Fix bug when the linked account was disactived and list the linked accounts (#29263)
The bug has been fixed on v1.22 but not backport to v1.21.
This original PR have many refactors so I don't think it's necessary to
backport all of them.

Fix #28667
2024-02-19 15:23:47 +00:00
3604b7d8ad Load outdated comments when (un)resolving conversation on PR timeline (#29203) (#29221)
Backport #29203

Relates to #28654, #29039 and #29050.

The "show outdated comments" flag should only apply to the file diff
view.
On the PR timeline, outdated comments are always shown. So they should
also be loaded when (un)resolving a conversation on the timeline page.
2024-02-18 06:58:26 +00:00
dd8bc1d61d Refactor issue template parsing and fix API endpoint (#29069) (#29140)
Backport #29069

The old code `GetTemplatesFromDefaultBranch(...) ([]*api.IssueTemplate,
map[string]error)` doesn't really follow Golang's habits, then the
second returned value might be misused. For example, the API function
`GetIssueTemplates` incorrectly checked the second returned value and
always responds 500 error.

This PR refactors GetTemplatesFromDefaultBranch to
ParseTemplatesFromDefaultBranch and clarifies its behavior, and fixes
the API endpoint bug, and adds some tests.

And by the way, add proper prefix `X-` for the header generated in
`checkDeprecatedAuthMethods`, because non-standard HTTP headers should
have `X-` prefix, and it is also consistent with the new code in
`GetIssueTemplates`
2024-02-14 01:32:31 +00:00
CEnnis91
1aaeec6da7 Fix swift packages not resolving (#29095) (#29102) 2024-02-08 18:26:54 +00:00
Giteabot
c9b2aaed0e Improve user experience for outdated comments (#29050) (#29086)
Backport #29050 by wxiaoguang

Try to improve #28949

1. Make `ctx.Data["ShowOutdatedComments"] = true` by default: it brings
consistent user experience, and sometimes the "outdated (source
changed)" comments are still valuable.
2. Show a friendly message if the comment won't show, then the end users
won't fell that "the comment disappears" (it is the special case when
`ShowOutdatedComments = false`)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-08 10:29:54 +08:00
Giteabot
aadbbf4358 Do not render empty comments (#29039) (#29049)
Backport #29039 by wxiaoguang

Follow #28654

The `comments` might be empty, so the templates shouldn't (and couldn't)
use it to render. When there is no comment, the UI should also be
updated to empty, so returning an empty body is good enough.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-04 13:25:58 +00:00
Giteabot
c398c25b18 Fix an actions schedule bug (#28942) (#28999)
Backport #28942 by @Zettat123

In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-31 15:52:31 +00:00
Giteabot
b8e6cffd31 Preserve BOM in web editor (#28935) (#28959)
Backport #28935 by @silverwind

The `ToUTF8*` functions were stripping BOM, while BOM is actually valid
in UTF8, so the stripping must be optional depending on use case. This
does:

- Add a options struct to all `ToUTF8*` functions, that by default will
strip BOM to preserve existing behaviour
- Remove `ToUTF8` function, it was dead code
- Rename `ToUTF8WithErr` to `ToUTF8`
- Preserve BOM in Monaco Editor
- Remove a unnecessary newline in the textarea value. Browsers did
ignore it, it seems but it's better not to rely on this behaviour.

Fixes: https://github.com/go-gitea/gitea/issues/28743
Related: https://github.com/go-gitea/gitea/issues/6716 which seems to
have once introduced a mechanism that strips and re-adds the BOM, but
from what I can tell, this mechanism was removed at some point after
that PR.

Co-authored-by: silverwind <me@silverwind.io>
2024-01-27 23:23:31 +01:00
Giteabot
d6eb6c90f4 fix: update enable_prune even if mirror_interval is not provided (#28905) (#28929)
Backport #28905 by @Anthony-Jhoiro

Currently, the `updateMirror` function which update the mirror interval
and enable prune properties is only executed by the `Edit` function. But
it is only triggered if `opts.MirrorInterval` is not null, even if
`opts.EnablePrune` is not null.

With this patch, it is now possible to update the enable_prune property
with a patch request without modifying the mirror_interval.

## Example request with httpie

### Currently:
**Does nothing**
```bash
http PATCH https://gitea.your-server/api/v1/repos/myOrg/myRepo "enable_prune:=false" -A bearer -a $gitea_token
```

**Updates both properties**
```bash
http PATCH https://gitea.your-server/api/v1/repos/myOrg/myRepo "enable_prune:=false" "mirror_interval=10m" -A bearer -a $gitea_token
```

### With the patch
**Updates enable_prune only**
```bash
http PATCH https://gitea.your-server/api/v1/repos/myOrg/myRepo "enable_prune:=false" -A bearer -a $gitea_token
```

Co-authored-by: Anthony Quéré <47711333+Anthony-Jhoiro@users.noreply.github.com>
2024-01-26 00:14:38 +01:00
9210ce4045 Don't reload timeline page when (un)resolving or replying conversation (#28654) (#28917)
Backport #28654
Fixes #15981
2024-01-24 20:09:48 +01:00