12908 Commits

Author SHA1 Message Date
Tyrone Yeh
eeaa9250e0 Fix org label open count, including close count issue () 2022-07-14 03:41:56 +01:00
6543
713bc6c8dc Changelog for 1.16.9 (update) ()
* Changelog for 1.16.9 (update)

* update security section
v1.16.9
2022-07-12 19:26:27 +01:00
6b7e860b0f Hide notify mail setting ui if not enabled () ()
Backport 
2022-07-12 18:13:31 +01:00
Gusted
0f89417d75 Add write check for creating Commit status () ()
- Backport 
  - Add write code checks for creating new commit status
  - Regression from 
  - Resolves 
2022-07-12 14:52:20 +02:00
zeripath
7c80a0b630 Ensure that drone tags 1.16.x and 1.16 on push to v1.16.x tag ()
We need pushes to v1.16.9 to create tags to 1.16.9 and 1.16 but not 1 or latest.

We have previously adjusted the manifest to remove the latest tag, and have removed
auto_tags so that 1 does not get tagged but in doing so we also stopped 1.16 being
tagged. So here we just state the that we tag x.yy in addition to x.yyz*.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-11 17:15:43 +08:00
zeripath
b42df3105d Only show Followers that current user can access () ()
Backport 

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-06 09:47:16 +08:00
Gusted
6162fb0a19 Check for permission when fetching user controlled issues () ()
* Check if project has the same repository id with issue when assign project to issue

* Check if issue's repository id match project's repository id

* Add more permission checking

* Remove invalid argument

* Fix errors

* Add generic check

* Remove duplicated check

* Return error + add check for new issues

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2022-07-01 17:39:10 +02:00
6543
df0b330af7 CI: disable auto_tag () 2022-06-22 00:51:27 +02:00
6543
51db7b03dd Release page show all tags in compare dropdown () ()
Backport  

Just get all tags when creating the compare dropdown. (Also updates the changelog.)
Fix 
2022-06-21 19:09:24 +01:00
zeripath
a7b1e20b76 Changelog for 1.16.9 ()
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-06-20 22:09:09 +02:00
6543
de79d2a235 CI: disable push to latest docker tag () 2022-06-18 21:02:25 +02:00
a1012112796
4b7f0c6c38 fix permission check for delete tag () ()
fix 

by the way, fix some error response about protected tags.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-17 22:52:47 +01:00
ae91913132 Only log non ErrNotExist errors in git.GetNote () ()
* Fix GetNote

* Only log errors if the error is not ErrNotExist

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-06-07 21:39:08 +08:00
0e7791174d use exact search instead of fuzzy search for branch filter dropdown () 2022-06-05 09:10:30 +01:00
zeripath
736b7b25a4 Set Setpgid on child git processes () () 2022-06-03 23:39:15 -04:00
zeripath
daf14b275a Ensure responses are context.ResponseWriters () ()
* Ensure responses are context.ResponseWriters ()

Backport 

In order for web.Wrap to be able to detect if a response has been written
we need to wrap any non-context.ResponseWriters as a such. Otherwise
responses will be incorrectly detected as non-written to and handlers can
double run.

In the case of GZip this handler will change the response to a non-context.RW
and this failure to correctly detect response writing causes fallthrough and
a NPE.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-06-03 17:38:29 -04:00
singuliere
cf6694e815 git 2.36 is needed for safe.directory = '*' to work () 2022-06-03 13:33:18 -04:00
704f809e90 Fix count bug ()
* Fix count bug

* Fix bug

* Fix test
2022-06-01 23:18:04 +01:00
Lauris BH
0e9499ada7 Fix raw endpoint PDF file headers () () 2022-05-28 18:40:03 +03:00
Ondřej Čertík
675f658721 Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix () ()
Backport 

The issue was that only the actual title was converted to uppercase, but
not the prefix as specified in `WORK_IN_PROGRESS_PREFIXES`. As a result,
the following did not work:

    WORK_IN_PROGRESS_PREFIXES=Draft:,[Draft],WIP:,[WIP]

One possible workaround was:

    WORK_IN_PROGRESS_PREFIXES=DRAFT:,[DRAFT],WIP:,[WIP]

Then indeed one could use `Draft` (as well as `DRAFT`) in the title.
However, the link `Start the title with DRAFT: to prevent the pull request
from being merged accidentally.` showed the suggestion in uppercase; so
it is not possible to show it as `Draft`. This PR fixes it, and allows
to use `Draft` in `WORK_IN_PROGRESS_PREFIXES`.

Fixes .

Co-authored-by: zeripath <art27@cantab.net>
2022-05-26 18:55:26 +03:00
zeripath
ccc11c1e77 Prevent NPE when cache service is disabled () ()
Backport 

The cache service can be disabled - at which point ctx.Cache will be nil
and the use of it will cause an NPE.

The main part of this PR is that the cache is used for restricting
resending of activation mails and without this we cache we cannot
restrict this. Whilst this code could be re-considered to use the db and
probably should be, I think we can simply disable this code in the case
that the cache is disabled.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-05-25 19:49:59 +08:00
336e1ac779 Fix NotificationUnreadCount () 2022-05-25 07:38:21 +03:00
zeripath
be99eb26a2 Detect truncated utf-8 characters at the end of content as still representing utf-8 () ()
Backport 

Our character detection algorithm can potentially incorrectly detect utf-8 as iso-8859-x
if there is a truncated character at the end of the partially read file.

This PR changes the detection algorithm to truncated utf8 characters at the end of the
buffer.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-05-21 22:26:08 +08:00
silentcodeg
fe9458591a [doctor] pq: syntax error at or near "." quote user table name () ()
Backport 
2022-05-21 02:00:52 +02:00
57e816311b Fix bug () 2022-05-20 00:03:52 +02:00
09b76295f1 Add changelog for v1.16.8 ()
* Add changelog for v1.16.8

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
v1.16.8
2022-05-16 19:27:23 +02:00
Gusted
38acce2f3f Fix issue overview for teams () ()
- Backport 
  - Don't use hacky solution to limit to the correct RepoID's, instead use current code to handle these limits. The existing code is more correct than the hacky solution.
  - Resolves 
2022-05-16 17:48:16 +08:00
6543
8f44d00f22 Delete user related oauth stuff on user deletion too () ()
Backport ()

* delete user related oauth stuff on user deletion too

* extend doctor check-db-consistency

* make it build for v1.16.x
2022-05-12 13:32:48 +02:00
4386eb751f Fix oauth setting list bug () 2022-05-11 21:05:58 +08:00
d6aab069ed Fix new release from tags list UI () () 2022-05-10 22:55:28 +02:00
singuliere
f4fb8dbc87 [doctor] Add check/fix for bogus action rows () ()
Co-authored-by: Loïc Dachary <loic@dachary.org>

Conflicts:
	models/consistency_test.go
	 trivial context conflict.
2022-05-10 16:05:34 +03:00
c7c18e0eb2 Revert "Add finalizers to ensure that repos are closed and blobreaders are closed () ()" ()
This reverts commit 88da50674fbffb5cb339d61503d2b89aecfc1823.

because it caused a memleak
2022-05-09 13:03:44 +02:00
singuliere
0a2d618d85 GetFeeds must always discard actions with dangling repo_id () ()
Co-authored-by: Loïc Dachary <loic@dachary.org>
(cherry picked from commit b536b65189319544939da9b6537919a4fc838d71)

Conflicts:
        models/action_test.go
	  The GetFeeds function does not have a Context argument in 1.16.
	models/action.go
	  The SQL statement is essentially the same in 1.16 but
	  structured differently. The Join() was copied and the
   	  created_unix field prefixed with `action`.
	models/action_list.go
	  in 1.16 the loadRepoOwner method did not exist and
	  it was done in the RetrieveFeeds method of web/feed/profile.go.
          The safeguard to skip when act.Repo == nil was moved there.
2022-05-08 15:05:40 +02:00
c8a83ace59 Only show accessible teams in dashboard dropdown list () ()
Fixes 
2022-05-07 17:50:34 +02:00
techknowlogick
59d132f0b3 Set safe dir for git operations in .drone.yml CI () ()
Our drone by necessity runs on git repositories not owned by the drone process. Unfortunately this means that git operations and thence CI builds will fail without the `safe.directory` option being set. 

See: https://drone.gitea.io/go-gitea/gitea/54632/2/8
2022-05-06 14:09:54 -04:00
zeripath
18dd49a4ab Prevent NPE when checking repo units if the user is nil () ()
Backport 

CheckRepoUnitUser should tolerate nil users.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-06 18:01:08 +08:00
46637b1164 Call MultipartForm.RemoveAll when request finishes () () 2022-05-05 16:13:59 +02:00
Eekle
7b18c67ac9 Make .cs highlighting legible on dark themes () () 2022-05-04 18:45:00 +08:00
99rgosse
6eb3c05cb7 Avoid MoreThanOne Error () ()
Backport 
2022-05-03 20:36:58 +08:00
Gusted
82f24bedc2 Fix sending empty notifications () ()
- Backport 
  - Don't send empty notifications on read notifications API.
2022-05-02 21:28:12 -05:00
zeripath
88da50674f Add finalizers to ensure that repos are closed and blobreaders are closed () ()
It may be prudent to add runtime finalizers to the git.Repository and
git.blobReader objects to absolutely ensure that these are both properly
cancelled, cleaned and closed out.

This commit is a backport of an extract from 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-05-02 20:44:45 +08:00
35a7db49b4 ignore DNS error when doing migration allow/block check ()
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-05-02 08:11:45 +03:00
6543
f4729e2418 Add Changelog v1.16.7 ()
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
v1.16.7
2022-05-02 05:41:09 +02:00
6543
f7330fd027 Dont overwrite err with nil (part ) ()
* Dont overwrite err with nil (part )


Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-05-02 01:54:20 +02:00
6543
755d8e21ad Migration: only write commit-graph if wiki clone was successfull () () 2022-05-01 00:22:42 +02:00
7c0bf06d96 Respect DefaultUserIsRestricted system default when creating new user ( ) () 2022-04-30 15:00:14 +02:00
Gusted
0d196e29e8 Don't error when branch's commit doesn't exist () ()
- Backport 
  - If one of the branches no longer exists, don't throw an error, it's possible that the branch was destroyed during the process. Simply skip it and disregard it.
  - Resolves 
2022-04-29 12:25:19 +02:00
b86606fa38 Support hostname:port to pass host matcher's check () ()
Backport  
hostmatcher: split the hostname from the hostname:port string, use the correct hostname to do the match.
2022-04-29 01:41:58 +08:00
zeripath
74602bb487 Prevent intermittent race in attribute reader close () ()
Backport 

There is a potential rare race possible whereby the c.running channel could
be closed twice. Looking at the code I do not see a need for this c.running
channel and therefore I think we can remove this. (I think the c.running
might have been some attempt to prevent a hang but the use of os.Pipes should
prevent that.)

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-04-28 17:00:01 +02:00
Gusted
1465e0cbb2 Fix 64-bit atomic operations on 32-bit machines () ()
- Backport 
  - Doing 64-bit atomic operations on 32-bit machines is a bit tricky by golang, as they can only be done under certain set of conditions(https://pkg.go.dev/sync/atomic#pkg-note-BUG).
  - This PR fixes such case whereby the conditions weren't met, it moves the int64 to the first field of the struct, which will 64-bit operations happening on this property on 32-bit machines.
  - Resolves 
2022-04-27 10:32:28 -05:00