Commit Graph

18598 Commits

Author SHA1 Message Date
wxiaoguang
0aedb03996
Fix LFS route mock, realm, middleware names (#32488)
1. move "internal-lfs" route mock to "common-lfs"
2. fine tune tests
3. fix "realm" strings, according to RFC:
https://datatracker.ietf.org/doc/html/rfc2617:
    * realm       = "realm" "=" realm-value
    * realm-value = quoted-string
4. clarify some names of the middlewares, rename `ignXxx` to `optXxx` to
match `reqXxx`, and rename ambiguous `requireSignIn` to `reqGitSignIn`
2024-11-13 16:58:09 +08:00
Lunny Xiao
840ad7eefe
Disable Oauth check if oauth disabled (#32368)
Fix #32367

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 21:33:35 +00:00
silverwind
5bed7b9ec0
Update JS and PY dependencies (#32482)
Result of `make update-js update-py`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/80
Fixes: https://github.com/go-gitea/gitea/security/dependabot/81

Tested build and swagger ui.
2024-11-12 21:03:22 +00:00
silverwind
cad313e64f
Update github.com/meilisearch/meilisearch-go (#32484)
Result of `go get -u github.com/meilisearch/meilisearch-go && make
tidy`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/78
2024-11-12 15:55:01 -05:00
wxiaoguang
160ccb5ee2
Fix test fixtures for user2/lfs.git (#32477) 2024-11-12 05:41:22 +00:00
6543
4c924bf43c
Limit org member view of restricted users (#32211)
currently restricted users can only see the repos of teams in orgs they
are part at.
they also should only see the users that are also part at the same team.


---
*Sponsored by Kithara Software GmbH*
2024-11-12 03:44:24 +00:00
Albin Hedman
2763766f85
cargo registry - respect renamed dependencies (#32430)
rust allows renaming dependencies such as when depending on multiple
versions of the same package. This is not supported by gitea as
discovered in #31500 . This PR tries to address that.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 02:57:30 +00:00
wxiaoguang
580e21dd2e
Refactor LFS SSH and internal routers (#32473)
Gitea instance keeps reporting a lot of errors like "LFS SSH transfer connection denied, pure SSH protocol is disabled". When starting debugging the problem, there are more problems found. Try to address most of them:

* avoid unnecessary server side error logs (change `fail()` to not log them)
* figure out the broken tests/user2/lfs.git (added comments)
* avoid `migratePushMirrors` failure when a repository doesn't exist (ignore them)
* avoid "Authorization" (internal&lfs) header conflicts, remove the tricky "swapAuth" and use "X-Gitea-Internal-Auth"
* make internal token comparing constant time (it wasn't a serous problem because in a real world it's nearly impossible to timing-attack the token, but good to fix and backport)
* avoid duplicate routers (introduce AddOwnerRepoGitLFSRoutes)
* avoid "internal (private)" routes using session/web context (they should use private context)
* fix incorrect "path" usages (use "filepath")
* fix incorrect mocked route point handling (need to check func nil correctly)
* split some tests from "git general tests" to "git misc tests" (to keep "git_general_test.go" simple)

Still no correct result for Git LFS SSH tests. So the code is kept there
(`tests/integration/git_lfs_ssh_test.go`) and a FIXME explains the details.
2024-11-12 02:38:22 +00:00
silverwind
f35e2b0cd1
Fix a number of typescript issues (#32459)
Fixes 69 typescript errors found in the `admin` and `markup` folders.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-11 11:13:57 +00:00
ChristopherHX
f888e45432
Harden runner updateTask and updateLog api (#32462)
Per proposal https://github.com/go-gitea/gitea/issues/32461
2024-11-11 04:58:37 +00:00
Lunny Xiao
a1892cf7e3
Move some functions from issue.go to standalone files (#32468)
Just functions move, no code change.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-11 04:28:54 +00:00
6543
43c252dfea
Calculate PublicOnly for org membership only once (#32234)
Refactoring of #32211

this move the PublicOnly() filter calcuation next to the DB querys and
let it be decided by the Doer


---
*Sponsored by Kithara Software GmbH*
2024-11-11 01:38:30 +01:00
Zettat123
b1f42a0cdd
Add DEFAULT_MIRROR_REPO_UNITS and DEFAULT_TEMPLATE_REPO_UNITS options (#32416)
Resolve #30350

The action unit of mirrors and templates should be disabled by default.
This PR adds `DEFAULT_MIRROR_REPO_UNITS` and
`DEFAULT_TEMPLATE_REPO_UNITS` options to allow users to specify default
units for mirrors and templates.

Thanks to @lng2020 for the
[idea](https://github.com/go-gitea/gitea/issues/30350#issuecomment-2053942243)
2024-11-11 00:11:00 +00:00
Zettat123
a910abbb45
Add a doctor check to disable the "Actions" unit for mirrors (#32424)
Resolve #32232

Users can disable the "Actions" unit for all mirror repos by running 
```
gitea doctor check --run  disable-mirror-actions-unit --fix
```
2024-11-10 23:37:24 +00:00
wxiaoguang
a928739456
Refactor sidebar assignee&milestone&project selectors (#32465)
Follow #32460

Now the code could be much clearer than before and easier to maintain. A
lot of legacy code is removed.

Manually tested.

This PR is large enough, that fine tunes could be deferred to the future if
there is no bug found or design problem.

Screenshots:

<details>

![image](https://github.com/user-attachments/assets/35f4ab7b-1bc0-4bad-a73c-a4569328303c)

</details>
2024-11-11 04:07:54 +08:00
wxiaoguang
58c634b854
Refactor sidebar label selector (#32460)
Introduce `issueSidebarLabelsData` to handle all sidebar labels related data.
2024-11-10 08:26:42 +00:00
silverwind
b55a31eb6a
Fix mermaid diagram height when initially hidden (#32457)
In a hidden iframe, `document.body.clientHeight` is not reliable. Use
`IntersectionObserver` to detect the visibility change and update the
height there.

Fixes: https://github.com/go-gitea/gitea/issues/32392

<img width="885" alt="image"
src="https://github.com/user-attachments/assets/a95ef6aa-27e7-443f-9d06-400ef27919ae">
2024-11-09 20:03:55 +02:00
Calvin K
18aeca5320
Add reviewers selection to new pull request (#32403)
Users could add reviewers when creating new PRs.

---------

Co-authored-by: splitt3r <splitt3r@users.noreply.github.com>
Co-authored-by: Sebastian Sauer <sauer.sebastian@gmail.com>
Co-authored-by: bb-ben <70356237+bboerben@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-09 04:48:31 +00:00
wxiaoguang
d80f99ef04
Fix issue sidebar (#32455)
Fix #32453

Major changes:

* revert the `<div class="divider"></div>` in
`templates/repo/issue/branch_selector_field.tmpl` (it was removed by
mistake in ##32444)
* remove incorrect `<div class="inline field">` in
`templates/repo/issue/sidebar/allow_maintainer_edit.tmpl`
* use `gt-ellipsis` to replace the "title" class in the dependency list,
then `.repository .issue-content-right .ui.list .title` could be removed
* remove the "relaxed" from dependency list, then there is no padding,
then `.repository .issue-content-right .ui.list .dependency` could be
removed (`white-space` doesn't have effect either because there is
`gt-ellipsis`)
* remove dead code `.repository .issue-content-right #deadlineForm input
`

The fixed UI should be the same as before.
2024-11-09 01:55:32 +08:00
wxiaoguang
0f397ae09b
Refactor language menu and dom utils (#32450)
1. Make `queryElem*` functions could correctly handle TS types
2. Remove some legacy jQuery $ calls (introduce fomanticQuery for Fomantic UI only)
3. Fix some TS typing problems
2024-11-08 14:04:24 +08:00
Zettat123
35bcd667b2
Fix broken releases when re-pushing tags (#32435)
Fix #32427
2024-11-08 10:53:06 +08:00
wxiaoguang
623a2d41cc
Refactor issue page info (#32445)
Fix a longstanding TODO since 2021 (#14826) / 2018 (#2531)
2024-11-08 02:21:13 +00:00
wxiaoguang
028e612094
Split issue sidebar into small templates (#32444)
Only move code
2024-11-08 01:44:20 +00:00
Kemal Zebari
fb03062478
Only provide the commit summary for Discord webhook push events (#32432)
Resolves #32371.

#31970 should have just showed the commit summary, but
`strings.SplitN()` was misused such that we did not perform any
splitting at all and just used the message. This was not caught in the
unit test made in that PR since the test commit summary was > 50 (which
truncated away the commit description).

This snapshot resolves this and adds another unit test to ensure that we
only show the commit summary.
2024-11-07 19:56:53 +00:00
Lunny Xiao
331e878e81
Add new event commit status creation and webhook implementation (#27151)
This PR introduces a new event which is similar as Github's. When a new
commit status submitted, the event will be trigged. That means, now we
can receive all feedback from CI/CD system in webhooks or other notify
systems.

ref:
https://docs.github.com/en/webhooks/webhook-events-and-payloads#status

Fix #20749
2024-11-07 06:41:49 +00:00
wxiaoguang
145e266987
Support quote selected comments to reply (#32431)
Many existing tests were quite hacky, these could be improved later.

<details>

![image](https://github.com/user-attachments/assets/93aebb4f-9de5-4cb8-910b-50c64cbcd25a)

</details>
2024-11-07 03:57:07 +00:00
Lunny Xiao
276500c314
Move AddCollabrator and CreateRepositoryByExample to service layer (#32419)
- [x] Move `CreateRepositoryByExample` to service layer
- [x] Move `AddCollabrator` to service layer
- [x] Add a new parameter for `AddCollabrator` so that changing mode
immediately after that will become unnecessary.
2024-11-07 11:28:11 +08:00
Lunny Xiao
913be9e8ac
Add new index for action to resolve the performance problem (#32333)
Fix #32224
2024-11-06 22:04:48 +00:00
Kemal Zebari
7adc4717ec
Include file extension checks in attachment API (#32151)
From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.
2024-11-06 21:34:32 +00:00
Bruno Sofiato
f64fbd9b74
Updated tokenizer to better matching when search for code snippets (#32261)
This PR improves the accuracy of Gitea's code search. 

Currently, Gitea does not consider statements such as
`onsole.log("hello")` as hits when the user searches for `log`. The
culprit is how both ES and Bleve are tokenizing the file contents (in
both cases, `console.log` is a whole token).

In ES' case, we changed the tokenizer to
[simple_pattern_split](https://www.elastic.co/guide/en/elasticsearch/reference/current/analysis-simplepatternsplit-tokenizer.html#:~:text=The%20simple_pattern_split%20tokenizer%20uses%20a,the%20tokenization%20is%20generally%20faster.).
In such a case, tokens are words formed by digits and letters. In
Bleve's case, it employs a
[letter](https://blevesearch.com/docs/Tokenizers/) tokenizer.

Resolves #32220

---------

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2024-11-06 20:51:20 +00:00
wxiaoguang
b573512312
Correctly query the primary button in a form (#32438)
The "primary button" is used at many places, but sometimes they might
conflict (due to button switch, hidden panel, dropdown menu, etc).

Sometimes we could add a special CSS class for the buttons, but
sometimes not (see the comment of QuickSubmit)

This PR introduces `querySingleVisibleElem` to help to get the correct
primary button (the only visible one), and prevent from querying the
wrong buttons.

Fix #32437

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-11-07 04:21:53 +08:00
wxiaoguang
41b4ef825d
Use 8 as default value for git lfs concurrency (#32421) 2024-11-05 13:10:57 +00:00
Lunny Xiao
24b83ff63e
Fix milestone deadline and date related problems (#32339)
Use zero instead of 9999-12-31 for deadline
Fix #32291

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-05 07:46:40 +00:00
Lunny Xiao
1887c75c35
Only query team tables if repository is under org when getting assignees (#32414)
It's unnecessary to query the team table if the repository is not under
organization when getting assignees.
2024-11-05 07:13:52 +00:00
wxiaoguang
61c35590c7
Refactor RepoRefByType (#32413)
1. clarify the "filepath" could(should) contain "{ref}"
2. remove unclear RepoRefLegacy and RepoRefAny, use RepoRefUnknown to guess
3. by the way, avoid using AppURL
2024-11-05 06:35:54 +00:00
wxiaoguang
4a469c8e1b
Refactor template ctx and render utils (#32422)
Clean up the templates
2024-11-05 14:04:26 +08:00
wxiaoguang
b068dbd40e
Refactor DateUtils and merge TimeSince (#32409)
Follow #32383 and #32402
2024-11-04 11:30:00 +00:00
wxiaoguang
61be51e56b
Refactor markup package (#32399)
To make the markup package easier to maintain:
1. Split some go files into small files
2. Use a shared util.NopCloser, remove duplicate code
3. Remove unused functions
2024-11-04 10:59:50 +00:00
wxiaoguang
af28ce59b8
Add some handy markdown editor features (#32400)
There were some missing features from EasyMDE:

1. H1 - H3 style
2. Auto add task list
3. Insert a table

And added some tests
2024-11-04 10:14:36 +00:00
Royce Remer
54146e62c0
Make LFS http_client parallel within a batch. (#32369)
Signed-off-by: Royce Remer <royceremer@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-04 04:49:08 +00:00
wxiaoguang
f2a6df03d9
Refactor repo legacy (#32404)
Only move code, no unnecessary logic change. (There are many problems in
old code, but changing them is not in this PR's scope)

Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-03 11:00:12 +00:00
wxiaoguang
259811617b
Replace DateTime with proper functions (#32402)
Follow #32383

This PR cleans up the "Deadline" usages in templates, make them call
`ParseLegacy` first to get a `Time` struct then display by `DateUtils`.

Now it should be pretty clear how "deadline string" works, it makes it
possible to do further refactoring and correcting.
2024-11-02 21:04:53 +00:00
wxiaoguang
e524f63d58
Fix git error handling (#32401) 2024-11-02 11:20:22 +00:00
Lunny Xiao
13a203828c
Fix created_unix for mirroring (#32342)
Fix #32233
2024-11-02 06:11:38 +00:00
wxiaoguang
fec6b3d500
Replace DateTime with DateUtils (#32383) 2024-11-02 04:08:28 +00:00
Rowan Bohde
7dcccc3bb1
improve performance of diffs (#32393)
This has two major changes that significantly reduce the amount of work
done for large diffs:

* Kill a running git process when reaching the maximum number of files
in a diff, preventing it from processing the entire diff.
* When loading a diff with the URL param `file-only=true`, skip loading
stats. This speeds up loading both hidden files of a diff and sections
of a diff when clicking the "Show More" button.

A couple of minor things from profiling are also included:

* Reuse existing repo in `PrepareViewPullInfo` if head and base are the
same.

The performance impact is going to depend heavily on the individual diff
and the hardware it runs on, but when testing locally on a diff changing
100k+ lines over hundreds of files, I'm seeing a roughly 75% reduction
in time to load the result of "Show More"

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-02 11:29:37 +08:00
wxiaoguang
ec2d1593c2
Refactor tests to prevent from unnecessary preparations (#32398) 2024-11-01 23:18:29 +08:00
Kyle D.
66971e591e
Add artifacts test fixture (#30300)
Closes https://github.com/go-gitea/gitea/issues/30296

- Adds a DB fixture for actions artifacts
- Adds artifacts test files
- Clears artifacts test files between each run
- Note: I initially initialized the artifacts only for artifacts tests,
but because the files are small it only takes ~8ms, so I changed it to
always run in test setup for simplicity
- Fix some otherwise flaky tests by making them not depend on previous
tests
2024-11-01 10:29:54 +08:00
Zettat123
0690cb076b
Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365)
Fix #28121

I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.

348d1d0f32/routers/api/packages/container/container.go (L712-L717)
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>

In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.

```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```

---

Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.

b7fb20e73e/modules/storage/minio.go (L214-L221)
2024-10-31 15:28:25 +00:00
silverwind
8107823026
Fix a number of typescript issues (#32308)
- Prefer
[window.location.assign](https://developer.mozilla.org/en-US/docs/Web/API/Location/assign)
over assigning to
[window.location](https://developer.mozilla.org/en-US/docs/Web/API/Window/location)
which typescript does not like. This works in all browsers including
PaleMoon.
- Fix all typescript issues in `web_src/js/webcomponents`, no behaviour
changes.
- ~~Workaround bug in `@typescript-eslint/no-unnecessary-type-assertion`
rule.~~
- Omit vendored file from type checks.
- `tsc` error count is reduce by 53 with these changes.
2024-10-31 14:57:40 +00:00