Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-27 20:26:09 +01:00
Commit graph

16639 commits

Author SHA1 Message Date
CaiCandong 815d267c80
Fix verifyCommits error when push a new branch (#26664)
> ### Description
> If a new branch is pushed, and the repository has a rule that would
require signed commits for the new branch, the commit is rejected with a
500 error regardless of whether it's signed.
> 
> When pushing a new branch, the "old" commit is the empty ID
(0000000000000000000000000000000000000000). verifyCommits has no
provision for this and passes an invalid commit range to git rev-list.
Prior to 1.19 this wasn't an issue because only pre-existing individual
branches could be protected.
> 
> I was able to reproduce with
[try.gitea.io/CraigTest/test](https://try.gitea.io/CraigTest/test),
which is set up with a blanket rule to require commits on all branches.


Fix #25565
Very thanks to @Craig-Holmquist-NTI for reporting the bug and suggesting
an valid solution!

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-08-30 02:27:53 +00:00
silverwind 508de3a58d
Fix Uint8Array comparisons and update vitest (#26805)
Compare those `Uint8Array` via conversion to Array which are properly
comparable, so that we don't have to worry about whether `TextEncoder`
and `UInt8Array` from the environment are compatible or not.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-08-30 01:56:44 +00:00
silverwind 7bc80cb350
Add various missing files-changed dependencies (#26799)
We were missing a number of config files like `.golangci.yml` in the
dependencies for the pull request pipelines, which resulted in the
linting not running for https://github.com/go-gitea/gitea/pull/26786
because only `.golangci.yml` had changed.
2023-08-30 01:40:13 +00:00
wxiaoguang 1a9998ce91
Improve flex list item padding (#26779)
Replace #26761

It's better to keep children elements simple, and let parent containers
layout the necessary padding/margin.

The old `not(:last-child)` and `.flex-item + .flex-item` are not easy to
maintain (for example, what if the developer would like to use a "tiny
height" item?)

The old approach also makes some UI look strange because the first item
doesn't have proper padding-top.

In this PR, we just simply use `.flex-item { padding: ... }`:

* Developers could manually set the item height they want easily
* It's easier to make it work with various containers -- with padding
(`ui segment`) and without padding (`div`)

And added more samples/examples.


![image](https://github.com/go-gitea/gitea/assets/2114189/719ea712-0241-4426-b67f-5723993c4ed7)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-29 23:13:30 +00:00
js6pak 4f5a2117c3
Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests (#26759)
Include `GITHUB_TOKEN`/`GITEA_TOKEN` secrets for actions triggered by
pull requests

This makes it consistent with the environment variables which you can
already access

```shell
echo env: $GITHUB_TOKEN
echo expression: ${{ secrets.GITHUB_TOKEN }}
```
before

![image](https://github.com/go-gitea/gitea/assets/35262707/b6f750f6-3995-40f0-b8aa-df01e7997c37)
after

![image](https://github.com/go-gitea/gitea/assets/35262707/ab74464b-7638-458a-afd5-f39e6101d2cf)

---------

Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-29 22:13:16 +00:00
Bo-Yi Wu b91057b172
feat(API): add route and implementation for creating/updating repository secret (#26766)
spec:
https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-a-repository-secret

- Add a new route for creating or updating a secret value in a
repository
- Create a new file `routers/api/v1/repo/action.go` with the
implementation of the `CreateOrUpdateSecret` function
- Update the Swagger documentation for the `updateRepoSecret` operation
in the `v1_json.tmpl` template file

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-29 20:54:49 +00:00
Chongyi Zheng 2d9249b6d9
Replace deprecated elliptic.Marshal (#26800)
In PR #26786, the Go version for golangci-lint is bumped to 1.21. This
causes the following error:

```
models/migrations/v1_16/v210.go:132:23: SA1019: elliptic.Marshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function returns an encoding equivalent to that of PublicKey.Bytes in crypto/ecdh. (staticcheck)
                                        PublicKey:       elliptic.Marshal(elliptic.P256(), parsed.PubKey.X, parsed.PubKey.Y),
```

The change now uses [func (*PublicKey)
ECDH](https://pkg.go.dev/crypto/ecdsa#PublicKey.ECDH), which is added in
Go 1.20.
2023-08-29 22:19:40 +02:00
puni9869 438c7642c7
Updating the js libraries to latest version. (#26795)
As title.

<img width="657" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/db8f6c80-78b5-4992-800c-802ee7b9ba6d">
2023-08-30 02:29:13 +08:00
Chongyi Zheng ad43486cd3
Fix some slice append usages (#26778)
Co-authored-by: delvh <dev.lh@web.de>
2023-08-29 15:47:26 +00:00
Chongyi Zheng 3507cad6f5
Use Go 1.21 for golangci-lint (#26786)
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-29 16:25:24 +02:00
wxiaoguang 96ba747ff2
Fix notification circle (border-radius) (#26794)
`border-radius` means `radius`, not `diameter`, so it should be `50%` and `boxHeight / 2`
2023-08-29 14:03:34 +00:00
yp05327 915cabdb14
Fix context filter has no effect in dashboard (#26695)
Fix #26686
2023-08-29 12:46:52 +00:00
yp05327 008f5d8cf1
Add default label in branch select list (#26697) 2023-08-29 12:15:19 +00:00
Eng Zer Jun ad3cbbc3b1
Remove redundant nil check in WalkGitLog (#26773)
From the Go specification:

> "1. For a nil slice, the number of iterations is 0."
https://go.dev/ref/spec#For_range

Therefore, an additional nil check for before the loop is unnecessary.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-08-29 11:03:43 +00:00
silverwind db09b35590
Remove fomantic item module (#26775)
All selectors had `.ui.items` prefix and I did not find it in any of the
templates or JS, so this is a pretty safe removal.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-29 10:14:33 +00:00
silverwind 29dc1d3b8b
Update info regarding internet connection for build (#26776)
This build info was outdated since we no longer vendor go modules.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-29 09:09:44 +00:00
CaiCandong c576b50441
Fix being unable to use a repo that prohibits accepting PRs as a PR source. (#26785)
## Description 
Sometimes, we need to use an upstream mirror repository to update the
current development repository, but mirror repositories are prohibited
from PR. It should not appear in `merge to,` but it can appear in `pull
from.`
Fix #24585 #26193 #26781
Related #24183

Many thanks to @apnote  for assisting me in reproducing this bug!

## ScreenShot
---
### Before

<img
src="https://github.com/go-gitea/gitea/assets/50507092/3d76c376-1f54-45b9-80c9-6ba8319d6a9a"
width="400px">

<img
src="https://github.com/go-gitea/gitea/assets/50507092/fbfd9f7f-421f-4a2e-9a3e-f2958bbf3312"
width="400px">

### After

<img
src="https://github.com/go-gitea/gitea/assets/50507092/e6984524-4f61-4310-b795-4d8598bd8963"
width="400px">

<img
src="https://github.com/go-gitea/gitea/assets/50507092/04065b44-78d7-4721-bf31-0f1674150727"
width="400px">
2023-08-29 12:07:15 +03:00
yp05327 60ca3d04a4
Add fix incorrect can_create_org_repo for org owner team (#26683)
Related to: #8312 #26491

In migration v109, we only added a new column `CanCreateOrgRepo` in Team
table, but not initial the value of it.
This may cause bug like #26491.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-29 01:11:23 +00:00
GiteaBot aeeeac8edf [skip ci] Updated translations via Crowdin 2023-08-29 00:22:17 +00:00
wxiaoguang 0ab70d4f2f
Improve modal dialog UI (#26764)
1. Fine tune the CSS styles, and add more examples
2. Add necessary "dimmer" animation for modal dialogs, otherwise the UI
seems flicking (follow #26469)
2023-08-28 23:49:21 +00:00
wxiaoguang 83208b4991
Improve the "bug report" template and "support options" document (#26753)
* `/help/support` is a better document than
`/administration/logging-config` for bug reporting
* Improve `support.en-us.md`
    * Move/add detailed contents into `Advanced Bug Report Tips` section
    * Merge `Chinese Support` section into `Support Options`
2023-08-28 22:37:39 +00:00
delvh dca2f9371d
Unify border-radius behavior (#26770)
## Changes
- no more hardcoded `border-radius`es (apart from `0`)
- no more value inconsistencies
- no more guessing what pixel value you should use
- two new variables:
- `--border-radius-medium` (for elements where the normal border radius
does not suffice)
  - `--border-radius-circle` (for displaying circles)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-28 19:43:59 +00:00
Chongyi Zheng ac2f8c9ac6
Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
wxiaoguang 4803766f7a
Refactor some CSS styles and simplify code (#26771)
Refactor some CSS styles and simplify code.

Some styles are not in use, remove them.
2023-08-28 22:14:51 +08:00
merlleu a587d25261
Add auth-required to config.json for Cargo http registry (#26729)
Cargo registry-auth feature requires config.json to have a property
auth-required set to true in order to send token to all registry
requests.
This is ok for git index because you can manually edit the config.json
file to add the auth-required, but when using sparse
(setting index url to
"sparse+https://git.example.com/api/packages/{owner}/cargo/"), the
config.json is dynamically rendered, and does not reflect changes to the
config.json file in the repo.

I see two approaches:
- Serve the real config.json file when fetching the config.json on the
cargo service.
- Automatically detect if the registry requires authorization. (This is
what I implemented in this PR).

What the PR does:
- When a cargo index repository is created, on the config.json, set
auth-required to wether or not the repository is private.
- When the cargo/config.json endpoint is called, set auth-required to
wether or not the request was authorized using an API token.
2023-08-28 07:05:39 +00:00
Bo-Yi Wu 8cd46024fd
refactor(API): refactor secret creation and update functionality (#26751)
According to the GitHub API Spec:
https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret

Merge the Create and Update secret into a single API.

- Remove the `CreateSecretOption` struct and replace it with
`CreateOrUpdateSecretOption` in `modules/structs/secret.go`
- Update the `CreateOrUpdateOrgSecret` function in
`routers/api/v1/org/action.go` to use `CreateOrUpdateSecretOption`
instead of `UpdateSecretOption`
- Remove the `CreateOrgSecret` function in
`routers/api/v1/org/action.go` and replace it with
`CreateOrUpdateOrgSecret`
- Update the Swagger documentation in
`routers/api/v1/swagger/options.go` and `templates/swagger/v1_json.tmpl`
to reflect the changes in the struct names and function names

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2023-08-28 13:08:19 +08:00
Lunny Xiao 6945918d34
Fix bug for ctx usage (#26762)
Regression from #26158

Fix #26684
2023-08-28 04:06:47 +00:00
wxiaoguang 67daa7bcb0
Remove some transition related code (#26755)
Remove transition related code because the transition module has been
removed by #26469
2023-08-28 01:26:23 +00:00
mainboarder c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
GiteaBot 2401e6e121 [skip ci] Updated licenses and gitignores 2023-08-28 00:22:48 +00:00
Lunny Xiao 476b9d1589
Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
puni9869 e0a796a641
Adding hint Archived to archive label. (#26741)
Followup  https://github.com/go-gitea/gitea/pull/26478
## Archived labels UI

Changed:
* Enhanced the Filtered UI page to seamlessly incorporate a list of
archived labels.

Outsourced:
* Defer the implementation of specialized handling for archived labels
to upcoming pull requests. This step will be undertaken subsequent to
the successful merge of this pull request.

Screenshots

![image](https://github.com/go-gitea/gitea/assets/80308335/1f33cfb2-2bac-46f0-9103-9e62d235b1d2)

![image](https://github.com/go-gitea/gitea/assets/80308335/3609acd0-b1ba-4ee9-8c4e-1a34dbc37dd7)

![image](https://github.com/go-gitea/gitea/assets/80308335/9860196d-2391-409b-a9a0-1205ab4b412b)

---

Part of https://github.com/go-gitea/gitea/issues/25237

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-08-27 09:32:54 +00:00
Chongyi Zheng 43652746f2
Move modules/mirror to services (#26737)
To solve the cyclic imports in a better way

Closes #20261
2023-08-27 10:24:45 +08:00
GiteaBot 37b3ba22a1 [skip ci] Updated translations via Crowdin 2023-08-27 00:27:26 +00:00
wxiaoguang 5914a2f8c0
Fix template bugs in recently_pushed_new_branches.tmpl (#26744)
Fix some bugs from #25715, fix #25830

1. `$.locale.Tr ... Safe` needs `Escape`, but not `PathEscapeSegments`
2. The attribute should be `role`
3. The `ComposeBranchCompareURL` already does escaping correctly
2023-08-27 08:16:02 +08:00
wxiaoguang 4fdb09de58
Fix incorrect "tabindex" attributes (#26733)
Fix #26731

Almost all "tabindex" in code are incorrect.

1. All "input/button" by default are focusable, so no need to use "tabindex=0"
2. All "div/span" by default are not focusable, so no need to use "tabindex=-1"
3. All "dropdown" are focusable by framework, so no need to use "tabindex"
4. Some tabindex values are incorrect (eg: `new_form.tmpl`), so remove them

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-26 10:44:00 +08:00
wxiaoguang 576644d815
Simplify helper CSS classes and avoid abuse (#26728)
Removed CSS helper classes (some of them are not useful while some of
them are abused often)

* `gt-db`: in most cases it could be replaced by `gt-df` and the flex
layout should be encouraged. Other cases: either it does need the
`gt-df` (eg: by using `div` directly) or it is an abuse (eg: the warning
message in a form)
* `gt-di`: it doesn't seem useful, or it could be replaced by `gt-dib`
in most cases.
* `gt-dif`: not useful, it could be replaced by `flex-text-inline` or
`gt-df`
* `gt-js`: never used
* All `<i class="icon gt-df gt-ac gt-jc">` could be written as `<i
class="icon">`


## Some UI samples

### Admin Notice


![image](https://github.com/go-gitea/gitea/assets/2114189/d02010d4-dc7d-463f-bc99-dcc9b6e2e2ac)

### Admin Stacktrace


![image](https://github.com/go-gitea/gitea/assets/2114189/4045695c-a8c4-4e37-b720-e77a61b1e965)

### Org Home


![image](https://github.com/go-gitea/gitea/assets/2114189/069f02d0-76ad-4052-8a80-700d7e501d40)

### Org Team Repo


![image](https://github.com/go-gitea/gitea/assets/2114189/dc8d6106-bb6b-4f60-83ac-06cb28df3ab5)

### Release List


![image](https://github.com/go-gitea/gitea/assets/2114189/0845e8a5-d1a9-487a-9d25-3c200ad54c17)


### User Setting Application Token Scope


![image](https://github.com/go-gitea/gitea/assets/2114189/fffbde27-432b-49c6-827e-17b8cd3457ff)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-26 01:35:10 +02:00
silverwind 8b5c081d76
Remove fomantic loader module (#26670)
Replace Fomantic `loader` CSS module with our existing `is-loading`
spinner. Only three places in the UI used this module, which are
pictured here:

imagediff:
<img width="1237" alt="Screenshot 2023-08-22 at 22 18 01"
src="https://github.com/go-gitea/gitea/assets/115237/b0d82531-f05e-43c6-9e5b-1bfc268c056d">

webauthn:
<img width="894" alt="Screenshot 2023-08-22 at 22 05 05"
src="https://github.com/go-gitea/gitea/assets/115237/7b583425-d944-474a-a57a-22a65bbd8b29">

heatmap (I removed the previous loading text, it was unreadable because
it was tiny and on fast machines only visible for a fraction of a
second):
<img width="764" alt="Screenshot 2023-08-22 at 22 18 44"
src="https://github.com/go-gitea/gitea/assets/115237/1c7472d6-3e17-4224-a992-d8c0b380cc73">

Also, heatmap container does not resize any more after loading now and
previous duplicate id `user-heatmap` is gone.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-25 16:03:14 +00:00
silverwind f626366f53
Fix link in mirror docs (#26719)
Fix hash fragment in this link

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-25 17:13:07 +02:00
silverwind 21b8ec29aa
Add eslint-plugin-vue-scoped-css (#26720)
Adds
[eslint-plugin-vue-scoped-css](https://github.com/future-architect/eslint-plugin-vue-scoped-css)
and fixes discovered issues which are:

- 1 unused selector
- 3 selectors with `.full.height` parent in a `<style scoped>` block so
the rule could not find the parent. Move these into the unscoped block
instead. They worked before and after.
2023-08-25 13:47:27 +00:00
Viktor Suprun 7b05d66e60
Fixed text overflow in dropdown menu (#26694)
Fixes #26622


![image](https://github.com/go-gitea/gitea/assets/683358/168b7e4d-97ba-4b5f-a5f5-33ee67e8b4be)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-25 11:15:21 +00:00
wxiaoguang 412e5c0946
Make web context initialize correctly for different cases (#26726)
The web context (modules/context.Context) is quite complex, it's
difficult for the callers to initialize correctly.

This PR introduces a `NewWebContext` function, to make sure the web
context have the same behavior for different cases.
2023-08-25 19:07:42 +08:00
wxiaoguang ee9e83b230
Remove incorrect CSS helper classes (#26712) 2023-08-25 06:47:59 +00:00
silverwind 636b6eaf2a
Focus editor on "Write" tab click (#26714)
Focus the editor when clicking the "Write" tab. Works for both Textarea
and EasyMDE. Does for some reason not work without the
`requestAnimationFrame`.
2023-08-25 13:26:32 +08:00
wxiaoguang 390ec619f3
Fix review bar misalignment (#26711) 2023-08-24 23:46:30 +08:00
wxiaoguang 8ac83043f5
Use "small-loading-icon" insead of "btn-octicon is-loading" (#26710)
The "btn-octicon is-loading" was introduced by #21842 , it is only used
by the "Copy Content" button, but the "btn-octicon" selector would
affect too many uncertain elements.

Now there is a general "small-loading-icon" class, so the "btn-octicon
is-loading" could be removed.
2023-08-24 10:21:41 -04:00
wxiaoguang 09faf43ef8
Improve Image Diff UI (#26696)
1. Use `is-loading` instead of `ui loader`
2. Introduce class name `image-diff-tabs`, instead of searching `gt-hidden`, which is fragile
3. Align the UI elements, see the screenshots.
2023-08-24 12:13:23 +00:00
wxiaoguang 4de2244697
Make issue template field template access correct template data (#26698)
Regression of #23092, the `{{$field := .}}` was missing during that refactoring.
2023-08-24 11:09:36 +00:00
Earl Warren a9ce570298
add Upload URL to release API (#26663)
- Resolves https://codeberg.org/forgejo/forgejo/issues/580
- Return a `upload_field` to any release API response, which points to
the API URL for uploading new assets.
- Adds unit test.
- Adds integration testing to verify URL is returned correctly and that
upload endpoint actually works

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-24 10:36:10 +00:00
Laurent Cahour b21b63c61a
Add merge files files to GetCommitFileStatus (#20515)
Hi,

We'd like to add merge files files to GetCommitFileStatus fucntions so
API returns the list of all the files associated to a merged pull
request commit, like GitHub API does.
The list of affectedFiles for an API commit is fetched from toCommit()
function in routers/api/v1/repo/commits.go, and API was returning no
file in case of a pull request with no conflict, or just files
associated to the confict resolution, but NOT the full list of merged
files.

This would lead to situations where a CI polling a repo for changes
could miss some file changes due to API returning an empty / partial
list in case of such merged pull requests. (Hope this makes sense :) )

NOTE: I'd like to add a unittest in
integrations/api_repo_git_commits_test.go but failed to understand how
to add my own test bare repo so I can make a test on a merged pull
request commit to check for affectedFiles.
Is there a merged pull request in there that I could use maybe?
Could someone please direct me to the relevant ressources with
informations on how to do that please?

Thanks for your time,
Laurent.

---------

Co-authored-by: Thomas Desveaux <desveaux.thomas@gmail.com>
2023-08-24 10:03:49 +00:00