(cherry picked from commit e84e43887b)
[DOCS] RELEASE-NOTES: add scoped access tokens
(cherry picked from commit 688f831853)
[DOCS] RELEASE-NOTES: Scoped labels
(cherry picked from commit 747479a07b)
[DOCS] RELEASE-NOTES: OIDC groups
(cherry picked from commit 10c505fe89)
[DOCS] RELEASE-NOTES: Copy Link is broken
On firefox it fails with Uncaught TypeError: navigator.clipboard is
undefined
On chromium it fails with Uncaught TypeError: Cannot read properties of undefined (reading 'writeText')
(cherry picked from commit 148b2ff093)
[DOCS] RELEASE-NOTES: Copy citation
(cherry picked from commit d0f217735f)
[DOCS] RELEASE-NOTES: Support org/user level projects
(cherry picked from commit de845c7bcf)
[DOCS] RELEASE-NOTES: v1.19 has a documentation
(cherry picked from commit 9a5b46da32)
[DOCS] RELEASE-NOTES: do not split webhook section
(cherry picked from commit 00ed020321)
[DOCS] RELEASE-NOTES: Incoming emails
(cherry picked from commit 06c455b33b)
[DOCS] RELEASE-NOTES: secrets are an implementation detail
(cherry picked from commit 8236dc3a57)
[DOCS] RELEASE-NOTES: Prohibit fork if user reached maximum
(cherry picked from commit 0f80b8c696)
[DOCS] RELEASE-NOTES: scoped tokens: do not duplicate the docs
(cherry picked from commit 9bc4793c07)
[DOCS] RELEASE-NOTES: rss feed for tags and releases
(cherry picked from commit 599b36fada)
[DOCS] RELEASE-NOTES: protected branches wildcard
(cherry picked from commit 2b316c4950)
[DOCS] RELEASE-NOTES: disable releases
(cherry picked from commit 9a60773f1d)
[DOCS] RELEASE-NOTES: review box
(cherry picked from commit 09867dd122)
[DOCS] RELEASE-NOTES: asciicast support
(cherry picked from commit ea9658379b)
[DOCS] RELEASE-NOTES: attention blocks
(cherry picked from commit 70b387750b)
[DOCS] RELEASE-NOTES: commit cross reference
(cherry picked from commit fe706dad13)
[DOCS] RELEASE-NOTES: strip user completion border case
(cherry picked from commit 33ca51b4b6)
[DOCS] RELEASE-NOTES: card preview
(cherry picked from commit 626cd78ca6)
[DOCS] RELEASE-NOTES: raw copy button
(cherry picked from commit edfb467d64)
[DOCS] RELEASE-NOTES: allow edits by maintainers by default
(cherry picked from commit 7006405bc6)
[DOCS] RELEASE-NOTES: database auto migration is a little arcane
(cherry picked from commit 78030fa9af)
[DOCS] RELEASE-NOTES: fix typos & minor rewording
(cherry picked from commit ae1d47f656)
(cherry picked from commit 20b5669269)
(cherry picked from commit 1574643a6a)
Update semantic version according to specification
(cherry picked from commit 22510f4130)
Mise à jour de 'Makefile'
(cherry picked from commit c3d85d8409)
Although it would be possible to modify these files, it would create
conflicts when rebasing. Instead, this commit removes them entirely
and another commit can start from scratch, borrowing content from the
original files.
The drawback of this approach is that some content updates from Gitea
that also need updating in Forgejo will have to be copy/pasted
instead of being merged.
(cherry picked from commit eb85782115)
(cherry picked from commit 34401f2004)
(cherry picked from commit ef43b1c691)
Backport #23306
It is convenient to be able to toggle off this option after removing /
from the name. This ensures the muted state is communicated to blind
users even when the input is not fully disabled.
Part of #22974
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #23194
## TLDR
* Fix the broken page / broken image problem when click "Install"
* Fix the Password Hash Algorithm display problem for #22942
* Close#20089
* Close#23183
* Close#23184
## Details
### The broken page / broken image problem when clicking on "Install"
(Redirect failed after install - #23184)
Before: when clicking on "install", all new requests will fail, because the
server has been restarted. Users just see a broken page with broken
images, sometimes the server is not ready but the user would have been
redirect to "/user/login" page, then the users see a new broken page
(connection refused or something wrong ...)
After: only check InstallLock=true for necessary handlers, and sleep for
a while before restarting the server, then the browser has enough time
to load the "post-install" page. And there is a script to check whether
"/user/login" is ready, the user will only be redirected to the login
page when the server is ready.
### During new instance setup fill 'Gitea Base URL' with
window.location.origin - #20089
If the "app_url" input contains `localhost` (the default value from
config), use current window's location href as the `app_url` (aka
ROOT_URL)
### Fix the Password Hash Algorithm display problem for "Provide the
ability to set password hash algorithm parameters #22942"
Before: the UI shows `pbkdf2$50000$50`
<details>
![image](https://user-images.githubusercontent.com/2114189/221917143-e1e54798-1698-4fee-a18d-00c48081fc39.png)
</details>
After: the UI shows `pbkdf2`
<details>
![image](https://user-images.githubusercontent.com/2114189/221916999-97a15be8-2ebb-4a01-bf93-dac18e354fcc.png)
</details>
### GET data: net::ERR_INVALID_URL #23183
Cause by empty `data:` in `<link rel="manifest"
href="data:{{.ManifestData}}">`
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #23216
When creating commit status for Actons jobs, a payload with nil
`HeadCommit` will cause panic.
Reported at:
https://gitea.com/gitea/act_runner/issues/28#issuecomment-732166
Although the `HeadCommit` probably can not be nil after #23215,
`CreateCommitStatus` should protect itself, to avoid being broken in the
future.
In addition, it's enough to print error log instead of returning err
when `CreateCommitStatus` failed.
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: delvh <dev.lh@web.de>
Backport #23272
The code for GetFilesChangedBetween uses `git diff --name-only
base..head` to get the names of files changed between base and head
however this forgets that git will escape certain values.
This PR simply switches to use `-z` which has the `NUL` character as the
separator.
Ref https://github.com/go-gitea/gitea/pull/22568#discussion_r1123138096
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #23152
`renderReadmeFile` needs `readmeTreelink` as parameter but gets
`treeLink`.
The values of them look like as following:
`treeLink`: `/{OwnerName}/{RepoName}/src/branch/{BranchName}`
`readmeTreelink`:
`/{OwnerName}/{RepoName}/src/branch/{BranchName}/{ReadmeFileName}`
`path.Dir` in
8540fc45b1/routers/web/repo/view.go (L316)
should convert `readmeTreelink` into
`/{OwnerName}/{RepoName}/src/branch/{BranchName}` instead of the current
`/{OwnerName}/{RepoName}/src/branch`.
Fixes#23151
Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Backport #23267
Follow #21986 , fix regression.
The mail templates should always use `AppURL` (the full absolute URL)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23168
The reason why quote reply is empty is when quote reply is clicked, it
triggers the click function on `.comment-form-reply` button, and when
the first time this function is triggered, easyMDE for the reply has not
yet initialized, so that click handler of `.quote-reply` button in
`repo-legacy.js` got an `undefined` as easyMDE, and the following lines
which put quoted reply into the easyMDE is not executed.
The workaround in this PR is to pass the replied content to
'.comment-form-reply' button if easyMDE is not yet initialized (quote
reply first clicked) and put the replied content into it the after
easyMDE is created.
Now quote reply on first click:
https://user-images.githubusercontent.com/17645053/221452823-fc699d50-1649-4af1-952e-f04fc8d2978e.mov
<br />
Update:
The above change is not appropriate as stated in the
[comment](https://github.com/go-gitea/gitea/pull/23168#issuecomment-1445562284)
Use await instead
Close#22075.
Close#23247.
Co-authored-by: HesterG <hestergong@gmail.com>
Backport #23250
Due to switched input parameters, the citation texts for Bibtex and Apa
were switched.
This pull request fixes#23244
Co-authored-by: Blender Defender <contact.blenderdefender@gmail.com>
Backport #22892
As you can imagine, for the Blender development process it is rather
nice to be able to include videos in issues, pull requests, etc.
This PR allows the `<video>` HTML tag to be used in MarkDown, with the
`src`, `autoplay`, and `controls` attributes.
## Help Needed
To have this fully functional, personally I feel the following things
are still missing, and would appreciate some help from the Gitea team.
### Styling
Some CSS is needed, but I couldn't figure out which of the LESS files
would work. I tried `web_src/less/markup/content.less` and
`web_src/less/_base.less`, but after running `make` the changes weren't
seen in the frontend.
This I would consider a minimal set of CSS rules to be applied:
```css
video {
max-width: 100%;
max-height: 100vh;
}
```
### Default Attributes
It would be fantastic if Gitea could add some default attributes to the
`<video>` tag. Basically `controls` should always be there, as there is
no point in disallowing scrolling through videos, looping them, etc.
### Integration with the attachments system
Another thing that could be added, but probably should be done in a
separate PR, is the integration with the attachments system. Dragging in
a video should attach it, then generate the appropriate MarkDown/HTML.
Co-authored-by: Sybren <122987084+drsybren@users.noreply.github.com>
Backport #23220
When a change is pushed to the default branch and many pull requests are
open for that branch, conflict checking can take some time.
Previously it would go from oldest to newest pull request. Now
prioritize pull requests that are likely being actively worked on or
prepared for merging.
This only changes the order within one push to one repository, but the
change is trivial and can already be quite helpful for smaller Gitea
instances where a few repositories have most pull requests. A global
order would require deeper changes to queues.
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #22976
Extract from #11669 and enhancement to #22585 to support exclusive
scoped labels in label templates
* Move label template functionality to label module
* Fix handling of color codes
* Add Advanced label template
Co-authored-by: Lauris BH <lauris@nix.lv>
Backport #23219
When fetching remotes for conflict checking, skip unnecessary and
potentially slow writing of commit graphs.
In a test with the Blender repository, this reduces conflict checking
time for one pull request from about 2s to 0.1s.
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
Backport #23065
Using `touchstart` for `click` events is a black magic for mobile
browsers (Google: `fastclick`).
However, it causes many UX problems if the fastclick is used without
careful design.
Fomantic UI uses this fastclick for its `dimmer` and `dropdown`, it
makes mobile users feel strange when they "touch" the dropdown menu.
This PR uses a simple patch to fix that behavior. Then the Fomantic
dropdown only uses `click` for click events.
This PR is simple enough and won't cause hidden bugs even if the patch
doesn't work. In the future, if there are more patches for Fomantic UI,
the patches could be placed in a directory like
`web_src/fomantic/patches/001-fix-click-touchstart`, etc.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #23157
This arose out of #22451; it seems we are checking using non-global
settings to see if a config value is set, in order to decide whether to
call another global(-indeed) configuration command. This PR changes it
so that both the check and the set are for global configuration.
Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
Backport #23138Close#23137
The old code is too old (8-9 years ago)
Let's try to execute the git commands from git bin home directly.
The verb has been checked above, it could only be:
* git-upload-pack
* git-upload-archive
* git-receive-pack
* git-lfs-authenticate
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23162
The name of the job or step comes from the workflow file, while the name
of the runner comes from its registration. If the strings used for these
names are too long, they could cause db issues.
Co-authored-by: Jason Song <i@wolfogre.com>
Backport #23132
Unfortunately xorm's `builder.Select(...).From(...)` does not escape the
table names. This is mostly not a problem but is a problem with the
`user` table.
This PR simply escapes the user table. No other uses of `From("user")`
where found in the codebase so I think this should be all that is
needed.
Fix#23064
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Backport #23054
Partially fix#23050
After #22294 merged, it always has a warning log like `cannot get
context cache` when starting up. This should not affect any real life
but it's annoying. This PR will fix the problem. That means when
starting up, getting the system settings will not try from the cache but
will read from the database directly.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>