Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-25 11:16:11 +01:00
Commit graph

4907 commits

Author SHA1 Message Date
Solomon Victorino 8f53a69c2e fix: include last line in file previews with no trailing newline 2024-08-24 17:10:31 -06:00
Gusted 5dbacb70f4 Merge pull request 'Allow pushmirror to use publickey authentication' (#4819) from ironmagma/forgejo:publickey-auth-push-mirror into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4819
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-24 16:53:56 +00:00
Solomon Victorino 22f012a859 fix: improve PR/issue short link display text
- include subpaths
- don't append "(comment)" for unrelated hash/query strings
2024-08-22 15:49:05 -06:00
Shiny Nematoda d48b936126 fix: breaking changes with meili (#5073)
resolves breaking changes introduced in #5058

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5073
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-08-22 19:38:00 +00:00
Philip Peterson 03508b33a8
[FEAT] Allow pushmirror to use publickey authentication
- Continuation of https://github.com/go-gitea/gitea/pull/18835 (by
@Gusted, so it's fine to change copyright holder to Forgejo).
- Add the option to use SSH for push mirrors, this would allow for the
deploy keys feature to be used and not require tokens to be used which
cannot be limited to a specific repository. The private key is stored
encrypted (via the `keying` module) on the database and NEVER given to
the user, to avoid accidental exposure and misuse.
- CAVEAT: This does require the `ssh` binary to be present, which may
not be available in containerized environments, this could be solved by
adding a SSH client into forgejo itself and use the forgejo binary as
SSH command, but should be done in another PR.
- CAVEAT: Mirroring of LFS content is not supported, this would require
the previous stated problem to be solved due to LFS authentication (an
attempt was made at forgejo/forgejo#2544).
- Integration test added.
- Resolves #4416
2024-08-22 17:05:07 +02:00
Gusted e3243a9465 Merge pull request 'feat(ui): Add rel="nofollow" to in-list labels' (#5002) from xlii/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5002
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-21 19:54:59 +00:00
Gusted 12f97ef51f
[SEC] Add keying module
The keying modules tries to solve two problems, the lack of key
separation and the lack of AEAD being used for encryption. The currently
used `secrets` doesn't provide this and is hard to adjust to provide
this functionality.

For encryption, the additional data is now a parameter that can be used,
as the underlying primitive is an AEAD constructions. This allows for
context binding to happen and can be seen as defense-in-depth; it
ensures that if a value X is encrypted for context Y (e.g. ID=3,
Column="private_key") it will only decrypt if that context Y is also
given in the Decrypt function. This makes confused deputy attack harder
to exploit.[^1]

For key separation, HKDF is used to derives subkeys from some IKM, which
is the value of the `[service].SECRET_KEY` config setting. The context
for subkeys are hardcoded, any variable should be shuffled into the the
additional data parameter when encrypting.

[^1]: This is still possible, because the used AEAD construction is not
key-comitting. For Forgejo's current use-case this risk is negligible,
because the subkeys aren't known to a malicious user (which is required
for such attack), unless they also have access to the IKM (at which
point you can assume the whole system is compromised). See
https://scottarc.blog/2022/10/17/lucid-multi-key-deputies-require-commitment/
2024-08-21 16:06:17 +02:00
Earl Warren 0c70e11df8 Merge pull request 'git-grep: refactor defaults' (#4964) from yoctozepto/git-grep-refactor-defaults into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4964
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-08-19 13:12:37 +00:00
Radosław Piliszek f784260633 git-grep: refactor defaults
One method to set them all... or something like that.

The defaults for git-grep options were scattered over the run
function body. This change refactors them into a separate method.
The application of defaults is checked implicitly by existing
tests and linters, and the new approach makes it very easy
to inspect the desired defaults are set.
2024-08-19 14:28:01 +02:00
Earl Warren 51620ab0f3 Merge pull request 'Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v1.60.1 (forgejo)' (#4953) from renovate/forgejo-github.com-golangci-golangci-lint-cmd-golangci-lint-1.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4953
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-19 07:38:14 +00:00
TheFox0x7 f7bb75ce56
revert: accidental change 2024-08-18 16:36:06 +02:00
Gusted fe18428806
Fix linting issues 2024-08-18 16:25:13 +02:00
TheFox0x7 0813126058
test: add more workflow event coverage 2024-08-18 15:19:01 +02:00
TheFox0x7 8322882265
style: reenable switch check 2024-08-18 15:19:01 +02:00
Earl Warren fbb2252314 Merge pull request 'git-grep: fix for initial dashes in expressions' (#4967) from yoctozepto/git-grep-fix-words into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4967
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-08-17 07:07:40 +00:00
Otto da7f3ac6f5 Merge pull request '[BUG] Make logout event non-blocking' (#4938) from gusted/forgejo-non-blocking-logout into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4938
Reviewed-by: Otto <otto@codeberg.org>
2024-08-16 14:17:15 +00:00
Earl Warren 24eb401a0a Merge pull request 'Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access' (#4449) from marcellmars/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4449
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-16 12:38:15 +00:00
Chl 3fab07e0bc
follow up on #2367: rel="nofollow" on in-list labels
The forgejo/forgejo#2367 pull requests added rel="nofollow" on filters in the
menu, this commit adds it on the labels in the listing and a few other places.
2024-08-15 21:56:26 +02:00
Otto d26ad8dbe5 Merge pull request 'git-grep: set timeout to 2s by default and allow configuring it' (#4966) from yoctozepto/git-grep-timeout into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4966
Reviewed-by: Otto <otto@codeberg.org>
2024-08-15 12:15:16 +00:00
Radosław Piliszek 824dd6bc5d git-grep: set timeout to 2s by default and allow configuring it
We need to shorten the timeout to bound effectively for
computation size. This protects against "too big" repos.
This also protects to some extent against too long lines
if kept to very low values (basically so that grep cannot run out
of memory beforehand).

Docs-PR: forgejo/docs#812
2024-08-14 07:55:05 +02:00
Earl Warren 03b9d50c67
fix: enable LOG_COMPRESSION by default
Refs: https://codeberg.org/forgejo/forgejo/pulls/4924#issuecomment-2165839
2024-08-13 09:05:50 +02:00
Jason Song 83565de2c0
Fix IsObjectExist with gogit (#31790) (tests only)
Fix #31271.

When gogit is enabled, `IsObjectExist` calls
`repo.gogitRepo.ResolveRevision`, which is not correct. It's for
checking references not objects, it could work with commit hash since
it's both a valid reference and a commit object, but it doesn't work
with blob objects.

So it causes #31271 because it reports that all blob objects do not
exist.

(cherry picked from commit f4d3120f9d1de6a260a5e625b3ffa6b35a069e9b)

Conflicts:
  trivial resolution because go-git support was dropped https://codeberg.org/forgejo/forgejo/pulls/4941
2024-08-13 09:05:43 +02:00
Jason Song a627b885c7
Support compression for Actions logs (#31761)
Support compression for Actions logs to save storage space and
bandwidth. Inspired by
https://github.com/go-gitea/gitea/issues/24256#issuecomment-1521153015

The biggest challenge is that the compression format should support
[seekable](https://github.com/facebook/zstd/blob/dev/contrib/seekable_format/zstd_seekable_compression_format.md).
So when users are viewing a part of the log lines, Gitea doesn't need to
download the whole compressed file and decompress it.

That means gzip cannot help here. And I did research, there aren't too
many choices, like bgzip and xz, but I think zstd is the most popular
one. It has an implementation in Golang with
[zstd](https://github.com/klauspost/compress/tree/master/zstd) and
[zstd-seekable-format-go](https://github.com/SaveTheRbtz/zstd-seekable-format-go),
and what is better is that it has good compatibility: a seekable format
zstd file can be read by a regular zstd reader.

This PR introduces a new package `zstd` to combine and wrap the two
packages, to provide a unified and easy-to-use API.

And a new setting `LOG_COMPRESSION` is added to the config, although I
don't see any reason why not to use compression, I think's it's a good
idea to keep the default with `none` to be consistent with old versions.

`LOG_COMPRESSION` takes effect for only new log files, it adds `.zst` as
an extension to the file name, so Gitea can determine if it needs
decompression according to the file name when reading. Old files will
keep the format since it's not worth converting them, as they will be
cleared after #31735.

<img width="541" alt="image"
src="https://github.com/user-attachments/assets/e9598764-a4e0-4b68-8c2b-f769265183c9">

(cherry picked from commit 33cc5837a655ad544b936d4d040ca36d74092588)

Conflicts:
	assets/go-licenses.json
	go.mod
	go.sum
  resolved with make tidy
2024-08-13 06:51:49 +02:00
Edip Emre Bodur 8b6747173a
Fix null requested_reviewer from API (#31773)
If the assign the pull request review to a team, it did not show the
members of the team in the "requested_reviewers" field, so the field was
null. As a solution, I added the team members to the array.

fix #31764

(cherry picked from commit 94cca8846e7d62c8a295d70c8199d706dfa60e5c)
2024-08-13 06:51:49 +02:00
Radosław Piliszek f4d86b4ab0 git-grep: fix for initial dashes in expressions
There is no reason to reject initial dashes in git-grep
expressions... other than the code not supporting it previously.
A new method is introduced to relax the security checks.
2024-08-12 22:12:47 +02:00
Gusted 9c5c08859d
[BUG] Make logout event non-blocking
- When people click on the logout button, a event is sent to all
browser tabs (actually to a shared worker) to notify them of this
logout. This is done in a blocking fashion, to ensure every registered
channel (which realistically should be one for every user because of the
shared worker) for a user receives this message. While doing this, it
locks the mutex for the eventsource module.
- Codeberg is currently observing a deadlock that's caused by this
blocking behavior, a channel isn't receiving the logout event. We
currently don't have a good theory of why this is being caused. This in
turn is causing that the logout functionality is no longer working and
people no longer receive notifications, unless they refresh the page.
- This patchs makes this message non-blocking and thus making it
consistent with the other messages. We don't see a good reason why this
specific event needs to be blocking and the commit introducing it
doesn't offer a rationale either.
2024-08-12 19:13:23 +02:00
Gusted a21128a734
[CHORE] Drop go-git support
See https://codeberg.org/forgejo/discussions/issues/164 for the
rationale and discussion of this change.

Everything related to the `go-git` dependency is dropped (Only a single
instance is left in a test file to test for an XSS, it requires crafting
an commit that Git itself refuses to craft). `_gogit` files have
been removed entirely, `go:build: !gogit` is removed, `XXX_nogogit.go` files
either have been renamed or had their code being merged into the
`XXX.go` file.
2024-08-12 19:11:09 +02:00
Otto 4132b18e59 Merge pull request 'git-grep: ensure bounded default for MatchesPerFile' (#4928) from yoctozepto/forgejo:git-grep-limit-matches-per-file into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4928
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-08-12 14:37:43 +00:00
Radosław Piliszek f4a7bf6d2a git-grep: skip binary files
It is a waste of resources to scan them looking for matches
because they are never returned back - they appear as empty
lines in the current format.

Notably, even if they were returned, it is unlikely that matching
in binary files makes sense when the goal is "code search".
2024-08-11 19:10:23 +02:00
Radosław Piliszek 2fbb51ceb2 git-grep: ensure bounded default for MatchesPerFile
Analogously to how it happens for MaxResultLimit.

The default of 20 is inspired by a well-known, commercial code
hosting platform.

Unbounded limits are risky because they expose Forgejo to a class
of DoS attacks where queries are crafted to take advantage of
missing bounds.
2024-08-11 14:59:46 +02:00
Exploding Dragon 87d50eca87 feat: support grouping by any path for arch package (#4903)
Previous arch package grouping was not well-suited for complex or multi-architecture environments. It now supports the following content:

- Support grouping by any path.
- New support for packages in `xz` format.
- Fix clean up rules

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4903): <!--number 4903 --><!--line 0 --><!--description c3VwcG9ydCBncm91cGluZyBieSBhbnkgcGF0aCBmb3IgYXJjaCBwYWNrYWdl-->support grouping by any path for arch package<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4903
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-08-11 10:35:11 +00:00
Radosław Piliszek 7dd7cc7ebc git-grep: update comment
It was outdated and missing detail.
2024-08-10 16:41:12 +02:00
Gusted 851d567776
[CHORE] Fix swagger deprecation message
- Fix "WARNING: item list for enum is not a valid JSON array, using the
old deprecated format" messages from
https://github.com/go-swagger/go-swagger in the CI.
2024-08-10 01:21:13 +02:00
Gusted ac8856ac2b
[CHORE] Fix darwin compatibility
- Always convert (syscall.Stat_t).Dev to uint64.
- Resolves #4905
2024-08-09 17:44:41 +02:00
Marcell Mars 4eb8d8c496 OAuth2 provider: support for granular scopes
- `CheckOAuthAccessToken` returns both user ID and additional scopes
- `grantAdditionalScopes` returns AccessTokenScope ready string (grantScopes)
   compiled from requested additional scopes by the client
- `userIDFromToken` sets returned grantScopes (if any) instead of default `all`
2024-08-09 14:58:15 +02:00
Ivan Shapovalov 012a1e0497 log: journald integration (#2869)
Provide a bit more journald integration. Specifically:

- support emission of printk-style log level prefixes, documented in [`sd-daemon`(3)](https://man7.org/linux/man-pages/man3/sd-daemon.3.html#DESCRIPTION), that allow journald to automatically annotate stderr log lines with their level;
- add a new "journaldflags" item that is supposed to be used in place of "stdflags" when under journald to reduce log clutter (i. e. strip date/time info to avoid duplication, and use log level prefixes instead of textual log levels);
- detect whether stderr and/or stdout are attached to journald by parsing `$JOURNAL_STREAM` environment variable and adjust console logger defaults accordingly.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/2869): <!--number 2869 --><!--line 0 --><!--description bG9nOiBqb3VybmFsZCBpbnRlZ3JhdGlvbg==-->log: journald integration<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2869
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Ivan Shapovalov <intelfx@intelfx.name>
Co-committed-by: Ivan Shapovalov <intelfx@intelfx.name>
2024-08-09 07:49:13 +00:00
Gusted bb448f3dc2
disallow javascript: URI in the repository description
- Fixes an XSS that was introduced in
https://codeberg.org/forgejo/forgejo/pulls/1433
- This XSS allows for `href`s in anchor elements to be set to a
`javascript:` uri in the repository description, which would upon
clicking (and not upon loading) the anchor element execute the specified
javascript in that uri.
- [`AllowStandardURLs`](https://pkg.go.dev/github.com/microcosm-cc/bluemonday#Policy.AllowStandardURLs) is now called for the repository description
policy, which ensures that URIs in anchor elements are `mailto:`,
`http://` or `https://` and thereby disallowing the `javascript:` URI.
It also now allows non-relative links and sets `rel="nofollow"` on
anchor elements.
- Unit test added.
2024-08-09 07:04:01 +02:00
Yaroslav Halchenko 5ae2dbcb14 Adjust codespell config + make it fix few typos which sneaked in since addition of codespell support (#4857)
Now that my colleague just posted a wonderful blog post https://blog.datalad.org/posts/forgejo-runner-podman-deployment/ on forgejo runner, some time I will try to add that damn codespell action to work on CI here ;)  meanwhile some typos managed to sneak in and this PR should address them (one change might be functional in a test -- not sure if would cause a fail or not)

### Release notes

- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4857
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Yaroslav Halchenko <debian@onerussian.com>
Co-committed-by: Yaroslav Halchenko <debian@onerussian.com>
2024-08-08 16:07:35 +00:00
Shivaram Lingamneni 878c236f49 cherry-pick OIDC changes from gitea (#4724)
These are the three conflicted changes from #4716:

* https://github.com/go-gitea/gitea/pull/31632
* https://github.com/go-gitea/gitea/pull/31688
* https://github.com/go-gitea/gitea/pull/31706

cc @earl-warren; as per discussion on https://github.com/go-gitea/gitea/pull/31632 this involves a small compatibility break (OIDC introspection requests now require a valid client ID and secret, instead of a valid OIDC token)

## Checklist

The [developer guide](https://forgejo.org/docs/next/developer/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Breaking features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4724): <!--number 4724 --><!--line 0 --><!--description T0lEQyBpbnRlZ3JhdGlvbnMgdGhhdCBQT1NUIHRvIGAvbG9naW4vb2F1dGgvaW50cm9zcGVjdGAgd2l0aG91dCBzZW5kaW5nIEhUVFAgYmFzaWMgYXV0aGVudGljYXRpb24gd2lsbCBub3cgZmFpbCB3aXRoIGEgNDAxIEhUVFAgVW5hdXRob3JpemVkIGVycm9yLiBUbyBmaXggdGhlIGVycm9yLCB0aGUgY2xpZW50IG11c3QgYmVnaW4gc2VuZGluZyBIVFRQIGJhc2ljIGF1dGhlbnRpY2F0aW9uIHdpdGggYSB2YWxpZCBjbGllbnQgSUQgYW5kIHNlY3JldC4gVGhpcyBlbmRwb2ludCB3YXMgcHJldmlvdXNseSBhdXRoZW50aWNhdGVkIHZpYSB0aGUgaW50cm9zcGVjdGlvbiB0b2tlbiBpdHNlbGYsIHdoaWNoIGlzIGxlc3Mgc2VjdXJlLg==-->OIDC integrations that POST to `/login/oauth/introspect` without sending HTTP basic authentication will now fail with a 401 HTTP Unauthorized error. To fix the error, the client must begin sending HTTP basic authentication with a valid client ID and secret. This endpoint was previously authenticated via the introspection token itself, which is less secure.<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4724
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Co-committed-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
2024-08-08 06:32:14 +00:00
TheFox0x7 2e2a044493
Revert "Open telemetry integration (#3972)"
This reverts commit c738542201.
2024-08-07 11:22:43 +02:00
Aravinth Manivannan f9cbea3d6b feat: access ActivityPub client through interfaces to facilitate mocking in unit tests (#4853)
Was facing issues while writing unit tests for federation code. Mocks weren't catching all network calls, because was being out of scope of the mocking infra. Plus, I think we can have more granular tests.

This PR puts the client behind an interface, that can be retrieved from `ctx`. Context doesn't require initialization, as it defaults to the implementation available in-tree. It may be overridden when required (like testing).

## Mechanism

1. Get client factory from `ctx` (factory contains network and crypto parameters that are needed)
2. Initialize client with sender's keys and the receiver's public key
3. Use client as before.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4853
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
2024-08-07 05:45:24 +00:00
Gusted 05e163aaf3
[BUG] Render references to cross-repo issues with external issues
- If you have the external issue setting enabled, any reference would
have been rendered as an external issue, however this shouldn't be
happening to references that refer to issues in other repositories.
- Unit test added.
2024-08-07 03:19:26 +02:00
Shiny Nematoda 06d2e90fa4 feat: highlighted code search results (#4749)
closes #4534

<details>
<summary>Screenshots</summary>

![](https://codeberg.org/attachments/0ab8a7b0-6485-46dc-a730-c016abb1f287)
</details>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4749
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-08-06 05:57:25 +00:00
Earl Warren 517637137c Merge pull request '[gitea] week 2024-32 cherry pick (gitea/main -> forgejo)' (#4801) from earl-warren/wcp/2024-32 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4801
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-06 05:47:20 +00:00
Earl Warren 6e98a57096 Merge pull request 'Implement an instance-wide activitypub actor' (#4811) from algernon/forgejo:to-be-or-not-to-be into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4811
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-05 14:23:02 +00:00
TheFox0x7 c738542201 Open telemetry integration (#3972)
This PR adds opentelemetry and chi wrapper to have basic instrumentation

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3972): <!--number 3972 --><!--line 0 --><!--description YWRkIHN1cHBvcnQgZm9yIGJhc2ljIHJlcXVlc3QgdHJhY2luZyB3aXRoIG9wZW50ZWxlbWV0cnk=-->add support for basic request tracing with opentelemetry<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3972
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2024-08-05 06:04:39 +00:00
Gergely Nagy cd17eb0fa7
activitypub: Sign the Host header too
Mastodon with `AUTHORIZED_FETCH` enabled requires the `Host` header to
be signed too, add it to the default for `setting.Federation.GetHeaders`
and `setting.Federation.PostHeaders`.

For this to work, we need to sign the request later: not immediately
after `NewRequest`, but just before sending them out with `client.Do`.
Doing so also lets us use `setting.Federation.GetHeaders` (we were using
`.PostHeaders` even for GET requests before).

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-04 23:57:48 +02:00
Jason Song 0c40cff9a4
Clear up old Actions logs (#31735)
Part of #24256.

Clear up old action logs to free up storage space.

Users will see a message indicating that the log has been cleared if
they view old tasks.

<img width="1361" alt="image"
src="https://github.com/user-attachments/assets/9f0f3a3a-bc5a-402f-90ca-49282d196c22">

Docs: https://gitea.com/gitea/docs/pulls/40

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 687c1182482ad9443a5911c068b317a91c91d586)

Conflicts:
	custom/conf/app.example.ini
	routers/web/repo/actions/view.go
  trivial context conflict
2024-08-04 18:24:10 +02:00
Jason Song f6b1407e4c
Add permission description for API to add repo collaborator (#31744)
Fix #31552.

(cherry picked from commit 333c9ed8cab961b6dd58b04edc47a57dc4d6dbab)
2024-08-04 18:24:10 +02:00
Jason Song 2302cf63c8
Distinguish LFS object errors to ignore missing objects during migration (#31702)
Fix #31137.

Replace #31623 #31697.

When migrating LFS objects, if there's any object that failed (like some
objects are losted, which is not really critical), Gitea will stop
migrating LFS immediately but treat the migration as successful.

This PR checks the error according to the [LFS api
doc](https://github.com/git-lfs/git-lfs/blob/main/docs/api/batch.md#successful-responses).

> LFS object error codes should match HTTP status codes where possible:
>
> - 404 - The object does not exist on the server.
> - 409 - The specified hash algorithm disagrees with the server's
acceptable options.
> - 410 - The object was removed by the owner.
> - 422 - Validation error.

If the error is `404`, it's safe to ignore it and continue migration.
Otherwise, stop the migration and mark it as failed to ensure data
integrity of LFS objects.

And maybe we should also ignore others errors (maybe `410`? I'm not sure
what's the difference between "does not exist" and "removed by the
owner".), we can add it later when some users report that they have
failed to migrate LFS because of an error which should be ignored.

(cherry picked from commit 09b56fc0690317891829906d45c1d645794c63d5)
2024-08-04 18:24:10 +02:00
Exploding Dragon f17194ca91 Arch packages implementation (#4785)
This PR is from https://github.com/go-gitea/gitea/pull/31037

This PR was originally created by @d1nch8g , and the original source code comes from https://ion.lc/core/gitea.

This PR adds a package registry for [Arch Linux](https://archlinux.org/) packages with support for package files, [signatures](https://wiki.archlinux.org/title/Pacman/Package_signing), and automatic [pacman-database](https://archlinux.org/pacman/repo-add.8.html) management.

Features:

1. Push any ` tar.zst ` package and Gitea sign it.
2. Delete endpoint for specific package version and all related files
3. Supports trust levels with `SigLevel = Required`.
4. Package UI with instructions to connect to the new pacman database and visualised package metadata

![](/attachments/810ca6df-bd20-44c2-bdf7-95e94886d750)

You can follow [this tutorial](https://wiki.archlinux.org/title/Creating_packages) to build a *.pkg.tar.zst package for testing

docs pr: https://codeberg.org/forgejo/docs/pulls/791

Co-authored-by: d1nch8g@ion.lc
Co-authored-by: @KN4CK3R
Co-authored-by: @mahlzahn
Co-authored-by: @silverwind
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4785
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-08-04 06:16:29 +00:00
Gergely Nagy e1fe3bbdc0
feat(quota): Humble beginnings of a quota engine
This is an implementation of a quota engine, and the API routes to
manage its settings. This does *not* contain any enforcement code: this
is just the bedrock, the engine itself.

The goal of the engine is to be flexible and future proof: to be nimble
enough to build on it further, without having to rewrite large parts of
it.

It might feel a little more complicated than necessary, because the goal
was to be able to support scenarios only very few Forgejo instances
need, scenarios the vast majority of mostly smaller instances simply do
not care about. The goal is to support both big and small, and for that,
we need a solid, flexible foundation.

There are thee big parts to the engine: counting quota use, setting
limits, and evaluating whether the usage is within the limits. Sounds
simple on paper, less so in practice!

Quota counting
==============

Quota is counted based on repo ownership, whenever possible, because
repo owners are in ultimate control over the resources they use: they
can delete repos, attachments, everything, even if they don't *own*
those themselves. They can clean up, and will always have the permission
and access required to do so. Would we count quota based on the owning
user, that could lead to situations where a user is unable to free up
space, because they uploaded a big attachment to a repo that has been
taken private since. It's both more fair, and much safer to count quota
against repo owners.

This means that if user A uploads an attachment to an issue opened
against organization O, that will count towards the quota of
organization O, rather than user A.

One's quota usage stats can be queried using the `/user/quota` API
endpoint. To figure out what's eating into it, the
`/user/repos?order_by=size`, `/user/quota/attachments`,
`/user/quota/artifacts`, and `/user/quota/packages` endpoints should be
consulted. There's also `/user/quota/check?subject=<...>` to check
whether the signed-in user is within a particular quota limit.

Quotas are counted based on sizes stored in the database.

Setting quota limits
====================

There are different "subjects" one can limit usage for. At this time,
only size-based limits are implemented, which are:

- `size:all`: As the name would imply, the total size of everything
  Forgejo tracks.
- `size:repos:all`: The total size of all repositories (not including
  LFS).
- `size:repos:public`: The total size of all public repositories (not
  including LFS).
- `size:repos:private`: The total size of all private repositories (not
  including LFS).
- `size:git:all`: The total size of all git data (including all
  repositories, and LFS).
- `size:git:lfs`: The size of all git LFS data (either in private or
  public repos).
- `size:assets:all`: The size of all assets tracked by Forgejo.
- `size:assets:attachments:all`: The size of all kinds of attachments
  tracked by Forgejo.
- `size:assets:attachments:issues`: Size of all attachments attached to
  issues, including issue comments.
- `size:assets:attachments:releases`: Size of all attachments attached
  to releases. This does *not* include automatically generated archives.
- `size:assets:artifacts`: Size of all Action artifacts.
- `size:assets:packages:all`: Size of all Packages.
- `size:wiki`: Wiki size

Wiki size is currently not tracked, and the engine will always deem it
within quota.

These subjects are built into Rules, which set a limit on *all* subjects
within a rule. Thus, we can create a rule that says: "1Gb limit on all
release assets, all packages, and git LFS, combined". For a rule to
stand, the total sum of all subjects must be below the rule's limit.

Rules are in turn collected into groups. A group is just a name, and a
list of rules. For a group to stand, all of its rules must stand. Thus,
if we have a group with two rules, one that sets a combined 1Gb limit on
release assets, all packages, and git LFS, and another rule that sets a
256Mb limit on packages, if the user has 512Mb of packages, the group
will not stand, because the second rule deems it over quota. Similarly,
if the user has only 128Mb of packages, but 900Mb of release assets, the
group will not stand, because the combined size of packages and release
assets is over the 1Gb limit of the first rule.

Groups themselves are collected into Group Lists. A group list stands
when *any* of the groups within stand. This allows an administrator to
set conservative defaults, but then place select users into additional
groups that increase some aspect of their limits.

To top it off, it is possible to set the default quota groups a user
belongs to in `app.ini`. If there's no explicit assignment, the engine
will use the default groups. This makes it possible to avoid having to
assign each and every user a list of quota groups, and only those need
to be explicitly assigned who need a different set of groups than the
defaults.

If a user has any quota groups assigned to them, the default list will
not be considered for them.

The management APIs
===================

This commit contains the engine itself, its unit tests, and the quota
management APIs. It does not contain any enforcement.

The APIs are documented in-code, and in the swagger docs, and the
integration tests can serve as an example on how to use them.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
Exploding Dragon 471265c4e0 Add signature support for the RPM module (#4780)
This pull request comes from https://github.com/go-gitea/gitea/pull/27069.

If the rpm package does not contain a matching gpg signature, the installation will fail. See ([gitea/gitea#27031](https://github.com/go-gitea/gitea/issues/27031)) , now auto-signing all new rpm uploads.

This option is turned off by default for compatibility.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4780): <!--number 4780 --><!--line 0 --><!--description QWRkIHNpZ25hdHVyZSBzdXBwb3J0IGZvciB0aGUgUlBNIG1vZHVsZQ==-->Add signature support for the RPM module<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4780
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-08-02 05:56:57 +00:00
0ko ca5a5bf120 feat: allow color and background-color style properties for table cells (#4766)
* Allow adding text color and background color to HTML table headers and cells in markdown.
* Added a few test cases.

Preview and example: https://codeberg.org/attachments/98634f30-4fa2-4a76-adb3-6086af73744f

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4766
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-31 18:48:46 +00:00
TheFox0x7 4de909747b Add testifylint to lint checks (#4535)
go-require lint is ignored for now

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4535
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2024-07-30 19:41:10 +00:00
Earl Warren 94933470cd Merge pull request 'Implement external release assets' (#1445) from maltejur/forgejo:forgejo-external-attachments into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1445
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-30 15:50:57 +00:00
Malte Jürgens a61e7c7a39
Implement external assets 2024-07-29 20:35:55 +02:00
Kemal Zebari f61873c7e4
Properly filter issue list given no assignees filter (#31522)
Quick fix #31520. This issue is related to #31337.

(cherry picked from commit c0b5a843badf7afa1f1aeb8f41cac87806ee188e)
2024-07-28 07:24:21 +02:00
Earl Warren 14d079a1eb Merge pull request '[FEAT] Enable INVALIDATE_REFRESH_TOKENS' (#4633) from gusted/sec-oauth into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4633
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-23 20:45:22 +00:00
Earl Warren ded237ee77 Merge pull request '[gitea] week 2024-30 cherry pick (gitea/main -> forgejo)' (#4607) from algernon/wcp/2024-30 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4607
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-23 16:01:28 +00:00
Gusted 89b1723d35
[FEAT] Enable INVALIDATE_REFRESH_TOKENS
- It's possible to detect if refresh tokens are used more than once, if
it's used more than it's a indication of a replay attack and it should
invalidate the associated access token. This behavior is controlled by
the `INVALIDATE_REFRESH_TOKENS` setting.
- Altough in a normal scenario where TLS is being used, it should be
very hard to get to situation where replay attacks are being used, but
this is better safe than sorry.
- Enable `INVALIDATE_REFRESH_TOKENS` by default.
2024-07-22 20:45:13 +02:00
0ko de24846309 Merge pull request 'Allow .webp attachments by default' (#4605) from 0ko/forgejo:webp into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4605
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-22 15:34:32 +00:00
0ko e819c1622e i18n: restore Malayalam and Serbian files, remove ml-IN from the language selector (#4576)
* Closes https://codeberg.org/forgejo/forgejo/issues/4563
* A followup to my 2024-February investigation in the Localization room

* Restore Malayalam and Serbian locales that were deleted in 067b0c2664 and f91092453e. Bulgarian was also deleted, but we already have better Bulgarian translation.
* Remove ml-IN from the language selector. It was not usable for 1.5 years, has ~18% completion and was not maintained in those ~1.5 years. It could also have placeholder bugs due to refactors.

Restoring files gives the translators a base to work with and makes the project advertised on Weblate homepage for logged in users in the Suggestions tab. Unlike Gitea, we store our current translations directly in the repo and not on a separate platform, so it makes sense to add these files back.
Removing selector entry avoids bugs and user confusion. I will make a followup for the documentation.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4576
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-22 14:08:15 +00:00
6543 004cc6dc0a
Add option to change mail from user display name (#31528)
Make it posible to let mails show e.g.:

`Max Musternam (via gitea.kithara.com) <gitea@kithara.com>`

Docs: https://gitea.com/gitea/docs/pulls/23

---
*Sponsored by Kithara Software GmbH*

(cherry picked from commit 0f533241829d0d48aa16a91e7dc0614fe50bc317)

Conflicts:
	- services/mailer/mail_release.go
	  services/mailer/mail_test.go

	  In both cases, applied the changes manually.
2024-07-22 15:44:13 +02:00
6543 d0227c236a
Issue Templates: add option to have dropdown printed list (#31577)
Issue template dropdown can have many entries, and it could be better to
have them rendered as list later on if multi-select is enabled.

so this adds an option to the issue template engine to do so.

DOCS: https://gitea.com/gitea/docs/pulls/19

---

## demo:

```yaml
name: Name
title: Title
about: About
labels: ["label1", "label2"]
ref: Ref
body:
  - type: dropdown
    id: id6
    attributes:
      label: Label of dropdown (list)
      description: Description of dropdown
      multiple: true
      list: true
      options:
        - Option 1 of dropdown
        - Option 2 of dropdown
        - Option 3 of dropdown
        - Option 4 of dropdown
        - Option 5 of dropdown
        - Option 6 of dropdown
        - Option 7 of dropdown
        - Option 8 of dropdown
        - Option 9 of dropdown
```

![image](https://github.com/user-attachments/assets/102ed0f4-89da-420b-ab2a-1788b59676f9)

![image](https://github.com/user-attachments/assets/a2bdb14e-43ff-4cc6-9bbe-20244830453c)

---
*Sponsored by Kithara Software GmbH*

(cherry picked from commit 1064e817c4a6fa6eb5170143150505503c4ef6ed)
2024-07-22 15:44:13 +02:00
0ko 78a0ca1c9d feat: allow .webp attachments by default 2024-07-21 13:01:08 +05:00
Gusted efd63ec1d8
[BUG] Don't panic on empty blockquote
- On a empty blockquote the callout feature would panic, as it expects
to always have at least one child.
- This panic cannot result in a DoS, because any panic that happens
while rendering any markdown input will be recovered gracefully.
- Adds a simple condition to avoid this panic.
2024-07-21 01:10:20 +02:00
TheFox0x7 3fca6c0bf5
test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
Earl Warren 8901fac2bf
Revert "update redis mock"
This reverts commit dd9f885293.
2024-07-17 06:36:36 +02:00
Gusted 45401e044f
[CHORE] Update jsonschema library to v6
- Update the `github.com/santhosh-tekuri/jsonschema` library from v5 to
v6.
- Update the migration loader function to a type, which is now required
in V6.
- `github.com/santhosh-tekuri/jsonschema/v6` was already used by gof3,
so removing the v5 library and using the v6 library reduces the binary
size of Forgejo.
  - Before: 95912040 bytes
  - After: 95706152 bytes
2024-07-15 17:20:50 +02:00
Victoria Nadasdi dd9f885293
update redis mock
Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
2024-07-13 11:11:45 +02:00
Earl Warren 4f6c823ae7 Merge pull request '[gitea] week 2024-28 cherry pick (gitea/main -> forgejo)' (#4391) from earl-warren/wcp/2024-28 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4391
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-09 05:37:52 +00:00
Brecht Van Lommel 33f9fb8150
Fix slow patch checking with commits that add or remove many files (#31548)
Running git update-index for every individual file is slow, so add and
remove everything with a single git command.

When such a big commit lands in the default branch, it could cause PR
creation and patch checking for all open PRs to be slow, or time out
entirely. For example, a commit that removes 1383 files was measured to
take more than 60 seconds and timed out. With this change checking took
about a second.

This is related to #27967, though this will not help with commits that
change many lines in few files.

(cherry picked from commit b88e5fc72d99e9d4a0aa9c13f70e0a9e967fe057)
2024-07-07 07:33:01 +02:00
charles f92591b825
Fix markdown preview $$ support (#31514)
close #31481

currently `$$A + B$$ test` will ignore text after $$ block

test text

![圖片](https://github.com/go-gitea/gitea/assets/30816317/39b2974b-c0b6-48a0-87d0-5f4a13615eed)

before fix

![圖片](https://github.com/go-gitea/gitea/assets/30816317/15469e4c-474d-4128-b46f-d6cadaafbd68)

after fix

![圖片](https://github.com/go-gitea/gitea/assets/30816317/c1025eef-177f-4ade-988f-510e7039f3f9)

github display

![圖片](https://github.com/go-gitea/gitea/assets/30816317/97cd1e10-ac94-4899-86d8-8e359ef1d694)

(cherry picked from commit f0033051d5ce07f5a18d2aacef6bfdca5fc69014)
2024-07-07 07:29:49 +02:00
Gusted cf8f26d616
[CHORE] Remove github.com/yuin/goldmark-meta
- Remove a unused dependency. This dependency was added to handle YAML
'frontmatter' meta, parsing them and converting them to a table or
details in the resulting HTML. As can be read in the issue that reported
the behavior of YAML frontmatter being rendered literally,
https://github.com/go-gitea/gitea/issues/5377.
- It's an unused dependency as the codebase since then moved on to do this YAML
parsing and rendering on their own, this was implemented in
812cfd0ad9.
- Adds unit tests that was related to this functionality, to proof the
codebase already handles this and to prevent regressions.
2024-07-07 03:18:13 +02:00
Gusted 3eb178db49
[CHORE] Update terminal-to-html dependency
- Update the `github.com/buildkite/terminal-to-html/v3` dependency from
version v3.10.1 to v3.13.0.
- Version v3.12.0 introduced an incompatible change, the return type of
`AsHTML` changed from `[]byte` to `string`. That same version also
introduced streaming mode
https://github.com/buildkite/terminal-to-html/pull/126, which allows us
to avoid reading the whole input into memory.
- Closes #4313
2024-07-04 23:41:17 +02:00
Earl Warren 11596374ba
test: remove performance sensitive test
A test must not fail depending on the performance of the machine it
runs on. It creates false negative and serves no purpose. These are
not benchmark tests for the hardware running them.
2024-07-04 07:03:54 +02:00
Twenty Panda 5561e80b04 fix(hook): ignore unknown push options instead of failing
If a repository has

git config --add push.pushOption submit=".sourcehut/*.yml"

it failed when pushed because of the unknown submit push
option. It will be ignored instead.

Filtering out the push options is done in an earlier stage, when the
hook command runs, before it submits the options map to the private
endpoint.

* move all the push options logic to modules/git/pushoptions
* add 100% test coverage for modules/git/pushoptions

Test coverage for the code paths from which code was moved to the
modules/git/pushoptions package:

* cmd/hook.go:runHookPreReceive
* routers/private/hook_pre_receive.go:validatePushOptions
  tests/integration/git_push_test.go:TestOptionsGitPush runs through
  both. The test verifying the option is rejected was removed and, if
  added again, will fail because the option is now ignored instead of
  being rejected.

* cmd/hook.go:runHookProcReceive
* services/agit/agit.go:ProcReceive
  tests/integration/git_test.go: doCreateAgitFlowPull runs through
  both. It uses variations of AGit related push options.

* cmd/hook.go:runHookPostReceive
* routers/private/hook_post_receive.go:HookPostReceive
  tests/integration/git_test.go:doPushCreate called by TestGit/HTTP/sha1/PushCreate
  runs through both.
  Note that although it provides coverage for this code path it does not use push options.

Fixes: https://codeberg.org/forgejo/forgejo/issues/3651
2024-07-02 21:39:01 +02:00
Earl Warren c7bb90bc6b Merge pull request '[gitea] week 2024-27 cherry pick (gitea/main -> forgejo)' (#4266) from earl-warren/wcp/2024-27 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4266
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-02 08:29:04 +00:00
Mai-Lapyst 9b225b56a9
Fixes git references wrongly transmitted to the action run 2024-06-30 06:17:40 +02:00
Royce Remer 45181ee945
Support legacy _links LFS batch responses (#31513)
Support legacy _links LFS batch response.

Fixes #31512.

This is backwards-compatible change to the LFS client so that, upon
mirroring from an upstream which has a batch api, it can download
objects whether the responses contain the `_links` field or its
successor the `actions` field. When Gitea must fallback to the legacy
`_links` field a logline is emitted at INFO level which looks like this:
```
...s/lfs/http_client.go:188:performOperation() [I] <LFSPointer ee95d0a27ccdfc7c12516d4f80dcf144a5eaf10d0461d282a7206390635cdbee:160> is using a deprecated batch schema response!
```

I've only run `test-backend` with this code, but added a new test to
cover this case. Additionally I have a fork with this change deployed
which I've confirmed syncs LFS from Gitea<-Artifactory (which has legacy
`_links`) as well as from Gitea<-Gitea (which has the modern `actions`).

Signed-off-by: Royce Remer <royceremer@gmail.com>
(cherry picked from commit df805d6ed0458dbec258d115238fde794ed4d0ce)
2024-06-29 07:56:18 +02:00
Mai-Lapyst 51735c415b Add support for workflow_dispatch (#3334)
Closes #2797

I'm aware of https://github.com/go-gitea/gitea/pull/28163 exists, but since I had it laying around on my drive and collecting dust, I might as well open a PR for it if anyone wants the feature a bit sooner than waiting for upstream to release it or to be a forgejo "native" implementation.

This PR Contains:
- Support for the `workflow_dispatch` trigger
- Inputs: boolean, string, number, choice

Things still to be done:
- [x] API Endpoint `/api/v1/<org>/<repo>/actions/workflows/<workflow id>/dispatches`
- ~~Fixing some UI bugs I had no time figuring out, like why dropdown/choice inputs's menu's behave weirdly~~ Unrelated visual bug with dropdowns inside dropdowns
- [x] Fix bug where opening the branch selection submits the form
- [x] Limit on inputs to render/process

Things not in this PR:
- Inputs: environment (First need support for environments in forgejo)

Things needed to test this:
- A patch for https://code.forgejo.org/forgejo/runner to actually consider the inputs inside the workflow.
  ~~One possible patch can be seen here: https://code.forgejo.org/Mai-Lapyst/runner/src/branch/support-workflow-inputs~~
  [PR](https://code.forgejo.org/forgejo/runner/pulls/199)

![image](/attachments/2db50c9e-898f-41cb-b698-43edeefd2573)

## Testing

- Checkout PR
- Setup new development runner with [this PR](https://code.forgejo.org/forgejo/runner/pulls/199)
- Create a repo with a workflow (see below)
- Go to the actions tab, select the workflow and see the notice as in the screenshot above
- Use the button + dropdown to run the workflow
  - Try also running it via the api using the `` endpoint
- ...
- Profit!

<details>
<summary>Example workflow</summary>

```yaml
on:
  workflow_dispatch:
    inputs:
      logLevel:
        description: 'Log Level'
        required: true
        default: 'warning'
        type: choice
        options:
        - info
        - warning
        - debug
      tags:
        description: 'Test scenario tags'
        required: false
        type: boolean
      boolean_default_true:
        description: 'Test scenario tags'
        required: true
        type: boolean
        default: true
      boolean_default_false:
        description: 'Test scenario tags'
        required: false
        type: boolean
        default: false
      number1_default:
        description: 'Number w. default'
        default: '100'
        type: number
      number2:
        description: 'Number w/o. default'
        type: number
      string1_default:
        description: 'String w. default'
        default: 'Hello world'
        type: string
      string2:
        description: 'String w/o. default'
        required: true
        type: string

jobs:
  test:
    runs-on: docker
    steps:
      - uses: actions/checkout@v3
      - run: whoami
      - run: cat /etc/issue
      - run: uname -a
      - run: date
      - run: echo ${{ inputs.logLevel }}
      - run: echo ${{ inputs.tags }}
      - env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - run: echo "abc"
```
</details>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3334
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-06-28 05:17:11 +00:00
charles b53be9d45c
Fix markdown math brackets render problem (#31420)
Close #31371, support `($ ... $)` like GitHub

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 90a3c20e7996e2db577a51d37f2190e2e990a22a)

Conflicts:
	modules/markup/markdown/markdown_test.go
	trivial context conflict
2024-06-23 12:40:06 +02:00
Tobias Balle-Petersen cdefd617d0
Increase max length of org team names from 30 to 255 characters (#31410)
This PR modifies the structs for editing and creating org teams to allow
team names to be up to 255 characters. The previous maximum length was
30 characters.

(cherry picked from commit 1c26127b520858671ce257c7c9ab978ed1e95252)
2024-06-23 12:21:38 +02:00
wxiaoguang 75bbca68ce
Refactor markup code (#31399)
1. use clearer names
2. remove deadcode
3. avoid name shadowing
4. eliminate some lint warnings

(cherry picked from commit 5a7376c0605415e63cb5b3b8f89ead01e567229b)

Conflicts:
	modules/markup/html.go
	simple code divergence, trivial logic
2024-06-23 11:53:36 +02:00
Earl Warren 9c48511c69
[PORT] Add cache test for admins (#31265)
* the cache was not refactored in Forgejo
* fix the test modifying a global variable
2024-06-23 11:38:35 +02:00
6543 77da92f42a
Add cache test for admins (#31265)
Add a test to probe the cache similar to the email test func.

![image](https://github.com/go-gitea/gitea/assets/24977596/700e2733-586d-4091-900f-f5f71e6e94bf)

![image](https://github.com/go-gitea/gitea/assets/24977596/2a953802-18fc-4e81-a37d-24ebe1297365)

![image](https://github.com/go-gitea/gitea/assets/24977596/e00d62ad-bb60-41cc-9138-09993daee156)

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 363c1235987793dffa5cc851aaae585eb81f091e)

Conflicts:
	options/locale/locale_en-US.ini
	templates/admin/self_check.tmpl
	trivial context conflict
2024-06-23 11:27:03 +02:00
Earl Warren 328b5d79d3 Merge pull request '[gitea] week 2024-25 cherry pick (gitea/main -> forgejo)' (#4145) from earl-warren/wcp/2024-25 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4145
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-06-18 07:56:20 +00:00
Lunny Xiao 8efef06fb1 fix(repository): git push to an adopted repository fails
Fix adopt repository has empty object name in database (#31333)

Fix #31330
Fix #31311

A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.

(cherry picked from commit 1968c2222dcf47ebd1697afb4e79a81e74702d31)

With tests services/repository/adopt_test.go
2024-06-16 19:06:06 +02:00
Zoupers Zou baad8337f9
Fix #31185 try fix lfs download from bitbucket failed (#31201)
Fix #31185

(cherry picked from commit e25d6960b5749fbf7f88ebb6b27878c0459817da)
2024-06-16 13:42:59 +02:00
mzroot ff43d02803
Add tag protection via rest api #17862 (#31295)
Add tag protection manage via rest API.

---------

Co-authored-by: Alexander Kogay <kogay.a@citilink.ru>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit d4e4226c3cbfa62a6adf15f4466747468eb208c7)

Conflicts:
	modules/structs/repo_tag.go
	trivial context conflict
	templates/swagger/v1_json.tmpl
	fixed with make generate-swagger
2024-06-16 13:42:59 +02:00
KN4CK3R 7fa7ec0891
Extract and display readme and comments for Composer packages (#30927)
Related #30075

CC @thojo0

Example with rendered readme:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/3516fef5-2631-40fd-8841-5d9894ec8904)

(cherry picked from commit 4e7b067a7fdfb3e2c8dfdf87475e3938051fd400)
2024-06-16 13:42:59 +02:00
Lunny Xiao 9aa3ae955f
Fix bug filtering issues which have no project (#31337)
Fix #31327
This is a quick patch to fix the bug.
Some parameters are using 0, some are using -1. I think it needs a
refactor to keep consistent. But that will be another PR.

(cherry picked from commit e4abaff7ffbbc5acd3aa668a9c458fbdf76f9573)
2024-06-16 13:42:59 +02:00
Oleksandr Redko b640ac4660
Refactor to use UnsafeStringToBytes (#31358)
The PR replaces all `goldmark/util.BytesToReadOnlyString` with
`util.UnsafeBytesToString`, `goldmark/util.StringToReadOnlyBytes` with
`util.UnsafeStringToBytes`. This removes one `TODO`.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 1761459ebc7eb6d432eced093b4583425a5c5d4b)
2024-06-16 13:42:58 +02:00
Lunny Xiao 62ed5f2db5
Fix hash render end with colon (#31319)
Fix a hash render problem like `<hash>: xxxxx` which is usually used in
release notes.

(cherry picked from commit 7115dce773e3021b3538ae360c4e7344d5bbf45b)
2024-06-16 13:42:58 +02:00
Lunny Xiao 80357bbcb3
Fix adopt repository has empty object name in database (#31333)
Fix #31330
Fix #31311

A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.

(cherry picked from commit 1968c2222dcf47ebd1697afb4e79a81e74702d31)
2024-06-16 13:42:58 +02:00
silverwind d8bc0495de
Enable unparam linter (#31277)
Enable [unparam](https://github.com/mvdan/unparam) linter.

Often I could not tell the intention why param is unused, so I put
`//nolint` for those cases like webhook request creation functions never
using `ctx`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit fc2d75f86d77b022ece848acf2581c14ef21d43b)

Conflicts:
	modules/setting/config_env.go
	modules/storage/azureblob.go
	services/webhook/dingtalk.go
	services/webhook/discord.go
	services/webhook/feishu.go
	services/webhook/matrix.go
	services/webhook/msteams.go
	services/webhook/packagist.go
	services/webhook/slack.go
	services/webhook/telegram.go
	services/webhook/wechatwork.go

	run make lint-go and fix Forgejo specific warnings
2024-06-16 13:42:58 +02:00
Earl Warren 50afca7961
fix(f3): do not run the F3 CLI if F3 is disabled 2024-06-16 13:33:33 +02:00
wxiaoguang 20ca5e37e9
Delete legacy cookie before setting new cookie (#31306)
Try to fix #31202

(cherry picked from commit 5342a61124bf2d4fbe4c1d560b13866198149ac9)
2024-06-16 08:21:32 +02:00
Shiny Nematoda d6abb363f6 FIX: use proper time format (activitypub/client) (#4132)
use proper http time format than replacing with GMT in time.RFC1123 =)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4132
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-06-14 15:22:37 +00:00
Earl Warren e99d3f7055
feat(F3): CLI: f3 mirror to convert to/from Forgejo
feat(F3): driver stub

feat(F3): util.Logger

feat(F3): driver compliance tests

feat(F3): driver/users implementation

feat(F3): driver/user implementation

feat(F3): driver/{projects,project} implementation

feat(F3): driver/{labels,label} implementation

feat(F3): driver/{milestones,milestone} implementation

feat(F3): driver/{repositories,repository} implementation

feat(F3): driver/{organizations,organization} implementation

feat(F3): driver/{releases,release} implementation

feat(F3): driver/{issues,issue} implementation

feat(F3): driver/{comments,comment} implementation

feat(F3): driver/{assets,asset} implementation

feat(F3): driver/{pullrequests,pullrequest} implementation

feat(F3): driver/{reviews,review} implementation

feat(F3): driver/{topics,topic} implementation

feat(F3): driver/{reactions,reaction} implementation

feat(F3): driver/{reviewComments,reviewComment} implementation

feat(F3): CLI: f3 mirror

chore(F3): move to code.forgejo.org

feat(f3): upgrade to gof3 3.1.0

repositories in pull requests are represented with a reference instead
of an owner/project pair of names
2024-06-14 12:52:12 +02:00
Henrique Pimentel 433b6c6910
Add MAX_ROWS option for CSV rendering (#30268)
This solution implements a new config variable MAX_ROWS, which
corresponds to the “Maximum allowed rows to render CSV files. (0 for no
limit)” and rewrites the Render function for CSV files in markup module.
Now the render function only reads the file once, having MAX_FILE_SIZE+1
as a reader limit and MAX_ROWS as a row limit. When the file is larger
than MAX_FILE_SIZE or has more rows than MAX_ROWS, it only renders until
the limit, and displays a user-friendly warning informing that the
rendered data is not complete, in the user's language.

---

Previously, when a CSV file was larger than the limit, the render
function lost its function to render the code. There were also multiple
reads to the file, in order to determine its size and render or
pre-render.

The warning: ![image](https://s3.amazonaws.com/i.snag.gy/vcKh90.jpg)

(cherry picked from commit f7125ab61aaa02fd4c7ab0062a2dc9a57726e2ec)
2024-06-09 16:04:57 +02:00
6543 1d4bff4f65
Add option for mailer to override mail headers (#27860)
Add option to override headers of mails, gitea send out

---
*Sponsored by Kithara Software GmbH*

(cherry picked from commit aace3bccc3290446637cac30b121b94b5d03075f)

Conflicts:
	docs/content/administration/config-cheat-sheet.en-us.md
	does not exist in Forgejo
	services/mailer/mailer_test.go
	trivial context conflict
2024-06-09 11:13:39 +02:00
Kemal Zebari 90753a2c11
Document possible action types for the user activity feed API (#31196)
Resolves #31131.

It uses the the go-swagger `enum` property to document the activity
action types.

(cherry picked from commit cb27c438a82fec9f2476f6058bc5dcda2617aab5)
2024-06-09 11:13:39 +02:00
mirko f015846c11 Add slogan config (#3752)
This is a PR for #3616

Currently added a new optional config `SLOGAN`  in ini file. When this config is set title page is modified in APP_NAME [ - SLOGAN]

Example in image below

![Selezione_075.png](/attachments/7a72171e-e730-4e57-8c97-ffc94258e00f)

Add the new config value in the admin settings page (readonly)

![Screenshot 2024-05-13 at 18-04-13 My Forgejo.png](/attachments/dad00fc2-29fa-4371-a7b9-5233eadeac13)

## TODO

* [x] Add the possibility to add the `SLOGAN` config from the installation form
* [ ] Update https://forgejo.org/docs/next/admin/config-cheat-sheet

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3752
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: mirko <mirko.perillo@gmail.com>
Co-committed-by: mirko <mirko.perillo@gmail.com>
2024-06-07 17:12:48 +00:00
André Rosenhammer fb7b17d240 Make gitea webhooks openproject compatible (gitea#28435)
This PR adds some fields to the gitea webhook payload that
[openproject](https://www.openproject.org/) expects to exists in order
to process the webhooks.
These fields do exists in Github's webhook payload so adding them makes
Gitea's native webhook more compatible towards Github's.
2024-06-05 15:58:51 +02:00
Earl Warren d2c4d833f4
test(avatar): deleting a user avatar is idempotent
If the avatar file in storage does not exist, it is not an error and
the database can be updated.

See 1be797faba Fix bug on avatar
2024-06-05 09:10:42 +02:00
Earl Warren 1b3ccfffe8 Merge pull request 'test(avatar): deleting a user avatar and file is atomic' (#4015) from earl-warren/forgejo:wip-delete-avatar into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4015
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-04 22:38:07 +00:00
Earl Warren 20148e061a
test(storage): export UninitializedStorage to simulate failure 2024-06-04 23:20:20 +02:00
Victoria Nadasdi b80677d009
chore(deps): update module github.com/redis/go-redis/v9 to v9.5.2
Renovate tried to update redis/go-redis, but failed because they changes
the interface, they added two new functions: `BitFieldRO` and
`ObjectFreq`.

Changes:
- Update redis/go-redis
- Run mockgen:
  ```
  mockgen -package mock -destination ./modules/queue/mock/redisuniversalclient.go  github.com/redis/go-redis/v9 UniversalClient
  ```

References:
- https://codeberg.org/forgejo/forgejo/pulls/4009
2024-06-04 12:38:35 +02:00
Earl Warren c2382d4f5b Merge pull request '[gitea] week 2024-23 cherry pick (gitea/main -> forgejo)' (#3989) from earl-warren/wcp/2024-23 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3989
Reviewed-by: Otto <otto@codeberg.org>
2024-06-04 07:40:35 +00:00
Mai-Lapyst e58ce86264 Update the elasticsearch mappings for issues to use long instead of integer for int64 (#3982)
This updates the mapping definition of the elasticsearch issue indexer backend to use `long` instead of `integer`s wherever the go type is a `int64`. Without it larger instances could run into an issue.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3982
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-06-04 07:37:59 +00:00
Lunny Xiao ee2247d77c
Add topics for repository API (#31127)
Fix ##31100

(cherry picked from commit de4616690f742aebc3e019fde5c73c432d543292)
2024-06-02 16:26:54 +02:00
Earl Warren 884b3c0f4b
test(util): MockProtect when mocking multiple times
It is fine to use MockVariableValue to change a setting such as:

defer test.MockVariableValue(&setting.Mirror.Enabled, true)()

But when testing for errors and mocking a function, multiple variants
of the functions will be used, not just one. MockProtect a function
will make sure that when the test fails it always restores a sane
version of the function. For instance:

defer test.MockProtect(&mirror_service.AddPushMirrorRemote)()

mirror_service.AddPushMirrorRemote = mockOne
do some tests that may fail

mirror_service.AddPushMirrorRemote = mockTwo
do more tests that may fail
2024-06-02 15:24:06 +02:00
Rowan Bohde 73706ae26d
feat: add support for a credentials chain for minio access (#31051)
We wanted to be able to use the IAM role provided by the EC2 instance
metadata in order to access S3 via the Minio configuration. To do this,
a new credentials chain is added that will check the following locations
for credentials when an access key is not provided. In priority order,
they are:

1. MINIO_ prefixed environment variables
2. AWS_ prefixed environment variables
3. a minio credentials file
4. an aws credentials file
5. EC2 instance metadata

(cherry picked from commit c0880e7695346997c6a93f05cd01634cb3ad03ee)

Conflicts:
	docs/content/administration/config-cheat-sheet.en-us.md
	does not exist in Forgejo
2024-06-02 10:14:09 +02:00
Lunny Xiao a7591f9738
Rename project board -> column to make the UI less confusing (#30170)
This PR split the `Board` into two parts. One is the struct has been
renamed to `Column` and the second we have a `Template Type`.

But to make it easier to review, this PR will not change the database
schemas, they are just renames. The database schema changes could be in
future PRs.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 98751108b11dc748cc99230ca0fc1acfdf2c8929)

Conflicts:
	docs/content/administration/config-cheat-sheet.en-us.md
	docs/content/index.en-us.md
	docs/content/installation/comparison.en-us.md
	docs/content/usage/permissions.en-us.md
	non existent files

	options/locale/locale_en-US.ini
	routers/web/web.go
	templates/repo/header.tmpl
	templates/repo/settings/options.tmpl
	trivial context conflicts
2024-06-02 09:42:39 +02:00
Michael Jerger 2f7f1aab8a fix review 2024-05-29 18:31:06 +02:00
Michael Jerger 5620dd76fa Merge branch 'forgejo' into forgejo-federated-pr5 2024-05-29 18:26:16 +02:00
Zettat123 df15abd072
Support setting the default attribute of the issue template dropdown field (#31045)
Fix #31044

According to [GitHub issue template
documentation](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema#attributes-for-dropdown),
the `default` attribute can be used to specify the preselected option
for a dropdown field.

(cherry picked from commit 7ab0988af140aa3e0204979765f75961f1dc9c11)
2024-05-26 20:13:09 +02:00
wxiaoguang 5612cf32e5
Refactor sha1 and time-limited code (#31023)
Remove "EncodeSha1", it shouldn't be used as a general purpose hasher
(just like we have removed "EncodeMD5" in #28622)

Rewrite the "time-limited code" related code and write better tests, the
old code doesn't seem quite right.

(cherry picked from commit fb1ad920b769799aa1287441289d15477d9878c5)

Conflicts:
	modules/git/utils_test.go
	trivial context conflict because sha256 testing in Forgejo has diverged
2024-05-26 18:43:30 +02:00
Earl Warren bd32dedb48 Merge pull request 'fix(services): set SendNotificationEmailOnNewUser' (#3904) from earl-warren/forgejo:wip-new-user-notify into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3904
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-05-25 15:11:16 +00:00
Earl Warren ff2a3f4e3a
fix(services): set SendNotificationEmailOnNewUser
regression from 767e9634d3. It changed
the parsing of the [admin] section from being derived from the content
of each key with mustMapSetting(rootCfg, "admin", &Admin) to
explicitly listing all keys in the code.

SEND_NOTIFICATION_EMAIL_ON_NEW_USER was not added and therefore
ignored. As a consequence notifications of newly registered users were
never sent.
2024-05-25 16:27:44 +02:00
Earl Warren c7711dac6d
chore: fix typos identified by mispell 2024-05-25 09:43:50 +02:00
Michael Jerger 82cb9e0203 ui for adding following repos 2024-05-24 13:28:15 +02:00
Victoria Nadasdi 87e2454858
lint: fix import order issue
Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
2024-05-21 18:02:37 +02:00
Victoria Nadasdi 54acfa8880
refactor: redis queue backend test cleanup
Summary:
- Move existing test under a `testify` Suite as `baseRedisWithServerTestSuite`
  - Those tests require real redis server.
- Add `go.uber.org/mock/mockgen@latest` as dependency
  - as a tool (Makefile).
  - in the `go.mod` file.
- Mock redis client lives under a `mock` directory under the queue module.
  - That mock module has an extra hand-written mock in-memory redis-like struct.
- Add tests using the mock redis client.
- Changed the logic around queue provider creation.
  - Now the `getNewQueue` returns a Queue provider directly, not an init
    function to create it.

The whole Queue module is close to impossible to test properly because
everything is private, everything goes through a struct route. Because
of that, we can't test for example what keys are used for given queue.

To overcome this, as a first step I removed one step from that hard
route by allowing custom calls to create new queue provider. To achieve
this, I moved the creation logic into the `getNewQueue` (previously it
was `getNewQueueFn`). That changes nothing on that side, everything goes
as before, except the `newXXX` call happens directly in that function
and not outside that.

That made it possible to add extra provider specific parameters to those
function (`newXXX`). For example a client on redis. Calling it through
the `getNewQueue` function, it gets `nil`.

- If the provided client is not `nil`, it will use that instead of the
connection string.
- If it's `nil` (default behaviour), it creates a new redis client as it
  did before, no changes to that.

The rest of the provider code is unchanged. All these changes were
required to make it possible to generate mock clients for providers and
use them.

For the tests, the existing two test cases are good with redis server,
and they need some extra helpers, for example to start a new redis
server if required, or waiting on a redis server to be ready to use.
These helpers are only required for test cases using real redis server.

For better isolation, moved existing test under a testify Suite, and
moved them into a new test file called `base_redis_with_server_test.go`
because, well they test the code with server. These tests do exactly the
same as before, calling the same sub-tests the same way as before, the
only change is the structure of the test (remove repetition, scope
server related helper functions).

Finally, we can create unit tests without redis server. The main focus of
this group of tests are higher level overview of operations. With the
mock redis client we can set up expectations about used queue names,
received values, return value to simulate faulty state.

These new unit test functions don't test all functionality, at least
it's not aimed for it now. It's more about the possibility of doing that
and add extra tests around parts we couldn't test before, for example
key.

What extra features can test the new unit test group:
- What is the received key for given queue? For example using `prefix`,
  or if all the `SXxx` calls are expected to use `queue_unique` if
  it's a unique queue.
- If it's not a unique queue, no `SXxx` functions are called, because
  those sets are used only to check if a value is unique or not.
- `HasItem` return `false` always if it's a non-unique queue.
- All functions are called exactly `N` times, and we don't have any
  unexpected calls to redis from the code.

Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
2024-05-21 18:02:33 +02:00
Earl Warren 74e07656d2 Merge pull request '[gitea] week 2024-21 cherry pick (gitea/main -> forgejo)' (#3838) from algernon/wcp/2024-21 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3838
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-21 08:05:01 +00:00
Earl Warren fb1338537b Merge pull request '[FEAT] Wiki Search' (#3847) from snematoda/wiki-search-grep into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3847
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-21 06:27:30 +00:00
Victoria Nadasdi df0d1a2134 feat: parse prefix from redis URI for queues (#3836)
For security reasons, scoping access to a redis server via ACL rules is
a good practice. Some parts of the codebase handles prefix like cache[^1]
and session[^2], but the queue module doesn't.

This patch adds this missing functionality to the queue module.

Note about relevant test:
I tried to keep the PR as small as possible (and reasonable), and not
change how the test runs. Updated the existing test to use the same
redis address and basically duplicated the test with the extra flag. It
does NOT test if the keys are correct, it ensures only it works as
expected. To make assertions about the keys, the whole test has to be
updated as the general wrapper doesn't allow the main test to check
anything provider (redis) specific property. That's not something I
wanted to take on now.

[^1]: e4c3c039be/modules/cache/cache_redis.go (L139-L150)
[^2]: e4c3c039be/modules/session/redis.go (L122-L129)

Signed-off-by: Victoria Nadasdi <victoria@efertone.me>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3836
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Victoria Nadasdi <victoria@efertone.me>
Co-committed-by: Victoria Nadasdi <victoria@efertone.me>
2024-05-20 14:10:54 +00:00
Shiny Nematoda ec4f5495ba feat: wiki search using git-grep
+ add release note
2024-05-20 13:48:50 +00:00
wxiaoguang 193ac67176
Always load or generate oauth2 jwt secret (#30942)
Fix #30923

(cherry picked from commit effb405cae88474c27f5c8322a2627019af1cf64)
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>

Conflicts:
	- modules/setting/oauth2.go
	  Conflicted due to different ways of logging. Since the log
	  message is removed anyway, resolved by removing it.
	- modules/setting/oauth2_test.go
	  Manually copied the test added by Gitea.
	- routers/install/install.go
	  Not a conflict per se, but adjusted to use NewJwtSecret().
2024-05-19 15:47:39 +02:00
wxiaoguang 50b4e7f26e
Simplify mirror repository API logic (#30963)
Fix #30921

(cherry picked from commit 821d2fc2a3cc897f21d707455850177077b72410)
2024-05-19 13:57:52 +02:00
Zettat123 8e1de85980
Support using label names when changing issue labels (#30943)
Resolve #30917

Make the APIs for adding labels and replacing labels support both label
IDs and label names so the
[`actions/labeler`](https://github.com/actions/labeler) action can work
in Gitea.

<img width="600px"
src="https://github.com/go-gitea/gitea/assets/15528715/7835c771-f637-4c57-9ce5-e4fbf56fa0d3"
/>

(cherry picked from commit b3beaed147466739de0c24fd80206b5af8b71617)

Conflicts:
	- modules/structs/issue_label.go
	  Resolved by applying the Gitea change by hand.
	- tests/integration/api_issue_label_test.go
	  Resolved by copying the new tests.
2024-05-19 13:12:35 +02:00
oliverpool 5e73c67d67 fix: hook post-receive for sha256 repos 2024-05-15 16:43:16 +02:00
Earl Warren 77092c7a0c Merge pull request 'Federation: Parse ActorId & cache FederationHost' (#3662) from meissa/forgejo:forgejo-federated-parse-actorId into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3662
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-14 22:42:02 +00:00
Shiny Nematoda b6ca8abcfd [FEAT] support searching non default branches/tags when using git-grep (#3654)
resolves https://codeberg.org/forgejo/forgejo/pulls/3639#issuecomment-1806676 and https://codeberg.org/forgejo/forgejo/pulls/3513#issuecomment-1794990

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3654
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-05-14 15:41:03 +00:00
Michael Jerger fddc063b97 missed by diff 2024-05-14 08:48:05 +02:00
Michael Jerger 9d32c5a29b added validation fixes 2024-05-14 08:31:34 +02:00
Michael Jerger fc38e56373 enhance test & fix reviews 2024-05-14 08:24:31 +02:00
Lunny Xiao eb792d9f8a
Move database operations of merging a pull request to post receive hook and add a transaction (#30805)
Merging PR may fail because of various problems. The pull request may
have a dirty state because there is no transaction when merging a pull
request. ref
https://github.com/go-gitea/gitea/pull/25741#issuecomment-2074126393

This PR moves all database update operations to post-receive handler for
merging a pull request and having a database transaction. That means if
database operations fail, then the git merging will fail, the git client
will get a fail result.

There are already many tests for pull request merging, so we don't need
to add a new one.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ebf0c969403d91ed80745ff5bd7dfbdb08174fc7)

Conflicts:
	modules/private/hook.go
	routers/private/hook_post_receive.go
	trivial conflicts because
	  263a716cb5 * Performance optimization for git push (#30104)
	was not cherry-picked and because of
	  998a431747 Do not update PRs based on events that happened before they existed
2024-05-12 20:03:10 +02:00
wxiaoguang 8cb8547532
Make "sync branch" also sync object format and add tests (#30878)
(cherry picked from commit 9c08637eae8c3a44d15e62d85144e07ae9dabbec)
2024-05-12 20:03:10 +02:00
Yaroslav Halchenko 2b2fd2728c Add codespell support and fix a good number of typos with its help (#3270)
More about codespell: https://github.com/codespell-project/codespell .

I personally introduced it to dozens if not hundreds of projects already and so far only positive feedback.

```
❯ grep lint-spell Makefile
	@echo " - lint-spell                       lint spelling"
	@echo " - lint-spell-fix                   lint spelling and fix issues"
lint: lint-frontend lint-backend lint-spell
lint-fix: lint-frontend-fix lint-backend-fix lint-spell-fix
.PHONY: lint-spell
lint-spell: lint-codespell
.PHONY: lint-spell-fix
lint-spell-fix: lint-codespell-fix
❯ git grep lint- -- .forgejo/
.forgejo/workflows/testing.yml:      - run: make --always-make -j$(nproc) lint-backend checks-backend # ensure the "go-licenses" make target runs
.forgejo/workflows/testing.yml:      - run: make lint-frontend
```
so how would you like me to invoke `lint-codespell` on CI? (without that would be IMHO very suboptimal and let typos sneak in)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3270
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Yaroslav Halchenko <debian@onerussian.com>
Co-committed-by: Yaroslav Halchenko <debian@onerussian.com>
2024-05-09 13:49:37 +00:00
Earl Warren a2c8fe0370 Merge pull request '[gitea] week 2024-19 cherry pick (gitea-github/main -> forgejo)' (#3639) from earl-warren/wcp/2024-19 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3639
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
2024-05-07 22:47:53 +00:00
Michael Jerger 1a76664d56 next step on the way to federation 2024-05-07 17:58:13 +02:00
Michael Jerger 2177d38e9c feat(federation): validate like activities (#3494)
First step on the way to #1680

The PR will

* accept like request on the api
* validate activity in a first level

You can find

* architecture at: https://codeberg.org/meissa/forgejo/src/branch/forgejo-federated-star/docs/unsure-where-to-put/federation-architecture.md

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3494
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
2024-05-07 07:59:49 +00:00
yp05327 6a4bc0289d
Fix no edit history after editing issue's title and content (#30814)
Fix #30807

reuse functions in services

(cherry picked from commit a50026e2f30897904704895362da0fb12c7e5b26)

Conflicts:
	models/issues/issue_update.go
	routers/api/v1/repo/issue.go
	trivial context conflict because of 'allow setting the update date on issues and comments'
2024-05-05 12:15:40 +01:00
silverwind fb693442f5
Remove external API calls in TestPassword (#30716)
The test had a dependency on `https://api.pwnedpasswords.com` which
caused many failures on CI recently:

```
--- FAIL: TestPassword (2.37s)
    pwn_test.go:41: Get "https://api.pwnedpasswords.com/range/e6b6a": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
FAIL
coverage: 82.9% of statements
```

(cherry picked from commit 9235442ba58524c8d12ae54865d583acfa1f439d)
2024-05-05 12:15:40 +01:00
wxiaoguang 4e35e5b8ae
Skip gzip for some well-known compressed file types (#30796)
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit be112c1fc30f87a248b30f48e891d1c8c18e8280)

Conflicts:
	routers/web/web.go
	trivial conflict because of https://codeberg.org/forgejo/forgejo/pulls/1533
2024-05-05 12:15:40 +01:00
Chester 1a40fe54a6
Add API endpoints for getting action jobs status (#26673)
Sample of response, it is similar to Github actions

ref
https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#list-workflow-runs-for-a-repository

``` json
{
    "workflow_runs": [
        {
            "id": 3,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "6d8d29a9f7a01ded8f8aeb64341cb31ee1ab5f19",
            "run_number": 3,
            "event": "push",
            "display_title": "More job",
            "status": "success",
            "workflow_id": "demo2.yaml",
            "url": "/chester/test/actions/runs/3",
            "created_at": "2023-08-22T13:41:33-04:00",
            "updated_at": "2023-08-22T13:41:37-04:00",
            "run_started_at": "2023-08-22T13:41:33-04:00"
        },
        {
            "id": 2,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "6d8d29a9f7a01ded8f8aeb64341cb31ee1ab5f19",
            "run_number": 2,
            "event": "push",
            "display_title": "More job",
            "status": "success",
            "workflow_id": "demo.yaml",
            "url": "/chester/test/actions/runs/2",
            "created_at": "2023-08-22T13:41:30-04:00",
            "updated_at": "2023-08-22T13:41:33-04:00",
            "run_started_at": "2023-08-22T13:41:30-04:00"
        },
        {
            "id": 1,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "e5369ab054cae79899ba36e45ee82811a6e0acd5",
            "run_number": 1,
            "event": "push",
            "display_title": "Add job",
            "status": "failure",
            "workflow_id": "demo.yaml",
            "url": "/chester/test/actions/runs/1",
            "created_at": "2023-08-22T13:15:21-04:00",
            "updated_at": "2023-08-22T13:18:10-04:00",
            "run_started_at": "2023-08-22T13:15:21-04:00"
        }
    ],
    "total_count": 3
}
```

---------

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
(cherry picked from commit 6709e28da78a0ea7e63f9fe4e32f620abdc88d14)

Conflicts:
	routers/api/v1/swagger/repo.go
	trivial context conflict
2024-05-05 12:15:40 +01:00
Chongyi Zheng c504461b66
Resolve lint for unused parameter and unnecessary type arguments (#30750)
Resolve all cases for `unused parameter` and `unnecessary type
arguments`

Related: #30729

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit e80466f7349164ce4cf3c07bdac30d736d20f035)

Conflicts:
	modules/markup/markdown/transform_codespan.go
	modules/setting/incoming_email.go
	routers/api/v1/admin/user_badge.go
	routers/private/hook_pre_receive.go
	tests/integration/repo_search_test.go
	resolved by discarding the change, this is linting only and
	for the sake of avoiding future conflicts
2024-05-05 08:38:16 +01:00