Vulnerability #1: GO-2024-2947
Leak of sensitive information to log files in
github.com/hashicorp/go-retryablehttp
More info: https://pkg.go.dev/vuln/GO-2024-2947
Module: github.com/hashicorp/go-retryablehttp
Found in: github.com/hashicorp/go-retryablehttp@v0.7.5
Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
Example traces found:
#1: services/migrations/gitlab.go:500:74: migrations.GitlabDownloader.GetComments calls gitlab.DiscussionsService.ListMergeRequestDiscussions, which eventually calls retryablehttp.Client.Do
There are a few changes of template logic which defines when which elements should be shown on profile page. The motivation is to have the elements when needed and don't when they're not relevant.
## Changes
### RSS button
Now displayed if:
* feeds are enabled
AND one or more of:
* the current user is an admin
* the current user is viewing their profile
* the activity is publicly available
So, basically in cases when the .rss feed actually contains any events. Before this change this button was constantly shown and was giving an empty feed if it was unavailable.
### Public activity tab
The tab is displayed if:
* the current user is an admin
* the current user is viewing their profile
* the activity is publicly available
* the current tab is this exact tab, for example, in case it was accessed by adding `?tab=activity` to the URL, so that the UI is not broken w/o a highlighted tab
So, this tab is not displayed when it's not going to contain any information, but still can be accessed.
### Banner "This user has disabled the public visibility of the activity."
For admins:
* always show the big blue banner to warn that sharing a screenshot of this publicly is bad idea
For self:
* always display a little note about the current visibility status with a "Change" link
For others:
* only display a little note to explain why the activity is not shown
### Heatmap and activity feed
Elements are only displayed when relevant, instead of keeping empty leftovers, for easier testing. This template change is also covered by test. **Everything in this Changes section is covered by test unless I forgot something.**
## Preview
There's obviously too many states to screenshot, here are highlights:
![](https://codeberg.org/attachments/47559531-9bcd-46c0-90d4-8b51512da752)
_Warning admin for why they're seeing the information_
![](https://codeberg.org/attachments/3107bf62-955b-4fe5-bce3-6305a928afe1)
_Viewing self - private_
![](https://codeberg.org/attachments/afb63ead-fb0b-4fc7-9d8b-c6c09e9ae62b)
_Viewing self - public_
![](https://codeberg.org/attachments/df3c090a-7490-4827-b33b-771fd4fa0a9f)
_Don't have access to the information_
![](https://codeberg.org/attachments/2dd2b0ac-2fe0-4453-aa4b-e91fd08f4411)
_The tab is not shown when the activity can't be accessed_
![](https://codeberg.org/attachments/ed4c61de-b3b7-4523-b92b-bc76e1d8b7c5)
_Can't access the RSS feed_
![](https://codeberg.org/attachments/5a27f2be-d79c-4fb4-85a5-758348398f1b)
_Can access the RSS feed_
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4189
Reviewed-by: Otto <otto@codeberg.org>
See
https://docs.docker.com/reference/build-checks/legacy-key-value-format/.
Fixes these warnings seen during the docker build:
```
4 warnings found (use --debug to expand):
- LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 5)
- LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 9)
- LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 75)
- LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 76)
```
Introduced in: https://github.com/moby/buildkit/pull/4923
(cherry picked from commit 996037fb6a61b1a7f9a0a837fd87bbeab9cad154)
Conflicts:
Dockerfile.rootless
trivial context conflict
This PR modifies the structs for editing and creating org teams to allow
team names to be up to 255 characters. The previous maximum length was
30 characters.
(cherry picked from commit 1c26127b520858671ce257c7c9ab978ed1e95252)
Now that the backlog has been resoloved, it is not uncommon for a few
upgrade to wait for a few days before a ruling is made on wether they
should be upgraded or not.
That may leave one or two slots for other upgrades although there may
be more that could be decided immediately.
Raising the concurrency to 10 leaves room for such bursts and avoid
creating a backlog that is not justified by delays related to the
availability of contributors.
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| code.forgejo.org/f3/gof3/v3 | require | minor | `v3.3.1` -> `v3.4.0` |
---
### Configuration
📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge - "before 4am" (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MDkuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQwOS4xIiwidGFyZ2V0QnJhbmNoIjoiZm9yZ2VqbyIsImxhYmVscyI6WyJkZXBlbmRlbmN5LXVwZ3JhZGUiXX0=-->
Co-authored-by: Twenty Panda <twenty-panda@posteo.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4196
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
#4059 was unfortunately incomplete: some custom_url fields are currently shown, even if they are not used by the provider. Moreover the `Use Custom URLs Instead of Default URLs` is always checked by default.
Manual testing:
- go to http://localhost:3000/admin/auths
- click on `Add authentication source`
- Choose `Authentication type`: `OAuth2`
- Choose `OAuth2 provider`: `GitLab`
- verify that the `Use Custom URLs Instead of Default URLs` option is **initially unchecked**
- enable the `Use Custom URLs Instead of Default URLs` checkbox
- verify that only the fields "Authorize", "Token" and "Profile" URLs are shown (no "Email URL", nor "Tenant").
- Switch the `OAuth2 provider` to `Azure AD v2`
- verify that the `Use Custom URLs Instead of Default URLs` option is **initially checked**
- verify that only the field "Tenant" is shown (with the default "organizations").
![image](/attachments/0e2b1508-861c-4b0e-ae6a-6eb24ce94911)
Note: this is loosely based on the upstream fix https://github.com/go-gitea/gitea/pull/31246 which I initially overlooked.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4194
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
For #4082.
~~Per the discussion in the issue, the current plan will likely involve duplicating the redis library calling code once for each cacher, as neither garnet nor redict guarantee continued compatibility with redis.~~
See discussion below for details.
## Tasklist
- [x] Write workflow to run cache-specific unit test(s) only (cache, session, queue, nosql) for each cacher
- [x] Check whether garnet and redict pass unit tests with no code modification (gauge required work)
- both passed, but that is because there were very few tests that test the remote cache store
### Out of scope for this PR
- Improve test coverage
- `modules/cache` against a server
- `modules/session` against a server (also needs tests in general)
- _(?) Duplicate implementation for each cacher_
- _Restructure redis usage in `modules/cache` and `modules/settings/cache`_
- _Restructure `modules/session` and its settings_
- _Restructure `modules/queue` and its settings_
- _Restructure `modules/nosql` and its settings_
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4138
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Elias Elwyn <a@jthv.ai>
Co-committed-by: Elias Elwyn <a@jthv.ai>
Ports fuzzy search for `/issues` and `/pulls` from gitea.
Adds fuzzy search for `/user/repo/issues` and `/user/repo/pulls`.
---
## Notes
### Port: [`gitea#be5be0ac81`](be5be0ac81)
- CONFLICT (content): Merge conflict in routers/web/user/home.go
Conflict resolved by
1. keeping both `PageIsOrgIssues` and the newly introduced `IsFuzzy`
2. using `pager.AddParam(ctx, "fuzzy", "IsFuzzy")` rather than `pager.AddParamString("fuzzy", fmt.Sprintf("%v", isFuzzy))`
- CONFLICT (content): Merge conflict in templates/user/dashboard/issues.tmpl
Conflict resolved by keeping the changes from #4096, and picking the `&fuzzy=${{.IsFuzzy}}` inclusion to all urls and `{{if .PageIsPulls}}...`
### Port: [`gitea#fede3cbada`](fede3cbada)
- CONFLICT (content): Merge conflict in templates/user/dashboard/issues.tmpl
Conflict resolved by keeping previous changes and picking the replacement of `{{if .PageIsPulls}}...` with `{{template "shared/search/combo_fuzzy"...` which contains the replacement of `explorer.go` to `explorer.go_to`
### Fixup commit
replaces `Iif` with `if` which was introduced in gitea#fede3cbada
### Feature commit
adds in support for /user/repo/(issues|pulls) + test
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Kerwin Bryant <kerwin612@qq.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4160
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
cmd/dump.go uses os.Readdir to list the directory.
This is fine on its own, but TestAddRecursiveExclude in cmd/dump_test.go
depends on the order of the directory listing, which is where the issue
lays.
Directory listings using os.Readdir (lstat) don't actually guarantee an
order. They can differ due to a number of factors. Most notably the OS,
file system and settings.
As such, the test should not check the /order of the files/ added to the
archive, but instead simply check whether the archive /contains/ them.
So this is precisely what this commit does.
Note that only TestAddRecursiveExclude/File_inside_directory/No_exclude
has been observed to fail due to this, but all TestAddRecursiveExclude
subtests have been updated for consistency.
While trying to understand #1236, I was quite confused not to see the `Use Custom URLs` checkbox.
This checkbox disappeared in b95a893b22 (because `getElementById` does not expect a `#` as first char), fixed in 4e816e1326.
After solving this, switching from `Nextcloud` to `OpenID Connect` triggered a JS error, which is addressed in 3efa4d836a.
Manual testing:
- go to http://localhost:3000/admin/auths
- click on `Add authentication source`
- Choose `Authentication type`: `OAuth2`
- Choose `OAuth2 provider`: `Nextcloud`
- check that the `Use Custom URLs Instead of Default URLs` checkbox toggles the fields below
- let the checkbox be checked
- Switch the `OAuth2 provider` to `OpenID Connect`
- ensure that no JS error is shown
- Switch the `OAuth2 provider` to `Mastodon`
- check that the fields below `Use Custom URLs Instead of Default URLs` have the right defaults (mastodon.social)
![2024-06-07-101638.png](/attachments/5bd6692e-3457-4dd8-b1c1-50e9a95a3100)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4059
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
Fix adopt repository has empty object name in database (#31333)
Fix#31330Fix#31311
A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.
(cherry picked from commit 1968c2222dcf47ebd1697afb4e79a81e74702d31)
With tests services/repository/adopt_test.go
This adds org-mode readmes to the extensions that are prioritized when
searching for readme. Org-mode readmes come after markdown readmes in
terms of priority and before txt readmes.
Closes#4073
This removes the difference between high density images and other images regarding the pasting.
## Why
With this change, all images are clickable by default again. I don't think there is any problem regarding the img size because 1. it is the old behaviour, 2. the comment container already limits the size of the image.
## Alternatives
We can add an a-tag automatically when the user pastes an image. I do not prefer this because this adds a really long text (it's already bad with the img-tag) e.g.: `<a href="/attachments/28cf2254-13be-46c6-a433-efc77f556083" target="_blank"><img width="385" alt="grafik" src="/attachments/28cf2254-13be-46c6-a433-efc77f556083"></a>`
## Testing
1. Open an issue or pull request
2. Paste an image in the comment text box
3. The image should be pasted with valid Markdown syntax
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3965
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
More info in the linked PR.
---
Make positioning of the repo tabs make more sense. This is an isolated implementation for one of many changes discussed in the referenced issue, it will work good without the other changes too.
## Changes
- Actions are moved to the edge. This tab is the least relevant to both visitors and developers. The first don't really need it at all, the second only visit it when something goes unexpected (run did not happen or attached to the wrong event), or just to see the run queue to know when their actions is going to get processed. This is not a tab with always-relevant information.
- put Packages after releases. The Packages are like a download page for Releases, but for released packages instead of binaries/source code. It is relevant to Releases, so it should stay close, but it is secondary to Releases by importance. For example, because they don't actually contain release notes unlike Releases.
- the above makes Projects appear next to Issues and Pull requests which I think is nice as they're related.
## Preview
### v7
https://codeberg.org/attachments/c434e8fd-aaab-4c27-9071-2a3ba68ad4b7
### This PR
https://codeberg.org/attachments/74743c03-883e-40cf-8cb1-384d1d8cf63c
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4139
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Add tag protection manage via rest API.
---------
Co-authored-by: Alexander Kogay <kogay.a@citilink.ru>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit d4e4226c3cbfa62a6adf15f4466747468eb208c7)
Conflicts:
modules/structs/repo_tag.go
trivial context conflict
templates/swagger/v1_json.tmpl
fixed with make generate-swagger
Fix#31327
This is a quick patch to fix the bug.
Some parameters are using 0, some are using -1. I think it needs a
refactor to keep consistent. But that will be another PR.
(cherry picked from commit e4abaff7ffbbc5acd3aa668a9c458fbdf76f9573)
The PR replaces all `goldmark/util.BytesToReadOnlyString` with
`util.UnsafeBytesToString`, `goldmark/util.StringToReadOnlyBytes` with
`util.UnsafeStringToBytes`. This removes one `TODO`.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 1761459ebc7eb6d432eced093b4583425a5c5d4b)
fix a bug from #30490
`prs.GetIssueIDs()` will also be used in other places, e.g.
`InvalidateCodeComments`
so we should not add `if pr.Issue == nil` in it, or if `pr.Issue` is
already loaded, you will not get the issueID in the results list and
this is not an expected result.
So this will caused a bug:
before calling `InvalidateCodeComments`, all `pr.Issues` in `prs` are
loaded, so `issueIDs` in this function will always be `[]`.
![image](https://github.com/go-gitea/gitea/assets/18380374/ef94d9d2-0bf9-455a-abd6-4d5e6497db7c)
(cherry picked from commit e61e9a36b7117bab2cb122a95d606a86527ed45d)
have repo OrderBy definitions defined in one place and use a single type
for OrderBy database options
(cherry picked from commit bb04311b0b5b7a28f94c4bc409db1c4a04bcef17)
Fix a hash render problem like `<hash>: xxxxx` which is usually used in
release notes.
(cherry picked from commit 7115dce773e3021b3538ae360c4e7344d5bbf45b)
When using the MinIO storage driver for Actions Artifacts, we found that
the chunked artifact required significantly more memory usage to both
upload and merge than the local storage driver. This seems to be related
to hardcoding a value of `-1` for the size to the MinIO client [which
has a warning about memory usage in the respective
docs](https://pkg.go.dev/github.com/minio/minio-go/v7#Client.PutObject).
Specifying the size in both the upload and merge case reduces memory
usage of the MinIO client.
Co-authored-by: Kyle D <kdumontnu@gmail.com>
(cherry picked from commit 45dbeb5600d1f552c0134721fe49e8fd1099b5a4)
Fix#31330Fix#31311
A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.
(cherry picked from commit 1968c2222dcf47ebd1697afb4e79a81e74702d31)
Enable [unparam](https://github.com/mvdan/unparam) linter.
Often I could not tell the intention why param is unused, so I put
`//nolint` for those cases like webhook request creation functions never
using `ctx`.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit fc2d75f86d77b022ece848acf2581c14ef21d43b)
Conflicts:
modules/setting/config_env.go
modules/storage/azureblob.go
services/webhook/dingtalk.go
services/webhook/discord.go
services/webhook/feishu.go
services/webhook/matrix.go
services/webhook/msteams.go
services/webhook/packagist.go
services/webhook/slack.go
services/webhook/telegram.go
services/webhook/wechatwork.go
run make lint-go and fix Forgejo specific warnings
closes#3855
unlike #3854, this implementation uses a generic details html tag and a bit of tailwind magic...
---
## Maintainers Note
- previously tailwind classes of the form `[-a-zA-Z:0-9_.]` was disabled, however they were enabled since they were required for the `group-open:` classes
---
## Manual Testing
1. Visit the code search results after submitting a valid query for repo (if indexer disabled) or repo, user, explore (if indexer enabled)
2. Verify thst
1. the results are unfloded/open by default
2. the chevron points down when open and right when closed
<video src="/attachments/5a55c56f-6159-4422-ab80-962e0121e7d2" title="fold2.mp4" controls></video>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4134
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
This overrides handling of Tab and Enter keys in the ComboMarkdownEditor, so that:
* Pressing Tab prepending 4 spaces to the line under cursor, or all the lines in the selection.
* Pressing Shift+Tab removes up to 4 spaces.
* Pressing Enter repeats any indentation and a "repeatable" prefix (list or blockquote) from the current line.
Since Tab "capture" can interfere with keyboard navigation, it's only done if there was any previous input in the textarea or if it was selected with a pointer. Additionally, presing Esc will make the textarea lose focus, resuming tab navigation. This seems adequate to me, but I might be wrong.
Had to use the "deprecated" execCommand method, since anything else I tried messes up the undo history. There's a fallback for when (if?) it's actually removed.
Only tested in desktop Firefox and Chrome so far.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4072
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
use proper http time format than replacing with GMT in time.RFC1123 =)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4132
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
When a comment was added and saved with the preview tab active, the
preview tab is still active, when the comment is edited again.
This adds a "hacky" solution, but it works and is simple.
Every time the edit is "started" and the editor already exists, the tab
with the edit text field gets clicked to activate it.
Fixes#1334
Very little visual changes:
* class `labelled` is not used in CSS, removed from elements
* `margin-right: 0;` in `#git-graph-container .color-buttons` wasn't doing anything
* `width: 100%;` in `#git-graph-container #rev-container` and `#git-graph-container #rev-list` wasn't doing anything
(Checked on both desktop and mobile screens.)
* the now unused class `color-buttons` is left for now because it might come useful later. The button coloring is broken here and I would like to touch it separately
* removed `font-size: 80%;` from dates to ensure proper readability, it wasn't saving much space but was inconvenient to look at because other dates in the UI are normal sized
* the small size of branch labels are left as is for now because removing `small` breaks alignment, and this is a cleanup PR
So, the only visual change is date sizes, other than that there's just styling code removed.
https://codeberg.org/attachments/d02f2771-8517-4b8b-9ac7-76b020f7b14e
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4065
Reviewed-by: Otto <otto@codeberg.org>
More details are in PR message.
Changes applied:
* replace `Err_Services` with more specific `Err_DisabledRegistration`
* highlight the self-registration option instead of services section
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4063
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
* disabled the button itself, but added the tooltip to the form, because it didn't work for the button and likely has something to do with JS
* added an integration test to verify the new logic
## Preview
|Signed in|Guest|
|-|-|
|![](/attachments/b1441565-6aec-4a72-a28f-6383914c8918)|![](/attachments/839cc58e-18cf-4a5d-a9d7-f0e3e2556c98)|
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4095
Reviewed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
This Fixes#3962 by adding `!important` to the margin of the heading in the rendered markdown.
In the current behaviour, the margin-top was always overridden by a global css-rule. This is prevented by this change.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4076
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
This PR introduces the `ReviewedOn` and `ReviewedBy` variables for the
default merge message templates (e.g.,
`.gitea/default_merge_message/MERGE_TEMPLATE.md`).
This allows customizing the default merge messages while retaining these
trailers.
This also moves the associated logic out of `pull.tmpl` into the
relevant Go function.
This is a first contribution towards #11077.
---
For illustration, this allows to recreate the "default default" merge
message with the following template:
```
.gitea/default_merge_message/MERGE_TEMPLATE.md
Merge pull request '${PullRequestTitle}' (${PullRequestReference}) from ${HeadBranch} into ${BaseBranch}
${ReviewedOn}
${ReviewedBy}
```
(cherry picked from commit da4bbc42477ba04d175cc0775a0c5ec90c4c24fe)
Conflicts:
docs/content/usage/merge-message-templates.en-us.md
not in Forgejo
templates/repo/issue/view_content/pull.tmpl
trivial context conflict
This solution implements a new config variable MAX_ROWS, which
corresponds to the “Maximum allowed rows to render CSV files. (0 for no
limit)” and rewrites the Render function for CSV files in markup module.
Now the render function only reads the file once, having MAX_FILE_SIZE+1
as a reader limit and MAX_ROWS as a row limit. When the file is larger
than MAX_FILE_SIZE or has more rows than MAX_ROWS, it only renders until
the limit, and displays a user-friendly warning informing that the
rendered data is not complete, in the user's language.
---
Previously, when a CSV file was larger than the limit, the render
function lost its function to render the code. There were also multiple
reads to the file, in order to determine its size and render or
pre-render.
The warning: ![image](https://s3.amazonaws.com/i.snag.gy/vcKh90.jpg)
(cherry picked from commit f7125ab61aaa02fd4c7ab0062a2dc9a57726e2ec)
Also convert a comment into a warning in the logs when the deletion of
an artifact cannot find the file in the destination storage.
The case were an error happens while deleting the file is not covered
as it would require to mock the storage.Copy function.
Change the copy to use `ActionsArtifact.StoragePath` instead of the
`ArtifactPath`. Skip artifacts that are expired, and don't error if the
file to copy does not exist.
---
When trying to migrate actions artifact storage from local to MinIO, we
encountered errors that prevented the process from completing
successfully:
* The migration tries to copy the files using the per-run
`ArtifactPath`, instead of the unique `StoragePath`.
* Artifacts that have been marked expired and had their files deleted
would throw an error
* Artifacts that are pending, but don't have a file uploaded yet will
throw an error.
This PR addresses these cases, and allow the process to complete
successfully.
(cherry picked from commit 8de8972baf5d82ff7b58ed77d78e8e1869e64eb5)
Adds a feature similar to this https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/ , by adding styles to elements which `src` or `href` attribute ends with `#light-mode-only` or `#dark-mode-only`. To improve compability, the github variants with the `gh-` prefix are also contained.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3985
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Uses `gopls check <files>` as a linter. Tested locally and brings up 149
errors currently for me. I don't think I want to fix them in this PR,
but I would like at least to get this analysis running on CI.
List of errors:
```
modules/indexer/code/indexer.go:181:11: impossible condition: nil != nil
routers/private/hook_post_receive.go:120:15: tautological condition: nil == nil
services/auth/source/oauth2/providers.go:185:9: tautological condition: nil == nil
services/convert/issue.go:216:11: tautological condition: non-nil != nil
tests/integration/git_test.go:332:9: impossible condition: nil != nil
services/migrations/migrate.go:179:24-43: unused parameter: ctx
services/repository/transfer.go:288:48-69: unused parameter: doer
tests/integration/api_repo_tags_test.go:75:41-61: unused parameter: session
tests/integration/git_test.go:696:64-74: unused parameter: baseBranch
tests/integration/gpg_git_test.go:265:27-39: unused parameter: t
tests/integration/gpg_git_test.go:284:23-29: unused parameter: tmpDir
tests/integration/gpg_git_test.go:284:31-35: unused parameter: name
tests/integration/gpg_git_test.go:284:37-42: unused parameter: email
```
(cherry picked from commit 816222243af523316041692622be6f48ef068693)
Conflicts:
Makefile
trivial context conflict and also ask renovate to watch over it
do not include it in lint-backend because the errors are not fixed
Using `.segment` on the project columns is a major abuse of that class,
so remove it and instead set the border-radius directly on it.
Fixes: https://github.com/go-gitea/gitea/issues/31129
(cherry picked from commit 4ca65fabdad75e39f9948b9a2a18e32edc98ec02)
Fixes issue when running `choco info pkgname` where `pkgname` is also a
substring of another package Id.
Relates to #31168
---
This might fix the issue linked, but I'd like to test it with more choco
commands before closing the issue in case I find other problems if
that's ok.
---------
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit c888c933a930ee2ba4e7bb0bf6678aaf45a9778a)
Use MockVariableValue to avoid undesirable side effects between tests
modifying global variables. TestToMessage relies
on *setting.MailService being set, which will not be the case if run
individually with test-sqlite#TestToMessage and fail.
Add option to override headers of mails, gitea send out
---
*Sponsored by Kithara Software GmbH*
(cherry picked from commit aace3bccc3290446637cac30b121b94b5d03075f)
Conflicts:
docs/content/administration/config-cheat-sheet.en-us.md
does not exist in Forgejo
services/mailer/mailer_test.go
trivial context conflict
Move the previous custom `tw-` classes to be defined in a tailwind
plugin. I think it's cleaner that way and I also verified double-class
works as expected:
<img width="299" alt="Screenshot 2024-05-30 at 19 06 24"
src="https://github.com/go-gitea/gitea/assets/115237/003cbc76-2013-46a0-9e27-63023fa7c7a4">
(cherry picked from commit 8c68c5e436805848197d98313e9ee77e8d540a83)
Move the rule to the parent node. `tab-size` is inherited so will work
just as before.
(cherry picked from commit 0f0db6a14fd10a493ba73f211e2e627c3884d114)
Resolves#31131.
It uses the the go-swagger `enum` property to document the activity
action types.
(cherry picked from commit cb27c438a82fec9f2476f6058bc5dcda2617aab5)
Currently the collapsed sections on the installation page have bad visibility, clickability and don't look good. This commit attempts to improve this. It is also worth noting that the amount of these sections might increase.
### Changes
* make custom style for these collapsible sections of the form. This is not a standard design to Forgejo, but we also don't have forms this large anywhere else, and it's fit in a few small CSS rules, so I think that's justified. I'm curious how it looks to others visually, good or bad.
* improve the positioning of the installation location hint.
* remove very rare occasion of dashed horizontal divider as this rule is no longer needed with the new borders. It was [added](c16ae1ab39 (diff-f8dad1e2c95a9e959d4688c763f3e02d1878c8e0)) just a month ago and had a visual bug with duplicated dividers.
### Preview
|Before|After|
|-|-|
|![](/attachments/c5360e33-1694-4e75-bedc-b24717172ee9)|![](/attachments/2363e1ac-b4cb-4d96-9b6a-4315c1bd6416)|
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4062
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This is a PR for #3616
Currently added a new optional config `SLOGAN` in ini file. When this config is set title page is modified in APP_NAME [ - SLOGAN]
Example in image below
![Selezione_075.png](/attachments/7a72171e-e730-4e57-8c97-ffc94258e00f)
Add the new config value in the admin settings page (readonly)
![Screenshot 2024-05-13 at 18-04-13 My Forgejo.png](/attachments/dad00fc2-29fa-4371-a7b9-5233eadeac13)
## TODO
* [x] Add the possibility to add the `SLOGAN` config from the installation form
* [ ] Update https://forgejo.org/docs/next/admin/config-cheat-sheet
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3752
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: mirko <mirko.perillo@gmail.com>
Co-committed-by: mirko <mirko.perillo@gmail.com>
We're stuck on an old version of golang deadcode. Renovate is confused by it's rename in https://codeberg.org/forgejo/forgejo/pulls/4043.
I don't remember how to use this tool to test it, let's see how the CI reacts to this PR.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4048
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
commit 1be80cfdbca10d5014cec904e96c7a390b338493
Merge: c01b10a593130981af64
Author: Earl Warren <earl-warren@noreply.codeberg.org>
Date: Thu Jun 6 06:36:34 2024 +0000
Merge pull request 'federated-star' (#1680) from meissa/forgejo:forgejo-federated-star into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1680
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
commit 130981af64
Merge: 62856e639ec01b10a593
Author: Earl Warren <earl-warren@noreply.codeberg.org>
Date: Thu Jun 6 06:07:34 2024 +0000
Merge branch 'forgejo' into forgejo-federated-star
commit 62856e639e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jun 6 07:26:28 2024 +0200
adjust field name
commit 81236bc9ef
Merge: c0b9ab20601b3ccfffe8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Jun 5 07:33:12 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit c0b9ab2060
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Jun 4 12:37:18 2024 +0200
Extend integration test for staring federated repo
commit 98939c4745
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 31 18:05:29 2024 +0200
remove no longer used doc
commit 17e3f6c6f3
Merge: 58b8f57d3ff887972348
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 31 18:03:19 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 58b8f57d3f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 09:20:39 2024 +0200
more lint
commit c3650cb2fe
Merge: 07e2708e3d73f6e8809a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 09:01:00 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 07e2708e3d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 08:59:32 2024 +0200
lint
commit e7580da130
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 08:58:19 2024 +0200
lint
commit 7b2309592c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 08:55:47 2024 +0200
remove unused
commit dadfb29ae9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 29 08:44:00 2024 +0200
relax validation
commit 26612aa75b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue May 28 15:37:53 2024 +0200
Add ToDo
commit fa5806cecf
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue May 28 15:37:41 2024 +0200
Use StatusSeeOther
commit 75c93e5319
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue May 28 12:54:49 2024 +0200
Update NewRepositoryID with case for following repo
commit 9c9333868c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue May 28 12:38:27 2024 +0200
Add todo
We currently validate RepositoryID uris to be a valid api address from our own server.
commit 69e79e50c2
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue May 28 12:36:34 2024 +0200
Lift test env prep one up
commit 72f2f35bd8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 28 08:57:03 2024 +0200
wip integration test
commit a133b6de31
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 28 08:53:19 2024 +0200
rename
commit 3d1586d9cb
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 27 08:20:43 2024 +0200
translation hast to be done in translation tool
commit 108971ddc8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 27 08:18:09 2024 +0200
add migration
commit 6ef691b8d7
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 16:34:11 2024 +0200
lint
commit a3c90e3085
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 13:27:37 2024 +0200
field no longer in use
commit 5ace6816ac
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 08:50:54 2024 +0200
remove todo - no change required
commit 64be24ed0c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 08:49:08 2024 +0200
Format & remove old todos
commit 30e2582f24
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 08:24:54 2024 +0200
mv doc to doc project
commit 2e72b5e05b
Merge: 4c87b0b3eeeea841d25d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 24 07:25:20 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 4c87b0b3ee
Merge: a1acc46c889c7ff70072
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 22 18:23:21 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit a1acc46c88
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 21 18:46:48 2024 +0200
make mocked user consistent
commit a62c2afcea
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue May 21 11:43:15 2024 +0200
Extended integration test
commit 07659a5e7e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 17 08:15:33 2024 +0200
rename fxct name
commit 86db5f612c
Merge: 307b27bbaa45a41811de
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu May 16 18:28:43 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 307b27bbaa
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu May 16 18:22:09 2024 +0200
choose a not local avail federated userid
commit a9c00d49da
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu May 16 10:55:17 2024 +0200
Set LowerName to name with lower case
commit 6457ace318
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu May 16 10:26:51 2024 +0200
Added migrations for User and FederatedUser
commit 1b3c4dcd85
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu May 16 10:06:13 2024 +0200
Extended AP like-repo integration test
commit 94be68725a
Merge: 08fe47d5c8fe3473fc8b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 15 09:35:02 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 08fe47d5c8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 14 07:48:00 2024 +0200
Do not relay on ID start at 1
commit 57a9729094
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 14:29:54 2024 +0200
linting
commit e55533d64d
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 14:15:36 2024 +0200
Added migration for creation of federation_host table
commit cf9953a612
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 12:28:31 2024 +0200
linting
commit c3fb34d5b4
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 12:00:16 2024 +0200
fixed some comments
commit 379b0234eb
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 12:00:02 2024 +0200
added test cases for federationhost
commit 8f42684599
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 11:24:50 2024 +0200
Renamed field of FederationHost
commit c4f9f8578a
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 13 11:14:04 2024 +0200
Introduced ErrNotValid
commit cb4690e570
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 13 07:45:37 2024 +0200
linting
commit 3cc48a5c9f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 10 17:44:26 2024 +0200
format
commit 3bf423c97f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 10 17:29:49 2024 +0200
assert, that federation-host is present.
commit 8d330fdb5d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 10 17:01:15 2024 +0200
Now we've an intergration test with second federation server
commit 0665c1252e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 10 16:25:54 2024 +0200
make start time more flexible
commit c4c03dab4b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 10 15:27:54 2024 +0200
on the way to test with second server
commit 8ec570841a
Merge: e122df36f899d1ae52fc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 7 17:49:26 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit e122df36f8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 7 17:47:35 2024 +0200
prepare for next pr
commit fdfc21a6b8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue May 7 07:38:20 2024 +0200
review results
commit 82fe1d3e42
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon May 6 16:01:23 2024 +0200
make fmt
commit a485837b9c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 6 08:52:25 2024 +0200
removed unused code
commit c70b8d28a3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 6 08:12:43 2024 +0200
linting
commit 8f298a9901
Merge: b99d66b5308c3511a8b3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon May 6 07:58:50 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit b99d66b530
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun May 5 18:04:12 2024 +0200
linting
commit 3a6dfadcd0
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun May 5 17:10:16 2024 +0200
linting
commit 510868731d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun May 5 16:58:15 2024 +0200
linting
commit 1a07db1a40
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun May 5 16:35:25 2024 +0200
omit linting next try
commit ca0a53bf5f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat May 4 17:58:54 2024 +0200
omit linting maybe?
commit ee71f86432
Merge: 957b1023e985f2727872
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 3 08:44:49 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 957b1023e9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri May 3 08:00:17 2024 +0200
refactoring: separaate model & module
commit 42837f5dab
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu May 2 08:56:36 2024 +0200
fix linting
commit ded7b60d0c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 15:46:15 2024 +0200
wix the invalid test
commit 534d692d68
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 15:46:03 2024 +0200
fix field names
commit 715ff0eb7f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 15:23:39 2024 +0200
remove unused & fix wording
commit 87036ec719
Merge: be6e6eb96abbec2e2960
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 15:02:36 2024 +0200
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit be6e6eb96a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 15:02:27 2024 +0200
refactor validation
commit bbec2e2960
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed May 1 14:53:42 2024 +0200
Fix test and add symmetry
This maybe was a mixup with TestActivityValidation.
We now test if the UnmarshalJSON actually threw an error.
commit 4b2802a6ba
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 14:39:23 2024 +0200
internal refactoring
commit 6c7cff4f16
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed May 1 14:39:09 2024 +0200
fix NPE
commit e9fed7a488
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Apr 29 20:13:37 2024 +0200
found NPE
commit 285e72e4e6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Apr 29 19:51:28 2024 +0200
found issue during test
commit a9a30fc212
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Apr 29 08:40:46 2024 +0200
remove resolved todo & integration test
commit 2f2330c450
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun Apr 28 13:52:51 2024 +0200
first integration test
commit 70ae102597
Merge: df2fd904b3d6c36ec406
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Apr 26 17:16:15 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit df2fd904b3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Apr 26 16:37:16 2024 +0200
drop some words on normalized uri as id
commit 37ed52cfd9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Apr 26 16:19:31 2024 +0200
start add NormalizedFederatedUri to user
commit f687f79ed0
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Apr 26 15:48:56 2024 +0200
start add NormalizedFederatedUri to user
commit b878e74f76
Merge: 71141a5ff337420442de
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 12 14:33:57 2024 +0200
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit 71141a5ff3
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 12 14:33:47 2024 +0200
WIP Refactoring and solving (adding) ToDos
commit fb1d0df791
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 12 14:29:32 2024 +0200
Also check for RepoID to be unique
commit f3e58f29b0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 12 14:24:38 2024 +0200
Pass unvalidated input to field
commit feca77b040
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 12 13:58:55 2024 +0200
Rename for clearer semantics
commit 37420442de
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Apr 12 13:52:26 2024 +0200
unify copyright comment
commit 94091cc144
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 16:38:49 2024 +0200
Don't use TEXT type
commit 6310e75d8d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 16:33:13 2024 +0200
Update todo
commit 075857f030
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 16:32:49 2024 +0200
Update docs
commit 19628b84c6
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 16:00:51 2024 +0200
use context
commit 80888b80d6
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 16:00:28 2024 +0200
Fix imports
commit af0d0f7745
Merge: bbcb8e70609d6389352d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 15:38:11 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit bbcb8e7060
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 14:21:51 2024 +0200
Bits of format
commit bb83a8d85e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 12:58:28 2024 +0200
make fmt
commit 0eb71098a2
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 12:53:56 2024 +0200
make tidy
commit e2c9653b33
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 12:47:26 2024 +0200
Update go version and protobuf deps
commit 2b9977d843
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 11:46:11 2024 +0200
Linting
commit 511ef0bf5b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 11:24:22 2024 +0200
Use federated staring func
commit 8579b7f7bb
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 11:21:57 2024 +0200
Use optional.Some
commit 97343470bc
Merge: 213fc3a97d21b1381e36
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 9 10:42:42 2024 +0200
Merge branch 'forgejo' into forgejo-federated-star
commit 213fc3a97d
Merge: c908455998765298814c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Apr 6 10:59:41 2024 +0200
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit c908455998
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Apr 6 10:59:36 2024 +0200
fix multiple federation in one host
commit 765298814c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 5 17:07:04 2024 +0200
Add ToDo
commit 33c60ebdff
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Apr 5 17:06:57 2024 +0200
Add logging
commit 41f066a1a6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Apr 4 18:33:08 2024 +0200
add notes for setup
commit 15bb774409
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Apr 4 18:05:55 2024 +0200
add relation details
commit 8d78c3edca
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Apr 4 15:12:41 2024 +0200
make fmt
commit b4e6a7ea3f
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Apr 4 15:09:40 2024 +0200
make lint-go-fix
commit 92d011f1a5
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Apr 4 15:08:02 2024 +0200
fix some linting issues
commit 976d79044f
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Apr 4 08:32:37 2024 +0200
show apapiurl in repo settings
commit 73cf1e3901
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Apr 4 07:22:04 2024 +0200
Revert "added repoUri to federationService"
This reverts commit 8cd89bf4d3.
commit 8cd89bf4d3
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Apr 3 15:39:37 2024 +0200
added repoUri to federationService
This does not work yet. APAPI url OR host and id have to be derived from repoUri.
commit 2b7a22afb3
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Apr 3 12:26:33 2024 +0200
renamed FederatedRepo to FollowingRepo
commit daccaed157
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Apr 3 12:08:44 2024 +0200
Rename federatedRepo to followingRepo
commit d240a9bc90
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Apr 3 10:25:40 2024 +0200
trim trailing semicolon
commit 5671566df6
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Apr 3 09:53:19 2024 +0200
adjust fed repo splitting
commit 7a142c876e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Apr 2 18:36:22 2024 +0200
remove federated user in case of user deletion
commit 5edf7d0e61
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Apr 2 17:33:32 2024 +0200
Also trim whitespaces within the list items
commit 431b4c2829
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Apr 2 12:38:06 2024 +0200
optimize function
commit 962cd374e2
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Apr 2 12:36:04 2024 +0200
delete federated repos when deleting repository
commit 8b56159042
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Apr 2 11:13:50 2024 +0200
prevent error when setting no fed repos
commit 9212fb1633
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Apr 2 09:03:49 2024 +0200
feedback from discussion
commit b747342672
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 16:08:29 2024 +0100
separate collecting activities from sending them
commit 2ad685fd2c
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Mar 28 15:41:43 2024 +0100
fix like target
commit e2b11b93bc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 15:21:40 2024 +0100
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit fc8e2b3f8a
Merge: 4d5c8b55637f19247b0a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 15:05:35 2024 +0100
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit 4d5c8b5563
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 15:00:55 2024 +0100
refactor services
commit 7f19247b0a
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Mar 28 14:27:50 2024 +0100
Moved sendLikeActivities to federation_service
commit 1ad7bdf983
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu Mar 28 09:36:08 2024 +0100
fixed tests
part1, one test still failing
commit d624ebb712
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 08:13:00 2024 +0100
use doer coming from api
commit 992fbf6898
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 28 07:44:22 2024 +0100
comments
commit 259c0202c7
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Mar 27 19:56:32 2024 +0100
fix test & add some review
commit 8eae48761f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Mar 27 19:26:55 2024 +0100
add some pictures
commit e75bcb2f89
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Mar 27 19:02:37 2024 +0100
rename file
commit 97b5e0da91
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Mar 27 16:20:33 2024 +0100
revise NewForgeLike
Also added new test, which still fails since time.Now() does not match
commit 911e916a4f
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Mar 27 11:33:00 2024 +0100
Added new blog post
commit a2a5956d79
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Mar 27 09:29:23 2024 +0100
Added context and choices to new adr
commit dd37e3a7b8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Mar 27 08:25:16 2024 +0100
wip
commit a950ba4631
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Mar 27 08:21:44 2024 +0100
prepare state of the month
commit 84f73d9db8
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 16:56:06 2024 +0100
Add ToDo
commit 01e9853161
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 16:54:55 2024 +0100
Add ToDo for storing federated repos
We need to check whether federated repos already exist in db. This way multiple repos on a server (forks) can have the same federated repos.
commit 45cddb4ac7
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 16:53:02 2024 +0100
Add logging
commit 436466dcad
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 16:21:28 2024 +0100
Check if federation enabled in StarRepo
commit e9bbdc678b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 16:21:09 2024 +0100
Not using object URL
commit 04f907c8c8
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 15:28:55 2024 +0100
Revert
commit 32d457f9a3
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 15:28:36 2024 +0100
StarRepo Wrapper
commit 0b8aa3105c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 15:28:11 2024 +0100
Create object manually
commit b2105de36f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 26 14:39:25 2024 +0100
SendLikeActivity to api
It might not be a good idea to start a possibly long lasting http call during a running DB transaction. I.E. in the case of failing transaction we already sent some data into the world which might not be valid.
commit bbe5096307
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Mar 26 14:02:30 2024 +0100
fixed circular dependencies
next: fix post call error
commit 7f0371056e
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Mar 26 10:23:14 2024 +0100
moved functionality
import of forgefed causes circular dependencies. This has to be solved!
commit d251fc2611
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Mar 26 08:28:22 2024 +0100
set federatedRepoList into context
commit cf8a30efac
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Mar 26 07:58:04 2024 +0100
mob-next: how to store port & schema
commit 5b8173f660
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Mar 26 07:36:09 2024 +0100
do not return invalid result
commit 6d814447d0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Mon Mar 25 16:52:39 2024 +0100
Use Plural
commit 653ced5596
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Mon Mar 25 16:47:18 2024 +0100
Validate before returning
commit 35d3fc199c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Mon Mar 25 16:35:35 2024 +0100
Rename to StoreFederatedRepo*
commit ca7d1c6f78
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Mon Mar 25 16:30:02 2024 +0100
Localize error messages
commit 828e7a76f6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Mar 25 09:15:32 2024 +0100
use new table to populate settings
commit a9d18e5327
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Mar 23 17:01:25 2024 +0100
fixed issues, store now works
commit ce317c33cb
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Mar 23 15:27:45 2024 +0100
fix context
commit 950dcd959e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 20:14:20 2024 +0100
implement storage of federated_repo
commit 6b767684a7
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Mar 22 17:51:20 2024 +0100
Add discussion ToDo
commit 0f27f0a05b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Mar 22 17:49:29 2024 +0100
Add discussion ToDo
commit 0f9d1c80be
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Mar 22 17:42:38 2024 +0100
Implement CreateFederatedRepoList
commit 36c0c1c3c1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Mar 22 17:41:59 2024 +0100
Add DB functionality for federated repos
commit 288dda282c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Mar 22 17:41:36 2024 +0100
Add more ToDos
commit 508b4deac8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 08:37:06 2024 +0100
add test & fix compile
commit 4938d38e39
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 08:08:54 2024 +0100
more review
commit 9ccad50b05
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 07:52:03 2024 +0100
review
commit 7316108d56
Merge: 7e355986f83e6eb255b3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 07:32:30 2024 +0100
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit 7e355986f8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 22 07:32:22 2024 +0100
fix wording
commit 3e6eb255b3
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 16:29:13 2024 +0100
WIP Initial, naive implementation of sending stars to fed repos
Currently no rate limits are respected
The mechanisms to use the Federated repo table need to be used
commit 0c6c43003c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 16:27:35 2024 +0100
Implement getting APAPIURL for repo and user
commit ed256ca540
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 16:27:08 2024 +0100
Implement NewForgeLike
commit 2e0584bdf3
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 15:37:37 2024 +0100
Clearer error message
"May" is also interchangeable with "could". "Should" fits better in this context.
commit 84f2aab570
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 14:42:38 2024 +0100
Add todo
commit 42a41ce2bc
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 14:42:16 2024 +0100
Remove todo
commit a02ec0363b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 14:42:04 2024 +0100
Add todo
commit e4242dafd9
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 14:41:11 2024 +0100
Add Function description
commit 689837b63a
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 12:59:59 2024 +0100
Fix typos
commit f327c0da24
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 12:18:29 2024 +0100
Cap max size of federated repo list at 2048 bytes
commit 6055b4fca0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Mar 21 11:42:12 2024 +0100
Add todo
commit b4bb41e0e3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Mar 21 08:25:40 2024 +0100
introduce federated repo
commit 3b30c678e7
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 16:22:35 2024 +0100
Remove ToDo
commit b6035c03ae
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 16:14:54 2024 +0100
Rephrasing for clearness
commit 2e803e10c0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 16:12:42 2024 +0100
Do not use binding at this stage
It wasn't clear how to utilize the "type" field in the .tmpl for our
purposes.
commit 13bf84e89e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 16:12:20 2024 +0100
Implent checking for list of repos
commit 3dda92b52b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 13:26:46 2024 +0100
Update Locales to reflect changes
commit ea4471d0db
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 13:22:56 2024 +0100
Remove ToDos
commit d1190423bb
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 13:21:17 2024 +0100
Implement single Repo validation and saving POC
commit 1cbd5e33cb
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 13:16:53 2024 +0100
Validate Federated Repos Field
Considering this from a POC perspective we might want to avoid misuse
of this field. In other words, we want this field to be used as
intended.
commit 584af0486d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Mar 20 13:13:23 2024 +0100
Add Federation specific URL validation
commit 41da150fb3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Mar 19 19:28:33 2024 +0100
add review comment
commit 84f236a58d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 15:30:56 2024 +0100
Add more todos
commit 884e38bdab
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 15:25:52 2024 +0100
WIP Implement proper saving of federated repo urls
Added ToDos where relevant
commit 9337274334
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 13:56:12 2024 +0100
Revert to input
commit abc7aa0972
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 13:53:00 2024 +0100
Display data on text area
commit 048ff5da11
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 13:52:14 2024 +0100
Fix typos
commit 4c1d12b2e4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 13:52:00 2024 +0100
Use textarea as we expect lots of input
commit 09cac163e0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 13:17:27 2024 +0100
Add a field for listing the federated repos
commit a6d45f8b97
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Mar 19 11:56:25 2024 +0100
Implement FederationEnabled function for templates
commit 26eb01b509
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Mar 19 10:25:20 2024 +0100
corr var label name
commit 3018769d26
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Mar 19 10:05:31 2024 +0100
Federation settigs :: set label name for internationalisation
commit 6901ae4b99
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Mar 19 08:29:57 2024 +0100
wip: found backend for settings update
commit 9dcdf8d828
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Mar 16 12:46:43 2024 +0100
Locales, field & action
commit fdcff3cc43
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Mar 8 18:25:37 2024 +0100
found the template for frontend
commit 93d7de147b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Mar 4 13:57:33 2024 +0100
adjust to new dev-model
commit e41fa653d9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Mar 4 13:43:16 2024 +0100
fix en name of score :-)
commit 0e73dfccbb
Merge: e2ca63ca38db2f896264
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 14 18:23:15 2024 +0100
Merge branch 'forgejo-federated-star' of codeberg.org:meissa/forgejo into forgejo-federated-star
commit e2ca63ca38
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 14 18:23:10 2024 +0100
Add Malicious Controlled Forge - kudos to gusted
commit db2f896264
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Tue Feb 13 11:09:31 2024 +0100
small fix by adding id as pk for FederatedUser
commit 086c66b06a
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon Feb 12 13:07:15 2024 +0100
make tidy
commit 2e41fe0a46
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Mon Feb 12 13:00:47 2024 +0100
fix import
commit d65cd5a17a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Feb 12 10:55:00 2024 +0100
ActorID gets source type from NodeInfo
commit 181d743a8a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Feb 12 10:14:29 2024 +0100
update copyright
commit 9662aee375
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Feb 12 10:14:16 2024 +0100
reflect hard fork
commit 6e6813a88b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 18:17:40 2024 +0100
make operatorid unique
commit 6d17f45986
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 17:56:17 2024 +0100
fix misspell
commit eecb9b8040
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 17:46:27 2024 +0100
fmt fix
commit 664144930e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 17:10:59 2024 +0100
result of lint-fix
commit 5fa62287d6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 17:00:21 2024 +0100
undo rebase conflicts
commit 3ef57385ec
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 16:44:03 2024 +0100
fix linting
commit 3b244d673b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 16:24:51 2024 +0100
small fixes
commit ac82486a95
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 15:31:58 2024 +0100
This months blog
commit 8917bfca0c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 15:12:49 2024 +0100
add a arch federation overview
commit 94937abc04
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 9 15:12:26 2024 +0100
Source is no longer needed - see adr-federated-star
commit b2cc848e7d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 15:31:02 2024 +0100
clean up aliases
commit e733809ef2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 15:16:37 2024 +0100
symetric handling for value/reference
commit d2d5e84977
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 15:16:02 2024 +0100
federated user is not entity - so no need for ID
commit 91f7541add
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 13:31:27 2024 +0100
refactor for semantic and cycle free deps
commit 66bc7a9a0c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 11:09:55 2024 +0100
Search federatedUser instead of loginName
commit e44be72251
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 8 09:56:49 2024 +0100
Add tx around user creation
commit edf7f61b83
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 7 17:11:43 2024 +0100
mv federated_user_creation to user package
commit e180467760
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Feb 7 16:42:40 2024 +0100
added user creation from ap
commit a702da69cc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 7 16:12:23 2024 +0100
added test for federated user
commit 67f3f66be4
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Feb 7 15:37:48 2024 +0100
Created FederatedUser
commit e477181e23
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Wed Feb 7 15:03:21 2024 +0100
fix typos
commit a1ca7e958a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 7 14:59:39 2024 +0100
use local fqdn for generated user email
commit 5a7f6f15a6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 7 14:30:17 2024 +0100
ensure federation info fqdn to lowercase
commit e05c810823
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Feb 7 13:52:25 2024 +0100
document usermapping chosen
commit e255f73731
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Feb 6 13:30:09 2024 +0100
make class diagram more accurate
commit 7db83688db
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Feb 6 12:45:33 2024 +0100
updated rebase process
commit ed99dfa993
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Feb 2 17:25:02 2024 +0100
new threats thx to gusted
commit 56660e3a0b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Feb 1 15:48:56 2024 +0100
add aspect resulting from our discussion
commit b02b8a307c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun Jan 28 12:48:44 2024 +0100
fix wording
commit c45e726383
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun Jan 28 12:43:56 2024 +0100
fix wording
commit 5ef823e3af
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 27 15:03:37 2024 +0100
adjust urls to changed username
commit a08e435a1e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 26 17:16:26 2024 +0100
updated rebase instructions
commit 6b14d1a562
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 26 16:13:55 2024 +0100
updated rebase instructions
commit 49b014f28f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 19 16:33:59 2024 +0100
add reply attack to blog
commit c58a995fb2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 19 16:26:16 2024 +0100
refactor FederationInfo -> FederationHost
commit e926ea16e2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 18 20:06:56 2024 +0100
improve english ..
commit e1f27a950c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 18 20:01:22 2024 +0100
improve english ..
commit 2c55c0252f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 18 19:48:36 2024 +0100
prepare discussion
commit 2b5360a000
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 18 19:20:15 2024 +0100
work on adr
commit a6b7cc8e70
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 18 19:20:02 2024 +0100
update needed modules
commit 0453598e3d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Jan 16 09:31:36 2024 +0100
add some todos
commit 48c6d62e47
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Jan 16 09:31:27 2024 +0100
blog: newest on top
commit c6981cdbf6
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Jan 16 08:28:12 2024 +0100
proposals for federatedPerson Mapping
commit e2291fec1e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Jan 15 08:12:40 2024 +0100
think about federated persons
commit 5a88eef78e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Jan 15 08:12:26 2024 +0100
Propose the current solution
commit 0ddc2db46a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun Jan 14 14:53:00 2024 +0100
mitigate Block by future StartTime
commit 1b35bd2911
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sun Jan 14 13:03:51 2024 +0100
lint fix
commit f25eab35fc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 13 17:16:43 2024 +0100
Update for new implementation
commit c4eb763f4a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 13 17:06:40 2024 +0100
lint fix
commit 9a9ac33766
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 13 16:22:49 2024 +0100
lint fix
commit ca5eaa8c6b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 13 16:08:12 2024 +0100
introduce FI Factory
commit dabd773f6b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Jan 13 14:17:11 2024 +0100
Fix error handling & add timestamp check
commit 40ec049013
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 12 18:12:22 2024 +0100
add the next todo
commit 7d30d14c76
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Fri Jan 12 17:49:07 2024 +0100
breaking struct adjustment
commit 1f989f2ecd
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Fri Jan 12 17:27:52 2024 +0100
Added FederationInfo Create function
commit 380d3db0bf
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 12 17:00:17 2024 +0100
integrate federation info in api call
commit 52400f7978
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Fri Jan 12 16:12:54 2024 +0100
Added FederationInfo get methods for repository
commit bbccc24ed1
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 12 15:34:34 2024 +0100
test federationinfo validation
commit 9c37272ee9
Author: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Fri Jan 12 14:57:22 2024 +0100
make validateNotEmpty more generic
commit c67be3b668
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 12 14:35:43 2024 +0100
start work on federationinfo
commit 8610d94af8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 12 14:33:52 2024 +0100
start work on federationinfo
commit 12558d62c8
Author: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri Jan 12 12:43:14 2024 +0100
Remove MaxConnsPerHost limit for outgoing connections
commit 87bfa79f71
Author: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri Jan 12 12:29:00 2024 +0100
Configure client against DOS
commit ecf391dcbf
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Jan 9 09:14:52 2024 +0100
add some user creation unittests
commit de2569618c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Jan 8 18:21:55 2024 +0100
fix: wmail should start with char
commit f0af660cf9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 18:19:46 2024 +0100
give names to threats
commit a8b132da80
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 17:43:18 2024 +0100
provide the next testing
commit 2d98b22604
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 17:11:20 2024 +0100
blog the next test release
commit 0fac86a384
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 16:42:57 2024 +0100
update to new star activity
commit 42eab2d304
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 12:03:36 2024 +0100
add test-release-branch
commit 680213b479
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 11:43:52 2024 +0100
translate scoring
commit 1fc1dda59d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 11:40:35 2024 +0100
Fix wording
commit b978642da0
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Jan 5 11:34:32 2024 +0100
improve sequence
commit fe9f26305f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 4 18:25:43 2024 +0100
update ThreatAnalysis for Like Aktivity
commit 6e46739090
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Jan 4 18:04:46 2024 +0100
validate person
commit 0505baab2b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Jan 3 18:52:41 2024 +0100
ad validation for like activity
commit 3ab2d9a449
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Jan 3 18:29:12 2024 +0100
rename star -> ForgeLike
commit 4473fb788a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Jan 3 18:10:24 2024 +0100
start refactoring star->like
commit 38438b592f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 18:09:27 2023 +0100
rebase conflicts to fix
commit f673dd1ca7
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 16:31:52 2023 +0100
source no longer needed
commit 084eed82a4
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 16:30:58 2023 +0100
use federate-repo users for our local test
commit b2a9b53041
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 15:54:13 2023 +0100
use nodeInfo.Source instead of startActivity.Source
commit 8116214727
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 15:48:45 2023 +0100
introduce nodeinfo
commit 587bd07372
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 15:48:31 2023 +0100
mv more fkt to http-client
commit 310d740cee
Author: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri Dec 29 12:10:07 2023 +0100
Start NodeInfo implementation
commit 3c2493902d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 29 09:43:10 2023 +0100
adjust to ugly linting
commit e704e5adcc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 22 15:10:21 2023 +0100
adjust to ugly linting
commit 1e40b814a1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 22 15:00:42 2023 +0100
Linting
commit 8585edc47a
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 22 14:52:10 2023 +0100
Linting
commit 7d78fb8adc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 22 14:47:34 2023 +0100
adjust to ugly linting
commit a64ce2feb1
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 22 14:20:30 2023 +0100
removed resolved todos
commit 2e031a9763
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 22 13:44:45 2023 +0100
WIP Generic IsValid for *Id structs
commit e69e5df089
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 22 13:42:07 2023 +0100
Assume validated url.URL for NewActorID
commit 6e4467d49d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 22 11:48:24 2023 +0100
experiment on generalization
commit 75cc5b900d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 22 10:19:01 2023 +0100
Add review todo
commit 1dd3084f66
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 21 15:01:49 2023 +0100
Split test according to actor.go
commit 48cfb521d1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 21 14:22:42 2023 +0100
Add suffix checking helper
commit c887bddb72
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 21 14:22:23 2023 +0100
Attempt generalization of Id creation
commit 15775ad891
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 21 14:21:47 2023 +0100
Fix import
commit 715afb2468
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 21 09:30:07 2023 +0100
Add newlines for readability
commit fff4c3f9fc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 20 20:12:31 2023 +0100
fix typo
commit 5317832fef
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 20 13:04:40 2023 +0100
odd one mor picture to the blog
commit 433a38699a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 20 12:55:28 2023 +0100
improve test description
commit 65e3f1d0ed
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 20 09:33:29 2023 +0100
update adr lining out a second option
commit 4d1492831d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 20 12:30:22 2023 +0100
Move char_limiter to utils and rename
commit afc9acd925
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 20 12:23:13 2023 +0100
Limit number of characters on body log
commit 3363b3bf0c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 20 12:22:03 2023 +0100
Validate response before further processing
commit 2f4b1a5cd4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 20 12:20:41 2023 +0100
Use id of existing repo for convenience
commit ff146a9430
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 20 11:27:44 2023 +0100
Add review todos
commit 071b47b8d0
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 19 12:26:55 2023 +0100
Catch edge case: remote user does not exist on remote repo
commit 0378b2dc7d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 19 10:55:30 2023 +0100
Add questions for review discussion
commit 8a8b6821ba
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 19 11:32:57 2023 +0100
Fix bash code block
commit 3327fbc39a
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 19 10:19:35 2023 +0100
Fix typos, small rewordings
commit bd640a7099
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Dec 19 09:21:23 2023 +0100
add some pros to the source field
commit 70fbfd6cf3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Dec 19 08:36:02 2023 +0100
reflect the discussion with kik
commit f636de050a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 16 18:47:39 2023 +0100
some improvements
commit bc7515fa31
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 16 18:45:14 2023 +0100
some improvements
commit f9bbb91f11
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 16 18:38:31 2023 +0100
expose instance for tests
commit 1704ac5bc2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 15 16:02:50 2023 +0100
fix most of the tests
commit 9e6c45f87d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 15 15:37:00 2023 +0100
make flows more precise
commit e1d7db178c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 15 14:45:20 2023 +0100
unify logging & minor improvements
commit 42854c9003
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 13 16:49:23 2023 +0100
remove global actionUser
commit a0c008b880
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 13 16:44:11 2023 +0100
cleand up user creation from ap
commit 6de8fba14d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 13 16:06:53 2023 +0100
minor refactorings
commit 44e10ed65a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 13 16:06:37 2023 +0100
get wo body
commit c2a42587d2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Dec 12 11:08:57 2023 +0100
remove panics - that is not a exception replacement
commit b27460d3fe
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Dec 12 11:04:03 2023 +0100
minor refactorings & reviews
commit e893618cdc
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Dec 11 08:14:18 2023 +0100
add more threats
commit 9633a2005a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 19:23:48 2023 +0100
add a sql injection threat
commit bad8e04c3c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 19:11:38 2023 +0100
cleanup & minor refactorings
commit 3172eb69d2
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 18:30:47 2023 +0100
introduce RepositoryId
commit 1fe35e14a5
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 14:53:40 2023 +0100
mv our actor code to forgefed
commit abdf56dde1
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 14:27:29 2023 +0100
move forgefed to models
commit 0b2cf2a55b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Sat Dec 9 14:26:49 2023 +0100
remov unused experiments
commit 184388015d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 20:51:54 2023 +0100
added more tests
commit b5a467e94d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 20:37:26 2023 +0100
remove unused & implement webfinger
commit 73a38ea0d1
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 19:52:09 2023 +0100
use new factory function
commit e8371ca94c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 19:43:49 2023 +0100
ActorId -> PersonId
commit 3151c8fe81
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 19:41:22 2023 +0100
make validate more compact
commit be4d3544ae
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 18:33:26 2023 +0100
Refactor ActorID -> ActorId
commit 7c86f13728
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 18:09:22 2023 +0100
make route more compact
commit afcc7f0def
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 18:08:54 2023 +0100
factory instead of parse & validate
commit 6fef54ed1c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 8 18:08:16 2023 +0100
there is a validation module
commit a10a9141f8
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 8 15:44:00 2023 +0100
Remove useless call to repo, add todos
commit 3c515c2614
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 8 11:54:07 2023 +0100
Add review todos
commit 22d71e6b30
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:53:37 2023 +0100
Update ToDo
commit afe659f9f4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:54:07 2023 +0100
Implement 5s waiting
commit 745598bba4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:24:01 2023 +0100
Implement starring
commit 976256bf3d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:21:26 2023 +0100
Refactor if conditional to switch, use split up functions
commit 75ee273f40
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:18:33 2023 +0100
Split user creation and saving user to db
commit 7f4667696f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 13:17:51 2023 +0100
Cleanup imports
commit 6ad52a6d67
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 12:03:42 2023 +0100
Update tests
commit 25d34e0c14
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 12:03:28 2023 +0100
Check for empty path in IRI
commit f84e0b27e1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 11:45:24 2023 +0100
Use ValidateAndParseIRI, pass this to ParseActorID
commit fa1acd1ebb
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 11:44:59 2023 +0100
Extract url string validation and parsing from ActorID parsing
commit 4d3ab4dda2
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 11:24:47 2023 +0100
Update Validate()
commit 39d4c8dd2d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 11:24:27 2023 +0100
Generalize validate_is_not_empty
commit 085db0c127
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 10:51:58 2023 +0100
Remove todo
commit 54ef78034e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 10:51:03 2023 +0100
Don't parse received repoID
commit e3defaa212
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 10:44:35 2023 +0100
Split getPersonByRest function
This leaves us with two easier to read functions, encapsulating
two different functionalities.
commit bdddde8b68
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Dec 7 10:42:05 2023 +0100
Fix erroneous param and deprecated --name
commit 28a290da10
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 6 18:32:26 2023 +0100
reviewed current work
commit 02dc8901af
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 16:14:50 2023 +0100
Fix tests
commit 68cd621053
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 16:14:39 2023 +0100
Test for empty string
commit d27cac5bae
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:56:26 2023 +0100
Move federated user creation to func
commit 01506f9836
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:50:38 2023 +0100
Clearer description
commit 77b6402e77
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:37:58 2023 +0100
Add missing error treatment
commit 946e5cf34c
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:37:14 2023 +0100
Remove typo in func
commit c0f1681fa3
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:16:01 2023 +0100
Allow parsing of repository-id too
commit 4f25e5057a
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:15:39 2023 +0100
Make the source an argument to the parser
commit 2fb893843b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 15:13:53 2023 +0100
Move getting person to own function
commit 6d143e74cf
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 13:36:26 2023 +0100
More clear distinction between sender and receiver of star
commit 52e950a492
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 13:06:30 2023 +0100
Check the path for empty strings
commit 65f7124c67
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 12:05:47 2023 +0100
Use u.Hostname() instead of u.Host
u.Host returns hostname:port.
commit 27c9db1027
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Dec 6 11:24:42 2023 +0100
Better function descriptions
commit 9b5d8bbeda
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Dec 6 09:07:09 2023 +0100
If we use user.loginname to store the actor.id we can search for local users earlier
commit ed1af14ceb
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 14:54:03 2023 +0100
Panic on error, use correct function names
commit 9dcbe0177e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 14:53:10 2023 +0100
Rename targe to remoteStargazer
commit de9e4dea61
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 14:52:33 2023 +0100
Update todos, remove comments
commit 68cc74d139
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 14:50:46 2023 +0100
Use actionsUser for creating http client
commit d65e5aa70e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 14:49:27 2023 +0100
Move helper functions to top
commit 1c145d9d68
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Dec 5 12:19:22 2023 +0100
WIP: fit generateUUIDMail for testing purposes
commit 11e93784fe
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Dec 5 11:46:11 2023 +0100
WIP: log Info User created
commit a20f535211
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Dec 5 11:38:36 2023 +0100
WIP: pwdgen, username
commit 85e09a7ada
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Dec 5 10:37:51 2023 +0100
WIP: Generate User if not exists
commit 94880d64f4
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Dec 5 09:26:03 2023 +0100
higlight the need for id normalization
commit 231bdb65b8
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Dec 1 17:06:39 2023 +0100
searching for the local person
commit edd7fb77fd
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 1 15:07:13 2023 +0100
WIP create user if not exists
commit 159f3dc3aa
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Nov 30 17:41:08 2023 +0100
describe the current state
commit 41e12d09ef
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Dec 1 11:56:12 2023 +0100
WIP create User from person
commit c8456d57ff
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 30 16:10:26 2023 +0100
Add thoughts on user creation
commit c61be31c72
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 30 16:04:26 2023 +0100
Remove redundant person implementation
commit 22ba03ae4d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 30 16:01:20 2023 +0100
Don't use redundant implementation of person
commit b00b5fa7af
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 30 16:00:39 2023 +0100
Add some thoughts on repo testing
commit eab016e896
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Nov 29 09:21:54 2023 +0100
add threat analyses
commit a8d5e7ba77
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 15:45:04 2023 +0100
Fix typos and format
commit d43c4ba739
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 15:34:02 2023 +0100
Use person generation
commit 9f016d3673
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 15:33:22 2023 +0100
Move to extra var
commit 7071117864
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 15:32:15 2023 +0100
Implement Person creation
commit fde8de4f90
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 13:26:35 2023 +0100
Rename to ParseActorIDFromStarActivity
commit 2c4089ba1d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 13:24:59 2023 +0100
Add star json with links to lokalhost
commit ede86df685
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 29 11:46:24 2023 +0100
Remove todo
commit 7529b9da91
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 15:17:59 2023 +0100
Note ToDos for setting up useful tests
commit e60d89cb67
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 15:17:34 2023 +0100
Use correct target for get request
commit 0388240039
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 13:03:45 2023 +0100
WIP Use non generated HTTP client
commit 4b490802d7
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 13:03:07 2023 +0100
Test creation of client only
commit 61afc65377
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 10:55:53 2023 +0100
Implement Get method on Client struct
commit 56d11bbff4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 28 10:55:18 2023 +0100
Don't hardcode method in NewRequest function
commit 8a53331283
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 14:01:32 2023 +0100
Add ToDo
commit 93d79646de
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 13:56:53 2023 +0100
Fix api url
commit 9568eab62a
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 13:23:03 2023 +0100
Fix tests
commit 6284355e1e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 12:51:36 2023 +0100
Remove redundant ValidateStar and err check, call coorect function
commit 43ac3ddca9
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 12:50:15 2023 +0100
Remove star validation as it happens in actor validation now
commit 566b3bc459
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 12:49:36 2023 +0100
Parse Actor from star activity, Update function declaration order
commit 3a938b6c3f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 12:48:14 2023 +0100
Use and validate source in ActorID struct
commit 546ce50337
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 11:40:12 2023 +0100
Use PanicIfInvalid in repository.go
commit 9566e9bc5d
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 11:38:01 2023 +0100
Change tests to use IsValid method
commit fccf5c37ca
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 11:37:29 2023 +0100
Add IsValid and PanicIfInvalid methods for ActorID
commit 8300d3fbde
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 24 09:55:47 2023 +0100
Add ToDos from code review
commit 34c511ae98
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 17:04:58 2023 +0100
Use data from actor, improve formatting
commit aee2ee2596
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 17:04:22 2023 +0100
Also log error on person creation
commit 91baf2be32
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 17:03:24 2023 +0100
Add get functions for userId and HostAndPort
commit 92c089a4e2
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 17:02:54 2023 +0100
Add a test for getting host and port
commit 863b340622
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 17:02:36 2023 +0100
Update dev notes with create repo curl cmd
commit 8657f70960
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 14:50:32 2023 +0100
Add todo
commit 5efce01f6f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 23 14:17:35 2023 +0100
Make test messages consistent
commit ad8adc880f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 16:40:28 2023 +0100
Create easier to read tests for parser and validator
commit 62eae6564f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 16:40:03 2023 +0100
Fix bug in validation
commit d205c50a43
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 16:08:14 2023 +0100
Implement generic validation on ActorID
commit 7b5d13a625
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 15:27:44 2023 +0100
Split check for schema and host
commit 3d2b5115ad
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 15:25:43 2023 +0100
Implement and use Validatable interface
commit 235ed7cd1e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 22 13:28:13 2023 +0100
Rename to actorID
commit 5e111f14ef
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 17:20:36 2023 +0100
use the swagger-api
commit 109dbd7d75
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 17:20:22 2023 +0100
swager generated api
commit 07bd30cf20
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 17:19:53 2023 +0100
exosy has moved this package to service
commit 604f0a2477
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 17:19:08 2023 +0100
swagger client generation
commit 9e74de829e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 13:38:20 2023 +0100
swagger client generation
commit bc1ff23b23
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 10:49:01 2023 +0100
swagger client generation
commit d81647b36e
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 10:37:47 2023 +0100
wip: swagger client generation
commit a954c9764f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 10:10:28 2023 +0100
wip: swagger client generation
commit fbff67f11a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 10:10:04 2023 +0100
add some more todos
commit 5c998a5c46
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 17 08:22:27 2023 +0100
add comment
commit 5729cee3e5
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 16:04:50 2023 +0100
Move test to model/activitypub
commit 7193c0bd9b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 16:03:05 2023 +0100
WIP test for parsing the actor
commit 0c367070af
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 15:06:41 2023 +0100
Call validate star
commit b1f3706575
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 15:02:59 2023 +0100
Introduce validation against source
commit 78fc75135f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 15:02:20 2023 +0100
Rename to ActorData
commit 09058c13c5
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 14:53:54 2023 +0100
Rename to actor
commit 91dcd59e68
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 14:50:01 2023 +0100
Import parser from model and call validation
commit 273ca49e22
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 16 14:49:05 2023 +0100
Validate on ActorData independently and move to model
commit e44321221e
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 15:07:23 2023 +0100
WIP: Add test for parser
commit ad65976677
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 14:27:47 2023 +0100
Reorder functions
commit d52bb4bf8f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 12:31:16 2023 +0100
Remove newline from error string
commit b869d91dc1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 12:29:17 2023 +0100
Parse Actor URL
commit 7541251d63
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 12:28:26 2023 +0100
Correct API urls
commit 9fa8d19cf4
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 12:10:31 2023 +0100
Fix typo
commit d10c1094d9
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Nov 15 09:23:03 2023 +0100
add some pseudocode
commit ab92891091
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 08:59:55 2023 +0100
Use actor
commit b085ce37a6
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Wed Nov 15 08:53:02 2023 +0100
Review
commit d7abff31f6
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 15:29:13 2023 +0100
Add ToDos
commit d2b464582f
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 15:29:00 2023 +0100
Add ToDo
commit e18e90f8df
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 15:28:38 2023 +0100
Add fieldname and type
commit f48b4d1f55
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 15:27:32 2023 +0100
Get Activity field from star
commit e8013250b8
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 14:56:16 2023 +0100
Add question
commit 7790e98f47
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Tue Nov 14 14:53:47 2023 +0100
Remove unused funcs and structs
commit 51cb9aded0
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Nov 15 09:08:17 2023 +0100
generate ap-person client
commit 14c74f27cb
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 17:00:08 2023 +0100
tests are now working
commit d28ea1a30b
Author: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri Nov 10 16:43:44 2023 +0100
Start implementing UnmarshalJSON for Star
commit 43014ca473
Author: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri Nov 10 16:08:15 2023 +0100
Implement MarshallJSON for Star activity
commit a1885a5767
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 15:13:26 2023 +0100
star: test first
commit 1044e44ee5
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 14:51:33 2023 +0100
we got a parsed actor
commit b08580280a
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 14:37:36 2023 +0100
np in case of unauthenticated user
commit 6c1ec05458
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 14:37:00 2023 +0100
extract the relevant app.ini parts
commit 460e2fb644
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 10 14:10:23 2023 +0100
prepare next steps
commit 5b01517c12
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 10 14:26:13 2023 +0100
Get data from form
commit e846e8225b
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Fri Nov 10 14:06:17 2023 +0100
Update dev-notes
commit a1e9783cec
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Nov 9 21:59:51 2023 +0100
expose star activity to swagger
commit d7dfdca8b9
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 9 15:38:55 2023 +0100
WIP Add star to swagger
commit 17dfc7bdc1
Author: erik <erik.seiert@meissa-gmbh.de>
Date: Thu Nov 9 14:24:19 2023 +0100
Clearer wording, fix typos
commit 07cf963af3
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Thu Nov 9 21:54:17 2023 +0100
expose star activity to swagger
commit dc1a82bf4c
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Wed Nov 8 08:56:22 2023 +0100
use star as swagger model
commit 18f4c514ec
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Nov 7 18:01:52 2023 +0100
add one more step to rebase procedure
commit 46fb4fec8f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Nov 7 09:30:32 2023 +0100
add star activity & bind to swagger
commit ff5a4405fd
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 18:29:48 2023 +0100
introduce repo from exosy
commit 157effdd8f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 18:29:24 2023 +0100
adjust star activity example
commit a0efbf7d72
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 09:27:41 2023 +0100
improve git-setup-doc
commit 1f80e99857
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 09:12:09 2023 +0100
improve git-setup-doc
commit cde603dd0e
Author: Mirco <mirco.zachmann@meissa.de>
Date: Fri Nov 3 17:58:47 2023 +0100
improve git sync procedure
commit 7195141805
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 08:50:36 2023 +0100
wip: lets define the post input more close
commit 6587b6d62b
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Nov 6 08:49:58 2023 +0100
log who is doing the inbox post
commit 4e1e65e14f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 3 17:45:53 2023 +0100
log repository under activity
commit fe6f625923
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 3 17:45:21 2023 +0100
temp deactivate security
commit b7082b7e98
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Nov 3 17:05:48 2023 +0100
improve rebase procedure
commit 87324d1553
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 20:14:52 2023 +0200
ctx action should no be good enough
commit 0d5702e501
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 20:13:51 2023 +0200
fill in some minimal information to an actor
commit 6ceb1d2040
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 20:13:24 2023 +0200
add f3 dep
commit 0572725204
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 14:33:14 2023 +0200
add some rought branch sync description
commit fe2a3d86d4
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 14:10:13 2023 +0200
get repo now works somehow
commit da7a38b03d
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 13:24:05 2023 +0200
enable federation
commit 64abf87fb0
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 12:12:31 2023 +0200
added some logs
commit 3dbcf34a16
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 27 11:50:39 2023 +0200
share dev notes
commit 511ab65df4
Author: Mirco <mirco.zachmann@meissa.de>
Date: Tue Oct 24 10:34:53 2023 +0200
Fix syntax error, unexpected new line
commit 154be0a637
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue Oct 24 09:10:31 2023 +0200
wip: compile one step further
commit 317b7fac8f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Mon Oct 23 17:16:38 2023 +0200
wip: load repo to ctx
commit 643681663f
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 20 16:27:55 2023 +0200
add activity sequence
commit 68318f2632
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 20 16:12:37 2023 +0200
considerations about star activity
commit d4f507a223
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 20 15:45:12 2023 +0200
remove unused imports
commit a87cbda165
Author: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri Oct 20 15:16:04 2023 +0200
add repository actor
It is not possible to tell vulncheck that Forgejo is not affected by
CVE-2024-0406. Use a mirror of the repository to do that.
Refs: https://github.com/mholt/archiver/issues/404
This PR adds some fields to the gitea webhook payload that
[openproject](https://www.openproject.org/) expects to exists in order
to process the webhooks.
These fields do exists in Github's webhook payload so adding them makes
Gitea's native webhook more compatible towards Github's.
These changes were missed when cherry-picking the following
c9d0e63c202827756c637d9ca7bbde685c1984b7 Remove unnecessary "Str2html" modifier from templates (#29319)
Fixes: https://codeberg.org/forgejo/forgejo/issues/3623
There is no need to pin the patch release for the build
environment. They are backward compatible and it prevents security
upgrades to be taken into account.
The avatar must not be unset in the database if there is a failure to
remove the avatar file from storage (file or S3). The two operations
are wrapped in a transaction for that purpose and this test verifies
it is effective.
See 1be797faba Fix bug on avatar
Renovate tried to update redis/go-redis, but failed because they changes
the interface, they added two new functions: `BitFieldRO` and
`ObjectFreq`.
Changes:
- Update redis/go-redis
- Run mockgen:
```
mockgen -package mock -destination ./modules/queue/mock/redisuniversalclient.go github.com/redis/go-redis/v9 UniversalClient
```
References:
- https://codeberg.org/forgejo/forgejo/pulls/4009
This updates the mapping definition of the elasticsearch issue indexer backend to use `long` instead of `integer`s wherever the go type is a `int64`. Without it larger instances could run into an issue.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3982
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
The row of buttons on the org view is pretty bad on mobile, as it doesn't leave enough space for the org name. My recent PR 3642 made it worse. I added a mitigation to allow buttons to go to an other row, so that the layout is usable on mobile. It is still non-ideal as it will continue going out of bounds on small screens, but is much better.
## Preview
[Old preview](/attachments/1e280a77-533c-41b5-954d-b336f1b72186)
![](/attachments/4a2c45e2-7da8-4d87-afb7-7c281e14c756)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3949
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
The right to force merge is uses the wrong predicate and
applies to instance admins:
ctx.user.IsAdmin
It must apply to repository admins and use the following predicate:
ctx.userPerm.IsAdmin()
This regression is from the ApplyToAdmins implementation in
79b7089360.
Fixes: https://codeberg.org/forgejo/forgejo/issues/3780
(cherry picked from commit 5c1b550e00e9460078e00c41a32d206b260ef482)
Conflicts:
tests/integration/git_push_test.go
trivial context conflict because of
2ac3dcbd43 test: hook post-receive for sha256 repos
Previously, all posters were updated, even if they were not part of
posterMaps. In that case, a ghost user was erroneously inserted.
Fixes#31213.
(cherry picked from commit 3cc7f763c3c22ae4c3b5331f8b72b7009c5b11ea)
Fix#31172
The original order or the default order should not be ignored even if we
have an is_deleted order.
(cherry picked from commit 1137a0357eb1e35a046e86a7277594154d0f6c85)
fixes#22907
Tested:
- [x] issue content edit
- [x] issue content change tasklist
- [x] pull request content edit
- [x] pull request change tasklist
![issue-content-edit](https://github.com/go-gitea/gitea/assets/29250154/a0828889-fb96-4bc4-8600-da92e3205812)
(cherry picked from commit aa92b13164e84c26be91153b6022220ce0a27720)
Conflicts:
models/issues/comment.go
c7a389f2b2 [FEAT] allow setting the update date on issues and comments
options/locale/locale_en-US.ini
trivial context conflicts
routers/api/v1/repo/issue_comment.go
routers/api/v1/repo/issue_comment_attachment.go
services/issue/comments.go
services/issue/content.go
user blocking is implemented differently in Forgejo
routers/web/repo/issue.go
trivial difference from 6a0750177f Allow to save empty comment
user blocking is implemented differently in Forgejo
templates/repo/issue/view_content/conversation.tmpl
templates changed a lot in Forgejo but the change is
trivially ported
tests/integration/issue_test.go
other tests were added in the same region
web_src/js/features/repo-issue-edit.js
the code is still web_src/js/features/repo-legacy.js
trivially ported
It is fine to use MockVariableValue to change a setting such as:
defer test.MockVariableValue(&setting.Mirror.Enabled, true)()
But when testing for errors and mocking a function, multiple variants
of the functions will be used, not just one. MockProtect a function
will make sure that when the test fails it always restores a sane
version of the function. For instance:
defer test.MockProtect(&mirror_service.AddPushMirrorRemote)()
mirror_service.AddPushMirrorRemote = mockOne
do some tests that may fail
mirror_service.AddPushMirrorRemote = mockTwo
do more tests that may fail
- rewrite a lot of hints on install page
- make sure checkboxes don't hide useful information behind hover
This is good for compactness but makes first-time installation more painful than it should be. BTW, this was inherited from Gogs.
- update related translation keys (will require Weblate sync to merge)
- make sure string locations in en-US.ini make sense. Unfortunately, makes viewing changes harder, but I've attached screenshots
## Preview
![](https://codeberg.org/attachments/b0d26013-5fd9-495c-b4c0-7919f9f6fbf4)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3961
Reviewed-by: Otto <otto@codeberg.org>
We wanted to be able to use the IAM role provided by the EC2 instance
metadata in order to access S3 via the Minio configuration. To do this,
a new credentials chain is added that will check the following locations
for credentials when an access key is not provided. In priority order,
they are:
1. MINIO_ prefixed environment variables
2. AWS_ prefixed environment variables
3. a minio credentials file
4. an aws credentials file
5. EC2 instance metadata
(cherry picked from commit c0880e7695346997c6a93f05cd01634cb3ad03ee)
Conflicts:
docs/content/administration/config-cheat-sheet.en-us.md
does not exist in Forgejo
This PR split the `Board` into two parts. One is the struct has been
renamed to `Column` and the second we have a `Template Type`.
But to make it easier to review, this PR will not change the database
schemas, they are just renames. The database schema changes could be in
future PRs.
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 98751108b11dc748cc99230ca0fc1acfdf2c8929)
Conflicts:
docs/content/administration/config-cheat-sheet.en-us.md
docs/content/index.en-us.md
docs/content/installation/comparison.en-us.md
docs/content/usage/permissions.en-us.md
non existent files
options/locale/locale_en-US.ini
routers/web/web.go
templates/repo/header.tmpl
templates/repo/settings/options.tmpl
trivial context conflicts
Fix#25897Fix#30322#29464 cannot handle some complex `if` conditions correctly because it
only checks `always()` literally. In fact, it's not easy to evaluate the
`if` condition on the Gitea side because evaluating it requires a series
of contexts. But act_runner is able to evaluate the `if` condition
before running the job (for more information, see
[`gitea/act`](517d11c671/pkg/runner/run_context.go (L739-L753)))
. So we can use act_runner to check the `if` condition.
In this PR, how to handle a blocked job depends on its `needs` and `if`:
- If not all jobs in `needs` completed successfully and the job's `if`
is empty, set the job status to `StatusSkipped`
- In other cases, the job status will be set to `StatusWaiting`, and
then act_runner will check the `if` condition and run the job if the
condition is met
(cherry picked from commit 31a0c4dfb4156a7b4d856cceae1e61c7fc1a4a1b)
This exception existed for both instance admins and repo admins
before ApplyToAdmins was introduced in
79b7089360.
It should have been kept for instance admins only because they are not
subject to permission checks.
Verify variations of branch protection that are in play when merging a
pull request as:
* instance admin
* repository admin / owner
* user with write permissions on the repository
In all cases the result is expected to be the same when merging
the pull request via:
* API
* web
Although the implementations are different.
* split into testPullMergeForm which can be called directly if
the caller wants to specify extra parameters.
* testPullMergeForm can expect something different than StatusOK
* http.StatusMethodNotAllowed can be expected: only retry if the
error message is "Please try again later"
* split into doAPIMergePullRequestForm which can be called directly if
the caller wants to specify extra parameters.
- make sure margins are all consistent and good, elements are not too close or too apart
- this also applies to "Show commit body" button
- remove unused code. The class `commit-status-link` doesn't exist in templates, nor I could find it on any related pages in case it's generated in runtime
## Preview
![](/attachments/9cf6d73a-8132-4f30-8094-5687d7dd98e9)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3948
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Use the same padding horizontally and vertically, so the views like readme look a bit nicer. Just slightly adjusted two values, nothing really test-able here.
## Motivation
I came to the conclusion that they should be the same myself, later I checked GitHub and it turned out to also use the same paddings. I would like to notice that the padding here (2em = 32px) is the same as GitHub uses too.
I find this as a logical UI change because the paddings are usually same on both axis across the UI (like on PR sidebar).
Also updated paddings for when the files are shown in profile, but copied the `1.5em` that GitHub uses. This, once again, makes sense, because the overview markdown isn't the primary content, or as primary as the readme on the repo is, taking the full usable width.
## Preview
https://codeberg.org/attachments/55f6685c-1978-410a-a17b-9fac91f0642e
---
https://codeberg.org/attachments/d9016a1c-13cf-4ea6-a8e4-2619d93f3560
## Note
`.non-diff-file-content .plain-text` is left untouched with `1em 2em`, because the plaintext seems to add it's own margins, so it would make it look worse.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3944
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Remove CSS code that was made unused by some changes in Gitea. I was working on a layout change here but was bothered a bit by these. I dug a bit into the git history to find out how they were made unused but it's relatively uneasy.
- remove rule that was setting `width: 100%;`: the exactly same selector setting this exact value is duplicated below
- remove rules with `followers` in selectors: we don't use this class in templates (would be nice if someone double-checks)
- my editor forced EoF fix
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3937
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
When performing migrations, and need to remap external users to local
ones, when no local mapping is possible, map the external user to Ghost,
rather than the user who initiated the migration.
Mapping the external user to the migration initiator has the potential
of breaking assumptions elsewhere, like only having one review per pull
request per user. Mapping these migrated, locally unavailable users to
Ghost makes sure these - often hidden - assumptions do not break.
Fixes#3860.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When installing Forgejo via the on-line installer, force
DisableRegistration to true, to discourage creating instances with open
registration. Because open registration requires constant vigil to fight
off spammers of all kinds, it is not a great default. It should be a
conscious decision. This change is made in an effort to make the choice
of running an instance with open registration a conscious choice, rather
than simply the default.
Partially addresses #3925.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Having an instance with open registration requires work, otherwise it
will be overrun by spammers of all kinds. Yet, the setting to disable
open registration on the installation page is hidden behind "optional
settings", a place hardly anyone ever looks.
To improve the situation, lift the setting out of that, and place it
more prominently, just above the update checker setting.
Partially addresses #3925.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Following gitea#28981, set `X-Forgejo-Sender` and `X-Forgejo-Recipient`
to the username of the respective users, rather than their display name.
The username is more appropriate for these headers, for filtering
purposes. The display name is already included in the From header.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Cherry-pick of 2ced31e81d adapted to Forgejo releases UI.
Percentage-based `border-radius` [creates undesirable
ellipse](https://jsfiddle.net/silverwind/j9ko5wnt/4/) on non-square
content. Instead, use pixel value and use same wording `full` like
tailwind does, but increast to 99999px over their 9999px.
(cherry picked from commit 2ced31e81dd9e45659660c1abff529d0192fd8ed)
These are some slight design changes to how usercards are presented.
- `margin`: removed one of the sides so the margins are the same in both axis
- `margin`: increased from 10px to 15px
Previously it was (Y, X) = (20, 10); now it's (15, 15)
- `width`: slightly decreased so that the point, where too small screen width causes card relocation to another row, doesn't increase
- `padding`: this change does nothing visually. `padding-bottom` was useless because padding was already set for all sides by another rule `.ui.segment {padding: 1em};`. This change just ensures that padding stays the same for all sides even if `.ui.segment` changes, instead of causing inconsistency
- `margin-bottom`: added as an override to margin caused by `display: flex`. From my research, usually there's `25px` gap between the content and the pagination. It was `39px` here, now it's `25px` too
### Before
![image](/attachments/0ebf6f44-6b27-4d4d-8856-77568291518c)
### After
![image](/attachments/1e0a3d95-ac49-4d10-8e00-86cc041d4338)
I can't show the distance between the content and the pagination, but the change does work when applying via devtools on https://codeberg.org/forgejo/forgejo/stars.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3915
Reviewed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
It was premature to try to use them, try again later.
https://codeberg.org/forgejo-integration/forgejo/actions/runs/2147
github.com/docker/buildx v0.14.1 59582a88fca7858dbe1886fd1556b2a0d79e43a3
::endgroup::
[command]/usr/bin/docker buildx build --build-arg RELEASE_VERSION=8.0-test --file Dockerfile --iidfile /tmp/docker-actions-toolkit-UzuWxS/iidfile --platform linux/amd64,linux/arm64,linux/arm/v6 --tag codeberg.org/***/forgejo:8.0-test --metadata-file /tmp/docker-actions-toolkit-UzuWxS/metadata-file --push .
------
> [linux/arm/v6 internal] load metadata for code.forgejo.org/oci/golang:1.22-alpine3.20:
------
Dockerfile:3
--------------------
1 | FROM --platform=$BUILDPLATFORM docker.io/tonistiigi/xx AS xx
2 |
3 | >>> FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.22-alpine3.20 as build-env
4 |
5 | ARG GOPROXY
--------------------
Dockerfile:1
--------------------
1 | >>> FROM --platform=$BUILDPLATFORM docker.io/tonistiigi/xx AS xx
2 |
3 | FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.22-alpine3.20 as build-env
--------------------
Dockerfile:54
--------------------
52 | RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
53 |
54 | >>> FROM code.forgejo.org/oci/golang:1.22-alpine3.20
55 | ARG RELEASE_VERSION
56 | LABEL maintainer="contact@forgejo.org" \
--------------------
ERROR: failed to solve: code.forgejo.org/oci/golang:1.22-alpine3.20: failed to resolve source metadata for code.forgejo.org/oci/golang:1.22-alpine3.20: no match for platform in manifest: not found
::error::buildx failed with: ERROR: failed to solve: code.forgejo.org/oci/golang:1.22-alpine3.20: failed to resolve source metadata for code.forgejo.org/oci/golang:1.22-alpine3.20: no match for platform in manifest: not found
Syncs up docs associated to actions and deleted branch cleanup i.e. in
custom/app.example.ini and the config cheat sheet.
(cherry picked from commit c9eac519961ecd5d0e1d6ee856ab532e8c16c65d)
Conflicts:
docs/content/administration/config-cheat-sheet.en-us.md
docs do not exist here in Forgejo
To try it you need **nix** installed `nix-daemon ` running and your user
has to be member of the **nix-users** group. Or use NixOS.
then by just:
```sh
nix develop -c $SHELL
```
a dedicated development environment with all needed packages will be
created.
(cherry picked from commit de6f0488a67ad65bd2ac40356b08a78a365414cd)
Do not try to create a new authorization grant when one exists already,
thus preventing a DB-related authorization issue.
Fix https://github.com/go-gitea/gitea/pull/30790#issuecomment-2118812426
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 9c8c9ff6d10b35de8d2d7eae0fc2646ad9bbe94a)
Replace #25741Close#24445Close#30658Close#20646
~Depends on #30805~
Since #25741 has been rewritten totally, to make the contribution
easier, I will continue the work in this PR. Thanks @6543
---------
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit c6cf96d31d80ab79d370a6192fd761b4443daec2)
Conflicts:
tests/integration/editor_test.go
trivial context conflict because of 75ce1e2ac1 [GITEA] Allow user to select email for file operations in Web UI
tests/integration/pull_merge_test.go
trivial context conflicts in imports because more tests were added in Forgejo
From
https://github.com/go-gitea/gitea/issues/31018#issuecomment-2119622680.
This commit removes the link to a deleted branch name because it returns
a 404 while it is in this deleted state. GitHub also throws a 404 when
navigating to a branch link that was just deleted, but this deleted
branch is removed from the branch list after a page refresh. Since with
Gitea this deleted branch would be kept around for quite some time
(well, until the "cleanup deleted branches" cron job begins), it makes
sense to not have this as a link that users can navigate to.
(cherry picked from commit 1007ce764ea80b48120b796175d7d1210cbb6f74)
Remove "EncodeSha1", it shouldn't be used as a general purpose hasher
(just like we have removed "EncodeMD5" in #28622)
Rewrite the "time-limited code" related code and write better tests, the
old code doesn't seem quite right.
(cherry picked from commit fb1ad920b769799aa1287441289d15477d9878c5)
Conflicts:
modules/git/utils_test.go
trivial context conflict because sha256 testing in Forgejo has diverged
Fix#30992
(cherry picked from commit 47accfebbd69e5f47d1b97a3e39cf181fab7e597)
Conflicts:
models/unit/unit.go
trivial context conflict because of
e07b0e75ff Add a direct link from repo header to unit settings
When creating a repo, the "FORCE_PRIVATE" config option should be
respected, `readonly` doesn't work for checkbox, so it should use
`disabled` attribute.
(cherry picked from commit edbf74c418061b013a5855f604dd6be6baf34132)
Conflicts:
templates/repo/create.tmpl
templates/repo/migrate/codebase.tmpl
templates/repo/migrate/git.tmpl
templates/repo/migrate/gitbucket.tmpl
templates/repo/migrate/gitea.tmpl
templates/repo/migrate/github.tmpl
templates/repo/migrate/gitlab.tmpl
templates/repo/migrate/gogs.tmpl
templates/repo/migrate/onedev.tmpl
already in forgejo fc0c5e80da Fix and improve repo visibility checkbox when FORCE_PRIVATE is on (#3786)
enforcing FORCE_PRIVATE on repo settings was manually tested
with a repository of an unprivileged user after setting
FORCE_PRIVATE = true
Mostly cap fixes and a few improvements.
As for `activity.active_prs_count_`, it currently looks like this in the UI, I fixed it:
![image](/attachments/5d2dc089-519e-4655-8f8b-f78964ff179a)
Although I'm also the person who [introduced](4c1af0d9a6) the inconsistency.
`send_reset_mail` is a button, removed redundant word from it. It would be good to refactor such keys, but it will be an impossibly long process. Anyway, key refactors are done in separate PRs for easier merges.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3912
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
the test file used has a size below the default threshold and will
never be compressed because of that, regardless of its extension. Reduce
the threshold to 10 bytes otherwise the test is a false positive.
regression from 767e9634d3. It changed
the parsing of the [admin] section from being derived from the content
of each key with mustMapSetting(rootCfg, "admin", &Admin) to
explicitly listing all keys in the code.
SEND_NOTIFICATION_EMAIL_ON_NEW_USER was not added and therefore
ignored. As a consequence notifications of newly registered users were
never sent.
There is no need to pin a specific patch version for testing. The
worst that can happen in this context is that the CI fails and it can
be addressed in this context. It will not impact releases.
This adds a new test case to `TestCompareCodeExpand` to exercise the
case where we're viewing a PR's diff.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When comparing files between the base repo and forked repo, the "blob
excerpt" link should point to the forked repo, because the commit
doesn't exist in base repo.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit f48cc501c46a2d34eb701561f01d888d689d60d5)
Conflicts:
- templates/repo/diff/section_split.tmpl
- templates/repo/diff/section_unified.tmpl
Resolved the conflict by picking Gitea's change over ours, and
porting it.
- tests/integration/compare_test.go
Kept our test, but picked the "compare all of the relevant
links" part of the Gitea test.
PR will finalize the ability to receive a federated star from a remote instance.
This is part of: https://codeberg.org/forgejo/forgejo/pulls/1680
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3871
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Summary:
- Move existing test under a `testify` Suite as `baseRedisWithServerTestSuite`
- Those tests require real redis server.
- Add `go.uber.org/mock/mockgen@latest` as dependency
- as a tool (Makefile).
- in the `go.mod` file.
- Mock redis client lives under a `mock` directory under the queue module.
- That mock module has an extra hand-written mock in-memory redis-like struct.
- Add tests using the mock redis client.
- Changed the logic around queue provider creation.
- Now the `getNewQueue` returns a Queue provider directly, not an init
function to create it.
The whole Queue module is close to impossible to test properly because
everything is private, everything goes through a struct route. Because
of that, we can't test for example what keys are used for given queue.
To overcome this, as a first step I removed one step from that hard
route by allowing custom calls to create new queue provider. To achieve
this, I moved the creation logic into the `getNewQueue` (previously it
was `getNewQueueFn`). That changes nothing on that side, everything goes
as before, except the `newXXX` call happens directly in that function
and not outside that.
That made it possible to add extra provider specific parameters to those
function (`newXXX`). For example a client on redis. Calling it through
the `getNewQueue` function, it gets `nil`.
- If the provided client is not `nil`, it will use that instead of the
connection string.
- If it's `nil` (default behaviour), it creates a new redis client as it
did before, no changes to that.
The rest of the provider code is unchanged. All these changes were
required to make it possible to generate mock clients for providers and
use them.
For the tests, the existing two test cases are good with redis server,
and they need some extra helpers, for example to start a new redis
server if required, or waiting on a redis server to be ready to use.
These helpers are only required for test cases using real redis server.
For better isolation, moved existing test under a testify Suite, and
moved them into a new test file called `base_redis_with_server_test.go`
because, well they test the code with server. These tests do exactly the
same as before, calling the same sub-tests the same way as before, the
only change is the structure of the test (remove repetition, scope
server related helper functions).
Finally, we can create unit tests without redis server. The main focus of
this group of tests are higher level overview of operations. With the
mock redis client we can set up expectations about used queue names,
received values, return value to simulate faulty state.
These new unit test functions don't test all functionality, at least
it's not aimed for it now. It's more about the possibility of doing that
and add extra tests around parts we couldn't test before, for example
key.
What extra features can test the new unit test group:
- What is the received key for given queue? For example using `prefix`,
or if all the `SXxx` calls are expected to use `queue_unique` if
it's a unique queue.
- If it's not a unique queue, no `SXxx` functions are called, because
those sets are used only to check if a value is unique or not.
- `HasItem` return `false` always if it's a non-unique queue.
- All functions are called exactly `N` times, and we don't have any
unexpected calls to redis from the code.
Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
This PR ports [gitea#30858](https://github.com/go-gitea/gitea/pull/30858) / [this commit](5c236bd4c0) to forgejo.
[week 2024-20 cherry pick](https://codeberg.org/forgejo/forgejo/pulls/3729)
## Tests
- [ ] Click "edit" to get into edit mode, change the title and then use Alt+Enter to save the title
## Screenshots
Before:
![grafik](/attachments/bb0b2562-7da0-4205-a647-3270d66f2ad7)
![grafik](/attachments/c3d05a21-659d-4616-b357-87de57232182)
After:
![grafik](/attachments/d9af6966-3282-439b-a845-76618a24b9a6)
![grafik](/attachments/5acd6684-69c4-41a4-8e27-7cb75fe3c7e4)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3797
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Hello,
It is more idiomatic to put the date/time before the action in Mandarin (in this context). To achieve this, instead of having the time following the string that's passed to the translating function, I added it as a parameter so that one can reference it and reorder the sentence for better translatability.
Only Traditional Chinese has been changed at the time of opening this PR, as this is more of a proof of concept and I would like to have feedbacks on whether this is a good solution or is there a better alternative.
Thank you and have a nice day :)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3837
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Léana 江 <leana.jiang+git@icloud.com>
Co-committed-by: Léana 江 <leana.jiang+git@icloud.com>
Just a small actualization of a string key. I don't think we have any more replaceable `gitea` in the locales at the moment.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3822
Reviewed-by: Otto <otto@codeberg.org>
For security reasons, scoping access to a redis server via ACL rules is
a good practice. Some parts of the codebase handles prefix like cache[^1]
and session[^2], but the queue module doesn't.
This patch adds this missing functionality to the queue module.
Note about relevant test:
I tried to keep the PR as small as possible (and reasonable), and not
change how the test runs. Updated the existing test to use the same
redis address and basically duplicated the test with the extra flag. It
does NOT test if the keys are correct, it ensures only it works as
expected. To make assertions about the keys, the whole test has to be
updated as the general wrapper doesn't allow the main test to check
anything provider (redis) specific property. That's not something I
wanted to take on now.
[^1]: e4c3c039be/modules/cache/cache_redis.go (L139-L150)
[^2]: e4c3c039be/modules/session/redis.go (L122-L129)
Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3836
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Victoria Nadasdi <victoria@efertone.me>
Co-committed-by: Victoria Nadasdi <victoria@efertone.me>
Previously, if no branch was explicitly specified for a workflow, it
defaulted to the default branch of the repo. This worked fine for
workflows that were triggered on push, but it prevented showing badges
for workflows that only run on tags, or on schedule - since they do not
run on a specific branch.
Thus, relax the conditions, and if no branch is specified, just return
the latest run of the given workflow. If one is specified, *then*
restrict it to said branch.
Fixes#3487.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Current package registry for RubyGems does not work with Bundler, because it implements neither the [compact index](https://guides.rubygems.org/rubygems-org-compact-index-api/) or the [dependency API](https://guides.rubygems.org/rubygems-org-api/). As a result, bundler complains about finding non-existing dependencies when installing anything with dependency: `revealed dependencies not in the API or the lockfile`.
This patch provides a minimal implementation for the compact index API to solve this issue. Specifically, we implemented a version that does not cache the results / do incremental updates; which is consistent with the current implementation.
Testing:
* Modified existing integration tests.
* Manually Verified bundler is able to parse the served versions / info file.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3811
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Haoyuan (Bill) Xing <me@hoppinglife.com>
Co-committed-by: Haoyuan (Bill) Xing <me@hoppinglife.com>
There is no activities_model.Action* when sending a review comment,
this is deadcode and should be removed. Or a new event should be added
to differentiate it from a regular comment when evaluating templates.
Fix#30923
(cherry picked from commit effb405cae88474c27f5c8322a2627019af1cf64)
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Conflicts:
- modules/setting/oauth2.go
Conflicted due to different ways of logging. Since the log
message is removed anyway, resolved by removing it.
- modules/setting/oauth2_test.go
Manually copied the test added by Gitea.
- routers/install/install.go
Not a conflict per se, but adjusted to use NewJwtSecret().
The `errorCode` and `warningCode` options were removed at some point,
they are not recognized by golangci-lint any more at least and they do
not match their published json schema. `confidence` and
`ignore-generated-header` are at the default value so does not need to
be configured.
https://golangci-lint.run/usage/linters/#revive
(cherry picked from commit 028992429a2e14de39c9bb028637948e446d23ad)
The double quotes and the prefix/suffix space are unnecessary.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 5b6f80989fbd0574ca188ab683389ff7659de30d)
Fixes#30959
Adds an API test for protected tags.
Fix existing tag in combination with fixtures.
(cherry picked from commit b1d8f13bd0ecd9c576ebf2ecbd9c7dbeb3f5254f)
Resolve#30917
Make the APIs for adding labels and replacing labels support both label
IDs and label names so the
[`actions/labeler`](https://github.com/actions/labeler) action can work
in Gitea.
<img width="600px"
src="https://github.com/go-gitea/gitea/assets/15528715/7835c771-f637-4c57-9ce5-e4fbf56fa0d3"
/>
(cherry picked from commit b3beaed147466739de0c24fd80206b5af8b71617)
Conflicts:
- modules/structs/issue_label.go
Resolved by applying the Gitea change by hand.
- tests/integration/api_issue_label_test.go
Resolved by copying the new tests.
This commit changes the code that deletes a runner so it updates the UUID before deleting the record. The new UUID is set to 8 0xff bytes followed by a little endian version of the record's numeric ID. Such UUIDs cannot be created from tokens when registering runners, as the first 16 bytes of the token are in the `[0-9a-f]` range. This should prevent deleted runners from colliding with new records if the tokens share the same first 16 characters.
It is a possible solution to issue #3828
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3830
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Emmanuel BENOÎT <tseeker@nocternity.net>
Co-committed-by: Emmanuel BENOÎT <tseeker@nocternity.net>
Fix#3638
This is a manual Forgejo-specific version of the Gitea PR https://github.com/go-gitea/gitea/pull/30862. The weekly Forgejo PR #3772 could not cherry-pick this commit due to conflicts (eg subsequent CodeSpell changes).
Only occurs with Webkit in Safari over eg `http://192..`. (not localhost).
See https://webkit.org/blog/10855/async-clipboard-api/
---
**Before**
![Before.jpg](/attachments/c570d030-fcce-48ea-ac96-06b624541c7b)
**After**
![After.jpg](/attachments/1a9132ab-f7f3-43a5-b3ea-37b6f2b671c4)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3805
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: David Davies-Payne <d2p@me.com>
Co-committed-by: David Davies-Payne <d2p@me.com>
One part of https://codeberg.org/forgejo/forgejo/pulls/3316, though it may have a little more files touched because I re-created the changes.
> Removed HTML `<title>` part in `<head>` that was present inconsistently in these emails. It doesn't appear to be used by other websites. After all, these are emails, not webpages.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3810
Reviewed-by: Otto <otto@codeberg.org>
This was [implemented](022820103d) almost 10 years ago in Gogs.
It was using `readonly` attribute instead of `disabled` on checkbox which was doing nothing. According to [MDN](https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/readonly), `readonly` attribute is not applicable to checkbox inputs. This bug was reported by mrwusel in Matrix room.
Fork page that has similar UI feature did not have this bug.
- replace `readonly` with `disabled`
- do not put info about the restriction directly into the checkbox title
### Before
![image](/attachments/6adaf1a3-6e28-416a-ac85-aa6e570e438d)
### After
![image](/attachments/3590b02b-3c83-4864-bae8-ff1a6a56b2b0)
### In other case
![image](/attachments/7f49d84d-5b3a-43a1-b09c-fb6089c1fb5e)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3786
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Enable
[`declaration-block-no-redundant-longhand-properties`](https://stylelint.io/user-guide/rules/declaration-block-no-redundant-longhand-properties/)
and autofix issues. The exclusions are because I find these two
shorthands to be harder to read.
(cherry picked from commit 46b7004f050bd2fdaf9800794cf2c1e9eeb08d51)
Signed-off-by: Beowulf <beowulf@beocode.eu>
When expanding code diffs, the expansion should search for more context
in the commits repo, rather than in the repo in context, because the
commit may not be available in the base repo. For example, when
previewing a pull request, the commit is not in the target repo yet -
it's in the fork.
Fixes#3746.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
replace reply with forgejos forked version
If plain text is selected as the message format in e.g. Apple Mail, the inline attachments are no longer at the end of the mail, but instead directly where they are in the mail. When parsing the mail, these inline attachments are replaced by "--". The new reply version no longer cuts the text at the first "--".
Tests for this are present in reply (7dc5750c6d).
Fixes https://codeberg.org/forgejo/forgejo/issues/3496#issuecomment-1798416
---
Additionally, I reduced the allocations for the inline attachments.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3747
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
This text can have different forms in other languages depending on context.
The commit also contains a change to .editorconfig to prevent EoF changes when mass-replacing strings, as that causes unintentional merge conflicts with Weblate.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3739
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This is not the usual Weblate PR. I did not reset Weblate after squash-merging https://codeberg.org/forgejo/forgejo/pulls/3637, so Weblate failed to rebase and locked. These are manually cherry-picked commits that Weblate produced after that PR was merged. We need to squash-merge them too before resetting Weblate, so the new translations don't get lost.
Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Co-authored-by: Cwpute <Cwpute@users.noreply.translate.codeberg.org>
Co-authored-by: Mylloon <Mylloon@users.noreply.translate.codeberg.org>
Co-authored-by: leana8959 <leana8959@users.noreply.translate.codeberg.org>
Co-authored-by: owofied <furry@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3748
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
In
801792e4dc Rename Str2html to SanitizeHTML and clarify its behavior (followup)
the replacement was incorrect because
c9d0e63c20 Remove unnecessary "Str2html" modifier from templates
was not applied and Str2html should have not been present in the first
place.
Fixes: https://codeberg.org/forgejo/forgejo/issues/3554
- general English improvements
- separated the header of Language part in user settings into a new string for better translatability
- made that header contain "Default", just like the theme one, because this is how this actually works: the bottom selector saves the language temporarily, the selector in the settings saves it permanently. Not many users know about this difference. This clarification will help some
- removed some of "Manage" from the headers where they aren't really needed. This improves the consistency with some other headers
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3733
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Merging PR may fail because of various problems. The pull request may
have a dirty state because there is no transaction when merging a pull
request. ref
https://github.com/go-gitea/gitea/pull/25741#issuecomment-2074126393
This PR moves all database update operations to post-receive handler for
merging a pull request and having a database transaction. That means if
database operations fail, then the git merging will fail, the git client
will get a fail result.
There are already many tests for pull request merging, so we don't need
to add a new one.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ebf0c969403d91ed80745ff5bd7dfbdb08174fc7)
Conflicts:
modules/private/hook.go
routers/private/hook_post_receive.go
trivial conflicts because
263a716cb5 * Performance optimization for git push (#30104)
was not cherry-picked and because of
998a431747 Do not update PRs based on events that happened before they existed
When a user logout and then login another user, the reverseproxy auth
should be checked before session otherwise the old user is still login.
(cherry picked from commit 26ae5922348d2dbaf2161bbd6ac79b2aa455e5f0)
Fix#30872
We will assume the database is consistent before executing the
migration. So the indexes should exist. Removing `IF EXIST` then is safe
enough.
---------
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 40de54ece82356b161cdb9cc224ed9004af8ae5d)
Conflicts:
models/migrations/v1_22/v286.go
MSSQL is not supported in Forgejo
Forbid
[deprecated](https://drafts.csswg.org/css-text-3/#word-break-property)
`break-word` and fix all occurences.
Regarding `overflow-wrap: break-word` vs `overflow-wrap: anywhere`:
Example of difference: https://jsfiddle.net/silverwind/1va6972r/
[Here](https://stackoverflow.com/questions/77651244) it says:
> The differences between normal, break-word and anywhere are only clear
if you are using width: min-content on the element containing the text,
and you also set a max-width. A pretty rare scenario.
I don't think this difference will make any practical impact as we are
not hitting this rare scenario.
(cherry picked from commit 5556782ebeb1ca4d17e2fff434b11651887b9899)
It's time (maybe somewhat late) to remove some deprecated stuff for the
runner.
- `x-runner-version`: runners needn't to report version in every
request, they will call `Declare`.
- `AgentLabels`: runners will report them as `Labels`.
(cherry picked from commit b9396a9b852e4fea0e2c39ef3ef2fdfbc9ea248a)
Conflicts:
routers/api/actions/runner/interceptor.go
trivial conflict because
e80466f734 Resolve lint for unused parameter and unnecessary type arguments (#30750)
was not cherry-picked
Fix#30521
we should sync branches first, then detect default branch, or
`git_model.FindBranchNames` will always return empty list, and the
detection will be wrong.
(cherry picked from commit e94723f2de7d9bf12d870f5ce9ffb291a99ba090)
Conflicts:
services/repository/adopt.go
trivial conflict because
e80466f734 Resolve lint for unused parameter and unnecessary type arguments (#30750)
was not cherry-picked
https://github.com/go-gitea/gitea/pull/25812#issuecomment-2099833692
Follow #30573
(cherry picked from commit f7d2f695a4c57b245830a526e77fa62e99e00254)
Conflicts:
services/pull/check.go
trivial conflict because
9b2536b78fdcd3cf444a2f54857d9871e153858f Update misspell to 0.5.1 and add `misspellings.csv` (#30573)
was not cherry-picked
The previous implementation will start multiple POST requests from the
frontend when moving a column and another bug is moving the default
column will never be remembered in fact.
- [x] This PR will allow the default column to move to a non-first
position
- [x] And it also uses one request instead of multiple requests when
moving the columns
- [x] Use a star instead of a pin as the icon for setting the default
column action
- [x] Inserted new column will be append to the end
- [x] Fix#30701 the newly added issue will be append to the end of the
default column
- [x] Fix when deleting a column, all issues in it will be displayed
from UI but database records exist.
- [x] Add a limitation for columns in a project to 20. So the sorting
will not be overflow because it's int8.
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a303c973e0264dab45a787c4afa200e183e0d953)
Conflicts:
routers/web/web.go
e91733468ef726fc9365aa4820cdd5f2ddfdaa23 Add missing database transaction for new issue (#29490) was not cherry-picked
services/issue/issue.go
fe6792dff3 Enable/disable owner and repo projects independently (#28805) was not cherry-picked
Before this patch, we were using `Date` getter/setter methods that
worked with local time to get a list of Sundays that are in the range of
some start date and end date. The problem with this was that the Sundays
are in Unix epoch time and when we changed the "startDate" argument that
was passed to make sure it is on a Sunday, this change would be
reflected when we convert it to Unix epoch time. More specifically, I
observed that we may get different Unix epochs depending on your
timezone when the returned list should rather be timezone-agnostic.
This led to issues in US timezones that caused the contributor, code
frequency, and recent commit charts to not show any chart data. This fix
resolves this by using getter/setter methods that work with UTC since it
isn't dependent on timezones.
Fixes#30851.
---------
Co-authored-by: Sam Fisher <fisher@3echelon.local>
(cherry picked from commit 22c7b3a74459833b86783e84d4708c8934d34e58)
When rendering templates for packages, be more forgiving about missing
metadata. For some repository types - like maven - metadata is uploaded
separately. If that upload fails, or does not happen, there will be no
metadata.
In that case, Forgejo should handle it gracefully, and render as much of
the information as possible, without erroring out. Rendering without
metadata allows one to delete a partial package, while if we throw
errors, that becomes a whole lot harder.
This patch adjusts the generic metadata template, and also the maven
template. There may be more cases of the same problem lying around.
Fixes#3663.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Regression of #29920Fixes: #30569
Also this is a rewriting to eliminate the remaining jQuery usages from code.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit d0e07083559180b124a08359fcc72f9ef695e723)
Conflicts:
- web_src/js/features/repo-common.js
Conflict resolved in favour of Gitea.
Fix#29514
There are too many usage of `NewRequestWithValues`, so there's no need
to check all of them.
Just one is enough I think.
(cherry picked from commit ecd1d96f494d2400f7659165ff9376354edda395)
Conflicts:
- tests/integration/api_admin_test.go
Conflict resolved by manually applying the change to
`full_name`.
Before explaining the fix itself, lets look at the `action` table, and
how it is populated. Data is only ever inserted into it via
`activities_model.NotifyWatchers`, which will:
- Insert a row for each activity with `UserID` set to the acting user's
ID - this is the original activity, and is always inserted if anything
is to be inserted at all.
- It will insert a copy of each activity with the `UserID` set to the
repo's owner, if the owner is an Organization, and isn't the acting
user.
- It will insert a copy of each activity for every watcher of the repo,
as long as the watcher in question has read permission to the repo
unit the activity is about.
This means that if a repository belongs to an organizations, for most
activities, it will have at least two rows in the table. For
repositories watched by people other than their owner, an additional row
for each watcher.
These are useful duplicates, because they record which activities are
relevant for a particular user. However, for cases where we wish to see
the activities that happen around a repository, without limiting the
results to a particular user, we're *not* interested in the duplicates
stored for the watchers and the org. We only need the originals.
And this is what this change does: it introduces an additional option to
`GetFeedsOptions`: `OnlyPerformedByActor`. When this option is set,
`activities.GetFeeds()` will only return the original activities, where
the user id and the acting user id are the same. As these are *always*
inserted, we're not missing out on any activities. We're just getting
rid of the duplicates. As this is an additional `AND` condition, it can
never introduce items that would not have been included in the result
set before, it can only reduce, not extend.
These duplicates were only affecting call sites where `RequestedRepo`
was set, but `RequestedUser` and `RequestedTeam` were not. Both of those
call sites were updated to set `OnlyPerformedByActor`. As a result,
repository RSS feeds, and the `/repos/{owner}/{repo}/activities/feeds`
API end points no longer return dupes, only the original activities.
Rather than hardcoding this behaviour into `GetFeeds()` itself, I chose
to implement it as an explicit option, for the sake of clarity.
FixesCodeberg/Community#684, and addresses gitea#20986.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
More about codespell: https://github.com/codespell-project/codespell .
I personally introduced it to dozens if not hundreds of projects already and so far only positive feedback.
```
❯ grep lint-spell Makefile
@echo " - lint-spell lint spelling"
@echo " - lint-spell-fix lint spelling and fix issues"
lint: lint-frontend lint-backend lint-spell
lint-fix: lint-frontend-fix lint-backend-fix lint-spell-fix
.PHONY: lint-spell
lint-spell: lint-codespell
.PHONY: lint-spell-fix
lint-spell-fix: lint-codespell-fix
❯ git grep lint- -- .forgejo/
.forgejo/workflows/testing.yml: - run: make --always-make -j$(nproc) lint-backend checks-backend # ensure the "go-licenses" make target runs
.forgejo/workflows/testing.yml: - run: make lint-frontend
```
so how would you like me to invoke `lint-codespell` on CI? (without that would be IMHO very suboptimal and let typos sneak in)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3270
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Yaroslav Halchenko <debian@onerussian.com>
Co-committed-by: Yaroslav Halchenko <debian@onerussian.com>
This fixes `initRepoPullRequestAllowMaintainerEdit()` to submit the form correctly (as a web form, rather than as JSON payload).
Fixes#3618, cherry picked from gitea#30854.
Co-Authored-By: wxiaoguang <wxiaoguang@gmail.com>
---
Manual testing steps:
- Open a PR against any repository, with the "Allow edits from maintainers" option checked.
- Open the developer console (`Ctrl-Shift-I` on Firefox), and look at the Network tab.
- Visit the PR, find the "Allow edits from maintainers" checkbox, and click it.
- See the developer console, and check that the response says the setting is false.
- Refresh the page *completely* (`Ctrl-Shift-R` on Firefox)
- Observe that the setting is off.
- Click the box again to enable it.
- See the developer console, and check that the response says the setting is true.
- Reload without cache again (`Ctrl-Shift-R` on Firefox)
- Observe that the setting is now on.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3675
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Co-committed-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Make a pass to have a full inventory of JavaScript dependencies that
can be automerged because they only have an impact on the CI. It is
easier than to examine them one by one when an update is proposed.
- add packages:test which indirectly includes packages:jsUnitTest and
a number of test dependencies such as vitest
- add prefixes for dependencies which are known to be exclusively
used for testing (playwright, ...)
- add modules
Refs: https://docs.renovatebot.com/presets-packages
there are no tests but since Gitea uses @v1 since last month and Gitea
maintainers rely on make watch, it is safe to assume that upgrading is
not broken. Switching to v1 would require less scrutiny on the
upgrades. Even if there is breakage, it can be fixed with minimal
impact on the developer workflow.
- add a new button to the org view that is only shown to the org members
- add integration test to verify the expected navigatability
- add a new translation string to that button
- fix display style of "View <orgname>" button on the dashboard
- fix gap size between buttons on the org view by utilizing the common class top-right-buttons
We should be listing all repositories by default.
Fixes#28483.
(cherry picked from commit 9f0ef3621a3b63ccbe93f302a446b67dc54ad725)
Conflict:
- if ctx.IsSigned && ctx.Doer.IsAdmin || permission.UnitAccessMode(unit_model.TypeCode) >= perm.AccessModeRead {
+ if ctx.IsSigned && ctx.Doer.IsAdmin || permission.HasAccess() {
because of https://codeberg.org/forgejo/forgejo/pulls/2001
Fix#30807
reuse functions in services
(cherry picked from commit a50026e2f30897904704895362da0fb12c7e5b26)
Conflicts:
models/issues/issue_update.go
routers/api/v1/repo/issue.go
trivial context conflict because of 'allow setting the update date on issues and comments'
Just merge actions.go file to action.go
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
(cherry picked from commit e67fbe4f15cdc544f6bec975de6560556724f098)
This commit forces the resource owner (user) to always approve OAuth 2.0
authorization requests if the client is public (e.g. native
applications).
As detailed in [RFC 6749 Section 10.2](https://www.rfc-editor.org/rfc/rfc6749.html#section-10.2),
> The authorization server SHOULD NOT process repeated authorization
requests automatically (without active resource owner interaction)
without authenticating the client or relying on other measures to ensure
that the repeated request comes from the original client and not an
impersonator.
With the implementation prior to this patch, attackers with access to
the redirect URI (e.g., the loopback interface for
`git-credential-oauth`) can get access to the user account without any
user interaction if they can redirect the user to the
`/login/oauth/authorize` endpoint somehow (e.g., with `xdg-open` on
Linux).
Fixes#25061.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 5c542ca94caa3587329167cfe9e949357ca15cf1)
Before, we would just throw 500 if a user passes an attachment that is
not an allowed type. This commit catches this error and throws a 422
instead since this should be considered a validation error.
(cherry picked from commit 872caa17c0a30d95f85ab75c068d606e07bd10b3)
Conflicts:
tests/integration/api_comment_attachment_test.go
tests/integration/api_issue_attachment_test.go
trivial context conflict because of 'allow setting the update date on issues and comments'
Makes it easier to use because you see which square is currently
hovered:
<img width="314" alt="Screenshot 2024-05-02 at 15 38 20"
src="https://github.com/go-gitea/gitea/assets/115237/3a15dad1-2259-4f28-9fae-5cf6ad3d8798">
I did try a `scoped` style for this, but that did not work for some
reason.
(cherry picked from commit 6f89d5e3a0886d02ead732005f593ae003f78f78)
The test had a dependency on `https://api.pwnedpasswords.com` which
caused many failures on CI recently:
```
--- FAIL: TestPassword (2.37s)
pwn_test.go:41: Get "https://api.pwnedpasswords.com/range/e6b6a": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
FAIL
coverage: 82.9% of statements
```
(cherry picked from commit 9235442ba58524c8d12ae54865d583acfa1f439d)
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit be112c1fc30f87a248b30f48e891d1c8c18e8280)
Conflicts:
routers/web/web.go
trivial conflict because of https://codeberg.org/forgejo/forgejo/pulls/1533
This is because it doesn't exist as an adapter. The `redis` adapter
already handles Redis cluster configurations.
Fixes#30534.
(cherry picked from commit f135cb7c9457f7b9bdc43601f44757834573950f)
Conflicts:
docs/content/administration/config-cheat-sheet.en-us.md
does not exist in Forgejo
This is a follow-up for 5e1bd8af5f, which
was my first commit to Gitea. It is also a follow up for the
Gitea PR #29300 (https://github.com/go-gitea/gitea/pull/23900) created
by myself, which turned stale.
This change partially restores the behavior of Gitea PR #23747
(https://github.com/go-gitea/gitea/pull/23747) by wxiaoguang, but
maintains the lock.
The original idea was to differentiate things from GitHub and GitLab a
little bit, and show the email address on the profile. The profile is
not only a place where the user chooses to show how they present
themselves on an instance, it is also a place where they can assess
their relationship *with* the instance, as it provides features such
as the Public Activity feed that can be only shown to the user, in
private.
It's, in some way, a dashboard. The email was shown there to remind
the user that this is the primary email that will be used by a supposed
administrator to contact them. There were other motivations behind that
change as well, but, long story short, the idea did not work very well,
as some people (e.g. people livestreaming on the Internet, or 'normal'
users sharing their screens) do not want to put their email address
out there when showing their screen to other people.
Other alternatives, such as blurring the text or only showing the real
email address, were explored, but were rejected because of
browser compatibility and simplicity reasons. The padlock icon that
is shown when showing the email address to other people has been kept.
One viable alternative could be displaying the placeholder email
instead, but that requires some more thought.
Fixes https://codeberg.org/forgejo/forgejo/issues/1950.
Backport #30770
If an user is deactivated, it should not be in the list of users who are
suggested to be assigned or review-requested.
old assignees or reviewers are not affected.
---
*Sponsored by Kithara Software GmbH*
(cherry picked from commit f2d8ccc5bb2df25557cc0d4d23f2cdd029358274)
Conflicts:
models/repo/user_repo_test.go
because there is one less fixture user compared to Gitea
Resolve all cases for `unused parameter` and `unnecessary type
arguments`
Related: #30729
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit e80466f7349164ce4cf3c07bdac30d736d20f035)
Conflicts:
modules/markup/markdown/transform_codespan.go
modules/setting/incoming_email.go
routers/api/v1/admin/user_badge.go
routers/private/hook_pre_receive.go
tests/integration/repo_search_test.go
resolved by discarding the change, this is linting only and
for the sake of avoiding future conflicts
When you cross-compile Gitea and you specify one of the envrionment
variables related to C flags, cgo will fail to build the generator
programs (e.g. generate-bindata) because GOOS and GOARCH are unset, but
those additional flags variables are not unset together with those.
To solve this issue, the simplest way that I've found is to disable cgo
in the `go generate` command as it's not really used there.
For example, I've had this problem with cross-compiling Gitea on FreeBSD
x86_64 to ARMv7 where it's necessary to pass `--target` to `clang` via
`CGO_CFLAGS`:
```
GOOS=freebsd \
GOARCH=arm \
GGOARM=7 \
CGO_ENABLED=1 \
SYSROOT=/usr/local/freebsd-sysroot/armv7 \
CC=clang \
CGO_CFLAGS="--target=armv7-unknown-freebsd13.2-gnueabihf" \
TAGS="bindata sqlite sqlite_unlock_notify" \
make SHELL='sh -x' build
```
```
Running go generate...
# runtime/cgo
In file included from gcc_freebsd_amd64.c:9:
In file included from /usr/include/signal.h:42:
/usr/include/sys/_ucontext.h:44:2: error: unknown type name 'mcontext_t'
modules/migration/schemas_bindata.go:8: running "go": exit status 1
# runtime/cgo
In file included from gcc_freebsd_amd64.c:9:
In file included from /usr/include/signal.h:42:
/usr/include/sys/_ucontext.h:44:2: error: unknown type name 'mcontext_t'
modules/options/options_bindata.go:8: running "go": exit status 1
# runtime/cgo
In file included from gcc_freebsd_amd64.c:9:
In file included from /usr/include/signal.h:42:
/usr/include/sys/_ucontext.h:44:2: error: unknown type name 'mcontext_t'
modules/public/public_bindata.go:8: running "go": exit status 1
# runtime/cgo
In file included from gcc_freebsd_amd64.c:9:
In file included from /usr/include/signal.h:42:
/usr/include/sys/_ucontext.h:44:2: error: unknown type name 'mcontext_t'
modules/templates/templates_bindata.go:8: running "go": exit status 1
gmake[1]: *** [Makefile:781: generate-go] Error 1
*** Error code 2
Stop.
```
But with this fix Gitea compiles successfully.
(cherry picked from commit d11133b83652238023b52576e0d3e57a4f4b21c9)
This allows `nix flake metadata` and nix in general to lock a *branch*
tarball link in a manner that causes it to fetch the correct commit even
if the branch is updated with a newer version.
For further context, Nix flakes are a feature that, among other things,
allows for "inputs" that are "github:someuser/somerepo",
"https://some-tarball-service/some-tarball.tar.gz",
"sourcehut:~meow/nya" or similar. This feature allows our users to fetch
tarballs of git-based inputs to their builds rather than using git to
fetch them, saving significant download time.
There is presently no gitea or forgejo specific fetcher in Nix, and we
don't particularly wish to have one. Ideally (as a developer on a Nix
implementation myself) we could just use the generic tarball fetcher and
not add specific forgejo support, but to do so, we need additional
metadata to know which commit a given *branch* tarball represents, which
is the purpose of the Link header added here.
The result of this patch is that a Nix user can specify `inputs.something.url =
"https://forgejo-host/some/project/archive/main.tar.gz"` in flake.nix
and get a link to some concrete tarball for the actual commit in the
lock file, then when they run `nix flake update` in the future, they
will get the latest commit in that branch.
Example of it working locally:
» nix flake metadata --refresh 'http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix'
Resolved URL: http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix
Locked URL: 804ede182b.tar.gz?dir=configs
/nix&narHash=sha256-yP7KkDVfuixZzs0fsqhSETXFC0y8m6nmPLw2GrAMxKQ%3D
Description: Computers with the nixos
Path: /nix/store/s856c6yqghyan4v0zy6jj19ksv0q22nx-source
Revision: 804ede182b6b66469b23ea4d21eece52766b7a06
Last modified: 2024-05-02 00:48:32
For details on the header value, see:
56763ff918/doc/manual/src/protocols/tarball-fetcher.md
In `repo.RemoveDependency`, use `PostFormValue` instead of
`PostForm.Get`. The latter requires `ParseForm()` to be called prior,
and in this case, has no benefit over `PostFormValue` anyway (which
calls `ParseForm()` if necessary).
While this currently does not cause any issue as far as I can tell, it
feels like a bug lying in wait for the perfect opportunity. Lets squash
it before it can do harm.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Adjust the `anyHashPattern` to match URL query parameters too, and
adjust `fullHashPatternProcessor` accordingly.
Includes a test case, and an update to an existing one to account for
the new capture group.
Fixes#3548.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Also add a test for GogsDownloaderFactory.New() to make sure
that the URL of the source repository is parsed correctly.
When the source gogs instance is hosted at a subpath like `https://git.example.com/gogs/<username>/<reponame>` the migration fails.
This PR fixes that.
Co-authored-by: hecker <tomas.hecker@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3572
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: varp0n <tom@gkstn.de>
Co-committed-by: varp0n <tom@gkstn.de>
To be able to easily test cases where the repository does not have any
code, where the git repo itself is completely uninitialized, lets
support a case where the `AutoInit` property is false.
For the sake of backwards compatibility, if the option is not set either
way, it will default to `true`.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When subscribing or unsubscribing to/from an issue on the web ui, the
request was posted to a route handled by `repo.IssueWatch`. This
function used `ctx.Req.PostForm.Get()`, erroneously.
`request.PostForm` is *only* available if `request.ParseForm()` has been
called before it. The function in question did not do that. Under some
circumstances, something, somewhere did end up calling `ParseForm()`,
but not in every scenario.
Since we do not need to check for multiple values, the easiest fix here
is to use `ctx.Req.PostFormValue`, which will call `ParseForm()` if
necessary.
Fixes#3516.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
If `commitstatus_service.FindReposLastestCommitStatuses` receives no
repos in its params, short-circuit, and return early, without performing
any potentially expensive work.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When a logged in user with no repositories visits their dashboard, it will
display a search box that lists their own repositories.
This is served by the `repo.SearchRepos` handler, which in turn calls
`commitstatus_service.FindReposLastestCommitStatuses()` with an empty
repo list.
That, in turn, will call `git_model.FindBranchesByRepoAndBranchName()`,
with an empty map. With no map, `FindBranchesByRepoAndBranchName()` ends
up querying the entire `branch` table, because no conditions were set
up.
Armed with a gazillion repo & commit shas, we return to
`FindReposLastestCommitStatuses`, and promptly call
`git_model.GetLatestCommitStatusForPairs`, which constructs a monstrous
query with so many placeholders that the database tells us to go
somewhere else, and flips us off. At least on instances the size of
Codeberg. On smaller instances, it will eventually return, and throw
away all the data, and return an empty set, having performed all this
for naught.
We fix this by short-circuiting `FindBranchesByRepoAndBranchName`, and
returning fast if our inputs are empty.
A test case is included.
Fixes#3521.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When mentioning a user, the markup post-processor did not handle the
case where the mentioned user did not exist well: it tried to skip to
the next node, which in turn, ended up skipping the rest of the line.
To fix this, lets skip just the mentioned, but non-existing user, and
continue processing the current node from there.
Fixes#3535.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
The current format makes the text look somewhat like this:
```
testing.yml #15065 :Commit 103306f00c pushed by n0toose
```
This looks wrong. We will have to work on that list at a later point
in time anyways, as well as make the way that we separate information
in subheaders in lists like this one more consistent.
However, this should do for now.
This change should make each entry look like this instead:
```
testing.yml #15065 - Commit 103306f00c pushed by n0toose
```
Using "data-target", it is possible to set a value to a target element
that can enable it or disable it. Using "data-context" lets us perform
the opposite action on a different target.
Before, only the #external_wiki_box target was used, which was enabled
or disabled depending on whether the user has chosen to use the internal
wiki or the external wiki. If the user chooses to use the internal wiki,
they will disable the box that lets them enter a link pointing to an
external wiki, and vice versa. Although it is not possible to use, say,
boolean operations, we can introduce a target that is
called #globally_writeable_checkbox that gets enabled when
the #external_wiki_box box is disabled, and vice versa.
This makes the box's behavior more consistent with the behavior in the
"Issues" section. To keep things consistent with that section, a new
property was assigned to the "globally_writeable_checkbox" that makes
the box go a bit further in (`tw-pl-4`).
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3520
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: crystal <crystal@noreply.codeberg.org>
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
When all repository units are deactivated except for the code unit, the activity tab will not be shown.
Since the activities tab also shows contributing stats, it would be good to show the activities tab also when only code is active.
This commit changes the behavior when the activities tab is shown.
Previous it would only be shown when Issues, Pull-Requests or Releases are activated. Now it would additionally be shown when the code unit is activated.
Refs: #3429
| Before (Code + Issues - Owner) | Before (Code - Viewer) | After (Code + Issues - Owner) | After (Code - Viewer) |
| -- | -- | -- | -- |
| ![image](/attachments/2af997bc-1f38-48c6-bdf3-cfbd7087b220) | ![image](/attachments/ef1797f0-5c9a-4a1a-ba82-749f3ab4f403) | ![image](/attachments/fd28a96c-04ca-407e-a70d-d28b393f223d) | ![image](/attachments/2cd0d559-a6de-4ca0-a736-29c5fea81b5a) |
| | `/activity` returns 404 for everyone | ![image](/attachments/e0e97d8f-48cb-4c16-a505-1fafa46c4b8e) | - |
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3455
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
Suggested by logs in #30729
- Remove `math/rand.Seed`
`rand.Seed is deprecated: As of Go 1.20 there is no reason to call Seed
with a random value.`
- Replace `math/rand.Read`
`rand.Read is deprecated: For almost all use cases, [crypto/rand.Read]
is more appropriate.`
- Replace `math/rand` with `math/rand/v2`, which is available since Go
1.22
(cherry picked from commit 7b8e418da1e082786b844562a05864ec1177ce97)
Ref: Propose to restart 1.22 release #30501
(cherry picked from commit 6d2a307ad8af7d686f1c3a3706ff0f2df895658a)
Conflicts:
models/migrations/migrations.go
models/migrations/v1_22/v297.go
trivial conflict because a migration does not exist in Forgejo
1. Set
[`BROWSERSLIST_IGNORE_OLD_DATA`](c6ddf7b387/node.js (L400))
to avoid warning on outdated browserslist data which the end user can
likely not do anything about and which is currently visible in the v1.21
branch.
2. Suppress all command echoing and add a "Running webpack..." message
in place.
Warning in question was this:
```
Browserslist: caniuse-lite is outdated. Please run:
npx update-browserslist-db@latest
Why you should do it regularly: https://github.com/browserslist/update-db#readme
```
(cherry picked from commit dcc3c17e5c41ad446b71215b095617e066a2e8e1)
- Add endpoint to list repository action secrets in API routes
- Implement `ListActionsSecrets` function to retrieve action secrets
from the database
- Update Swagger documentation to include the new
`/repos/{owner}/{repo}/actions/secrets` endpoint
- Add `actions` package import and define new routes for actions,
secrets, variables, and runners in `api.go`.
- Refactor action-related API functions into `Action` struct methods in
`org/action.go` and `repo/action.go`.
- Remove `actionAPI` struct and related functions, replacing them with
`NewAction()` calls.
- Rename `variables.go` to `action.go` in `org` directory.
- Delete `runners.go` and `secrets.go` in both `org` and `repo`
directories, consolidating their content into `action.go`.
- Update copyright year and add new imports in `org/action.go`.
- Implement `API` interface in `services/actions/interface.go` for
action-related methods.
- Remove individual action-related functions and replace them with
methods on the `Action` struct in `repo/action.go`.
---------
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
(cherry picked from commit 852547d0dc70299589c7bf8d00ea462ed709b8e5)
Conflicts:
routers/api/v1/api.go
trivial conflict because of Fix#2512 /api/forgejo/v1/version auth check (#2582)
Now only show the "code search" on the repo home page, because it only
does global search.
So do not show it when viewing file or directory to avoid misleading
users (it doesn't search in a directory)
(cherry picked from commit 993736d838c36e26951b6cfea9c6a549958addd1)
There are no breaking changes. I tested and everything works as before.
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit 68a3e6b5e64b4035aa0659cb6daa1c4d1eec892a)
Gitea attempts to display image file, pdf file, etc. named readme in the
home code page (but it cannot).
I think only the markdown and plain-text file should be displayed, which
is also the behavior of GitHub.
Co-authored-by: jxshin <zhujiaxinabc@gmail.com>
(cherry picked from commit a63f14b90839821a480fb56fd9b45a27864b77d1)
This is a very old bug with the bottom border-radiuses not being there
and the `:has` selector now makes it possible to cleanly solve it. It
affects all header+segment boxes, which there are many throughout the
UI:
<img width="1017" alt="Screenshot 2024-04-23 at 20 47 21"
src="https://github.com/go-gitea/gitea/assets/115237/870fe352-cc38-4bd6-bfe6-9fe8c3066f92">
(cherry picked from commit 3f19a6334575e1d2849999e8339f1b515cefaf1a)
Fix https://github.com/go-gitea/gitea/pull/23894#discussion_r1573718690
(cherry picked from commit 2ad9ef4984f0b68ef38241fd6b557d8427d851d8)
Conflicts:
models/migrations/v1_16/v210.go
models/migrations/v1_22/v286.go
trivial conflicts because MSSQL is no longer supported
Fixes https://github.com/go-gitea/gitea/issues/30664.
Previous use was not a supported way by fomantic and the misuse only
became visible after the checkbox migration.
(cherry picked from commit 1a2ae64b16f10b8d1e17197d18b9eb373faf58db)
Follow #29468
1. Interpolate runs-on with variables when scheduling tasks.
2. The `GetVariablesOfRun` function will check if the `Repo` of the run
is nil.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 2f6b1c46a1a4a90f56ca0f3ad7840e8e70daeab5)
Conflicts:
services/actions/schedule_tasks.go
trivial conflict because of 'Add vars context to cron jobs (#3059)'
Should resolve#30642.
Before this commit, we were treating an empty `?sort=` query parameter
as the correct sorting type (which is to sort issues in descending order
by their created UNIX time). But when we perform `sort=latest`, we did
not include this as a type so we would sort by the most recently updated
when reaching the `default` switch statement block.
This commit fixes this by considering the empty string, "latest", and
just any other string that is not mentioned in the switch statement as
sorting by newest.
(cherry picked from commit 9b7af4340c36d3e1888788499d16f83feeb1601b)
Replace #6312
Help #5833
Wiki solution for #639
(cherry picked from commit 3feba9f1f44156c256a30d25ad1c25f751819c94)
Conflicts:
Trash everything, just keep the migration placeholder to ensure the Gitea
sequence is preserved. The Wiki edition is implemented differently.
All these have no violations, so enable them.
(cherry picked from commit 99c5683da5e5c50154dcf9c07229a455a5095058)
Conflicts:
.eslintrc.yaml
do not enable no-sizzle as Forgejo still uses it
Noteable additions:
- `redefines-builtin-id` forbid variable names that shadow go builtins
- `empty-lines` remove unnecessary empty lines that `gofumpt` does not
remove for some reason
- `superfluous-else` eliminate more superfluous `else` branches
Rules are also sorted alphabetically and I cleaned up various parts of
`.golangci.yml`.
(cherry picked from commit 74f0c84fa4245a20ce6fb87dac1faf2aeeded2a2)
Conflicts:
.golangci.yml
apply the linter recommendations to Forgejo code as well
- `.text-thin` and `.text-italic` are not present in CSS so were doing nothing and I removed them.
- `.text.middle` was unused so I removed it.
- `.text.italic` is replaced with `tw-italic`.
- `.text.normal` had exactly one use and it wasn't even needed.
- add a `muted` class to the link to `org_profile_avatar.tmpl`.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit aff7b7bdd285cc1fcabea774f153886e11ae9f5d)
- Update branch existence check to also include tag existence check
- Adjust error message for branch/tag existence check
ref: https://github.com/go-gitea/gitea/pull/30349
---------
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 6459c50278906893f3cbc2bf3e52eff65e739b37)
If incoming email is configured and an email is sent, inline
attachments are currently not added to the comment if it has the
`Content-Disposition: inline` instead of
`Content-Disposition: attachment` as e.g. with Apple Mail.
This adds inline attachments (`Content-Disposition: inline`) that have a
filename as attachment to the comment.
Fixes#3496
When the ldap synchronizer is look for an email address and fails at
finding one, it falls back at creating one using "localhost.local"
domain.
This new field makes this domain name configurable.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3414
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Baptiste Daroussin <bapt@FreeBSD.org>
Co-committed-by: Baptiste Daroussin <bapt@FreeBSD.org>
This will move the settings button back to the right, like known from
older versions.
For this, the overflow-menu was changed when a setting button is
available. If no settings button is available, the behavior will not
change.
Fixes#3301
The current path of the `$GITEA_APP_INI` configuration file makes the
forgejo application reset every time the container is restarted, unless
a specific volume for this file is created. Consider the following:
* This quirk is not documented
* All configuration data resides in `/var/lib/gitea`
* The custom configuration path defaults to `/var/lib/gitea/custom/conf`
(see `forgejo -h`)
* Containers mounting the volume `-v /foo/bar:/var/lib/gitea` already
have this file available to modify. Another volume shouldn't be
required
* Containers using named volumes can use `docker cp` to modify the file
inside the volume, if desired
For these reasons, it makes more sense to use the default path for
`$GITEA_APP_INI` rather than require users to create a dedicated volume
for the file. Revert it back to its default while maintaining backwards
compatibility (users can update by simply moving the file to the new
path).
Gitea and Forgejo chose to implement wiki branch naming differently, but
Forgejo picked the Gitea migration anyway, resulting in an unused column
in the database, which wasn't part of the `Repository` struct either -
something warned about during startup, too.
Similarly, Forgejo chose not to implement User badges at all - but kept
the existing code for it -, and the `badge` table ended up with an
unused `slug` column due to a Gitea migration, and resulted in another
warning at startup.
To keep the database consistent with the code, and to get rid of these
warnings, lets introduce a new migration, which simply drops these
Gitea-specific columns from the database.
Fixes#3463.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
I thought there would be conflicts but that they would not be so difficult to manage. Worst idea I had this week. Change to @oliverpool idea instead.
> Instead of documenting the release notes in the issue, why not in the codebase?
>
> For instance in [go](https://cs.opensource.google/go/go/+/master:doc/README.md) there is a `doc/next` folder where you add `<pr-number>.md` files which document each pr.
>
> Before the release, a script takes all those files to generate the changelog.
>
> Having them as a file tracked by git, makes them easy to review and to programmatically handle.
Refs: https://codeberg.org/forgejo/discussions/issues/155#issuecomment-1787013
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3452
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
When converting a `repo_model.Repository` to `api.Repository`, copy the
`ObjectFormatName` field too.
Fixes#3458.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
The file CONTRIBUTING.md contains a list of links that points to
different parts of the developer documentation.
Unfortunately, this list is now incomplete and contains a dead link for the
Developer Workflow.
Given that a more complete similar list is present at:
https://forgejo.org/docs/latest/developer/, this patch removes the
duplication of information, which leads to dead links and
maintenance burden, and replaces the list with simply a link to the page
that has all the current links.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3454
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Nicolas CARPi <nico-git@deltablot.email>
Co-committed-by: Nicolas CARPi <nico-git@deltablot.email>
When in the repository settings, visiting
- `LFS` to `/{owner}/{repo}/settings/lfs`
- `Find pointer files` to `/{owner}/{repo}/settings/lfs/pointers`
- `Find commits` to `/{owner}/{repo}/settings/lfs/find?oid=...`
failed with an error 500 because of an incorrect evaluation of the
template.
Regression introduced by
cbf923e87b
A test is added to visit the page and guard against future
regressions.
Refs: https://codeberg.org/forgejo/forgejo/issues/3438
A remote user (UserTypeRemoteUser) is a placeholder that can be
promoted to a regular user (UserTypeIndividual). It represents users
that exist somewhere else. Although the UserTypeRemoteUser already
exists in Forgejo, it is neither used or documented.
A new login type / source (Remote) is introduced and set to be the login type
of remote users.
Type UserTypeRemoteUser
LogingType Remote
The association between a remote user and its counterpart in another
environment (for instance another forge) is via the OAuth2 login
source:
LoginName set to the unique identifier relative to the login source
LoginSource set to the identifier of the remote source
For instance when migrating from GitLab.com, a user can be created as
if it was authenticated using GitLab.com as an OAuth2 authentication
source.
When a user authenticates to Forejo from the same authentication
source and the identifier match, the remote user is promoted to a
regular user. For instance if 43 is the ID of the GitLab.com OAuth2
login source, 88 is the ID of the Remote loging source, and 48323
is the identifier of the foo user:
Type UserTypeRemoteUser
LogingType Remote
LoginName 48323
LoginSource 88
Email (empty)
Name foo
Will be promoted to the following when the user foo authenticates to
the Forgejo instance using GitLab.com as an OAuth2 provider. All users
with a LoginType of Remote and a LoginName of 48323 are examined. If
the LoginSource has a provider name that matches the provider name of
GitLab.com (usually just "gitlab"), it is a match and can be promoted.
The email is obtained via the OAuth2 provider and the user set to:
Type UserTypeIndividual
LogingType OAuth2
LoginName 48323
LoginSource 43
Email foo@example.com
Name foo
Note: the Remote login source is an indirection to the actual login
source, i.e. the provider string my be set to a login source that does
not exist yet.
Add a new member to `DeclarativeRepoOptions`: `WikiBranch`. If
specified, create a Wiki with the given branch, and a single "Home"
page.
This will be used by an upcoming test.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Back in #2264, we made it possible to change the branch wikis use from
the hardcoded "master" branch to `[repository].DEFAULT_BRANCH`. However,
the API endpoints were not updated, and the "master" branch remained
hardcoded there.
This change fixes that, the API endpoints will now respect the
repository's `WikiBranch`.
Fixes#3391.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Lets introduce a new helper function,
`CreateDeclarativeRepoWithOptions`! This is almost the same as the
existing `CreateDeclarativeRepo` helper, but instead of taking a list of
random parameters the author thought of at the time of its introduction,
it takes a `DeclarativeRepoOptions` struct, with optional members.
This makes it easier to extend the function, as new members can be added
without breaking or having to update existing callsites, as long as the
newly added members default to compatible values.
`CreateDeclarativeRepo` is then reimplemented on top of the new
function. Callsites aren't updated yet, we can do that organically,
whenever touching code that uses the older function.
No new functionality is introduced just yet, this is merely a refactor.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
This adds a new options to releases to hide the links to the automatically generated archives. This is useful, when the automatically generated Archives are broken e.g. because of Submodules.
![grafik](/attachments/5686edf6-f318-4175-8459-89c33973b181)
![grafik](/attachments/74a8bf92-2abb-47a0-876d-d41024770d0b)
Note:
This juts hides the Archives from the UI. Users can still download 5the Archive if they know t correct URL.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3139
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
The tests in Forgejo extensively rely on admin user create to create
the first admin user. This regression was not noticed because it
is an exception and a password change will not be required.
Refs: https://codeberg.org/forgejo/forgejo/issues/3399
These release notes need a lot of attention to be good. But they are passable and ready for review.
Multiple factors made them challenging to collect:
- lack of organization Forgejo side which is going to be better for the next version
- complete reorganization of the development workflows which made it challenging to sort out what is in the release or not
- unification of the branches into a single one after the hard fork decision
Refs: https://codeberg.org/forgejo/forgejo/issues/2425
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3203
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
The WIP prefix toggling link on the sidebar only supported toggling
the *first* prefix specified in
`[repository.pullrequest].WORK_IN_PROGRESS_PREFIXES`. If the pull
request had a title with any other prefix, the first prefix listed in
the config was added (and then removed on toggling it off).
This little change makes all of the prefixes available for the
JavaScript function that does the toggling, and changes said function to
find the used prefix first, and toggle that.
When adding the prefix, it will still default to adding the first one
listed in the configuration, but it will happily remove any others if
those are present.
Fixes#3377.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When searching for users, page the results by default, and respect the
default paging limits.
This makes queries like '/api/v1/users/search?limit=1' actually work.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
If `[email.incoming].USE_TLS` is set, but the port isn't, infer the
default from `.USE_TLS`: set the port to 993 if using tls, and to 143
otherwise. Explicitly setting a port overrides this.
Fixes#3357.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
The keys for setting the username and password for incoming and outgoing
mail are inconsisent: one uses `USERNAME` and `PASSWORD`, the other uses
`USER` and `PASSWD`.
To make things simpler, allow both to be configured by either, thus,
`[mailer].USERNAME` and `[mailer.PASSWORD]` will be aliases for `.USER`
and `.PASSWD`, and similarly, `[email.incoming].USER` and
`[email.incoming].PASSWD` will be aliases for `.USERNAME` and
`.PASSWORD`.
Fixes#3355.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Fixes: https://github.com/go-gitea/gitea/issues/30384
On repo settings page, there id `repo_name` was used 5 times on the same
page, some in modal and such. I think we are better off just
auto-generating these IDs in the future so that labels link up with
their form element.
Ideally this id generation would be done in backend in a subtemplate,
but seeing that we already have similar JS patches for checkboxes, I
took the easy path for now.
I also checked that these `#repo_name` were not in use in JS and the
only case where this id appears in JS is on the migration page where
it's still there.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit d4ec6b3d16496ce3b479d5a08f79823122dc2b7b)
Conflicts:
- templates/repo/settings/options.tmpl
Conflict resolved by manually removing all `id` and `for`
attributes from elements that had `repo_name` as their id.
Fixes#28255
The new query uses the id field to sort by "newer". This most not be
correct (usually it is) but it's faster (see #28255).
If someone has a better idea, please propose changes.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit b06aac40e6552b0ce1f7b8a92c977fcc27566f68)
Follow https://github.com/go-gitea/gitea/pull/30357
When user push to default branch, the schedule trigger user will be the
user.
When disable then enable action units in settings, the schedule trigger
user will be action user.
When repo is a mirror, the schedule trigger user will be action user. (
before it will return error, fixed by #30357)
As scheduled job is a cron, the trigger user should be action user from
Gitea, not a real user.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit cb6814adad4dc81a683b50826a211ce7bce731d7)
Conflicts:
- services/actions/notifier_helper.go
Conflict resolved by keeping Forgejo's version of the line.
Related to #30375.
It doesn't make sense to import `modules/web/middleware` and
`modules/setting` in `modules/web/session` since the last one is more
low-level.
And it looks like a workaround to call `DeleteLegacySiteCookie` in
`RegenerateSession`, so maybe we could reverse the importing by
registering hook functions.
(cherry picked from commit 61457cdf6b49225ae831fd9fb084deadd8bdb0fb)
Files in root were not linted, add them. No new violations.
(cherry picked from commit 354705450a410329d253023d2c66ef6d68ecc046)
Conflicts:
- CHANGELOG.md
Gitea specific, removed.
- Makefile
Adjusted SPELLCHECK_FILES: we don't need to filter the
CHANGELOG.md out. The conflict itself was resolved by manually
applying the change.
Fixes https://github.com/go-gitea/gitea/issues/28114 and behaviour
matches vscode on desktop as well.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 49b80f8ac1cf9f0b56da0c73d0f34ef030f4c447)
Add some logic in `convert.ToBranchProtection` to return only the names
associated with readAccess instead of returning all names. This will
ensure consistency in behavior between the frontend and backend.
Fixes: #27694
---------
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-authored-by: wenzhuo.zhang <wenzhuo.zhang@geely.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 02e183bf3fa502b7cef76e8dcdbf01b85ce641f0)
Fixes: https://github.com/go-gitea/gitea/issues/30512
I think this does mean those tools would run on a potential `vendor`
directory, but I'm not sure we really support vendoring of dependencies
anymore.
`release` has a `vendor` prerequisite so likely the source tarballs
contain vendor files?
(cherry picked from commit 8e12ef911a1d10dedb03e3127c42ca76f9850aca)
Conflicts:
- Makefile
Manually adjusted the changes.
Using the API, a user's _source_id_ can be set in the _CreateUserOption_
model, but the field is not returned in the _User_ model.
This PR updates the _User_ model to include the field _source_id_ (The
ID of the Authentication Source).
(cherry picked from commit 58b204b813cd3a97db904d889d552e64a7e398ff)
- Add new `Compare` struct to represent comparison between two commits
- Introduce new API endpoint `/compare/*` to get commit comparison
information
- Create new file `repo_compare.go` with the `Compare` struct definition
- Add new file `compare.go` in `routers/api/v1/repo` to handle
comparison logic
- Add new file `compare.go` in `routers/common` to define `CompareInfo`
struct
- Refactor `ParseCompareInfo` function to use `common.CompareInfo`
struct
- Update Swagger documentation to include the new API endpoint for
commit comparison
- Remove duplicate `CompareInfo` struct from
`routers/web/repo/compare.go`
- Adjust base path in Swagger template to be relative (`/api/v1`)
GitHub API
https://docs.github.com/en/rest/commits/commits?apiVersion=2022-11-28#compare-two-commits
---------
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit c70e442ce4b99e2a1f1bf216afcfa1ad78d1925a)
Conflicts:
- routers/api/v1/swagger/repo.go
Conflict resolved by manually adding the lines from the Gitea
PR.
Small tweak here to prevent this and likely other events from
overflowing in the timeline:
<img width="895" alt="Screenshot 2024-04-14 at 22 53 17"
src="https://github.com/go-gitea/gitea/assets/115237/001b4f6b-f649-44ff-b2f0-c8e0dedeb384">
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 1508a85f6235814271ea927d651bcbcd8c9f5f18)
So it happened to me multiple times that air leaves zombie processes
after termination. I think ultimately it's some kind of bug in air, but
we can work around.
The change in the delay is unrelated to the zombie processes but seems
to help a bit with duplicate changes resulting in duplicate `make
generate` as seen here:
<img width="424" alt="Screenshot 2024-04-14 at 17 05 47"
src="https://github.com/go-gitea/gitea/assets/115237/6dd1d787-6be3-4fb2-8b0b-cd711c281793">
---------
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 994920c677b04a720726d982e4d6212664b82a43)
![image](https://github.com/go-gitea/gitea/assets/2114189/857794d8-2170-42be-a5bf-47ebacbafebd)
---------
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit b84baf21fa19521e1ab303a60918c74f85fcad1c)
Conflicts:
- web_src/css/base.css
Trivial commit resolved by removing the conflicting part.
(it conflicted because we did not pick a previous PR)
Unify the behaviors of "user create" and "user change-password".
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 4c6e2da088cf092a9790df5c84b7b338508fede7)
Conflicts:
- cmd/admin_user_create.go
Resolved by favoring Gitea's version of the conflicting areas.
- docs/content/administration/command-line.en-us.md
Removed, Gitea specific.
Added new class `flex-container-sidebar` to cover the dashboard sidebar.
Previously this was 37.5% with more padding. Now there is less empty
space between the two columns and this matches other pages like repo or
admin settings page.
Desktop:
<img width="1345" alt="Screenshot 2024-03-31 at 15 11 36"
src="https://github.com/go-gitea/gitea/assets/115237/717389d9-d42c-466e-a8fe-e968f79447fd">
Mobile:
<img width="444" alt="Screenshot 2024-03-31 at 15 11 44"
src="https://github.com/go-gitea/gitea/assets/115237/7faa840b-513a-411b-bf2d-26d52b9b71a0">
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 044cc169e75dccbf1d846f8774ef2feccd0da1fd)
It is possible to change some repo settings (its visibility, and
template status) via `git push` options: `-o repo.private=true`, `-o
repo.template=true`.
Previously, there weren't sufficient permission checks on these, and
anyone who could `git push` to a repository - including via an AGit
workflow! - was able to change either of these settings. To guard
against this, the pre-receive hook will now check if either of these
options are present, and if so, will perform additional permission
checks to ensure that these can only be set by a repository owner or
an administrator. Additionally, changing these settings is disabled for
forks, even for the fork's owner.
There's still a case where the owner of a repository can change the
visibility of it, and it will not propagate to forks (it propagates to
forks when changing the visibility via the API), but that's an
inconsistency, not a security issue.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Signed-off-by: Earl Warren <contact@earl-warren.org>
Motivation: The meaning of the button is apparent from the visual
position and the number icon. This is not exposed to a screenreader.
Naming it to "Finish Review" helps with to provide the meaning of the
button as well as the number in the label.
When sending notification emails about a release, use a properly
formatted, RFC-compliant message id, rather than the release's HTML URL
wrapped in angle brackets (which would not be compliant).
Fixes#3105.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
The ARG RELEASE_VERSION set in the build-env image does not propagate
to the images that follow. As a result the value of the version label
is always empty.
This should have been caught by the test in the CI but although it
notified the problem in the output, it did not fail. Upgrade to the
forgejo-build-publish version that fixes this false positive.
- Fixes wrong usage of AppURL
- Fixes wrong rendering with extra path segments when AppSubURL is empty
- Now also renders all links when 2+ permalinks are present
Rather than using an scp-style URI, use the same URL style for SSH
clones as for HTTP(S) ones. This is not only more consistent, but the
URL style allows one to specify a port, and makes it clear that it is an
SSH clone URL.
git itself favours the URL style, and mentions the scp-style in passing
only. Said style is prominently used by GitHub, and might be more
familiar for a lot of people, but other than familiarity, it has no
advantage over the URL style.
For the benefit of consistency, and flexibility, lets flip the default,
and make it the URL style. Instance admins who prefer to use the
scp-style, and are running SSH on its standard port, can change the
setting back to false.
This addresses #3193.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When editing a user via the API, do not require setting `login_name` or
`source_id`: for local accounts, these do not matter. However, when
editing a non-local account, require *both*, as before.
Fixes#1861.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
This is a continuation of #2728, with a test case added.
Fixes#2633.
I kept @zareck 's commit as is, because I believe it is correct. We can't move the check to `owner.CanForkRepo()`, because `owner` is the future owner of the forked repo, and may be an organization. We need to check the admin permission of the `doer`, like in the case of repository creation.
I verified that the test fails without the `ForkRepository` change, and passes with it.
Co-authored-by: Cassio Zareck <cassiomilczareck@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3277
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Co-committed-by: Gergely Nagy <forgejo@gergo.csillger.hu>
The global wiki editability can be set via the web UI, this patch makes
it possible to set the same thing via the API too. This is accomplished
by adjusting the GET and PATCH handlers of the
`/api/v1/repos/{owner}/{repo}` route.
The first will include the property when checking the repo's settings,
the second allows a repo admin to change the setting too.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
- Previously translations were escaped, but now translations are
accepted as-is and will be rendered as HTML. Use `TrString` to escape
the translation value.
- Adds integration test.
- Regression of 65248945c9.
- Resolves#3260
- fix rounding on /notifications/subscriptions
- add navigation interconnectivity between notifications and subscriptions
- use modern style for tabs
- clearing notificatons: hide the whole form instead of div. It doesn't seem like its changed via JS?
- replace issue-title-buttons and edit-buttons with universal top-right-buttons, get rid of tw-mr-0 helpers
- repo issues: fix misalignments on mobile view
The target_url is necessary for the UI, but missed in
commit_status_summary table. This PR fix it.
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
This PR adds a new table named commit status summary to reduce queries
from the commit status table. After this change, commit status summary
table will be used for the final result, commit status table will be for
details.
---------
Co-authored-by: Jason Song <i@wolfogre.com>
Many places have the following logic:
```go
func (jobs ActionJobList) GetRunIDs() []int64 {
ids := make(container.Set[int64], len(jobs))
for _, j := range jobs {
if j.RunID == 0 {
continue
}
ids.Add(j.RunID)
}
return ids.Values()
}
```
this introduces a `container.FilterMapUnique` function, which reduces
the code above to:
```go
func (jobs ActionJobList) GetRunIDs() []int64 {
return container.FilterMapUnique(jobs, func(j *ActionRunJob) (int64, bool) {
return j.RunID, j.RunID != 0
})
}
```
Conflicts:
models/issues/comment_list.go due to premature refactor in #3116
Only split the file into small ones (and rename AttentionTypes to
attentionTypes)
(cherry picked from commit 71706126b56616750a65290460fd211b9b8449da)
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Conflicts:
- modules/markup/markdown/goldmark.go
- modules/markup/markdown/transform_blockquote.go
Conflicts were resolved by favouring the Forgejo implementation:
I copied the Forgejo code to the same place Gitea copied them
to, and adjusted the imports accordingly.
Apart from conflict resolution, this also moves
`applyElementDir` from a local func in `goldmark.Transform` to a
method on `*ASTTransformer`, to make it callable from the
extracted functions.
Fix#30378
(cherry picked from commit 0fe9f93eb4c94d55e43b18b9c3cc6d513a34c0b5)
Conflicts:
- models/organization/org.go
- services/repository/delete.go
- services/user/delete.go
In all three cases, conflicts were resolved by manually adding
the lines added by the Gitea patch, keeping the Forgejo code
surrounding them.
- `RemoveFilesFromIndex` used an hardcoded empty commit ID for the SHA1
object format, this would result in an error if the repository was
initialized to use the sha256 object format. Get the object format of
the Git repository and use that to get the empty commit id.
- Adds unit test.
- Resolves#3184
- Add another selector to the list, which corresponds to the container
of the archive buttons on the release page of an repository.
- Seems like that 8d2b764607 missed
another case.
- Resolves#3180
Cookies may exist on "/subpath" and "/subpath/" for some legacy reasons (eg: changed CookiePath behavior in code). The legacy cookie should be removed correctly.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
(cherry picked from commit b18c04ebde94e23d97da4958173faea843d5344f)
Since https://github.com/go-gitea/gitea/pull/25686, a few `interface{}`
have sneaked into the codebase. Add this replacement to `make fmt` to
prevent this from happening again.
Ideally a linter would do this, but I haven't found any suitable.
(cherry picked from commit c77e8140bc2ac6521dbebfb77613dce2648bfcb8)
Conflicts:
- .gitattributes
Trivial conflict resolved by picking our choice of language
for `*.tmpl` files.
Fixes https://github.com/go-gitea/gitea/issues/30442
It's inconvenient to have new untracked files show up in git when
switching to older branches that had generated them.
Introduce a list of such files and folders to gitignore and
dockerignore.
(cherry picked from commit 68271834d6ae6d397b5a2048f9e515ff53735994)
- Switched to plain JavaScript
- Tested the commit graph and it works as before
# Demo using JavaScript without jQuery
![demo](https://github.com/go-gitea/gitea/assets/20454870/d0755ed6-bb5c-4601-a2b7-ebccaf4abce4)
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 25427e0aee435cdedb9f8aae58767174d877767f)
This patch improves the migration from gitbucket to gitea.
The gitbucket uses it's own internal perPage value (= 25) for paging and
ignore per_page arguments in the requested URL. This cause gitea to
migrate only 25 issues and 25 PRs from gitbucket repository. This may
not happens on old gitbucket. But recent gitbucket 4.40 or 4.38.4 has
this problem.
This patch change to use this internally hardcoded perPage of gitbucket
as gitea's maxPerPage numer when migrating from gitbucket. There are
several perPage values in gitbucket like 25 for Isseus/PRs and 10 for
Releases. Some of those API doesn't support paging yet. It sounds
difficult to implement, but using the minimum number among them worked
out very well. So, I use 10 in this patch.
Brief descriptions of problems and this patch are also available in
https://github.com/go-gitea/gitea/issues/30316.
In addition, I'm not sure what kind of test cases are possible to write
here. It's a test for migration, so it requires testing gitbucket server
and gitea server, I guess. Please let me know if it is possible to write
such test cases here. Thanks!
(cherry picked from commit 7af074dbeebc3c863618992b43f84ec9e5ab9657)
![image](https://github.com/go-gitea/gitea/assets/18380374/ddf6ee84-2242-49b9-b066-bd8429ba4d76)
When repo is a mirror, and commit author is an external user, then
`GetUserByEmail` will return error.
reproduce/test:
- mirror Gitea to your instance
- disable action and enable it again, this will trigger
`DetectAndHandleSchedules`
ps: also follow #24706, it only fixed normal runs, not scheduled runs.
(cherry picked from commit 96d31fe0a8b88c09488989cd5459d4124dcb7983)
Fix#30243
We only checking unit disabled when detecting workflows, but not in
runner `FetchTask`.
So if a workflow was detected when action unit is enabled, but disabled
later, `FetchTask` will still return these detected actions.
Global setting: repo.ENABLED and repository.`DISABLED_REPO_UNITS` will
not effect this.
(cherry picked from commit d872ce006c0400edb10a05f7555f9b08070442e3)
Fix the action issue in https://github.com/go-gitea/gitea/issues/30303,
specifically:
- Use opaque step header hover background to avoid transparency issue
- Un-sticky the `action-view-left` on mobile, it would otherwise overlap
into right view
- Improve commit summary, let it wrap
- Fix and comment z-indexes
- Tweak width for run-list-item-right so it wastes less space on desktop
- Synced latest changes to console colors from dark to light theme
<img width="467" alt="Screenshot 2024-04-06 at 18 58 15"
src="https://github.com/go-gitea/gitea/assets/115237/8ad26b72-6cd9-4522-8ad1-6fd86b2d0d53">
(cherry picked from commit 0178eaec256a349371c75e582edd7fefca2085d0)
`log.Xxx("%v")` is not ideal, this PR adds necessary context messages.
Remove some unnecessary logs.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 83f83019ef3471b847a300f0821499b3896ec987)
Conflicts:
- modules/util/util.go
Conflict resolved by picking `util.Iif` from 654cfd1dfbd3f3f1d94addee50b6fe2b018a49c3
Ref https://codeberg.org/forgejo/forgejo/issues/2831
Removed from:
- form for creating comment
- form for updating comment
- popup reviewing form
- line reviewing form
- I did not check the use of textarea.tmpl but I belive its used for issue templates, so also removed
- I did not check the use of box.tmpl, could not get any comments on compare
EasyMDE is left for these pages:
- release notes editor
- wiki editor
1. The previous color contrast calculation function was incorrect at
least for the `#84b6eb` where it output low-contrast white instead of
black. I've rewritten these functions now to accept hex colors and to
match GitHub's calculation and to output pure white/black for maximum
contrast. Before and after:
<img width="94" alt="Screenshot 2024-04-02 at 01 53 46"
src="https://github.com/go-gitea/gitea/assets/115237/00b39e15-a377-4458-95cf-ceec74b78228"><img
width="90" alt="Screenshot 2024-04-02 at 01 51 30"
src="https://github.com/go-gitea/gitea/assets/115237/1677067a-8d8f-47eb-82c0-76330deeb775">
2. Fix project-related issues:
- Expose the new `ContrastColor` function as template helper and use it
for project cards, replacing the previous JS solution which eliminates a
flash of wrong color on page load.
- Fix a bug where if editing a project title, the counter would get
lost.
- Move `rgbToHex` function to color utils.
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
---
Conflict resolution: Trivial.
(cherry picked from commit 36887ed3921d03f1864360c95bd2ecf853bfbe72)
Fix https://github.com/go-gitea/gitea/issues/30428
---
Conflict resolution: trivial and move test to own subtest run directly
after `Normal`.
(cherrypicked commit 9466fec879f4f2c88c7c1e7a5cffba319282ab66)
Related to #2773
Related to Refactor URL detection [gitea#29960](https://github.com/go-gitea/gitea/pull/29960)
Related to Refactor external URL detection [gitea#29973](https://github.com/go-gitea/gitea/pull/29973)
I added a bunch of tests to `httplib.TestIsRiskyRedirectURL` and some cases should be better handled (however it is not an easy task).
I also ported the removal of `utils.IsExternalURL`, since it prevents duplicated (subtle) code.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3167
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
The user that caused the notification to re-evaluates the
schedules is not the one that will trigger the workflows. They are
background tasks that are authored by the action user (id -2).
Such a mis-assignment is problematic when the user that caused the
notification is deleted.
Fixes: https://codeberg.org/forgejo/forgejo/issues/3211
This PR fixes the possible ambiguity of rendered inline permalinks across repos by adding it as a suffix to the title element if the permalink refers to a file not inside the current repository. Closes#2965
![grafik](/attachments/e70e37b8-24c7-4f7b-ab52-92f1e8dfb009)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3042
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
When visiting a repos `/settings/units` page, highlight the active tab
properly: "Add more..." if the tab is displayed, or "Settings"
otherwise.
Fixes#3188.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
- The parser of `git grep`'s output uses `bufio.Scanner`, which is a good
choice overall, however it does have a limit that's usually not noticed,
it will not read more than `64 * 1024` bytes at once which can be hit in
practical scenarios.
- Use `bufio.Reader` instead which doesn't have this limitation, but is
a bit harder to work with as it's a more lower level primitive.
- Adds unit test.
- Resolves https://codeberg.org/forgejo/forgejo/issues/3149
- The code that gets contributor stats tried to store an
`map[string]*ContributorData` type in the cache, this works for the
memory cache but not for other caches such as Redis.
- The cache implementation for Redis would convert this map via
`fmt.Sprintf` to an string, which would simply print the pointer and not
the value of the pointer. Storing pointers is a no-go as this will get
GC-ed eventually within a few minutes. Therefore store everything with
json, that does properly store the value of the pointers.
- Adds unit test that verifies JSON is being used.
- Resolves https://codeberg.org/forgejo/forgejo/issues/3158
* Split TestPullRequest out of AddTestPullRequestTask
* A Created field is added to the Issue table
* The Created field is set to the time (with nano resolution) on creation
* Record the nano time repo_module.PushUpdateOptions is created by the hook
* The decision to update a pull request created before a commit was
pushed is based on the time (with nano resolution) the git hook
was run and the Created field
It ensures the following happens:
* commit C is pushed
* the git hook queues AddTestPullRequestTask for processing and returns with success
* TestPullRequest is not called yet
* a pull request P with commit C as the head is created
* TestPullRequest runs and ignores P because it was created after the commit was received
When the "created" column is NULL, no verification is done, pull
requests that were created before the column was created in the
database cannot be newer than the latest call to a git hook.
Fixes: https://codeberg.org/forgejo/forgejo/issues/2009
It is used in the CI to verify the S3 backend works. It has no
security or feature requirements and upgrading would only be required
when a major version is published, which cannot be deduced from the
version number.
Making that upgrade available from the dashboard and dealt with when
and if it gets the attention of a developer, even if once a year, is
good enough.
* no-auto-squash: true so it DTRT for merged & squashed PRs
* target-branch-pattern: replaces the ad-hoc logic to determine the
target branch name
It also now supports backporting to multiple branches. This is not
going to be immediately useful but will greatly help in three months
when there are two releases receiving backports.
This PR do some performance optimzations.
- [x] Add `index` for the column `comment_id` of `Attachment` table to
accelerate query from the database.
- [x] Remove unnecessary database queries when viewing issues. Before
some conditions which id = 0 will be sent to the database
- [x] Remove duplicated load posters
- [x] Batch loading attachements, isread of comments on viewing issue
---------
Co-authored-by: Zettat123 <zettat123@gmail.com>
Conflicts:
models/issues/comment_code.go: function was renamed in Forgejo
models/migrations/migrations.go: migration already ported
Likely still some unnecessary CSS but any combinations with the `ui
list` classes are covered. There was only on instance of `horizontal
list` which I removed. It was this part of the commit page:
<img width="396" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/c49ec4f5-93c3-41d6-a907-cdbedf8abc44">
(cherry picked from commit 649aada3664f5adccdaecc7dd24b8252ae070220)
This allows you to hide the "Powered by" text in footer via
`SHOW_FOOTER_POWERED_BY` flag in configuration.
---------
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 609a627a44dbcb7b630ff51ce9f4b9f448b48ca8)
Conflicts:
- docs/content/administration/config-cheat-sheet.en-us.md
- docs/content/administration/config-cheat-sheet.zh-cn.md
Removed both, they're Gitea specific.
- templates/base/footer_content.tmpl
Applied the change manually, keeping the Forgejo footer.
- Inline math blocks couldn't be preceeded or succeeded by
alphanumerical characters due to changes introduced in PR #21171.
Removed the condition that caused this (precedingCharacter condition)
and added a new exit condition of the for-loop that checks if a specific
'$' was escaped using '\' so that the math expression can be rendered as
intended.
- Additionally this PR fixes another bug where math blocks of the type
'$xyz$abc$' where the dollar sign was not escaped by the user, generated
an error (shown in the screenshots below)
- Altered the tests to accomodate for the changes
Former behaviour (from try.gitea.io):
![image](https://github.com/go-gitea/gitea/assets/114936010/8f0cbb21-321d-451c-b871-c67a8e1e9235)
Fixed behaviour (from my local build):
![image](https://github.com/go-gitea/gitea/assets/114936010/5c22687c-6f11-4407-b5e7-c14b838bc20d)
(Edit) Source code for the README.md file:
```
$x$ -$x$ $x$-
a$xa$ $xa$a 1$xb$ $xb$1
$a a$b b$
a$b $a a$b b$
$a a\$b b$
```
---------
Signed-off-by: João Tiago <joao.leal.tintas@tecnico.ulisboa.pt>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit e006451ab1509f8d6d43c5974387c05b26517392)
Fixes#30235
If the key id "front" byte has a single digit, `%X` is missing the 0
prefix.
` 38D1A3EADDBEA9C` instead of
`038D1A3EADDBEA9C`
When using the `IssuerFingerprint` slice `%X` is enough but I changed it
to `%016X` too to be consistent.
(cherry picked from commit eb505b128c7b9b2459f2a5d20b5740017125178b)
Conflicts:
- models/asymkey/gpg_key_commit_verification.go
Ported the change to models/asymkey/gpg_key_object_verification.go
Create a new `issue-navbar` class specifically for this bar, previous
class used in many places and I thought I had them all removed, but not
this one.
Fixes: https://github.com/go-gitea/gitea/issues/30226
(cherry picked from commit 944c76e78423405a33450eb3d07cd2b772f4a81c)
Ignore this folder in tools like `rg` or `ag`. Also sorted the entries
alphabetically.
(cherry picked from commit 934fa46f769f0b90fc319054612d4f5c9a4c46ba)
Another pure CSS module. Some styling is part of the `form` module which
will likely follow next.
(cherry picked from commit ff334749f58c71980ec19143bc21c0a799074b30)
Conflicts:
- web_src/js/components/DashboardRepoList.vue
Resolved the conflict by manually applying the Gitea change.
On the labels list, This `left` class caused the dropdown content to
flash on page load until JS had hidden it. Remove it as I see no purpose
to it.
<img width="215" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/9e1de97f-dd89-41e0-9229-5c4a786ba762">
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 8da9130c1ffe93e0e97290fddb908ae5b67432e2)
We are not linting these files but editor integrations will still try to
lint, disable that.
(cherry picked from commit 38d56ca10600bdb867b363be717f7cf5d176297a)
Tailwind does not support. Dropped the vendor-prefix.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 44dd6d6927180a4d36b3811fd2fb7557d0b44adb)
Fix https://github.com/go-gitea/gitea/issues/30185, regression from
https://github.com/go-gitea/gitea/pull/30162.
The checkboxes were unclickable because the label was positioned over
the checkbox with `padding`. Now it uses `margin` so the checkbox itself
will be clickable in all cases.
Secondly, I changed the for/id linking to also add missing `for`
attributes when `id` is present. The other way around (only `for`
present) is currently not handled and I think there are likey no
occurences in the code and introducing new non-generated `id`s might
cause problems elsewhere if we do, so I skipped on that.
(cherry picked from commit 640850e15f56bbe01f5d8ea407f99c79dc38457e)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the issue author dropdown functionality and it works as before
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 72a5d3faa8b65042a4fc7525d511d8942a47dafe)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the comment edit history functionality and it works as before
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 6aeff21b76fcbb10d5ce9009ed4243c14633d899)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the repository branch settings functionality and it works as
before
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit 2b3f7d3e966ab60cb147115303d1992e8b50d4df)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the edit column modal functionality and it works as before
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit b535c6ca7b9e8c4bcf5637091ee5ad6d9c807c31)
- Switched from jQuery class functions to plain JavaScript
- Tested the comment context menu functionality and it works as before
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 66f7d47d2c702bab4ca9bcedc1c0ba9ddfa49a17)
Add
[`stylelint-value-no-unknown-custom-properties`](https://github.com/csstools/stylelint-value-no-unknown-custom-properties)
which lints for undefined CSS variables. No current violations.
To make it work properly with editor integrations, I had to convert the
config to JS to be able to pass absolute paths to the plugin, but this
is a needed change anyways.
(cherry picked from commit f31a88d3cb64106e75bbe8a3502856db71dbacfc)
Conflicts:
- .github/labeler.yml
- .github/workflows/files-changed.yml
Removed both, Gitea specific files.
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the commit button disabled toggling functionality and it works
as before
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 42870cf40278e84024ccea41368312451f79a4d6)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the diff view functionality and it works as before
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit c487a32bcd093affe3284282ea279d97f52a867f)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the notification count and it works as before
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 56ac5f18e8022242316d86c8f3091bce554faebb)
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the code range selection functionality and it works as before
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit 911993429f3bec0ff4440c012b2a8f295673f961)
1. Distinguish inline an block code with new CSS variable
`--color-markup-code-inline`
2. Various color tweaks, better contrast from background
(cherry picked from commit 662eb4b0852f9ce2c161e7fea5ac66bf912fc9f6)
---
- Revert the changes of #2874.
- Add more contrast to the inline block for light and dark theme.
(cherry picked from commit 662eb4b0852f9ce2c161e7fea5ac66bf912fc9f6)
- Run `make update-js`
- Added new eslint rules
- Tested webpack build and swagger ui
---
Conflict resolution:
- package.json for minimatch choose the newest favor.
- package-lock.json, run `npm install` to generate this.
(cherry picked from commit 5dabc679aa0a33bc1b997335a216acfe97e70ea5)
- Adds setting `EXTERNAL_USER_DISABLE_FEATURES` to disable any supported
user features when login type is not plain
- In general, this is necessary for SSO implementations to avoid
inconsistencies between the external account management and the linked
account
- Adds helper functions to encourage correct use
(cherry picked from commit 59d4aadba5c15d02f3b9f0e61abb7476870c20a5)
Conflicts:
- docs/content/administration/config-cheat-sheet.en-us.md
Removed.
- modules/setting/admin.go
Trivial resolution: pick the newly added struct member.
- Switched from jQuery class functions to plain JavaScript `classList`
- Tested the image diff and it works as before
---------
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 849eee8db70c8999d54350b85ea7a16fc44dc404)
Get rid of one more jQuery dependant and have a nicer color picker as
well.
Now there is only a single global color picker init because that is all
that's necessary because the elements are present on the page when the
init code runs. The init is slightly weird because the module only takes
a selector instead of DOM elements directly.
The label modals now also perform form validation because previously it
was possible to trigger a 500 error `Color cannot be empty.` by clearing
out the color value on labels.
<img width="867" alt="Screenshot 2024-03-25 at 00 21 05"
src="https://github.com/go-gitea/gitea/assets/115237/71215c39-abb1-4881-b5c1-9954b4a89adb">
<img width="860" alt="Screenshot 2024-03-25 at 00 20 48"
src="https://github.com/go-gitea/gitea/assets/115237/a12cb68f-c38b-4433-ba05-53bbb4b1023e">
(cherry picked from commit dd8dde2be89921b2b1497c6cc5eafdde213429cb)
- Fix the layout of admin pages, it previously was full-width and had
the alert at the incorrect place and within an container.
- Make the placement of the alert consistent with other pages, inside
`flex-container-main` and not wrapped around a container.
- We have to revert 145bebc829, as this
expected that the page contain provided padding, this was provided by
the incorrect placement of the alert. As well isn't consistent with how
other pages are being shown, non-full width. The solution to the
described problem isn't optimal and should rather be fixed with the tables.
- Reverts 145bebc829
- Resolves#3082
- Adjust the warning and success text to be more representive (make them
more green and yellow). They still confirm to AAA contrast.
- For important, note and caution callout boxes make use of the light
variants for the colors colors rather than the dark variant.
- Resolves#3084
- When the database consistency is being run it would check for any
OAuth2 applications that don't have an existing user. However there are
few special OAuth2 applications that don't have an user set, because
they are global applications.
- This was not taken into account by the database consistency checker
and were removed if the database consistency check was being run with
autofix enabled.
- Take into account to ignore these global OAuth2 applications when
running the database consistency check.
- Add unit tests.
- Ref: https://codeberg.org/Codeberg/Community/issues/1530
- Remove options that currently aren't set
on `GarbageCollectLFSMetaObjectsOptions` and
`IterateLFSMetaObjectsForRepoOptions`.
- Simplify `IterateRepositoryIDsWithLFSMetaObjects` and
`IterateLFSMetaObjectsForRepo`.
- `IterateLFSMetaObjectsForRepo` was previously able to get in a
loop (`gc-lfs` doctor check was able to reproduce this) because the code
expected that the records would be updated to not match the SQL query,
but that wasn't the case. Simply enforce that only records higher than
the latest `id` from the previous iteration are allowed.
- For `gc-lfs` doctor check this was because `UpdatedLessRecentlyThan`
option was not set, which caused that records just marked as active in
the iteration weren't being filtered.
- Add unit tests
- Most likely a regression from 2cc3a6381c.
- The bug with `gc-lfs` was found on Codeberg.
- It was only used to parse old U2F data to webauthn credentials. We
only used the public key and keyhandle. This functiontionality was
reworked to `parseU2FRegistration`.
- Tests are already present, `Test_RemigrateU2FCredentials`.
Simplify code and use `.files` elements
(cherry picked from commit ca297a90fb1fec5b270fad1a3e575916510e7385)
Conflicts:
web_src/js/features/repo-legacy.js
- Removal of `docs`, this contains Gitea documentation which is not used
by Forgejo.
- Removal of `CHANGELOG.md` this contains only Gitea commits of
releases, instead `RELEASE-NOTES.md` should be used instead which also
contains Forgejo commits.
- Fix a crash in the issue forms, because `ctx.Ctx` was trying to be
accessed, however this is not set in all contexts thus could result to NPE.
- Adds integration test.
- Resolves#3011
- Wrap the icon and callout into a seperate `<p>` which has `display:
flex; align-items: center` set. To center the icon with the callout text.
- Resolves#3006
While users can edit their own pronouns, the admin UI enables an admin
to edit *any* user setting. As such, pronouns should be editable here,
too.
For the sake of simplicity, the input here is a simple text input field,
rather than a dropdown.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
When converting from a `user_model.User` to `api.User` or
`api.UserSettings`, convert the `Pronouns` field too.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
- Currently the parsing of the push options require that `=` is present
in the value, however we shouldn't be that strict and assume if that's
not set the value is `true`.
- This allow for more natural commands, so become `-o force-push=true`
simply `-o force-push`.
- Add unit test.
- Reading the code of this delay writer implemenation, it looks like
that it should only actually write content to the `io.Writer` if x
amount of time has passed by. However in practice it was always printing
the buffer even if the X amount of time didn't pass yet. This is in line
with what was being said in the issue that this was to help with
https://github.com/go-gitea/gitea/issues/9610.
- This was caused by the extra `Close()` calls which in turn caused that
when the second `Close` is called (which is done in a defer already) it
would've printed the buffer anyway. So remove the extra calls to `Close()`.
- Add unit test.
Move the signed tag verification line above the release notes, don't
disable the bottom margin, and make sure the verification line's box is
properly rounded like other boxes.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
- Use the correct template that was given when there's an error in
retrieving which git identity should be used.
- Remove the error from the exception list.
- If the database returns a error in integration tests, it should be
marked as a failure of the test.
- Ref: https://codeberg.org/forgejo/forgejo/issues/2962 (this should
help with logging the SQL that is resulting in the error).
- Add a visual (but still semantic way) separation between Forgejo's
generated attachments and the user's uploaded ones.
- The styling was first done by `ul` element, but is moved to the
individual list items to have better control over them.
- Add tooltip explaining the attachment was generated by Forgejo.
- Remove the tooltip of the other attachments and 'simplify' them into a text.
- Resolves#2893
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
This is a squashed result of conflict resolution for the following commits from Gitea:
- 36de5b299b
- 9a93b1816e
- 712e19fa6f
- 83850cc479
It is lacking CSS rule for archived labels, though.
Changes in this commit are authored by:
- 6543
- delvh
- silverwind
They are bound to change. The worst that can happen is that the same
error happens somewhere else and is ignored although it should
not. Which is not worse than the previous situation which was to
ignore all errors anyway.
Also be more liberal about what is ignored. Some error messages are
very long and may contain elements with some variance. It is enough to
have an ignored that is specific.
- The dropdowns that contain filters for issues and pull requests are
currently not styled with the `small` class, which causes a smaller font
size to be set. Remove it for the `Sort` filter to make it consistent
and make it _more_ readable.
- Resolves#2914
This makes signed tags show a badge in the tag list similar to signed
commits in the commit list, and a more verbose block when viewing a
single tag. Works for both GPG and SSH signed tags.
Fixes#1316.
Work sponsored by @glts.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
It was necessary in the debug period to help with a faster debug
loop. Now that it works reliably, there is no need for renovate
updates more than once a day.
It will still possible to force a run, should it be necessary, by
re-running the last scheduled job.
This is, in large part, a refactoring: we rename `CommitVerification` to
`ObjectVerification`, and adjust `ParseObjectWithSignature` (previously
`ParseCommitWithSignature`) to work on an object, rather than a commit.
This in turn, lets us implement `ParseTagWithSignature` on top of it, so
commit & tag signature verification will share most of the code.
Work sponsored by @glts.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
- Colordots are generated for colors in inline code, such as `red`,
`rgb(255, 0, 124)`, `#ffaabb` and `hsl(124, 52%, 50%)`. However this
shouldn't be doon for literal color names as these can be too common
assiocated with non-color related stuff _and matches the behavior of
some other forge_.
- Move the regexes from bluemonday to Forgejo and do the checking
ourselves.
- Adds unit tests.
- Resolves https://codeberg.org/Codeberg/Community/issues/1510
The intention was good initially but the expression was wrong for two
reasons:
* When a pull_request event is received for a labeled action, the
match should be github.event.action == 'label_updated' and not
'labeled'
* The event does not have a github.event.label field and
contains(github.event.label.name, 'backport/v') will always be
false.
Since the expression is only evaluated in the context of a merged pull
request, either because it was just closed or because it was labeled
after the fact, the only verification that is needed is to assert that
there is at least one `backport/v*` label.
- Currently emojis that are part of the label's name aren't rendered
when shown in the popup that you get when you hover over issue
references.
- This patch fixes that by rendering the emoji.
- Adds CSS to not make the emoji big in the label.
- Resolves#1531
- Currently protected branch rules do not apply to admins, however in
some cases (like in the case of Forgejo project) you might also want to
apply these rules to admins to avoid accidental merges.
- Add new option to configure this on a per-rule basis.
- Adds integration tests.
- Resolves#65
Existing Forgejo packages may rely on setting GITEA_VERSION to specify
the version to build if:
* they do not build from the git repository with the proper tag
* they build from a source tarbal that does not have a VERSION file
With 7.0 the logic of setting the version was modified in the
`[RELEASE] Gitea version is for interoperability only` commit and
ignores this variable which creates an unecessary breaking change.
If GITEA_VERSION is set, the versions will be set on 7.0 exactly as
they would have with version before and included 1.21.
* If GITEA_VERSION is not set, all versions are the same
* If GITEA_VERSION is set, there is a distinction between the version
set in the binary are returned by the Gitea API and the
version returned by the Forgejo API which includes metadata.
Before:
$ make GITEA_VERSION=7.0.0 show-version-full
7.0.0-dev-1809-cd6fa771ab+gitea-1.22.0
$ make GITEA_VERSION=7.0.0 show-version-api
7.0.0-dev-1809-cd6fa771ab+gitea-1.22.0
After:
$ make GITEA_VERSION=7.0.0 show-version-full
7.0.0
$ make GITEA_VERSION=7.0.0 show-version-api
7.0.0+gitea-1.22.0
@ -4,21 +4,4 @@ The Forgejo project is run by a community of people who are expected to follow t
Sensitive security-related issues should be reported to [security@forgejo.org](mailto:security@forgejo.org) using [encryption](https://keyoxide.org/security@forgejo.org).
Sensitive security-related issues should be reported to [security@forgejo.org](mailto:security@forgejo.org) using [encryption](https://keyoxide.org/security@forgejo.org).
## For everyone involved
You can find links to the different aspects of Developer documentation on this page: [Forgejo developer guide](https://forgejo.org/docs/next/developer/).
- [Documentation](https://forgejo.org/docs/next/)
- [Code of Conduct](https://forgejo.org/docs/latest/developer/coc/)
- [Bugs, features, security and others discussions](https://forgejo.org/docs/latest/developer/discussions/)
A Forgejo release is published shortly after a Gitea release is published and they have [matching release numbers](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING/RELEASE.md#release-numbering). Additional Forgejo releases may be published to address urgent security issues or bug fixes.
A minor or major Forgejo release is published every [three months](https://forgejo.org/docs/latest/developer/release/#release-cycle), with more patch releases in between depending on the severity of the bug and security fixes it contains.
The Forgejo admin should carefully read the required manual actions before upgrading. A point release (e.g. v1.21.1-0 or v1.21.2-0) does not require manual actions but others might (e.g. v1.20, v1.21).
A [patch or minor release](https://semver.org/spec/v2.0.0.html) (e.g. upgrading from v7.0.0 to v7.0.1 or v7.1.0) does not require manual intervention. But [major releases](https://semver.org/spec/v2.0.0.html#spec-item-8) where the first version number changes (e.g. upgrading from v1.21 to v7.0) contain breaking changes and the release notes explain how to deal with them.
## Upcoming releases (not available yet)
- [8.0.0](release-notes/8.0.0/)
## 7.0.4
This is a security release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/).
In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.3...v7.0.4) included in this release.
* **Security:**
* [PR](https://codeberg.org/forgejo/forgejo/pulls/4054). Fixed: [CVE-2024-24789](https://pkg.go.dev/vuln/GO-2024-2888): the archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3639) - ([fix](https://codeberg.org/forgejo/forgejo/commit/1b088fade6c69e63843d1bdf402454c363b22ce2) & [test](https://codeberg.org/forgejo/forgejo/pulls/4032)). Fixed: the OAuth2 implementation does not always require authentication for public clients, a requirement of [RFC 6749 Section 10.2](https://datatracker.ietf.org/doc/html/rfc6749#section-10.2). A malicious client can impersonate another client and obtain access to protected resources if the impersonated client fails to, or is unable to, keep its client credentials confidential.
* **Bug fixes:**
* [backport](https://codeberg.org/forgejo/forgejo/pulls/4086) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4085). Fixed: `forgejo migrate-storage --type actions-artifacts` always fails because it picks the wrong path.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/4017) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4015). Fixed: avatar files can be found in storage while they do not exist in the database.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3997) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3976). Fixed: repository admins are always denied the right to force merge and instance admins are subject to restrictions to merge that must only apply to repository admins.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3946) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3615). Fixed: non conformance with the [Nix tarball fetcher immutable link protocol](https://github.com/nixos/nix/blob/56763ff918eb308db23080e560ed2ea3e00c80a7/doc/manual/src/protocols/tarball-fetcher.md).
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3936) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3935). Fixed: migrated activities (such as reviews) are mapped to the user who initiated the migration rather than the Ghost user, if the external user cannot be mapped to a local one. This mapping mismatch leads to internal server errors in some cases.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3906) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3904). Fixed: a v7.0.0 regression causes `[admin].SEND_NOTIFICATION_EMAIL_ON_NEW_USER=true` to always be ignored.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3888) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3865). Fixed: using a subquery for user deletion is a performance bottleneck when using mariadb 10 because only mariadb 11 takes advantage of the available index.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3887) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3885). Fixed: a v7.0.3 regression causes the expanding diffs in pull requests to fail with a 404 error.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3881) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3864). Fixed: SourceHut Builds webhook fail when the `triggers` field is used.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3877) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3242). Fixed: the label list rendering in the issue and pull request timeline is displayed on multiple lines instead of a single one.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/4084) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4083) - [commit](https://codeberg.org/forgejo/forgejo/commit/c6e04c3c9eddfa6c4bec541f681c8d300b157cdb). Fixed: NuGet Package fails `choco info pkgname` when `pkgname` is also a substring of another package Id.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/4004) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3989) - [commit](https://codeberg.org/forgejo/forgejo/commit/62448bfb931882859388b2fd472cb89428c25323). Fixed: "Git hooks of this repository seem to be broken." warning when pushing more than one branch at a time.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3942) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3917) - [commit](https://codeberg.org/forgejo/forgejo/commit/7d7ea45465d6cd1ea0ec549a71f67b4a8ff930cf). Fixed: automerge does not happen when the approval count reaches the required threshold.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3942) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3917) - [commit](https://codeberg.org/forgejo/forgejo/commit/a649610d6175d1994b838f5672261400df9fdb92). Fixed: the `FORCE_PRIVATE=true` setting is not consistently enforced.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/3859) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3838) - [commit](https://codeberg.org/forgejo/forgejo/commit/193ac67176afc72e9d108bc1730c354bfbf9a442). Fixed: CSRF validation errors when OAuth is not enabled.
* [backport](https://codeberg.org/forgejo/forgejo/pulls/4107) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4076). Fixed: headlines in rendered org-mode do not have a margin on the top
* **Localization:**
* Improvements to English locale: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3914), [[2]](https://codeberg.org/forgejo/forgejo/pulls/4114).
This is a security release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/).
In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.2...v7.0.3) included in this release.
* Container image upgrades
In the Forgejo v7.0.3 container images, the Git version was upgraded to [2.43.4](https://pkgs.alpinelinux.org/packages?name=git&branch=v3.19) which includes fixes for [multiple vulnerabilities](https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/). However, the vulnerabilities with a high impact can be exploited when Git is used in an environment (or Operating Systems) which is different from the Forgejo OCI image.
* **Security:**
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3673). Fixed: [CVE-2024-24788](https://pkg.go.dev/vuln/GO-2024-2824): a malformed DNS message in response to a query can cause the lookup functions to get stuck in an infinite loop.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3802). Fixed: backticks in [mermaid](https://mermaid.js.org/) block diagram labels [are not sanitized properly](https://github.com/mermaid-js/mermaid/commit/c7fe9a646574597adefe3e6fb2b3707112a151aa).
* **Bug fixes:**
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3588). Fixed: migration of a repository from gogs fails when it is hosted at a subpath.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3591). Fixed: when creating an OAuth2 application the redirect URLs are not enforced to be mandatory.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3659). Fixed: the API incorrectly excludes repositories where code is not enabled.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3677). Fixed: "Allow edits from maintainers" cannot be modified via the pull request web UI.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3687). Fixed: repository activity feeds (including RSS and Atom feeds) contain repeated activities.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3705). Fixed: uploading maven packages with metadata being uploaded separately will fail.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3751). Fixed: the mail notification sent about commits pushed to pull requests are empty.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3753). Fixed: inline emails attachments are not properly handled when commenting on an issue via email.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3760). Fixed: the links to .zip and tar.gz on the tag list web UI fail.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3767). Fixed: expanding code diff while previewing a pull request before it is created fails.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: the CLI is not able to migrate Forgejo Actions artifacts.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: when adopting a repository, the default branch is not taken into account.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: when using reverse proxy authentication, logout will not be taken into account when immediately trying to login afterwards.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3788). Fixed: pushing to the master branch of a sha256 repository fails.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3827). Fixed: a very long project column name will make the action menu inaccessible.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3842). Fixed: a useless error is displayed when the title of a merged pull request is modified.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3846). Fixed: workflow badges are not working for workflows that are not running on push (such as scheduled workflows, and ones that run on tags and pull requests).
* **Localization:**
* Improvements to English locale: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3825), [[2]](https://codeberg.org/forgejo/forgejo/pulls/3750), [[3]](https://codeberg.org/forgejo/forgejo/pulls/3742), [[4]](https://codeberg.org/forgejo/forgejo/pulls/3674), [[5]](https://codeberg.org/forgejo/forgejo/pulls/3641).
This section is for information only and does not require any action.
The semantic version of the Forgejo 7.0 releases are:
* `v7.0.0+gitea-1.22.0`
* `v7.0.1+gitea-1.22.0`
* `v7.0.2+gitea-1.22.0`
* `v7.0.3+gitea-1.21.11`
Gitea v1.22 is [not published yet](https://github.com/go-gitea/gitea/issues/30731) as of 21 May 2024 and in reality all Forgejo v7.0 releases are compatible with Gitea v1.21.11. Advertising they will be compatible with an unpublished Gitea version was incorrect. The Gitea v1.22 release was anticipated to happen shortly after [Forgejo v7.0 was published on 23 April 2024](https://forgejo.org/2024-04-release-v7-0/) because it was already in the late stages of its release candidate lifecycle. However, around 27 April, [the Gitea release candidates were dropped](https://github.com/go-gitea/gitea/issues/30501) and the release candidates restarted from the Gitea development branch.
## 7.0.2
This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/).
In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.1...v7.0.2) included in this release.
* **Bug fixes:**
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3562): a v7.0.0 regression where subscribing to or unsubscribing from an issue in a repository with no code produced an internal server error.
* [PR](https://codeberg.org/forgejo/forgejo/issues/3559): a v7.0.0 regression makes all the refs sent in Gitea webhooks to be full refs and might break Woodpecker CI pipelines triggered on tag (`CI_COMMIT_TAG` contained the full ref). This issue [has been fixed](https://github.com/woodpecker-ci/woodpecker/pull/3664) in the `main` branch of Woodpecker CI as well.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3555): the webhook branch filter wrongly applied the match on the full ref for branch creation and deletion (wrongly skipping events).
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3537): toggling the WIP state of a pull request is possible from the sidebar, but not from the footer.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3565): when mentioning a user, the markup post-processor does not handle the case where the mentioned user does not exist: it tries to skip to the next node, which in turn, ended up skipping the rest of the line.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3570): excessive and unnecessary database queries when a user with no repositories is viewing their dashboard.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3580): duplicate status check contexts show in the branch protection settings.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3497): profile info fails to render german singular translation.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3504): inline attachments of [incoming emails](https://forgejo.org/docs/v7.0/user/incoming/) (as they occur for example with Apple Mail) are not attached to comments.
## 7.0.1
This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/).
In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.0...v7.0.1) included in this release.
* **Bug fixes:**
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3466): LFS data corruption when running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`).
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3412): [non backward compatible change](https://codeberg.org/forgejo/forgejo/issues/3399) in the [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3448): error 500 because of an incorrect evaluation of the template when visiting the LFS settings of a repository.
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3464): `GET /repos/{owner}/{name}` API endpoint [always returns an empty string for the `object_format_name` field](https://codeberg.org/forgejo/forgejo/issues/3458).
* [PR](https://codeberg.org/forgejo/forgejo/pulls/3444): fuzzy search [may fail with bleve](https://codeberg.org/forgejo/forgejo/issues/3443).
## 7.0.0
The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v7.0/forgejo) included in the `Forgejo v7.0.0` release can be reviewed from the command line with:
* Running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`) will corrupt the LFS storage. The workaround is to not run the doctor CLI command and disable the `cron.gc_lfs`. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3438).
* The [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399).
* [Forgejo webhooks](https://codeberg.org/forgejo/forgejo/issues/3055) now always send full refs (starting with `refs/`) instead of sending short refs in some cases. This new behavior may require changes when the receiving end assumes a short ref will be received (for instance some versions of Woodpecker CI when receiving webhook payloads when a tag is set).
* [MySQL 8.0 or PostgreSQL 12](https://codeberg.org/forgejo/forgejo/commit/e94f9fcafdcf284561e7fb33f60156a69c4ad6a5) are the minimum supported versions. The database must be migrated before upgrading. The requirements regarding SQLite did not change.
* The `per_page` parameter is [no longer a synonym for `limit`](https://codeberg.org/forgejo/forgejo/commit/0aab2d38a7d91bc8caff332e452364468ce52d9a) in the [/repos/{owner}/{repo}/releases](https://code.forgejo.org/api/swagger/#/repository/repoListReleases) API endpoint.
* The date format of the `created` and `last_update` fields of the [`/repos/{owner}/{repo}/push_mirrors`](https://code.forgejo.org/api/swagger/#/repository/repoListPushMirrors) and [/repos/{owner}/{repo}/push_mirrors](https://code.forgejo.org/api/swagger/#/repository/repoAddPushMirror) API endpoint changed [to be timestamps instead of numbers](https://codeberg.org/forgejo/forgejo/commit/0ee7cbf725f45650136be45f8e0f74d395f73b5c).
* Labels used [by pprof endpoint](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#server-server) have been changed:
* `graceful-lifecycle` to `gracefulLifecycle`
* `process-type` to `processType`
* `process-description` to `processDescription`
This allows for those endpoints to be scraped by services requiring prometheus style labels such as [grafana-agent](https://grafana.com/docs/agent/latest/).
* The repository description [imposes additional restrictions on what it contains](https://codeberg.org/forgejo/forgejo/commit/1075ff74b5050f671c5f9824ae39390230b3c85d) to prevent abuse. You may use [the v7.0 test instance](https://v7.next.forgejo.org/) to check how it will be modified.
* The [Gitea themes were renamed](https://codeberg.org/forgejo/forgejo/commit/023e937141dd891bce3370c869d4db2c60f971ed) and the `[ui].THEMES` setting must be changed as follows:
* `gitea` is replaced by `gitea-light`
* `arc-green` is replaced by `gitea-dark`
* `auto` is replaced by `gitea-auto`
* **Breaking changes in the user interface:**
Note that the modifications related to CSS, templates or assets (images, fonts, etc.) are not documented here.
Although they can be extracted and modified, Forgejo does not provide any guarantee that such changes
will be portable from one version to another (even a patch version). See also
[the developer documentation about interface customization](https://forgejo.org/docs/v7.0/developer/customization/).
* [Update checker setting might change](https://codeberg.org/forgejo/forgejo/pulls/2925). The documentation was listing it as enabled by default, however, for a while it was disabled unless it was explicitly specified in the config or on the installation page. Instances migrated from Gitea also had it disabled due to different default value. Since then Forgejo got a privacy-friendly DNS-based update checking mechanism which is now being enabled by default unless explicitly specified [in the config](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---check-for-new-forgejo-versions-cronupdate_checker).
* Language statistics for repositories that use `linguist` attributes in `.gitattributes`*may* show different statistics than previously, because Forgejo recognizes more [linguist attributes](https://forgejo.org/docs/v7.0/user/language-detection/) now.
* It is [no longer possible to replace the default web editor](https://codeberg.org/forgejo/forgejo/pulls/2916) used to write comments or issues and pull requests with the EasyMDE editor. It is however still available as an alternative to edit releases and wiki pages.
* [The list of all repositories and the `New Issue` button are no longer available in the user dashboard](https://codeberg.org/forgejo/forgejo/commit/beb71f5ef6e8074dc744ac995c15f7b5947a3f2e) for issues and pull requests.
* **Migration warning**
* If the logs show a line like the following, [run doctor convert](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-convert) to fix it.
```
[W] Current database is using a case-insensitive collation "utf8mb4_general_ci"
```
* Large instances may experience slow migrations when the database is upgraded to support SHA-256 git repositories. For instance, here are the logs from a test migration of the https://codeberg.org production database:
```
[I] Migration[286]: Add support for SHA256 git repositories
* Repository settings have been refactored, lifting out the repository unit-related settings to their own page. ([#2221](https://codeberg.org/forgejo/forgejo/pulls/2221))
- When additional units can be enabled, an "Add more..." link will be displayed for repository admins. This can be turned off. ([#2533](https://codeberg.org/forgejo/forgejo/pulls/2533))
* Repository administrators can [allow anyone to edit the wiki](https://forgejo.org/docs/v7.0/user/wiki/#activation-and-permissions) in the repository Settings. ([#2001](https://codeberg.org/forgejo/forgejo/pulls/2001))
* Instance administrators can enable [repository badges](https://forgejo.org/docs/v7.0/user/readme-badges/) in the [configuration file](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#badges-badges). This feature depends on a shield generator service such as shields.io, and is disabled by default. ([#2070](https://codeberg.org/forgejo/forgejo/pulls/2070))
* Instance administrators can configure the additional clone methods displayed on the repository home view. ([gitea#29320](https://github.com/go-gitea/gitea/pull/29320))
* Instance administrators can [assign custom flags to repositories](https://codeberg.org/forgejo/forgejo/pulls/2079). This is disabled by default, and currently requires custom templates to do anything useful with the flags. ([#2079](https://codeberg.org/forgejo/forgejo/pulls/2079) & [#2097](https://codeberg.org/forgejo/forgejo/pulls/2097))
* Fallback for [basic repo search using git-grep](https://forgejo.org/docs/v7.0/user/code-search/) when code indexer is disabled ([gitea#29998](https://github.com/go-gitea/gitea/pull/29998))
* Repository administrators can disable forking instance-wide by setting the new `[repository].DISABLE_FORKS` setting. ([#2445](https://codeberg.org/forgejo/forgejo/pulls/2445))
* Render permalinks to files with a line range by an inline preview in all places where markup is allowed ([#2669](https://codeberg.org/forgejo/forgejo/pulls/2669))
* A user can now optionally set their preferred pronouns ([#1518](https://codeberg.org/forgejo/forgejo/pulls/1518)).
* Forgejo now recognizes more [linguist attributes](https://forgejo.org/docs/v7.0/user/language-detection/), making it possible to include documentation in the repository language statistics, for example. ([#2088](https://codeberg.org/forgejo/forgejo/pulls/2088))
* When displaying the message to open a pull request from a recently pushed branch, the recently pushed branch now links to the appropriate branch. ([#2141](https://codeberg.org/forgejo/forgejo/pulls/2141))
* Users who signed up, but have not activated their accounts yet, are now able to [change their email before activation](https://codeberg.org/forgejo/forgejo/pulls/1891). ([#1891](https://codeberg.org/forgejo/forgejo/pulls/1891))
* The "You pushed on branch ...." banner is now displayed for repositories you have a fork of with recently pushed branches too ([#2195](https://codeberg.org/forgejo/forgejo/pulls/2195)), and it will no longer consider branches that share no history with the default branch. ([#2196](https://codeberg.org/forgejo/forgejo/pulls/2196))
* Forgejo will now highlight signed tags in a similar way it highlights signed commits. ([#2534](https://codeberg.org/forgejo/forgejo/pulls/2534))
* Forgejo gained support for the more recent GitHub-style alert blocks. ([#2348](https://codeberg.org/forgejo/forgejo/pulls/2348))
- The older style remains supported too.
* [[ACTIONS] Add vars context to cron jobs](https://codeberg.org/forgejo/forgejo/pulls/3059)
* [[ACTIONS] Allow viewing the latest Action Run on the web](https://codeberg.org/forgejo/forgejo/pulls/1900)
* [[AGIT] Automatically fill in the description](https://codeberg.org/forgejo/forgejo/pulls/2344)
* [[API] Add API to get PR by base/head](https://codeberg.org/forgejo/forgejo/pulls/2481)
* [[API] commentAssignment() to verify the id belongs](https://codeberg.org/forgejo/forgejo/pulls/2126)
* [I18N] General improvements to English locale: [1](https://codeberg.org/forgejo/forgejo/pulls/2307), [2](https://codeberg.org/forgejo/forgejo/pulls/2437), [3](https://codeberg.org/forgejo/forgejo/pulls/2492), [4](https://codeberg.org/forgejo/forgejo/pulls/2610), [5](https://codeberg.org/forgejo/forgejo/pulls/2703), [6](https://codeberg.org/forgejo/forgejo/pulls/2941).
* [Add default board to new projects, remove uncategorized pseudo-board](https://codeberg.org/forgejo/forgejo/commit/8ffb9c6fb1571a1221978440f108911057df25db).
* [Add more stats tables](https://codeberg.org/forgejo/forgejo/commit/926367fe1d778fe7c9f5bc6b8e8c514b619ef038).
* [Improve branch select list ui in go templates](https://codeberg.org/forgejo/forgejo/commit/729849a2fd026adbb91e3ff3259290f61bd919f0).
* [Completely style the webkit autofill](https://codeberg.org/forgejo/forgejo/commit/9916f3ed64a715fb9a31a0fcad6452276e275615).
* [Set user's 24h preference from their current OS locale](https://codeberg.org/forgejo/forgejo/commit/427ab550a6a35e7369bc1b33a188bb3030c32ec0).
* [Make wiki default branch name changeable](https://codeberg.org/forgejo/forgejo/commit/7ea8993a0e342e7a30cb2da03216697b4819935a).
* [Make admin pages wider because of left sidebar added and some tables become too narrow](https://codeberg.org/forgejo/forgejo/commit/145bebc829c03cbb078e518d7364d27bcf60d96c).
* [Make PR form use toast to show error message](https://codeberg.org/forgejo/forgejo/commit/221a28436a080447f429fa2089d264e56f4980e2).
* [Rename Action.GetDisplayName to GetActDisplayName](https://codeberg.org/forgejo/forgejo/commit/be9189eddc84e942710b16b1c8c54c10aad01b63).
* [Auto-update the system status in admin dashboard](https://codeberg.org/forgejo/forgejo/commit/4f050f358a15dd51903e01b330a5419b2ac06693).
* [Show more settings for empty repositories](https://codeberg.org/forgejo/forgejo/commit/b03af9efb275f935bb265c7f031225caaafefaff).
* [Downscale pasted PNG images based on metadata](https://codeberg.org/forgejo/forgejo/commit/b3f2447bc4b6a7220da748cc6eb24bd5568bee7c).
* [Show `View at this point in history` for every commit](https://codeberg.org/forgejo/forgejo/commit/27bc2b9d9597de89d2c6b68581c6729bb16a4572).
* [Drop "@" from email sender to avoid spam filters](https://codeberg.org/forgejo/forgejo/commit/9a1d5c549cb6d32219647ea1a771b8a82d5ac89f).
* [Allow non-admin users to delete review requests](https://codeberg.org/forgejo/forgejo/commit/77c56e29ded5665bdc09d0a568159aa7127b44b1).
* [Some performance optimization on dashboard and issues page](https://codeberg.org/forgejo/forgejo/commit/d996c5d5179c99855e69156a034eca055e9329a4).
* [Improve user search display name](https://codeberg.org/forgejo/forgejo/commit/c3e462921ee31536e59b37e654ed20e92a37ffe6).
* [Fix UI Spacing Errors in mirror settings](https://codeberg.org/forgejo/forgejo/commit/64faecefe10613840709a68c1b8b708115d69d6e).
* [Include username in email headers](https://codeberg.org/forgejo/forgejo/commit/360b3fd17c3315ad9ad9c4e6ac02eda73f48d8ae).
* [Also match weakly validated ETags](https://codeberg.org/forgejo/forgejo/commit/28fe3db1fb0f89bcb55829ced33c1282f85f6e97).
* [Propagate install_if and provider_priority to APKINDEX](https://codeberg.org/forgejo/forgejo/commit/2da233ad8be107de29190720f1c30199410fe0cd).
* [Fix display latest sync time for pull mirrors on the repo page](https://codeberg.org/forgejo/forgejo/commit/4674aea25b54baf08594c54f061dee9e44190f02).
* [Remove trust model selection from repository creation on web page because it can be changed in settings later](https://codeberg.org/forgejo/forgejo/commit/c08d263a1900aa5ee92f56af8ad1c7a2697d02e1).
* [Add ability to see open and closed issues at the same time](https://codeberg.org/forgejo/forgejo/commit/2c3da59e275b69ebf984bb70954f42a7bcb0b49d).
* [Move sign in labels to be above inputs](https://codeberg.org/forgejo/forgejo/commit/4af0944b2604dd2b2e413864492135faea097298).
* [Move the captcha script loader to the template which really needs it](https://codeberg.org/forgejo/forgejo/commit/a04f8c0f81f55a8b927ce0fad8127db39396f892).
* [Display latest sync time for pull mirrors on the repo page](https://codeberg.org/forgejo/forgejo/commit/2d343f8987025015f5b61e328cc9e45082e6d3f2).
* [Show in Web UI if file is vendored and generated](https://codeberg.org/forgejo/forgejo/commit/7ed18566e10b298309dcc99d97447cb1932ae09a).
* [Display issue task list on project cards](https://codeberg.org/forgejo/forgejo/commit/4776fde9e1caa7cee5671715144a668e19a0323c).
* [Add Index to pull_auto_merge.doer_id](https://codeberg.org/forgejo/forgejo/commit/c8602a8dfa05f653e7de8ed2e677c8967b8688f5).
* [Fix display member unit in the menu bar if there are no hidden members in public org](https://codeberg.org/forgejo/forgejo/commit/0e021cd33ee3eb3d8f204bd075e2597b7ec8b391).
* [List all Debian package versions in `Packages`](https://codeberg.org/forgejo/forgejo/commit/b36e2ca4195298d2e4516e3022b953543f62f470).
* [Allow pull requests Manually Merged option to be used by non-admins](https://codeberg.org/forgejo/forgejo/commit/1756e30e102d079f8425aa2061ef80fd36c2e57d).
* [Only show diff file tree when more than one file changed](https://codeberg.org/forgejo/forgejo/commit/572f0963edc71239634ee782a3c69213479f34ba).
* [Show placeholder email in privacy popup](https://codeberg.org/forgejo/forgejo/commit/31f8880bc252a25075f8752e2722b316c6e46ec7).
* [Pre-register OAuth application for tea](https://codeberg.org/forgejo/forgejo/commit/a825cc0f3423f0a5c8157c436a0c7b489ef536c1).
* [Differentiate between `push` and `pull` `mirror sync in progress`](https://codeberg.org/forgejo/forgejo/commit/e709bc199fe33456c4ecd1cd28029bd31b529832).
* [Link to file from its history](https://codeberg.org/forgejo/forgejo/commit/33de64cb21505259338e393ef0d15ccb0f757475).
* [Add a shortcut to user's profile page to admin user details](https://codeberg.org/forgejo/forgejo/commit/e96e440b8bde5516ffc7bba42691e26084a96588).
* [Doctor: delete action entries without existing user](https://codeberg.org/forgejo/forgejo/commit/15fa0383fb5dd9ad1702dbc34ba7100c0cdbcc8c).
* [Add anchor to review types](https://codeberg.org/forgejo/forgejo/commit/89c9a498fdd6184df8afda8b5b488462e65b9e71).
* [Show total TrackedTime on issue/pull/milestone lists](https://codeberg.org/forgejo/forgejo/commit/adbc995c347e158a56264f2488997d7d59a4dd8b).
* [Improve commit record's ui in comment list](https://codeberg.org/forgejo/forgejo/commit/ed1798f66d30e3755f01e24f8cb4aa5e8b6628a0).
* [Don't show new pr button when page is not compare pull](https://codeberg.org/forgejo/forgejo/commit/b693611b35c5ae17cfc820bc3e731608a5251464).
* [Add `Hide/Show all checks` button to commit status check](https://codeberg.org/forgejo/forgejo/commit/dcb648ee71853073d54e8a6e107b764212ede58e).
* [Improvements of releases list and tags list](https://codeberg.org/forgejo/forgejo/commit/3fcad582c9b9bfe66f4a346652f82b1aaf18430d).
* [Support pasting URLs over markdown text](https://codeberg.org/forgejo/forgejo/commit/45112876766cb81ed7edd2b72a3ab93e6deab8bb).
* [Customizable "Open with" applications for repository clone](https://codeberg.org/forgejo/forgejo/commit/44221a3cd747a01d55093b15a12bf053b534da35).
* [Allow options to disable user deletion from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/767e9634d3d02acab27f05e1783391c9c7f6292e).
* [Artifact deletion in actions ui](https://codeberg.org/forgejo/forgejo/commit/c551d3f3ab13379b0740fc45bc4dfc8f2fb84e16).
* [Add API routes to get runner registration token](https://codeberg.org/forgejo/forgejo/commit/baf0d402d9cb47849394202fcfc7c2e23b0faac3).
* [Add support for forking single branch](https://codeberg.org/forgejo/forgejo/commit/5e02e3b7ee8294e2ec94968ece9af56bf1aa1534).
* [Add support for sha256 repositories](https://codeberg.org/forgejo/forgejo/commit/d68a613ba8fd860863a3465b5b5945b191b87b25).
* [Add admin API route for managing user's badges](https://codeberg.org/forgejo/forgejo/commit/82b7de1360870db7a8b368a3f80ede887e32e128).
* **Bug fixes:**
* The repository home view will no longer redirect to external units. ([#2064](https://codeberg.org/forgejo/forgejo/pulls/2064))
* User and Organization `.profile` repositories now search for a `README.md` file case insensitively. ([#2090](https://codeberg.org/forgejo/forgejo/pulls/2090))
* When viewing a file, the RSS feed link is only displayed when there is an RSS feed provided for the context: when viewing a file on a branch. ([#2103](https://codeberg.org/forgejo/forgejo/pulls/2103))
* Repository topic searches are now correctly paged, which should make topic management on larger instances orders of magnitudes faster. ([#2060](https://codeberg.org/forgejo/forgejo/pulls/2060))
* Mentioning a user in a comment or similar place ignores apostrophes now. ([#2485](https://codeberg.org/forgejo/forgejo/pulls/2485))
* Setting the `[repository].DISABLE_STARS` setting to `true` disables the functionality completely, rather than just hiding it from the user interface.
* Forking a repository is now available at a predictable URL, and does not require knowing the repository id. ([#2310](https://codeberg.org/forgejo/forgejo/pulls/2310))
* Issue and pull request templates can now be placed in a `.forgejo` directory, like workflows. ([#2290](https://codeberg.org/forgejo/forgejo/pulls/2290))
* [[A11Y] Fix accessibility and translatability of repo explore counters](https://codeberg.org/forgejo/forgejo/pulls/2862)
* [[A11Y] Focus styling and fix Watch/Unwatch buttons](https://codeberg.org/forgejo/forgejo/pulls/2379)
* [[A11Y] Label Stars/Forks links in repo explore](https://codeberg.org/forgejo/forgejo/pulls/2634)
* [[A11Y] Taborder in repo explore](https://codeberg.org/forgejo/forgejo/pulls/2636)
* [[ACTIONS] add proper payload to scheduled events](https://codeberg.org/forgejo/forgejo/pulls/2015)
* [[ACTIONS] Do not update PRs based on events that happened before they existed](https://codeberg.org/forgejo/forgejo/pulls/2932)
* [[ACTIONS] GetScheduledMergeByPullID may involve a system user](https://codeberg.org/forgejo/forgejo/pulls/1908)
* [[ACTIONS] Link to Workflow in View](https://codeberg.org/forgejo/forgejo/pulls/1866)
* [[ACTIONS] the ref of a scheduled action is always the default branch](https://codeberg.org/forgejo/forgejo/pulls/1941)
* [[API] Adjust name of operation](https://codeberg.org/forgejo/forgejo/pulls/2189)
* [Prevent re-review and dismiss review actions on closed and merged PRs](https://codeberg.org/forgejo/forgejo/commit/23676bfea7ccbbe166a554115ea1f5f02800e379).
* [Add a warning for disallowed email domains](https://codeberg.org/forgejo/forgejo/commit/2559c80bec27a41967b355d214253a83b9ee5dad).
* [Skip email domain check when admins edit user emails](https://codeberg.org/forgejo/forgejo/commit/e7afba21ce2b02eb4230ba03752bd8b937f3e6ef).
* [Skip email domain check when admin users adds user manually](https://codeberg.org/forgejo/forgejo/commit/b6057a34db38e563473db00543a1e39fd743ca34).
* [Add support for API blob upload of release attachments](https://codeberg.org/forgejo/forgejo/commit/47a913d40d3417858f2ee51a7dbed64ca84eff60).
* [Allow options to disable user gpg keys configuration from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/ee6ff937c0782b9cdc7ae1bc62b7eda83982d40f).
* [Allow options to disable user ssh keys configuration from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/bb09ad2b63570c80418b4b9a10f7dbbb349448ab).
* [Fix content size does not match error when uploading lfs file](https://codeberg.org/forgejo/forgejo/commit/fb137d1e49c0436f1db093e2dc0a2350d63e1e29).
* [Add API to get merged PR of a commit](https://codeberg.org/forgejo/forgejo/commit/1608ef0ce9ce2ea1c87aef715d111cf441637d01).
* [Add API to get PR by base/head](https://codeberg.org/forgejo/forgejo/commit/feb189554e758ed27d1e309e5ec309d663e8f338).
* [Add attachment support for code review comments](https://codeberg.org/forgejo/forgejo/commit/f95fb8cc44d790e0ae71d3f879124a6ee9b07f66).
* [Add support for action artifact serve direct](https://codeberg.org/forgejo/forgejo/commit/1f8ad34e4391673a2eda434ea5e48ea084cdc814).
* [Show whether a PR is WIP inside popups](https://codeberg.org/forgejo/forgejo/commit/50f55f11c4f785b72a39e59b0fc12ae70ab8d8b5).
* [Add artifacts v4 jwt to job message and accept it](https://codeberg.org/forgejo/forgejo/commit/a9bc590d5d10b97bd8aa050ffb720e141a600064).
* [Fix some RPM registry flaws](https://codeberg.org/forgejo/forgejo/commit/461d8b53c2e51a8a6a1715ba40ac61d7e9f93971).
* [Add branch protection setting for ignoring stale approvals](https://codeberg.org/forgejo/forgejo/commit/5d3fdd121279c758f247a76e020799aa5e548feb).
* [Fix the wrong HTTP response status code for duplicate packages](https://codeberg.org/forgejo/forgejo/commit/5b6258a0b94737ec3db1ce418d0c933512a71f78).
* [Don't run push mirrors for archived repos](https://codeberg.org/forgejo/forgejo/commit/f3ba3e922dde7d12999a90d6cee15805a56cc7ff).
* [Support for grouping RPMs using paths](https://codeberg.org/forgejo/forgejo/commit/ba4d0b8ffbd78473273800f586ae8bde55cda6c5).
* [Fixes #27605: inline math blocks can't be preceded/followed by alphanumerical characters](https://codeberg.org/forgejo/forgejo/commit/2adc3a45fbd60126c0eab66b9cdd177a63bd4704).
* [Include encoding in signature payload](https://codeberg.org/forgejo/forgejo/commit/6925c0eee43980133896f9e4ee7e48e5751e9417).
* [Fix milestoneID filter bug in issue list](https://codeberg.org/forgejo/forgejo/commit/0da787f23737d252e6c80aa1a1f665e09dba0ea9).
* [Fix Citation modal responsiveness and clipboard copy](https://codeberg.org/forgejo/forgejo/commit/ca39d743636c9732f4422e130bac974555fb43c2).
* [Fix incorrect locale Tr for gpg command](https://codeberg.org/forgejo/forgejo/commit/071d871dcf8dd8097dc0af6d4baf304a2fbbe4e2).
* [Improve a11y document and dropdown item](https://codeberg.org/forgejo/forgejo/commit/1d4bf7e211db0866774fa3f6f563e15ffadac1f6).
* [Determine fuzziness of bleve indexer by keyword length](https://codeberg.org/forgejo/forgejo/commit/ab5f0b7558229b3ab5c3946a51e58b4caae775b0).
* [Fix ellipsis button not working if the last commit loading is deferred](https://codeberg.org/forgejo/forgejo/commit/1e29bccddbeb29eec3ceb507612851021ab4d60d).
* [Fix incorrect diff expander for deletion of last lines in a file](https://codeberg.org/forgejo/forgejo/commit/85bf170ff0d54471fe88903009a3fec4ef3e6e8c).
* [Do not exceed display for the PR page buttons on smaller screens](https://codeberg.org/forgejo/forgejo/commit/e7297d423f566a383c8861c4aaee028606591038).
* [Move citation button to proper place](https://codeberg.org/forgejo/forgejo/commit/eb4061babacfee2b72f4a33412530eb9f0de3b25).
* [Expire artifacts before deleting them physically](https://codeberg.org/forgejo/forgejo/commit/7f64e4d2a3f20b7d7de6542de5e0856c643e821f).
* [Fix can not select team reviewers when reviewers is empty](https://codeberg.org/forgejo/forgejo/commit/df439b6a983865ba559e517e5e93f5f1a53a97a0).
* [Fix default avatar image size in PR diff page](https://codeberg.org/forgejo/forgejo/commit/3aed8ae03475a430c0dc8e33f42fa9269a4844bd).
* [Fix branch list bug which displayed default branch twice](https://codeberg.org/forgejo/forgejo/commit/0e6fd0d1c1e31d22707e6f06124d5bf76361eaab).
* [Set the `isPermaLink` attribute to `false` in the `guid` sub-element](https://codeberg.org/forgejo/forgejo/commit/5574968ecbc34908dfa17b28bfc79c3490eaa685).
* [Fix long package version names overflowing](https://codeberg.org/forgejo/forgejo/commit/3d474110c181df7854576d78e46209908f7e1b52).
* [Fix wrong link in user and organization profile when using relative url](https://codeberg.org/forgejo/forgejo/commit/42149ff1a816501643ec2407ed61a83bf5b65059).
* [Fix session key conflict with database keyword](https://codeberg.org/forgejo/forgejo/commit/4c29c75968f520123f125e8305b2c29198664251).
* [Fix commit status in repo list](https://codeberg.org/forgejo/forgejo/commit/0abb5633e34fd14c2d49de0b4c98f7ba7d98a37e).
* [Fix incorrect action duration time when rerun the job before executed once](https://codeberg.org/forgejo/forgejo/commit/07ba4d9f87cf21b7ce87158ae5651cae3bb35604).
* [Fix missing mail reply address](https://codeberg.org/forgejo/forgejo/commit/3081e7e1536356346f73fb4a0d00101863b2cf05).
* [Refactor Find Sources and fix bug when view a user who belongs to an inactive auth source](https://codeberg.org/forgejo/forgejo/commit/1bf5527eac6b947010c8faf408f6747de2a2384f).
* [Fix issue not showing on default board and add test](https://codeberg.org/forgejo/forgejo/commit/1eae2aadae0583ab092d6ed857bb727829aa52b7).
* [Improve file history UI and fix URL escaping bug](https://codeberg.org/forgejo/forgejo/commit/d1527dac3d1e68caf5a6f54c08144e28256e5c47).
* [When the title in the issue has a value, set the text cursor at the end of the text.](https://codeberg.org/forgejo/forgejo/commit/8c2559a72603e07fe682efddd698e1fc190b2728).
* [Load citation JS only when needed](https://codeberg.org/forgejo/forgejo/commit/f2fc2dcfc9305a42242421c718ee3673bd1c851c).
* [Light theme color enhancements](https://codeberg.org/forgejo/forgejo/commit/23e2ace77d1612cda09bc0d08690314e7321cca3).
* [Dark theme color enhancements](https://codeberg.org/forgejo/forgejo/commit/704a59e59584041f95939e3d90260173906f946a).
* [Refactor markup/csv: don't read all to memory](https://codeberg.org/forgejo/forgejo/commit/d413a8fcacc81b6f7039371408034c9c2fc6c15f).
* [Move all login and account creation page labels to be above inputs](https://codeberg.org/forgejo/forgejo/commit/3acea02eb66ea09248ff29eb6b9cefce29fcea37).
* [Fix Gitpod logic of setting ROOT_URL](https://codeberg.org/forgejo/forgejo/commit/e52d87758272c417bb9b30e944f9b0bd33d28cb7).
* [Fix broken following organization](https://codeberg.org/forgejo/forgejo/commit/fd3b4afa2b3621ece2d7d1587fd4b017142d75a0).
* [Don't do a full page load when clicking `Watch` or `Star`](https://codeberg.org/forgejo/forgejo/commit/6992ef98fc227a60cf06e0a06b9ae2492b3d61be).
* [Fix non-alphabetic sorting of repo topics](https://codeberg.org/forgejo/forgejo/commit/a240d5dfa7e261f2fb703cf24b1ba4dc6aa47bfd).
* [Make cross-reference issue links work in markdown documents again](https://codeberg.org/forgejo/forgejo/commit/12c0487e01d3fd9fe289345c53e8a220be55e864).
* [Fix tooltip of variable edit button](https://codeberg.org/forgejo/forgejo/commit/361839fb1c8bdfb8291bbcf9bd650b21a605bbd7).
* [Disable query token param in integration tests](https://codeberg.org/forgejo/forgejo/commit/33439b733a4f69640350b9cda370963ebe9d1e0a).
* [Add merge arrow direction and update styling](https://codeberg.org/forgejo/forgejo/commit/e522e774cae2240279fc48c349fc513c9d3353ee).
* [Add links to owner home page in explore](https://codeberg.org/forgejo/forgejo/commit/dd5693387e0642e1aba05b01eeb18139ce90ef5e).
* [Render PyPi long description as document](https://codeberg.org/forgejo/forgejo/commit/876a0cb3d652f42545abdb33dc4fd71a7c3343bf).
* [Ignore temporary files for directory size](https://codeberg.org/forgejo/forgejo/commit/cb8298b7178f5dde302604bfe34c658b725f16f8).
* [Add download URL for executable files](https://codeberg.org/forgejo/forgejo/commit/9341b37520e5626352bf2df52e8dbace2985c0d7).
* [Improve profile for Organizations](https://codeberg.org/forgejo/forgejo/commit/089ac06969030b0886d4e20bf8f7a757f785f158).
* [Fix Show/hide filetree button on small displays](https://codeberg.org/forgejo/forgejo/commit/e31c6cfe6e30341c502302d1c0a03138f8bf5c9f).
* [Fix merge base commit for fast-forwarded GitLab PRs](https://codeberg.org/forgejo/forgejo/commit/02dae3f84b80047bef391960eea1350d551e4d72).
* [Align ISSUE_TEMPLATE with the new label system](https://codeberg.org/forgejo/forgejo/commit/248b7ee850ecdb538b22ddcfbe80b6f91be32b70).
* [Improve the list header in milestone page](https://codeberg.org/forgejo/forgejo/commit/8abc1aae4ab5b03be0bcbdd390bb903b54ccd21a).
## 1.21.11-2
[The complete list of new commits included in the Forgejo v1.21.11-2 release can be reviewed here](https://codeberg.org/forgejo/forgejo/compare/v1.21.11-1...v1.21.11-2), or from the command line with:
The semantic version was updated to `6.0.13+0-gitea-1.21.10`
* Security fix
* [PR](https://codeberg.org/forgejo/forgejo/pulls/4047). Fixed: the OAuth2 implementation does not always require authentication for public clients, a requirement of [RFC 6749 Section 10.2](https://datatracker.ietf.org/doc/html/rfc6749#section-10.2). A malicious client can impersonate another client and obtain access to protected resources if the impersonated client fails to, or is unable to, keep its client credentials confidential.
## 1.21.11-1
This stable release contains a single bug fix for a regression introduced in v1.21.11-0 by which creating a tag via the API would fail with error 500 on a repository a where Forgejo Actions workflow triggered by tags exists.
* Recommended Action
We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible.
The semantic version was updated to `6.0.12+0-gitea-1.21.10`
* Bug fix
* [error 500 on tag creation when a workflow exists](https://codeberg.org/forgejo/forgejo/issues/3327)
## 1.21.11-0
[The complete list of new commits included in the Forgejo v1.21.11-0 release can be reviewed here](https://codeberg.org/forgejo/forgejo/compare/v1.21.10-0...v1.21.11-0), or from the command line with:
This stable release contains bug fixes and **security fixes**.
* Recommended Action
We strongly recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible.
The semantic version was updated to `6.0.11+0-gitea-1.21.10`
* Security fix
* [Fixed a privilege escalation through git push options](https://codeberg.org/forgejo/forgejo/commit/cc80e661531794fff7f8a336eaaefdb7e3bd3956) that allows any user to change the visibility of any repository they can see, regardless of their level of access.
* [Fixed a bug that allows user-supplied, non-sandboxed JavaScript to be run from the same domain as the forge](https://codeberg.org/forgejo/forgejo/commit/8dcc7d9e8ce36d94bae1a1becddc4735f51add3c), via `/{owner}/{repo}/render/branch/{branch}/{filename}` URLs.
* Bug fixes
* [Use system action user to trigger scheduled action workflows](https://codeberg.org/forgejo/forgejo/commit/387aea4434488555838e55e067242509bc1510a6)
* [Close file in upload function](https://codeberg.org/forgejo/forgejo/commit/fd47240545ab1c4f10d07434c2ba00fff044236a)
* [Prevent registering runners for deleted repositories](https://codeberg.org/forgejo/forgejo/commit/fd47240545ab1c4f10d07434c2ba00fff044236a). Prevents 500 Internal Server Error in admin interface.
* [More reliable pagination support when migrating from gitbucket](https://codeberg.org/forgejo/forgejo/commit/e702e79625980b08ec060a1690b76502455acad9)
* [Fix automerge when used with actions](https://codeberg.org/forgejo/forgejo/commit/4889a3a1713d91a5ae95af4edf1bb3352d1871fd)
## 1.21.10-0
The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.10-0` release can be reviewed from the command line with:
This stable release contains bug fixes and a **security fix**.
Note that there is no `Forgejo v1.21.9-0` release. The release numbering of the `Forgejo v1.21` patch series follows the Gitea release numbering. However, the publication of `Gitea v1.21.9` and `Gitea v1.21.10` were a few days apart because of a regression that is not present on Forgejo and there was no need to publish `Forgejo v1.21.9-0`.
* Recommended Action
We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible.
The semantic version was updated to `6.0.10+0-gitea-1.21.10`
* Built with Go 1.21.9 and `golang.org/x/net` v0.23.0
It [includes vulnerability fixes](https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M/m/khALNYGdAAAJ).
* [CVE-2023-45288](https://pkg.go.dev/vuln/GO-2024-2687) which permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. A Forgejo instance is affected if it is configured to listen to HTTPS instead of doing this via a reverse proxy.
* Bug fixes
The most prominent ones are described here, others can be found in the list of commits included in the release as described above.
* [Fix to not remove repository avatars when the doctor runs with --fix on the repository archives](https://codeberg.org/forgejo/forgejo/commit/e9932a404d4bb5b22a87797094dff615eb38171a).
* [Detect protected branch on branch rename](https://codeberg.org/forgejo/forgejo/commit/611610c3c4cba12f2a835b41438a7ed54da9bc23). If a branch cannot be renamed due to a protected branch rule, show this error in the UI instead of throwing an internal server error.
* [Don't delete inactive emails explicitly](https://codeberg.org/forgejo/forgejo/commit/fb4c42deb23a67379afb29870e430e47687ccc6c). This can cause issues as the associated user might not have been deleted. It would lead to a database inconsistency and internal server errors if the user tries to activate their account.
* [Fix user interface when a review is deleted without refreshing](https://codeberg.org/forgejo/forgejo/commit/456a33e8bb770a86341dc883edc6b62264b950a1).
* [Fix paths when finding files via the web interface that were not escaped](https://codeberg.org/forgejo/forgejo/commit/b22be0c03fa4814c1b8b892346de5d4547782ce7).
* [Respect `DEFAULT_ORG_MEMBER_VISIBLE` setting when adding creator to org](https://codeberg.org/forgejo/forgejo/commit/5e5574c7b328e2c500d497517047b8d1fd0ca478).
* [Fix inline math blocks can't be preceded/followed by alphanumerical characters](https://codeberg.org/forgejo/forgejo/commit/0d3f446460b22a29c259e7d42ed89f90fd216ca7).
## 1.21.8-0
## 1.21.8-0
@ -109,7 +791,7 @@ This stable release contains bug fixes and a **security fix**, as explained in t
* [Fix push to create with capitalize repo name](https://codeberg.org/forgejo/forgejo/commit/8782275c9c66ad6fc7c44503d7df9dae7196aa65).
* [Fix push to create with capitalize repo name](https://codeberg.org/forgejo/forgejo/commit/8782275c9c66ad6fc7c44503d7df9dae7196aa65).
* In Markdown [don't try to make the link absolute if the link has a schema that's defined in `[markdown].CUSTOM_URL_SCHEMES`](https://codeberg.org/forgejo/forgejo/commit/6c100083c29fb0ccf0cc52e8767e540a260d9468), because they can't be made absolute.
* In Markdown [don't try to make the link absolute if the link has a schema that's defined in `[markdown].CUSTOM_URL_SCHEMES`](https://codeberg.org/forgejo/forgejo/commit/6c100083c29fb0ccf0cc52e8767e540a260d9468), because they can't be made absolute.
* [Fix Ctrl+Enter on submitting review comment](https://codeberg.org/forgejo/forgejo/commit/1c3a31d85112d10fb948d6f0b763191ed6f68e90).
* [Fix Ctrl+Enter on submitting review comment](https://codeberg.org/forgejo/forgejo/commit/1c3a31d85112d10fb948d6f0b763191ed6f68e90).
* In Git version v2.43.1, the behavior of `GIT_FLUSH` was accidentially flipped. This causes Forgejo to hang on the `check-attr` command, because no output was being flushed. [Workaround this by detecting if Git v2.43.1 is used and set `GIT_FLUSH=0` thus getting the correct behavior](https://codeberg.org/forgejo/forgejo/commit/ff468ab5e426582b068586ce13d5a5348365e783).
* In Git version v2.43.1, the behavior of `GIT_FLUSH` was accidentally flipped. This causes Forgejo to hang on the `check-attr` command, because no output was being flushed. [Workaround this by detecting if Git v2.43.1 is used and set `GIT_FLUSH=0` thus getting the correct behavior](https://codeberg.org/forgejo/forgejo/commit/ff468ab5e426582b068586ce13d5a5348365e783).
* [When setting `url.host` on a URL object with no port specified (like is the case of default port), the resulting URL's port will not change. Workaround this quirk in the URL standard by explicitly setting port for the http and https protocols](https://codeberg.org/forgejo/forgejo/commit/628e1036cfbcfae442cb6494249fe11410447056).
* [When setting `url.host` on a URL object with no port specified (like is the case of default port), the resulting URL's port will not change. Workaround this quirk in the URL standard by explicitly setting port for the http and https protocols](https://codeberg.org/forgejo/forgejo/commit/628e1036cfbcfae442cb6494249fe11410447056).
* [Fix elasticsearch Request Entity Too Large](https://codeberg.org/forgejo/forgejo/commit/e6f59f6e1489d63d53de0da1de406a7a71a82adb).
* [Fix elasticsearch Request Entity Too Large](https://codeberg.org/forgejo/forgejo/commit/e6f59f6e1489d63d53de0da1de406a7a71a82adb).
* [Do not send update/delete release notifications when it is in a draft state](https://codeberg.org/forgejo/forgejo/commit/3c54a1dbf62e56d948feb1008512900140033737).
* [Do not send update/delete release notifications when it is in a draft state](https://codeberg.org/forgejo/forgejo/commit/3c54a1dbf62e56d948feb1008512900140033737).
@ -199,7 +881,7 @@ This stable release includes security and bug fixes as well as documentation imp
* [Gracefully handle missing branches](https://codeberg.org/forgejo/forgejo/commit/c2fa9c308f5cdb08dd84fb8ec6623a57e75d5152) when a branch is missing from Git but still lingering in the database.
* [Gracefully handle missing branches](https://codeberg.org/forgejo/forgejo/commit/c2fa9c308f5cdb08dd84fb8ec6623a57e75d5152) when a branch is missing from Git but still lingering in the database.
* [Fix panic in `canSoftDeleteContentHistory`](https://codeberg.org/forgejo/forgejo/commit/ab1ccc55dca7fd05e59a01343e6dfe53be6195d0)
* [Fix panic in `canSoftDeleteContentHistory`](https://codeberg.org/forgejo/forgejo/commit/ab1ccc55dca7fd05e59a01343e6dfe53be6195d0)
* [Check for Commit in opengraph](https://codeberg.org/forgejo/forgejo/commit/b473a44a2bb59591f3e24bfcdeed1d8fbb0f9204)
* [Check for Commit in opengraph](https://codeberg.org/forgejo/forgejo/commit/b473a44a2bb59591f3e24bfcdeed1d8fbb0f9204)
* [Handle non-existant commit in Archive request](https://codeberg.org/forgejo/forgejo/commit/0fbf761d1930f9336be6da8d17ae6032203a9381)
* [Handle non-existent commit in Archive request](https://codeberg.org/forgejo/forgejo/commit/0fbf761d1930f9336be6da8d17ae6032203a9381)
* [Fix NPE in `ToPullReviewList`](https://codeberg.org/forgejo/forgejo/commit/f5349b66b78968301d7dc4c45e8e08b46910aa6e)
* [Fix NPE in `ToPullReviewList`](https://codeberg.org/forgejo/forgejo/commit/f5349b66b78968301d7dc4c45e8e08b46910aa6e)
* [Fix URL in the mail to include the host](https://codeberg.org/forgejo/forgejo/commit/ac889d42903b2ce2129a02ace620a10a6f940920)
* [Fix URL in the mail to include the host](https://codeberg.org/forgejo/forgejo/commit/ac889d42903b2ce2129a02ace620a10a6f940920)
* [Fix the event of a scheduled action](https://codeberg.org/forgejo/forgejo/commit/892a8e1f4a5cc09cc3136e0b0e6487c154c5ed2b) to be "schedule" instead of a semi-random event from the default branch.
* [Fix the event of a scheduled action](https://codeberg.org/forgejo/forgejo/commit/892a8e1f4a5cc09cc3136e0b0e6487c154c5ed2b) to be "schedule" instead of a semi-random event from the default branch.
This stable release includes bug fixes. It was built with Go v1.21.5 that fixes [CVE-2023-39326](https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo) which a malicious HTTP client can exploit to cause a server to automatically read a large amount of data. It allows for memory exhaustion in the situation that HTTP chuncked encoding requests can reach Forgejo.
This stable release includes bug fixes. It was built with Go v1.21.5 that fixes [CVE-2023-39326](https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo) which a malicious HTTP client can exploit to cause a server to automatically read a large amount of data. It allows for memory exhaustion in the situation that HTTP chunked encoding requests can reach Forgejo.
- [Add](https://codeberg.org/forgejo/forgejo/commit/0d55f64e6cd3de2e1e5c0ee795605823efb14231) support for [recurring actions similar to cron jobs](https://forgejo.org/docs/v1.21/user/actions/#onschedule).
- [Add](https://codeberg.org/forgejo/forgejo/commit/0d55f64e6cd3de2e1e5c0ee795605823efb14231) support for [recurring actions similar to cron jobs](https://forgejo.org/docs/v1.21/user/actions/#onschedule).
- [Add](https://codeberg.org/forgejo/forgejo/commit/19872063a3c14256a1d89b2a104d63e7538a3a28) the possibility to [disable workflows from the user interface](https://forgejo.org/docs/v1.21/user/actions/#list-of-runners-and-their-tasks).
- [Add](https://codeberg.org/forgejo/forgejo/commit/19872063a3c14256a1d89b2a104d63e7538a3a28) the possibility to [disable workflows from the user interface](https://forgejo.org/docs/v1.21/user/actions/#list-of-runners-and-their-tasks).
- [Add](https://codeberg.org/forgejo/forgejo/commit/460a2b0edffe71d9e64633beaa1071fcf4a33369) automatic [cleanup of artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts).
- [Add](https://codeberg.org/forgejo/forgejo/commit/460a2b0edffe71d9e64633beaa1071fcf4a33369) automatic [cleanup of artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts).
- [Add](https://codeberg.org/forgejo/forgejo/commit/44781f9f5c4ede618660d8cfe42437f0e8dc22a0) automatic cancelation [of jobs when pushing new commits](https://forgejo.org/docs/v1.21/user/actions/#auto-cancelation-of-workflows) to a PR.
- [Add](https://codeberg.org/forgejo/forgejo/commit/44781f9f5c4ede618660d8cfe42437f0e8dc22a0) automatic cancellation [of jobs when pushing new commits](https://forgejo.org/docs/v1.21/user/actions/#auto-cancellation-of-workflows) to a PR.
- [Add](https://codeberg.org/forgejo/forgejo/commit/f3d293d2bbe0b2eab047bdd403046069cffbc0c4) support for [uploading multiple artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts).
- [Add](https://codeberg.org/forgejo/forgejo/commit/f3d293d2bbe0b2eab047bdd403046069cffbc0c4) support for [uploading multiple artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts).
- [Add](https://codeberg.org/forgejo/forgejo/commit/48e5a74f215d78813a816c57fc5a85a909a003d5) support for the [`pull_request_target` event](https://forgejo.org/docs/v1.21/user/actions/#onpull_request_target) which has access to secrets because it runs using the workflows from the base branch instead of the pull request.
- [Add](https://codeberg.org/forgejo/forgejo/commit/48e5a74f215d78813a816c57fc5a85a909a003d5) support for the [`pull_request_target` event](https://forgejo.org/docs/v1.21/user/actions/#onpull_request_target) which has access to secrets because it runs using the workflows from the base branch instead of the pull request.
- [Add](https://codeberg.org/forgejo/forgejo/commit/8228751c55d6a4263f0fec2932ca16181c09c97d) support for reading labels from the runner [instead of specifying them during registration](https://forgejo.org/docs/v1.21/admin/actions/#registration).
- [Add](https://codeberg.org/forgejo/forgejo/commit/8228751c55d6a4263f0fec2932ca16181c09c97d) support for reading labels from the runner [instead of specifying them during registration](https://forgejo.org/docs/v1.21/admin/actions/#registration).
@ -690,7 +1372,7 @@ this situation, [follow the instructions in the companion blog post](https://for
* [The CLI exit code now is different from zero when an error occurs](https://codeberg.org/forgejo/forgejo/commit/089af9ab1)
* [The CLI exit code now is different from zero when an error occurs](https://codeberg.org/forgejo/forgejo/commit/089af9ab1)
* [Fix error when a Debian package has a double newline character at the end of the control block](https://codeberg.org/forgejo/forgejo/commit/dd7180846)
* [Fix error when a Debian package has a double newline character at the end of the control block](https://codeberg.org/forgejo/forgejo/commit/dd7180846)
* [Fix a condition that would cause git related tasks to hang for longer than necessary in the queues and use too many resources as a result](https://codeberg.org/forgejo/forgejo/commit/36f8fbe1b)
* [Fix a condition that would cause git related tasks to hang for longer than necessary in the queues and use too many resources as a result](https://codeberg.org/forgejo/forgejo/commit/36f8fbe1b)
* [Fix the topic validation rule and suport dots](https://codeberg.org/forgejo/forgejo/commit/a578b75d7)
* [Fix the topic validation rule and support dots](https://codeberg.org/forgejo/forgejo/commit/a578b75d7)
* [Fix pull request check list when there are more than 30](https://codeberg.org/forgejo/forgejo/commit/e226b9646)
* [Fix pull request check list when there are more than 30](https://codeberg.org/forgejo/forgejo/commit/e226b9646)
* [Fix attachment clipboard copy on insecure origin](https://codeberg.org/forgejo/forgejo/commit/12ac84c26)
* [Fix attachment clipboard copy on insecure origin](https://codeberg.org/forgejo/forgejo/commit/12ac84c26)
* [Fix the profile README rendering](https://codeberg.org/forgejo/forgejo/commit/84c3b60a4) that [was inconsistent with other markdown files renderings](https://codeberg.org/forgejo/forgejo/issues/833)
* [Fix the profile README rendering](https://codeberg.org/forgejo/forgejo/commit/84c3b60a4) that [was inconsistent with other markdown files renderings](https://codeberg.org/forgejo/forgejo/issues/833)
@ -719,7 +1401,7 @@ This stable release includes bug fixes and displays [warnings in the administrat
The most prominent ones are described here, others can be found in the list of commits included in the release as described above.
The most prominent ones are described here, others can be found in the list of commits included in the release as described above.
* [Add missing assets to the Forgejo sources tarbal](https://codeberg.org/forgejo/forgejo/commit/e14d239005)
* [Add missing assets to the Forgejo sources tarball](https://codeberg.org/forgejo/forgejo/commit/e14d239005)
* [Fix user type selection error when creating a user](https://codeberg.org/forgejo/forgejo/commit/268569b462) and selecting `public` or `private`.
* [Fix user type selection error when creating a user](https://codeberg.org/forgejo/forgejo/commit/268569b462) and selecting `public` or `private`.
* [Fix access check for org-level project](https://codeberg.org/forgejo/forgejo/commit/5afb0294f4)
* [Fix access check for org-level project](https://codeberg.org/forgejo/forgejo/commit/5afb0294f4)
* [Warn instead of reporting an error when a webhook cannot be found](https://codeberg.org/forgejo/forgejo/commit/4c3dcdf815)
* [Warn instead of reporting an error when a webhook cannot be found](https://codeberg.org/forgejo/forgejo/commit/4c3dcdf815)
- The storage settings were [refactored](https://codeberg.org/forgejo/forgejo/commit/d6dd6d641b593c54fe1a1041c153111ce81dbc20). Read more about [storage settings](https://forgejo.org/docs/v1.20/admin/storage/).
- The storage settings were [refactored](https://codeberg.org/forgejo/forgejo/commit/d6dd6d641b593c54fe1a1041c153111ce81dbc20). Read more about [storage settings](https://forgejo.org/docs/v1.20/admin/storage/).
- [The [repository.editor] PREVIEWABLE_FILE_MODES setting was removed](https://codeberg.org/forgejo/forgejo/commit/84daddc2fa74393cdc13371b0cc44f0444cfdae0). This setting served no practical purpose and was not working correctly. Instead a preview tab is always shown in the file editor when supported.
- [The [repository.editor] PREVIEWABLE_FILE_MODES setting was removed](https://codeberg.org/forgejo/forgejo/commit/84daddc2fa74393cdc13371b0cc44f0444cfdae0). This setting served no practical purpose and was not working correctly. Instead a preview tab is always shown in the file editor when supported.
- In addition to the already deprecated options inside [queue], many options have been dropped as well. Those are WRAP_IF_NECESSARY, MAX_ATTEMPTS, TIMEOUT, WORKERS, BLOCK_TIMEOUT, BOOST_TIMEOUT, BOOST_WORKERS. You can remove them from your app.ini now. Additionally, some default values have changed in this section.
- In addition to the already deprecated options inside [queue], many options have been dropped as well. Those are WRAP_IF_NECESSARY, MAX_ATTEMPTS, TIMEOUT, WORKERS, BLOCK_TIMEOUT, BOOST_TIMEOUT, BOOST_WORKERS. You can remove them from your app.ini now. Additionally, some default values have changed in this section.
- The default CSS and templates included in Forgejo were heavily refactored and a large number of variables renamed. These changes are not documented and there is a very high chance that a tempate extracted and modified for a particular Forgejo instance will no longer work as it did. Browsing through the git history of the template in the sources is the best way to figure out how and why it was modified.
- The default CSS and templates included in Forgejo were heavily refactored and a large number of variables renamed. These changes are not documented and there is a very high chance that a template extracted and modified for a particular Forgejo instance will no longer work as it did. Browsing through the git history of the template in the sources is the best way to figure out how and why it was modified.
- **Moderation:**
- **Moderation:**
Blocking another user is desirable if they are acting maliciously or are spamming your repository. When you block a user, Forgejo does not explicitly notify them, but they may learn through an interaction with you that is blocked. [Read more about blocking users](https://forgejo.org/docs/v1.20/user/blocking-user/).
Blocking another user is desirable if they are acting maliciously or are spamming your repository. When you block a user, Forgejo does not explicitly notify them, but they may learn through an interaction with you that is blocked. [Read more about blocking users](https://forgejo.org/docs/v1.20/user/blocking-user/).
numerous improvements for [issue comments](https://codeberg.org/forgejo/forgejo/commit/6c354546547cd3a9595a7db119a6480d9cd506a7), [the menu on the navbar](https://codeberg.org/forgejo/forgejo/commit/a78e0b7dade16bc6509b943fe86e74962f1b95b6), [scoped labels](https://codeberg.org/forgejo/forgejo/commit/e8935606f5f1fff3c59222ebca6d4615ab06fb0b), [checkboxes and dropdowns](https://codeberg.org/forgejo/forgejo/commit/d4f35bd681af0632da988e15306f330e020422b2), [RTL rendering support to Markdown](https://codeberg.org/forgejo/forgejo/commit/32d9c47ec7706d8f06e09b42e09a28d7a0e3c526), [file (re-)views](https://codeberg.org/forgejo/forgejo/commit/e95b42e187cde9ac4bd541cd714bdb4f5c1fd8bc), [interactive tooltips](https://codeberg.org/forgejo/forgejo/commit/87f0f7e670c6c0e6aeab8c4458bfdb9d954eacec), [using a button element](https://codeberg.org/forgejo/forgejo/commit/81fe5d61851c0e586af7d32c29171ceff9a571bb), [repository list](https://codeberg.org/forgejo/forgejo/commit/e82f1b15c7120ad13fd3b67cf7e2c6cb9915c22d) and more.
numerous improvements for [issue comments](https://codeberg.org/forgejo/forgejo/commit/6c354546547cd3a9595a7db119a6480d9cd506a7), [the menu on the navbar](https://codeberg.org/forgejo/forgejo/commit/a78e0b7dade16bc6509b943fe86e74962f1b95b6), [scoped labels](https://codeberg.org/forgejo/forgejo/commit/e8935606f5f1fff3c59222ebca6d4615ab06fb0b), [checkboxes and dropdowns](https://codeberg.org/forgejo/forgejo/commit/d4f35bd681af0632da988e15306f330e020422b2), [RTL rendering support to Markdown](https://codeberg.org/forgejo/forgejo/commit/32d9c47ec7706d8f06e09b42e09a28d7a0e3c526), [file (re-)views](https://codeberg.org/forgejo/forgejo/commit/e95b42e187cde9ac4bd541cd714bdb4f5c1fd8bc), [interactive tooltips](https://codeberg.org/forgejo/forgejo/commit/87f0f7e670c6c0e6aeab8c4458bfdb9d954eacec), [using a button element](https://codeberg.org/forgejo/forgejo/commit/81fe5d61851c0e586af7d32c29171ceff9a571bb), [repository list](https://codeberg.org/forgejo/forgejo/commit/e82f1b15c7120ad13fd3b67cf7e2c6cb9915c22d) and more.
- **Time:**
- **Time:**
The display and localization of time was improved for [tooltips](https://codeberg.org/forgejo/forgejo/commit/b7b58348317cbe0145dc453d45c886b8e2764b4c), [milestones](https://codeberg.org/forgejo/forgejo/commit/97176754beb4de23fa0f68df715c4737919c93b0), [due date and translations that contain dates](https://codeberg.org/forgejo/forgejo/commit/70bb4984cdad9a15d676708bd345b590aa42d72a), [commit graphs](https://codeberg.org/forgejo/forgejo/commit/5bc9f7fcf9aece92c3fa2a0ea56e5585261a7f28), [runners](https://codeberg.org/forgejo/forgejo/commit/62ca5825f73ad5a25ffeb6c3ef66f0eaf5d30cdf), [webhooks](https://codeberg.org/forgejo/forgejo/commit/dbb37367854d108ebfffcac27837c0afac199a8e), [tests](https://codeberg.org/forgejo/forgejo/commit/3d266dd0f3dbae7e417c0e790e266aebc0078814) and more. Previously each rendered timestamp would be static, now the real time since an event happend is show. If a comment was added 2 minutes before the page rendered it would show as "2 minutes ago" on the initial render and if another 8 minutes have passed, without a page refresh you'd see "10 minutes ago".
The display and localization of time was improved for [tooltips](https://codeberg.org/forgejo/forgejo/commit/b7b58348317cbe0145dc453d45c886b8e2764b4c), [milestones](https://codeberg.org/forgejo/forgejo/commit/97176754beb4de23fa0f68df715c4737919c93b0), [due date and translations that contain dates](https://codeberg.org/forgejo/forgejo/commit/70bb4984cdad9a15d676708bd345b590aa42d72a), [commit graphs](https://codeberg.org/forgejo/forgejo/commit/5bc9f7fcf9aece92c3fa2a0ea56e5585261a7f28), [runners](https://codeberg.org/forgejo/forgejo/commit/62ca5825f73ad5a25ffeb6c3ef66f0eaf5d30cdf), [webhooks](https://codeberg.org/forgejo/forgejo/commit/dbb37367854d108ebfffcac27837c0afac199a8e), [tests](https://codeberg.org/forgejo/forgejo/commit/3d266dd0f3dbae7e417c0e790e266aebc0078814) and more. Previously each rendered timestamp would be static, now the real time since an event happened is show. If a comment was added 2 minutes before the page rendered it would show as "2 minutes ago" on the initial render and if another 8 minutes have passed, without a page refresh you'd see "10 minutes ago".
- Improve the [display of the table of content](https://codeberg.org/forgejo/forgejo/commit/1ab16e48cccc086e7f97fb3ae8a293fe47a3a452)
- Improve the [display of the table of content](https://codeberg.org/forgejo/forgejo/commit/1ab16e48cccc086e7f97fb3ae8a293fe47a3a452)
- Fixed a bug [preventing team users who have wiki write permission from deleting a page](https://codeberg.org/forgejo/forgejo/commit/284b41f45244bbe46fc8feee15bbfdf66d150e79)
- Fixed a bug [preventing team users who have wiki write permission from deleting a page](https://codeberg.org/forgejo/forgejo/commit/284b41f45244bbe46fc8feee15bbfdf66d150e79)
Forgejo access token, used with the [API](https://forgejo.org/docs/v1.19/admin/api-usage/) can now have a "scope" that limits what it can access. Existing tokens stored in the database and created before Forgejo v1.19 had unlimited access. For backward compatibility, their access will remain the same and they will continue to work as before. However, **newly created token that do not specify a scope will now only have read-only access to public user profile and public repositories**.
Forgejo access token, used with the [API](https://forgejo.org/docs/v1.19/admin/api-usage/) can now have a "scope" that limits what it can access. Existing tokens stored in the database and created before Forgejo v1.19 had unlimited access. For backward compatibility, their access will remain the same and they will continue to work as before. However, **newly created token that do not specify a scope will now only have read-only access to public user profile and public repositories**.
For instance, the `/users/{username}/tokens` API endpoint will require the `scopes: ['all', 'sudo']` parameter and the `forgejo admin user generate-access-token` will require the `--scopes all,sudo` argument obtain tokens with ulimited access as before for admin users.
For instance, the `/users/{username}/tokens` API endpoint will require the `scopes: ['all', 'sudo']` parameter and the `forgejo admin user generate-access-token` will require the `--scopes all,sudo` argument obtain tokens with unlimited access as before for admin users.
[Read more about the scoped tokens](https://forgejo.org/docs/v1.19/user/oauth2-provider/#scoped-tokens).
[Read more about the scoped tokens](https://forgejo.org/docs/v1.19/user/oauth2-provider/#scoped-tokens).
It appears for the first time in this Forgejo release but is not yet fit for production. It is not fully implemented and may be insecure. However, as long as it is not enabled, it presents no risk to existing Forgejo instances.
It appears for the first time in this Forgejo release but is not yet fit for production. It is not fully implemented and may be insecure. However, as long as it is not enabled, it presents no risk to existing Forgejo instances.
If a repository has a file such as `.forgejo/workflows/test.yml`, it will be interpreted, for instance to run tests and verify the code in the repository works as expected (Continuous Integration). It can also be used to create HTML pages for a website and publish them (Continous Deployment). The syntax is similar to GitHub Actions and the jobs can be controled from the Forgejo web interface.
If a repository has a file such as `.forgejo/workflows/test.yml`, it will be interpreted, for instance to run tests and verify the code in the repository works as expected (Continuous Integration). It can also be used to create HTML pages for a website and publish them (Continuous Deployment). The syntax is similar to GitHub Actions and the jobs can be controlled from the Forgejo web interface.
[Read more about Forgejo Actions](https://forgejo.codeberg.page/2023-02-27-forgejo-actions/)
[Read more about Forgejo Actions](https://forgejo.codeberg.page/2023-02-27-forgejo-actions/)
returnfmt.Errorf("Password is not long enough. Needs to be at least %d",setting.MinPasswordLength)
returnfmt.Errorf("password is not long enough, needs to be at least %d characters",setting.MinPasswordLength)
caseerrors.Is(err,password.ErrComplexity):
caseerrors.Is(err,password.ErrComplexity):
returnerrors.New("Password does not meet complexity requirements")
returnerrors.New("password does not meet complexity requirements")
caseerrors.Is(err,password.ErrIsPwned):
caseerrors.Is(err,password.ErrIsPwned):
returnerrors.New("The password you chose is on a list of stolen passwords previously exposed in public data breaches. Please try again with a different password.\nFor more details, see https://haveibeenpwned.com/Passwords")
returnerrors.New("the password is in a list of stolen passwords previously exposed in public data breaches, please try again with a different password, to see more details: https://haveibeenpwned.com/Passwords")
<p>In general, Your Gitea Instance retains User Personal Information for as long as your account is active, or as needed to provide you service.</p>
<p>In general, Your Gitea Instance retains User Personal Information for as long as your account is active, or as needed to provide you service.</p>
<p>If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. Feel free to contact our support to request erasure of the data we process on the bassis of consent within 30 days.</p>
<p>If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. Feel free to contact our support to request erasure of the data we process on the basis of consent within 30 days.</p>
<p>After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.</p>
<p>After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.</p>
;; Timeout for any write to ssh connections. (Set to -1 to disable all timeouts.)
;; Timeout for any write to ssh connections. (Set to -1 to disable all timeouts.)
;; Will default to the PER_WRITE_TIMEOUT.
;; Will default to the PER_WRITE_TIMEOUT.
;SSH_PER_WRITE_TIMEOUT = 30s
;SSH_PER_WRITE_TIMEOUT = 30s
@ -407,8 +417,11 @@ USER = root
;; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning)
;; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning)
;CONN_MAX_LIFETIME = 3s
;CONN_MAX_LIFETIME = 3s
;;
;;
;; Database maximum number of open connections, default is 0 meaning no maximum
;; Database connection max idle time, 0 prevents closing due to idle time.
;MAX_OPEN_CONNS = 0
;CONN_MAX_IDLETIME = 0
;;
;; Database maximum number of open connections, default is 100 which is the lowest default from Postgres (MariaDB + MySQL default to 151). Ensure you only increase the value if you configured your database server accordingly.
;; Connection string for redis queues this will store the redis or redis-cluster connection string.
;; Connection string for redis queues this will store the redis (or Redis cluster) connection string.
;; When `TYPE` is `persistable-channel`, this provides a directory for the underlying leveldb
;; When `TYPE` is `persistable-channel`, this provides a directory for the underlying leveldb
;; or additional options of the form `leveldb://path/to/db?option=value&....`, and will override `DATADIR`.
;; or additional options of the form `leveldb://path/to/db?option=value&....`, and will override `DATADIR`.
;CONN_STR = "redis://127.0.0.1:6379/0"
;CONN_STR = "redis://127.0.0.1:6379/0"
@ -1503,6 +1549,11 @@ LEVEL = Info
;; - manage_ssh_keys: a user cannot configure ssh keys
;; - manage_ssh_keys: a user cannot configure ssh keys
;; - manage_gpg_keys: a user cannot configure gpg keys
;; - manage_gpg_keys: a user cannot configure gpg keys
;USER_DISABLED_FEATURES =
;USER_DISABLED_FEATURES =
;; Comma separated list of disabled features ONLY if the user has an external login type (eg. LDAP, Oauth, etc.), could be `deletion`, `manage_ssh_keys`, `manage_gpg_keys`. This setting is independent from `USER_DISABLED_FEATURES` and supplements its behavior.
;; - deletion: a user cannot delete their own account
;; - manage_ssh_keys: a user cannot configure ssh keys
;; - manage_gpg_keys: a user cannot configure gpg keys
;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
;; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
;; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
;PROVIDER_CONFIG = data/sessions ; Relative paths will be made absolute against _`AppWorkPath`_.
;PROVIDER_CONFIG = data/sessions ; Relative paths will be made absolute against _`AppWorkPath`_.
;;
;;
@ -1807,6 +1866,9 @@ LEVEL = Info
;; Session life time in seconds, default is 86400 (1 day)
;; Session life time in seconds, default is 86400 (1 day)
;SESSION_LIFE_TIME = 86400
;SESSION_LIFE_TIME = 86400
;;
;;
;; Cookie domain name. Default is empty
;DOMAIN =
;;
;; SameSite settings. Either "none", "lax", or "strict"
;; SameSite settings. Either "none", "lax", or "strict"
;SAME_SITE=lax
;SAME_SITE=lax
@ -1859,7 +1921,7 @@ LEVEL = Info
;ENABLED = true
;ENABLED = true
;;
;;
;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
;; Task queue type, could be `channel` or `redis`.
;QUEUE_TYPE = channel
;;
;; Task queue length, available only when `QUEUE_TYPE` is `channel`.
;QUEUE_LENGTH = 1000
;;
;; Task queue connection string, available only when `QUEUE_TYPE` is `redis`.
;; If there is a password of redis, use `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for `redis-clsuter`.
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea)
[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com")
These docs are ingested by our [docs repo](https://gitea.com/gitea/gitea-docusaurus).
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea)
[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com")
Some jurisdictions (such as EU), requires certain legal pages (e.g. Privacy Policy) to be added to website. Follow these steps to add them to your Gitea instance.
## Getting Pages
Gitea source code ships with sample pages, available in `contrib/legal` directory. Copy them to `custom/public/assets/`. For example, to add Privacy Policy:
Now you need to edit the page to meet your requirements. In particular you must change the email addresses, web addresses and references to "Your Gitea Instance" to match your situation.
You absolutely must not place a general ToS or privacy statement that implies that the Gitea project is responsible for your server.
## Make it Visible
Create or append to `/path/to/custom/templates/custom/extra_links_footer.tmpl`:
Gitea currently has a `dump` command that will save the installation to a ZIP file. This
file can be unpacked and used to restore an instance.
## Backup Consistency
To ensure the consistency of the Gitea instance, it must be shutdown during backup.
Gitea consists of a database, files and git repositories, all of which change when it is used. For instance, when a migration is in progress, a transaction is created in the database while the git repository is being copied over. If the backup happens in the middle of the migration, the git repository may be incomplete although the database claims otherwise because it was dumped afterwards. The only way to avoid such race conditions is by stopping the Gitea instance during the backups.
## Backup Command (`dump`)
Switch to the user running Gitea: `su git`. Run `./gitea dump -c /path/to/app.ini` in the Gitea installation
directory. There should be some output similar to the following:
```none
2016/12/27 22:32:09 Creating tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:09 Dumping local repositories.../home/git/gitea-repositories
2016/12/27 22:32:22 Dumping database...
2016/12/27 22:32:22 Packing dump files...
2016/12/27 22:32:34 Removing tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:34 Finish dumping in file gitea-dump-1482906742.zip
```
Inside the `gitea-dump-1482906742.zip` file, will be the following:
- `app.ini` - Optional copy of configuration file if originally stored outside the default `custom/` directory
- `custom/` - All config or customization files in `custom/`.
- `data/` - Data directory (APP_DATA_PATH), except sessions if you are using file session. This directory includes `attachments`, `avatars`, `lfs`, `indexers`, SQLite file if you are using SQLite.
- `repos/` - Complete copy of the repository directory.
- `gitea-db.sql` - SQL dump of database
- `log/` - Various logs. They are not needed for a recovery or migration.
Intermediate backup files are created in a temporary directory specified either with the
`--tempdir` command-line parameter or the `TMPDIR` environment variable.
## Backup the database
The SQL dump created by `gitea dump` uses XORM and Gitea admins may prefer to use the native the MySQL and PostgreSQL dump tools instead. There are still open issues when using XORM for dumping the database that may cause problems when attempting to restore it.
There are a few caveats for using the `dump` command with Docker.
The command has to be executed with the `RUN_USER = <OS_USERNAME>` specified in `gitea/conf/app.ini`; and, for the zipping of the backup folder to occur without permission error the command `docker exec` must be executed inside of the `--tempdir`.
\*Note: `--tempdir` refers to the temporary directory of the docker environment used by Gitea; if you have not specified a custom `--tempdir`, then Gitea uses `/tmp` or the `TMPDIR` environment variable of the docker container. For `--tempdir` adjust your `docker exec` command options accordingly.
The result should be a file, stored in the `--tempdir` specified, along the lines of: `gitea-dump-1482906742.zip`
## Restore Command (`restore`)
There is currently no support for a recovery command. It is a manual process that mostly
involves moving files to their correct locations and restoring a database dump.
mysql --default-character-set=utf8mb4 -u$USER -p$PASS $DATABASE <gitea-db.sql
# sqlite3
sqlite3 $DATABASE_PATH <gitea-db.sql
# postgres
psql -U $USER -d $DATABASE <gitea-db.sql
service gitea restart
```
Repository Git Hooks should be regenerated if installation method is changed (eg. binary -> Docker), or if Gitea is installed to a different directory than the previous installation.
With Gitea running, and from the directory Gitea's binary is located, execute: `./gitea admin regenerate hooks`
This ensures that application and configuration file paths in repository Git Hooks are consistent and applicable to the current installation. If these paths are not updated, repository `push` actions will fail.
### Using Docker (`restore`)
There is also no support for a recovery command in a Docker-based gitea instance. The restore process contains the same steps as described in the previous section but with different paths.
- `--scopes value`: Comma-separated list of scopes. Scopes follow the format `[read|write]:<block>` or `all` where `<block>` is one of the available visual groups you can see when opening the API page showing the available routes (for example `repo`).
- Examples:
- `gitea admin user generate-access-token --username myname --token-name mytoken`
- `gitea admin user generate-access-token --help`
- `regenerate`
- Options:
- `hooks`: Regenerate Git Hooks for all repositories
- `keys`: Regenerate authorized_keys file
- Examples:
- `gitea admin regenerate hooks`
- `gitea admin regenerate keys`
- `auth`:
- `list`:
- Description: lists all external authentication sources that exist
- Examples:
- `gitea admin auth list`
- `delete`:
- Options:
- `--id`: ID of source to be deleted. Required.
- Examples:
- `gitea admin auth delete --id 1`
- `add-oauth`:
- Options:
- `--name`: Application Name.
- `--provider`: OAuth2 Provider.
- `--key`: Client ID (Key).
- `--secret`: Client Secret.
- `--auto-discover-url`: OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider).
- `--use-custom-urls`: Use custom URLs for GitLab/GitHub OAuth endpoints.
- `--custom-tenant-id`: Use custom Tenant ID for OAuth endpoints.
- `--custom-auth-url`: Use a custom Authorization URL (option for GitLab/GitHub).
- `--custom-token-url`: Use a custom Token URL (option for GitLab/GitHub).
- `--custom-profile-url`: Use a custom Profile URL (option for GitLab/GitHub).
- `--custom-email-url`: Use a custom Email URL (option for GitHub).
- `--icon-url`: Custom icon URL for OAuth2 login source.
- `--skip-local-2fa`: Allow source to override local 2FA. (Optional)
- `--scopes`: Additional scopes to request for this OAuth2 source. (Optional)
- `--required-claim-name`: Claim name that has to be set to allow users to login with this source. (Optional)
- `--required-claim-value`: Claim value that has to be set to allow users to login with this source. (Optional)
- `--group-claim-name`: Claim name providing group names for this source. (Optional)
- `--admin-group`: Group Claim value for administrator users. (Optional)
- `--restricted-group`: Group Claim value for restricted users. (Optional)
- `--group-team-map`: JSON mapping between groups and org teams. (Optional)
- `--group-team-map-removal`: Activate automatic team membership removal depending on groups. (Optional)
- `--flags value`, `-F value`: Flags for the logger
- `--expression value`, `-e value`: Matching expression for the logger
- `--prefix value`, `-p value`: Prefix for the logger
- `--color`: Use color in the logs
- `--username value`, `-u value`: Mail server username
- `--password value`, `-P value`: Mail server password
- `--host value`, `-H value`: Mail server host (defaults to: 127.0.0.1:25)
- `--send-to value`, `-s value`: Email address(es) to send to
- `--subject value`, `-S value`: Subject header of sent emails
- `processes`: Display Gitea processes and goroutine information
- Options:
- `--flat`: Show processes as flat table rather than as tree
- `--no-system`: Do not show system processes
- `--stacktraces`: Show stacktraces for goroutines associated with processes
- `--json`: Output as json
- `--cancel PID`: Send cancel to process with PID. (Only for non-system processes.)
### dump-repo
Dump-repo dumps repository data from Git/GitHub/Gitea/GitLab:
- Options:
- `--git_service service` : Git service, it could be `git`, `github`, `gitea`, `gitlab`, If clone_addr could be recognized, this could be ignored.
- `--repo_dir dir`, `-r dir`: Repository dir path to store the data
- `--clone_addr addr`: The URL will be clone, currently could be a git/github/gitea/gitlab http/https URL. i.e. https://github.com/lunny/tango.git
- `--auth_username lunny`: The username to visit the clone_addr
- `--auth_password <password>`: The password to visit the clone_addr
- `--auth_token <token>`: The personal token to visit the clone_addr
- `--owner_name lunny`: The data will be stored on a directory with owner name if not empty
- `--repo_name tango`: The data will be stored on a directory with repository name if not empty
- `--units <units>`: Which items will be migrated, one or more units should be separated as comma. wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.
### restore-repo
Restore-repo restore repository data from disk dir:
- Options:
- `--repo_dir dir`, `-r dir`: Repository dir path to restore from
- `--owner_name lunny`: Restore destination owner name
- `--repo_name tango`: Restore destination repository name
- `--units <units>`: Which items will be restored, one or more units should be separated as comma. wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.
### actions generate-runner-token
Generate a new token for a runner to use to register with the server
- Options:
- `--scope {owner}[/{repo}]`, `-s {owner}[/{repo}]`: To limit the scope of the runner, no scope means the runner can be used for all repos, but you can also limit it to a specific repo or owner
To register a global runner:
```
gitea actions generate-runner-token
```
To register a runner for a specific organization, in this case `org`:
```
gitea actions generate-runner-token -s org
```
To register a runner for a specific repo, in this case `username/test-repo`:
If the `CustomPath` folder can't be found despite checking `gitea help`, check the `GITEA_CUSTOM`
environment variable; this can be used to override the default path to something else.
`GITEA_CUSTOM` might, for example, be set by an init script. You can check whether the value
is set under the "Configuration" tab on the site administration page.
- [List of Environment Variables](administration/environment-variables.md)
**Note:** Gitea must perform a full restart to see configuration changes.
## Serving custom public files
To make Gitea serve custom public files (like pages and images), use the folder
`$GITEA_CUSTOM/public/` as the webroot. Symbolic links will be followed.
At the moment, only the following files are served:
- `public/robots.txt`
- files in the `public/.well-known/` folder
- files in the `public/assets/` folder
For example, a file `image.png` stored in `$GITEA_CUSTOM/public/assets/`, can be accessed with
the url `http://gitea.domain.tld/assets/image.png`.
## Changing the logo
To build a custom logo and/or favicon clone the Gitea source repository, replace `assets/logo.svg` and/or `assets/favicon.svg` and run
`make generate-images`. `assets/favicon.svg` is used for the favicon only. This will update below output files which you can then place in `$GITEA_CUSTOM/public/assets/img` on your server:
- `public/assets/img/logo.svg` - Used for site icon, app icon
- `public/assets/img/logo.png` - Used for Open Graph
- `public/assets/img/avatar_default.png` - Used as the default avatar image
- `public/assets/img/apple-touch-icon.png` - Used on iOS devices for bookmarks
- `public/assets/img/favicon.svg` - Used for favicon
- `public/assets/img/favicon.png` - Used as fallback for browsers that don't support SVG favicons
In case the source image is not in vector format, you can attempt to convert a raster image using tools like [this](https://www.aconvert.com/image/png-to-svg/).
## Customizing Gitea pages and resources
Gitea's executable contains all the resources required to run: templates, images, style-sheets
and translations. Any of them can be overridden by placing a replacement in a matching path
inside the `custom` directory. For example, to replace the default `.gitignore` provided
for C++ repositories, we want to replace `options/gitignore/C++`. To do this, a replacement
must be placed in `$GITEA_CUSTOM/options/gitignore/C++` (see about the location of the `CustomPath`
directory at the top of this document).
Every single page of Gitea can be changed. Dynamic content is generated using [go templates](https://pkg.go.dev/html/template),
which can be modified by placing replacements below the `$GITEA_CUSTOM/templates` directory.
To obtain any embedded file (including templates), the [`gitea embedded` tool](administration/cmd-embedded.md) can be used. Alternatively, they can be found in the [`templates`](https://github.com/go-gitea/gitea/tree/main/templates) directory of Gitea source (Note: the example link is from the `main` branch. Make sure to use templates compatible with the release you are using).
Be aware that any statement contained inside `{{` and `}}` are Gitea's template syntax and
shouldn't be touched without fully understanding these components.
### Customizing startpage / homepage
Copy [`home.tmpl`](https://github.com/go-gitea/gitea/blob/main/templates/home.tmpl) for your version of Gitea from `templates` to `$GITEA_CUSTOM/templates`.
Edit as you wish.
Dont forget to restart your Gitea to apply the changes.
### Adding links and tabs
If all you want is to add extra links to the top navigation bar or footer, or extra tabs to the repository view, you can put them in `extra_links.tmpl` (links added to the navbar), `extra_links_footer.tmpl` (links added to the left side of footer), and `extra_tabs.tmpl` inside your `$GITEA_CUSTOM/templates/custom/` directory.
For instance, let's say you are in Germany and must add the famously legally-required "Impressum"/about page, listing who is responsible for the site's content:
just place it under your "$GITEA_CUSTOM/public/assets/" directory (for instance `$GITEA_CUSTOM/public/assets/impressum.html`) and put a link to it in either `$GITEA_CUSTOM/templates/custom/extra_links.tmpl` or `$GITEA_CUSTOM/templates/custom/extra_links_footer.tmpl`.
To match the current style, the link should have the class name "item", and you can use `{{AppSubUrl}}` to get the base URL:
For more information, see [Adding Legal Pages](administration/adding-legal-pages.md).
You can add new tabs in the same way, putting them in `extra_tabs.tmpl`.
The exact HTML needed to match the style of other tabs is in the file
`templates/repo/header.tmpl`
([source in GitHub](https://github.com/go-gitea/gitea/blob/main/templates/repo/header.tmpl))
### Other additions to the page
Apart from `extra_links.tmpl` and `extra_tabs.tmpl`, there are other useful templates you can put in your `$GITEA_CUSTOM/templates/custom/` directory:
- `header.tmpl`, just before the end of the `<head>` tag where you can add custom CSS files for instance.
- `body_outer_pre.tmpl`, right after the start of `<body>`.
- `body_inner_pre.tmpl`, before the top navigation bar, but already inside the main container `<div class="full height">`.
- `body_inner_post.tmpl`, before the end of the main container.
- `body_outer_post.tmpl`, before the bottom `<footer>` element.
- `footer.tmpl`, right before the end of the `<body>` tag, a good place for additional JavaScript.
### Using Gitea variables
It's possible to use various Gitea variables in your custom templates.
First, _temporarily_ enable development mode: in your `app.ini` change from `RUN_MODE = prod` to `RUN_MODE = dev`. Then add `{{ $ | DumpVar }}` to any of your templates, restart Gitea and refresh that page; that will dump all available variables.
Find the data that you need, and use the corresponding variable; for example, if you need the name of the repository then you'd use `{{.Repository.Name}}`.
If you need to transform that data somehow, and aren't familiar with Go, an easy workaround is to add the data to the DOM and add a small JavaScript script block to manipulate the data.
### Example: PlantUML
You can add [PlantUML](https://plantuml.com/) support to Gitea's markdown by using a PlantUML server.
The data is encoded and sent to the PlantUML server which generates the picture. There is an online
demo server at http://www.plantuml.com/plantuml, but if you (or your users) have sensitive data you
can set up your own [PlantUML server](https://plantuml.com/server) instead. To set up PlantUML rendering,
copy JavaScript files from https://gitea.com/davidsvantesson/plantuml-code-highlight and put them in your
`$GITEA_CUSTOM/public/assets/` folder. Then add the following to `custom/footer.tmpl`:
You also need to download the content of the library [Madeleine.js](https://github.com/beige90/Madeleine.js) and place it under `$GITEA_CUSTOM/public/assets/` folder.
You should end-up with a folder structure similar to:
```
$GITEA_CUSTOM/templates
-- custom
`-- footer.tmpl
$GITEA_CUSTOM/public/assets/
-- Madeleine.js
|-- LICENSE
|-- README.md
|-- css
| |-- pygment_trac.css
| `-- stylesheet.css
|-- examples
| |-- ajax.html
| |-- index.html
| `-- upload.html
|-- images
| |-- bg_hr.png
| |-- blacktocat.png
| |-- icon_download.png
| `-- sprite_download.png
|-- models
| |-- dino2.stl
| |-- ducati.stl
| |-- gallardo.stl
| |-- lamp.stl
| |-- octocat.stl
| |-- skull.stl
| `-- treefrog.stl
`-- src
|-- Madeleine.js
|-- css
| `-- Madeleine.css
|-- icons
| |-- logo.png
| |-- madeleine.eot
| |-- madeleine.svg
| |-- madeleine.ttf
| `-- madeleine.woff
`-- lib
|-- MadeleineConverter.js
|-- MadeleineLoader.js
|-- detector.js
|-- stats.js
`-- three.min.js
```
Then restart Gitea and open a STL file on your Gitea instance.
## Customizing Gitea mails
The `$GITEA_CUSTOM/templates/mail` folder allows changing the body of every mail of Gitea.
Override by making a copy of the file under `$GITEA_CUSTOM/templates/mail` using a
full path structure matching source.
Any statement contained inside `{{` and `}}` are Gitea's template
syntax and shouldn't be touched without fully understanding these components.
## Adding Analytics to Gitea
Google Analytics, Matomo (previously Piwik), and other analytics services can be added to Gitea. To add the tracking code, refer to the `Other additions to the page` section of this document, and add the JavaScript to the `$GITEA_CUSTOM/templates/custom/header.tmpl` file.
## Customizing gitignores, labels, licenses, locales, and readmes.
Place custom files in corresponding sub-folder under `custom/options`.
**NOTE:** The files should not have a file extension, e.g. `Labels` rather than `Labels.txt`
### gitignores
To add custom .gitignore, add a file with existing [.gitignore rules](https://git-scm.com/docs/gitignore) in it to `$GITEA_CUSTOM/options/gitignore`
## Customizing the git configuration
Starting with Gitea 1.20, you can customize the git configuration via the `git.config` section.
### Enabling signed git pushes
To enable signed git pushes, set these two options:
```ini
[git.config]
receive.advertisePushOptions = true
receive.certNonceSeed = <randomstring>
```
`certNonceSeed` should be set to a random string and be kept secret.
### Labels
Starting with Gitea 1.19, you can add a file that follows the [YAML label format](https://github.com/go-gitea/gitea/blob/main/options/label/Advanced.yaml) to `$GITEA_CUSTOM/options/label`:
```yaml
labels:
- name: "foo/bar" # name of the label that will appear in the dropdown
exclusive: true # whether to use the exclusive namespace for scoped labels. scoped delimiter is /
color: aabbcc # hex colour coding
description: Some label # long description of label intent
```
The [legacy file format](https://github.com/go-gitea/gitea/blob/main/options/label/Default) can still be used following the format below, however we strongly recommend using the newer YAML format instead.
`#hex-color label name ; label description`
For more information, see the [labels documentation](usage/labels.md).
### Licenses
To add a custom license, add a file with the license text to `$GITEA_CUSTOM/options/license`
### Locales
Locales are managed via our [Crowdin](https://crowdin.com/project/gitea).
You can override a locale by placing an altered locale file in `$GITEA_CUSTOM/options/locale`.
Gitea's default locale files can be found in the [`options/locale`](https://github.com/go-gitea/gitea/tree/main/options/locale) source folder and these should be used as examples for your changes.
To add a completely new locale, as well as placing the file in the above location, you will need to add the new lang and name to the `[i18n]` section in your `app.ini`. Keep in mind that Gitea will use those settings as **overrides**, so if you want to keep the other languages as well you will need to copy/paste the default values and add your own to them.
```
[i18n]
LANGS = en-US,foo-BAR
NAMES = English,FooBar
```
The first locale will be used as the default if user browser's language doesn't match any locale in the list.
Locales may change between versions, so keeping track of your customized locales is highly encouraged.
### Readmes
To add a custom Readme, add a markdown formatted file (without an `.md` extension) to `$GITEA_CUSTOM/options/readme`
**NOTE:** readme templates support **variable expansion**.
currently there are `{Name}` (name of repository), `{Description}`, `{CloneURL.SSH}`, `{CloneURL.HTTPS}` and `{OwnerName}`
### Reactions
To change reaction emoji's you can set allowed reactions at app.ini
A full list of supported emoji's is at [emoji list](https://gitea.com/gitea/gitea.com/issues/8)
## Customizing the look of Gitea
The built-in themes are `gitea-light`, `gitea-dark`, and `gitea-auto` (which automatically adapts to OS settings).
The default theme can be changed via `DEFAULT_THEME` in the [ui](administration/config-cheat-sheet.md#ui-ui) section of `app.ini`.
Gitea also has support for user themes, which means every user can select which theme should be used.
The list of themes a user can choose from can be configured with the `THEMES` value in the [ui](administration/config-cheat-sheet.md#ui-ui) section of `app.ini`.
To make a custom theme available to all users:
1. Add a CSS file to `$GITEA_CUSTOM/public/assets/css/theme-<theme-name>.css`.
The value of `$GITEA_CUSTOM` of your instance can be queried by calling `gitea help` and looking up the value of "CustomPath".
2. Add `<theme-name>` to the comma-separated list of setting `THEMES` in `app.ini`
Community themes are listed in [gitea/awesome-gitea#themes](https://gitea.com/gitea/awesome-gitea#themes).
The default theme sources can be found [here](https://github.com/go-gitea/gitea/blob/main/web_src/css/themes).
If your custom theme is considered a dark theme, set the global css variable `--is-dark-theme` to `true`.
This allows Gitea to adjust the Monaco code editor's theme accordingly.
Gitea has mailer functionality for sending transactional emails (such as registration confirmation). It can be configured to either use Sendmail (or compatible MTAs like Postfix and msmtp) or directly use SMTP server.
## Using Sendmail
Use `sendmail` command as mailer.
Note: For use in the official Gitea Docker image, please configure with the SMTP version (see the following section).
Note: For Internet-facing sites consult documentation of your MTA for instructions to send emails over TLS. Also set up SPF, DMARC, and DKIM DNS records to make emails sent be accepted as legitimate by various email providers.
```ini
[mailer]
ENABLED = true
FROM = gitea@mydomain.com
PROTOCOL = sendmail
SENDMAIL_PATH = /usr/sbin/sendmail
SENDMAIL_ARGS = "--" ; most "sendmail" programs take options, "--" will prevent an email address being interpreted as an option.
```
## Using SMTP
Directly use SMTP server as relay. This option is useful if you don't want to set up MTA on your instance but you have an account at email provider.
```ini
[mailer]
ENABLED = true
FROM = gitea@mydomain.com
PROTOCOL = smtps
SMTP_ADDR = mail.mydomain.com
SMTP_PORT = 587
USER = gitea@mydomain.com
PASSWD = `password`
```
Restart Gitea for the configuration changes to take effect.
To send a test email to validate the settings, go to Gitea > Site Administration > Configuration > SMTP Mailer Configuration.
For the full list of options check the [Config Cheat Sheet](administration/config-cheat-sheet.md)
Please note: authentication is only supported when the SMTP server communication is encrypted with TLS or `HOST=localhost`. TLS encryption can be through:
- STARTTLS (also known as Opportunistic TLS) via port 587. Initial connection is done over cleartext, but then be upgraded over TLS if the server supports it.
- SMTPS connection (SMTP over TLS) via the default port 465. Connection to the server use TLS from the beginning.
- Forced SMTPS connection with `PROTOCOL=smtps`. (These are both known as Implicit TLS.)
This is due to protections imposed by the Go internal libraries against STRIPTLS attacks.
Note that Implicit TLS is recommended by [RFC8314](https://tools.ietf.org/html/rfc8314#section-3) since 2018.
### Gmail
The following configuration should work with GMail's SMTP server:
```ini
[mailer]
ENABLED = true
HOST = smtp.gmail.com:465 ; Remove this line for Gitea >= 1.18.0
SMTP_ADDR = smtp.gmail.com
SMTP_PORT = 465
FROM = example.user@gmail.com
USER = example.user
PASSWD = `***`
PROTOCOL = smtps
```
Note that you'll need to create and use an [App password](https://support.google.com/accounts/answer/185833?hl=en) by enabling 2FA on your Google
account. You won't be able to use your Google account password directly.
This supports rendering of whole files. If you want to render code blocks in markdown you would need to do something with javascript. See some examples on the [Customizing Gitea](administration/customizing-gitea.md) page.
## Installing external binaries
In order to get file rendering through external binaries, their associated packages must be installed.
If you're using a Docker image, your `Dockerfile` should contain something along this lines:
If your external markup relies on additional classes and attributes on the generated HTML elements, you might need to enable custom sanitizer policies. Gitea uses the [`bluemonday`](https://godoc.org/github.com/microcosm-cc/bluemonday) package as our HTML sanitizer. The example below could be used to support server-side [KaTeX](https://katex.org/) rendering output from [`pandoc`](https://pandoc.org/).
```ini
[markup.sanitizer.TeX]
; Pandoc renders TeX segments as <span>s with the "math" class, optionally
; with "inline" or "display" classes depending on context.
; - note this is different from the built-in math support in our markdown parser which uses <code>
RENDER_COMMAND = pandoc -f markdown -t html --katex
```
You must define `ELEMENT` and `ALLOW_ATTR` in each section.
To define multiple entries, add a unique alphanumeric suffix (e.g., `[markup.sanitizer.1]` and `[markup.sanitizer.something]`).
To apply a sanitisation rules only for a specify external renderer they must use the renderer name, e.g. `[markup.sanitizer.asciidoc.rule-1]`, `[markup.sanitizer.<renderer>.rule-1]`.
**Note**: If the rule is defined above the renderer ini section or the name does not match a renderer it is applied to every renderer.
Once your configuration changes have been made, restart Gitea to have changes take effect.
**Note**: Prior to Gitea 1.12 there was a single `markup.sanitiser` section with keys that were redefined for multiple rules, however,
there were significant problems with this method of configuration necessitating configuration through multiple sections.
### Example: HTML
Render HTML files directly:
```ini
[markup.html]
ENABLED = true
FILE_EXTENSIONS = .html,.htm
RENDER_COMMAND = cat
; Input is not a standard input but a file
IS_INPUT_FILE = true
[markup.sanitizer.html.1]
ELEMENT = div
ALLOW_ATTR = class
[markup.sanitizer.html.2]
ELEMENT = a
ALLOW_ATTR = class
```
### Example: Office DOCX
Display Office DOCX files with [`pandoc`](https://pandoc.org/):
```ini
[markup.docx]
ENABLED = true
FILE_EXTENSIONS = .docx
RENDER_COMMAND = "pandoc --from docx --to html --self-contained --template /path/to/basic.html"
[markup.sanitizer.docx.img]
ALLOW_DATA_URI_IMAGES = true
```
The template file has the following content:
```
$body$
```
### Example: Jupyter Notebook
Display Jupyter Notebook files with [`nbconvert`](https://github.com/jupyter/nbconvert):
```ini
[markup.jupyter]
ENABLED = true
FILE_EXTENSIONS = .ipynb
RENDER_COMMAND = "jupyter-nbconvert --stdin --stdout --to html --template basic"
[markup.sanitizer.jupyter.img]
ALLOW_DATA_URI_IMAGES = true
```
## Customizing CSS
The external renderer is specified in the .ini in the format `[markup.XXXXX]` and the HTML supplied by your external renderer will be wrapped in a `<div>` with classes `markup` and `XXXXX`. The `markup` class provides out of the box styling (as does `markdown` if `XXXXX` is `markdown`). Otherwise you can use these classes to specifically target the contents of your rendered HTML.
And so you could write some CSS:
```css
.markup.XXXXX html {
font-size: 100%;
overflow-y: scroll;
-webkit-text-size-adjust: 100%;
-ms-text-size-adjust: 100%;
}
.markup.XXXXX body {
color: #444;
font-family: Georgia, Palatino, 'Palatino Linotype', Times, 'Times New Roman', serif;
font-size: 12px;
line-height: 1.7;
padding: 1em;
margin: auto;
max-width: 42em;
background: #fefefe;
}
.markup.XXXXX p {
color: orangered;
}
```
Add your stylesheet to your custom directory e.g `custom/public/assets/css/my-style-XXXXX.css` and import it using a custom header file `custom/templates/custom/header.tmpl`:
# Fail2ban setup to block users after failed login attempts
**Remember that fail2ban is powerful and can cause lots of issues if you do it incorrectly, so make
sure to test this before relying on it so you don't lock yourself out.**
Gitea returns an HTTP 200 for bad logins in the web logs, but if you have logging options on in
`app.ini`, then you should be able to go off of `log/gitea.log`, which gives you something like this
on a bad authentication from the web or CLI using SSH or HTTP respectively:
```log
2018/04/26 18:15:54 [I] Failed authentication attempt for user from xxx.xxx.xxx.xxx
```
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:143:publicKeyHandler() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(DEPRECATED: This may be a false positive as the user may still go on to correctly authenticate.)
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:155:publicKeyHandler() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(DEPRECATED: This may be a false positive as the user may still go on to correctly authenticate.)
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:198:publicKeyHandler() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(DEPRECATED: This may be a false positive as the user may still go on to correctly authenticate.)
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:213:publicKeyHandler() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(DEPRECATED: This may be a false positive as the user may still go on to correctly authenticate.)
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:227:publicKeyHandler() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(DEPRECATED: This may be a false positive as the user may still go on to correctly authenticate.)
```log
2020/10/15 16:05:09 modules/ssh/ssh.go:249:sshConnectionFailed() [W] Failed authentication attempt from xxx.xxx.xxx.xxx
```
(From 1.15 this new message will available and doesn't have any of the false positive results that above messages from publicKeyHandler do. This will only be logged if the user has completely failed authentication.)
```log
2020/10/15 16:08:44 ...s/context/context.go:204:HandleText() [E] invalid credentials from xxx.xxx.xxx.xxx
```
Add our filter in `/etc/fail2ban/filter.d/gitea.conf`:
```ini
# gitea.conf
[Definition]
failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
ignoreregex =
```
Add our jail in `/etc/fail2ban/jail.d/gitea.conf`:
```ini
[gitea]
enabled = true
filter = gitea
logpath = /var/lib/gitea/log/gitea.log
maxretry = 10
findtime = 3600
bantime = 900
action = iptables-allports
```
If you're using Docker, you'll also need to add an additional jail to handle the **FORWARD**
chain in **iptables**. Configure it in `/etc/fail2ban/jail.d/gitea-docker.conf`:
```ini
[gitea-docker]
enabled = true
filter = gitea
logpath = /var/lib/gitea/log/gitea.log
maxretry = 10
findtime = 3600
bantime = 900
action = iptables-allports[chain="FORWARD"]
```
Then simply run `service fail2ban restart` to apply your changes. You can check to see if
fail2ban has accepted your configuration using `service fail2ban status`.
Make sure and read up on fail2ban and configure it to your needs, this bans someone
for **15 minutes** (from all ports) when they fail authentication 10 times in an hour.
If you run Gitea behind a reverse proxy with Nginx (for example with Docker), you need to add
this to your Nginx configuration so that IPs don't show up as 127.0.0.1:
```
proxy_set_header X-Real-IP $remote_addr;
```
The security options in `app.ini` need to be adjusted to allow the interpretation of the headers
as well as the list of IP addresses and networks that describe trusted proxy servers
(See the [configuration cheat sheet](administration/config-cheat-sheet.md#security-security) for more information).
```
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.1/8 ; 172.17.0.0/16 for the docker default network
Before you enable HTTPS, make sure that you have valid SSL/TLS certificates.
You could use self-generated certificates for evaluation and testing. Please run `gitea cert --host [HOST]` to generate a self signed certificate.
If you are using Apache or nginx on the server, it's recommended to check the [reverse proxy guide](administration/reverse-proxies.md).
To use Gitea's built-in HTTPS support, you must change your `app.ini` file:
```ini
[server]
PROTOCOL = https
ROOT_URL = https://git.example.com:3000/
HTTP_PORT = 3000
CERT_FILE = cert.pem
KEY_FILE = key.pem
```
Note that if your certificate is signed by a third party certificate authority (i.e. not self-signed), then cert.pem should contain the certificate chain. The server certificate must be the first entry in cert.pem, followed by the intermediaries in order (if any). The root certificate does not have to be included because the connecting client must already have it in order to estalbish the trust relationship.
To learn more about the config values, please checkout the [Config Cheat Sheet](administration/config-cheat-sheet.md#server-server).
For the `CERT_FILE` or `KEY_FILE` field, the file path is relative to the `GITEA_CUSTOM` environment variable when it is a relative path. It can be an absolute path as well.
### Setting up HTTP redirection
The Gitea server is only able to listen to one port; to redirect HTTP requests to the HTTPS port, you will need to enable the HTTP redirection service:
```ini
[server]
REDIRECT_OTHER_PORT = true
; Port the redirection service should listen on
PORT_TO_REDIRECT = 3080
```
If you are using Docker, make sure that this port is configured in your `docker-compose.yml` file.
## Using ACME (Default: Let's Encrypt)
[ACME](https://tools.ietf.org/html/rfc8555) is a Certificate Authority standard protocol that allows you to automatically request and renew SSL/TLS certificates. [Let's Encrypt](https://letsencrypt.org/) is a free publicly trusted Certificate Authority server using this standard. Only `HTTP-01` and `TLS-ALPN-01` challenges are implemented. In order for ACME challenges to pass and verify your domain ownership, external traffic to the gitea domain on port `80` (`HTTP-01`) or port `443` (`TLS-ALPN-01`) has to be served by the gitea instance. Setting up [HTTP redirection](#setting-up-http-redirection) and port-forwards might be needed for external traffic to route correctly. Normal traffic to port `80` will otherwise be automatically redirected to HTTPS. **You must consent** to the ACME provider's terms of service (default Let's Encrypt's [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf)).
Minimum setup using the default Let's Encrypt:
```ini
[server]
PROTOCOL=https
DOMAIN=git.example.com
ENABLE_ACME=true
ACME_ACCEPTTOS=true
ACME_DIRECTORY=https
;; Email can be omitted here and provided manually at first run, after which it is cached
ACME_EMAIL=email@example.com
```
Minimum setup using a [smallstep CA](https://github.com/smallstep/certificates), refer to [their tutorial](https://smallstep.com/docs/tutorials/acme-challenge) for more information.
Note: Enabling HTTPS only at the proxy level is referred as [TLS Termination Proxy](https://en.wikipedia.org/wiki/TLS_termination_proxy). The proxy server accepts incoming TLS connections, decrypts the contents, and passes the now unencrypted contents to Gitea. This is normally fine as long as both the proxy and Gitea instances are either on the same machine, or on different machines within private network (with the proxy is exposed to outside network). If your Gitea instance is separated from your proxy over a public network, or if you want full end-to-end encryption, you can also [enable HTTPS support directly in Gitea using built-in server](#using-the-built-in-server) and forward the connections over HTTPS instead.
The logging configuration of Gitea mainly consists of 3 types of components:
- The `[log]` section for general configuration
- `[log.<mode-name>]` sections for the configuration of different log writers to output logs, aka: "writer mode", the mode name is also used as "writer name".
- The `[log]` section can also contain sub-logger configurations following the key schema `logger.<logger-name>.<CONFIG-KEY>`
There is a fully functional log output by default, so it is not necessary to define one.
## Collecting Logs for Help
To collect logs for help and issue report, see [Support Options](help/support.md).
## The `[log]` section
Configuration of logging facilities in Gitea happen in the `[log]` section and its subsections.
In the top level `[log]` section the following configurations can be placed:
- `ROOT_PATH`: (Default: **%(GITEA_WORK_DIR)/log**): Base path for log files
- `MODE`: (Default: **console**) List of log outputs to use for the Default logger.
- `LEVEL`: (Default: **Info**) Least severe log events to persist, case-insensitive. Possible values are: `Trace`, `Debug`, `Info`, `Warn`, `Error`, `Fatal`.
- `STACKTRACE_LEVEL`: (Default: **None**) For this and more severe events the stacktrace will be printed upon getting logged.
And it can contain the following sub-loggers:
- `logger.router.MODE`: (Default: **,**): List of log outputs to use for the Router logger.
- `logger.access.MODE`: (Default: **_empty_**) List of log outputs to use for the Access logger. By default, the access logger is disabled.
- `logger.xorm.MODE`: (Default: **,**) List of log outputs to use for the XORM logger.
Setting a comma (`,`) to sub-logger's mode means making it use the default global `MODE`.
## Quick samples
### Default (empty) Configuration
The empty configuration is equivalent to default:
```ini
[log]
ROOT_PATH = %(GITEA_WORK_DIR)/log
MODE = console
LEVEL = Info
STACKTRACE_LEVEL = None
logger.router.MODE = ,
logger.xorm.MODE = ,
logger.access.MODE =
; this is the config options of "console" mode (used by MODE=console above)
[log.console]
MODE = console
FLAGS = stdflags
PREFIX =
COLORIZE = true
```
This is equivalent to sending all logs to the console, with default Golang log being sent to the console log too.
This is only a sample, and it is the default, do not need to write it into your configuration file.
### Disable Router logs and record some access logs to file
The Router logger is disabled, the access logs (>=Warn) goes into `access.log`:
```ini
[log]
logger.router.MODE =
logger.access.MODE = access-file
[log.access-file]
MODE = file
LEVEL = Warn
FILE_NAME = access.log
```
### Set different log levels for different modes
Default logs (>=Warn) goes into `gitea.log`, while Error logs goes into `file-error.log`:
```ini
[log]
LEVEL = Warn
MODE = file, file-error
; by default, the "file" mode will record logs to %(log.ROOT_PATH)/gitea.log, so we don't need to set it
; [log.file]
; by default, the MODE (actually it's the output writer of this logger) is taken from the section name, so we don't need to set it either
; MODE = file
[log.file-error]
MODE = file
LEVEL = Error
FILE_NAME = file-error.log
```
## Log outputs (mode and writer)
Gitea provides the following log output writers:
- `console` - Log to `stdout` (or `stderr` if it is set in the config)
- `file` - Log to a file
- `conn` - Log to a socket (network or unix)
### Common configuration
Certain configuration is common to all modes of log output:
- `MODE` is the mode of the log output writer. It will default to the mode name in the ini section. Thus `[log.console]` will default to `MODE = console`.
- `LEVEL` is the lowest level that this output will log.
- `STACKTRACE_LEVEL` is the lowest level that this output will print a stacktrace.
- `COLORIZE` will default to `true` for `console` as described, otherwise it will default to `false`.
#### `EXPRESSION`
`EXPRESSION` represents a regular expression that log events must match to be logged by the output writer.
Either the log message, (with colors removed), must match or the `longfilename:linenumber:functionname` must match.
NB: the whole message or string doesn't need to completely match.
Please note this expression will be run in the writer's goroutine but not the logging event goroutine.
#### `FLAGS`
`FLAGS` represents the preceding logging context information that is
printed before each message. It is a comma-separated string set. The order of values does not matter.
It defaults to `stdflags` (= `date,time,medfile,shortfuncname,levelinitial`)
Possible values are:
- `none` or `,` - No flags.
- `date` - the date in the local time zone: `2009/01/23`.
- `time` - the time in the local time zone: `01:23:23`.
- `longfile` - full file name and line number: `/a/b/c/d.go:23`.
- `shortfile` - final file name element and line number: `d.go:23`.
- `funcname` - function name of the caller: `runtime.Caller()`.
- `shortfuncname` - last part of the function name. Overrides `funcname`.
- `utc` - if date or time is set, use UTC rather than the local time zone.
- `levelinitial` - initial character of the provided level in brackets eg. `[I]` for info.
- `level` - level in brackets `[INFO]`.
- `gopid` - the Goroutine-PID of the context.
- `medfile` - last 20 characters of the filename - equivalent to `shortfile,longfile`.
- `stdflags` - equivalent to `date,time,medfile,shortfuncname,levelinitial`.
### Console mode
In this mode the logger will forward log messages to the stdout and
stderr streams attached to the Gitea process.
For loggers in console mode, `COLORIZE` will default to `true` if not
on windows, or the Windows terminal can be set into ANSI mode or is a
cygwin or Msys pipe.
Settings:
- `STDERR`: **false**: Whether the logger should print to `stderr` instead of `stdout`.
### File mode
In this mode the logger will save log messages to a file.
Settings:
- `FILE_NAME`: The file to write the log events to, relative to `ROOT_PATH`, Default to `%(ROOT_PATH)/gitea.log`. Exception: access log will default to `%(ROOT_PATH)/access.log`.
- `MAX_SIZE_SHIFT`: **28**: Maximum size shift of a single file. 28 represents 256Mb. For details see below.
- `LOG_ROTATE`**true**: Whether to rotate the log files. TODO: if false, will it delete instead on daily rotate, or do nothing?.
- `DAILY_ROTATE`: **true**: Whether to rotate logs daily.
- `MAX_DAYS`: **7**: Delete rotated log files after this number of days.
- `COMPRESS`: **true**: Whether to compress old log files by default with gzip.
- `COMPRESSION_LEVEL`: **-1**: Compression level. For details see below.
`MAX_SIZE_SHIFT` defines the maximum size of a file by left shifting 1 the given number of times (`1 <<x`).
The exact behavior at the time of v1.17.3 can be seen [here](https://github.com/go-gitea/gitea/blob/v1.17.3/modules/setting/log.go#L185).
The useful values of `COMPRESSION_LEVEL` are from 1 to (and including) 9, where higher numbers mean better compression.
Beware that better compression might come with higher resource usage.
Must be preceded with a `-` sign.
### Conn mode
In this mode the logger will send log messages over a network socket.
Settings:
- `ADDR`: **:7020**: Sets the address to connect to.
- `PROTOCOL`: **tcp**: Set the protocol, either "tcp", "unix" or "udp".
- `RECONNECT`: **false**: Try to reconnect when connection is lost.
- `RECONNECT_ON_MSG`: **false**: Reconnect host for every single message.
### The "Router" logger
The Router logger logs the following message types when Gitea's route handlers work:
- `started` messages will be logged at TRACE level
- `polling`/`completed` routers will be logged at INFO. Exception: "/assets" static resource requests are also logged at TRACE.
- `slow` routers will be logged at WARN
- `failed` routers will be logged at WARN
### The "XORM" logger
To make XORM outputs SQL logs, the `LOG_SQL` in `[database]` section should also be set to `true`.
### The "Access" logger
The Access logger is a new logger since Gitea 1.9. It provides a NCSA
Common Log compliant log format. It's highly configurable but caution
should be taken when changing its template. The main benefit of this
logger is that Gitea can now log accesses in a standard log format so
standard tools may be used.
You can enable this logger using `logger.access.MODE = ...`.
If desired the format of the Access logger can be changed by changing
the value of the `ACCESS_LOG_TEMPLATE`.
Please note, the access logger will log at `INFO` level, setting the
`LEVEL` of this logger to `WARN` or above will result in no access logs.
#### The ACCESS_LOG_TEMPLATE
This value represents a go template. Its default value is
| `.FallbackSubject` | string | Always | A default subject line. See Below. |
| `.Subject` | string | Only in body | The _subject_, once resolved. |
| `.Body` | string | Always | The message of the issue, pull request or comment, parsed from Markdown into HTML and sanitized. Do not confuse with the _mail body_. |
| `.Link` | string | Always | The address of the originating issue, pull request or comment. |
| `.Issue` | models.Issue | Always | The issue (or pull request) originating the notification. To get data specific to a pull request (e.g. `HasMerged`), `.Issue.PullRequest` can be used, but care should be taken as this field will be `nil` if the issue is _not_ a pull request. |
| `.Comment` | models.Comment | If applicable | If the notification is from a comment added to an issue or pull request, this will contain the information about the comment. |
| `.IsPull` | bool | Always | `true` if the mail notification is associated with a pull request (i.e. `.Issue.PullRequest` is not `nil`). |
| `.Repo` | string | Always | Name of the repository, including owner name (e.g. `mike/stuff`) |
| `.User` | models.User | Always | Owner of the repository from which the event originated. To get the user name (e.g. `mike`),`.User.Name` can be used. |
| `.Doer` | models.User | Always | User that executed the action triggering the notification event. To get the user name (e.g. `rhonda`), `.Doer.Name` can be used. |
| `.IsMention` | bool | Always | `true` if this notification was only generated because the user was mentioned in the comment, while not being subscribed to the source. It will be `false` if the recipient was subscribed to the issue or repository. |
| `.SubjectPrefix` | string | Always | `Re: ` if the notification is about other than issue or pull request creation; otherwise an empty string. |
| `.ActionType` | string | Always | `"issue"` or `"pull"`. Will correspond to the actual _action type_ independently of which template was selected. |
| `.ActionName` | string | Always | It will be one of the action types described above (`new`, `comment`, etc.), and will correspond to the actual _action name_ independently of which template was selected. |
| `.ReviewComments` | []models.Comment | Always | List of code comments in a review. The comment text will be in `.RenderedContent` and the referenced code will be in `.Patch`. |
All names are case sensitive.
### The _subject_ part of the template
The template engine used for the mail _subject_ is golang's [`text/template`](https://go.dev/pkg/text/template/).
Please refer to the linked documentation for details about its syntax.
The _subject_ is built using the following steps:
- A template is selected according to the type of notification and to what templates are present.
- The template is parsed and resolved (e.g. `{{.Issue.Index}}` is converted to the number of the issue
or pull request).
- All space-like characters (e.g. `TAB`, `LF`, etc.) are converted to normal spaces.
- All leading, trailing and redundant spaces are removed.
- The string is truncated to its first 256 runes (characters).
If the end result is an empty string, **or** no subject template was available (i.e. the selected template
did not include a subject part), Gitea's **internal default** will be used.
The internal default (fallback) subject is the equivalent of:
Users could do repository-level code search without setting up a repository indexer.
The builtin code search is based on the `git grep` command, which is fast and efficient for small repositories.
Better code search support could be achieved by setting up the repository indexer.
## Setting up the repository indexer
Gitea can search through the files of the repositories by enabling this function in your [`app.ini`](administration/config-cheat-sheet.md):
```ini
[indexer]
; ...
REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = indexers/repos.bleve
MAX_FILE_SIZE = 1048576
REPO_INDEXER_INCLUDE =
REPO_INDEXER_EXCLUDE = resources/bin/**
```
Please bear in mind that indexing the contents can consume a lot of system resources, especially when the index is created for the first time or globally updated (e.g. after upgrading Gitea).
### Choosing the files for indexing by size
The `MAX_FILE_SIZE` option will make the indexer skip all files larger than the specified value.
### Choosing the files for indexing by path
Gitea applies glob pattern matching from the [`gobwas/glob` library](https://github.com/gobwas/glob) to choose which files will be included in the index.
Limiting the list of files prevents the indexes from becoming polluted with derived or irrelevant files (e.g. lss, sym, map, etc.), so the search results are more relevant. It can also help reduce the index size.
`REPO_INDEXER_EXCLUDE_VENDORED` (default: true) excludes vendored files from index.
`REPO_INDEXER_INCLUDE` (default: empty) is a comma separated list of glob patterns to **include** in the index. An empty list means "_include all files_".
`REPO_INDEXER_EXCLUDE` (default: empty) is a comma separated list of glob patterns to **exclude** from the index. Files that match this list will not be indexed. `REPO_INDEXER_EXCLUDE` takes precedence over `REPO_INDEXER_INCLUDE`.
Pattern matching works as follows:
- To match all files with a `.txt` extension no matter what directory, use `**.txt`.
- To match all files with a `.txt` extension _only at the root level of the repository_, use `*.txt`.
- To match all files inside `resources/bin` and below, use `resources/bin/**`.
- To match all files _immediately inside_`resources/bin`, use `resources/bin/*`.
- To match all files named `Makefile`, use `**Makefile`.
- Matching a directory has no effect; the pattern `resources/bin` will not include/exclude files inside that directory; `resources/bin/**` will.
- All files and patterns are normalized to lower case, so `**Makefile`, `**makefile` and `**MAKEFILE` are equivalent.