Commit graph

17029 commits

Author SHA1 Message Date
zeripath
9d9bf66c3b
Update Bluemonday to v1.0.19 (#20199)
The current version of bluemonday is double escaping attributes.

This PR updates bluemonday to the version that fixes this.

(See: microcosm-cc/bluemonday#143 )

Fix #19860

Signed-off-by: Andrew Thornton art27@cantab.net
2022-07-01 20:50:06 +02:00
zeripath
5c9c0b8c1e
Refix indices on actions table (#20158)
Unforunately the previous PR #20035 created indices that were not helpful
for SQLite. This PR adjusts these after testing using the try.gitea.io db.

Fix #20129

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-01 17:04:01 +01:00
silverwind
54e7483207
Update default allowed attachment types (#20192)
Synced the list to what is allowed on GitHub currently.
2022-07-01 15:42:20 +02:00
wxiaoguang
7c1f18a2bb
Fix cli command restore-repo: "units" should be splitted to string slice, to match the old behavior and match the dump-repo's behavior (#20183) 2022-07-01 15:47:44 +08:00
wxiaoguang
2eb713bacc [skip ci] Updated translations via Crowdin 2022-07-01 00:10:16 +00:00
wxiaoguang
d6c0aa7f1c
Fix dump-repo git init, fix wrong error type for NullDownloader (#20182)
* Fix `dump-repo` git init

* fix wrong error type for NullDownloader
2022-07-01 07:48:25 +08:00
Lunny Xiao
184a7d4195
Check if project has the same repository id with issue when assign project to issue (#20133)
* Check if project has the same repository id with issue when assign project to issue

* Check if issue's repository id match project's repository id

* Add more permission checking

* Remove invalid argument

* Fix errors

* Add generic check

* Remove duplicated check

* Return error + add check for new issues

* Apply suggestions from code review

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2022-06-30 23:55:08 +08:00
wxiaoguang
db3355cb1a [skip ci] Updated translations via Crowdin 2022-06-30 00:10:22 +00:00
wxiaoguang
26ec628624 [skip ci] Updated translations via Crowdin 2022-06-29 00:10:11 +00:00
wxiaoguang
76910f213f
Enable spellcheck for EasyMDE, use contenteditable mode (#19776)
Enable spellcheck for EasyMDE, use contenteditable mode.
Rewrite and refactor the ImagePaste code.
2022-06-29 01:52:58 +08:00
Gusted
cdd6371ad4 [skip ci] Updated translations via Crowdin 2022-06-28 00:09:43 +00:00
Gusted
91b21473a6
Add username check to doctor (#20140)
* Add username check to doctor

- Add a new breaking change detector to Gitea's doctor, which checks if
all users still have a valid username according to Gitea. Given from
time-to-time we need to make changes, either due to new routes or due to
security, it's for a instance's admin to check if all users still have a
valid username.

* Fix extra argument

* Apply suggestions from code review

Co-authored-by: Jimmy Praet <jimmy.praet@telenet.be>

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: Jimmy Praet <jimmy.praet@telenet.be>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-27 19:45:50 -04:00
Gusted
d55a0b7238
Refactor i18n to locale (#20153)
* Refactor `i18n` to `locale`

- Currently we're using the `i18n` variable naming for the `locale`
struct. This contains locale's specific information and cannot be used
for general i18n purpose, therefore refactoring it to `locale` makes
more sense.
- Ref: https://github.com/go-gitea/gitea/pull/20096#discussion_r906699200

* Update routers/install/install.go
2022-06-27 15:58:46 -05:00
Gusted
b551bc2a08
Remove support for sr-SP (#20155)
- The language doesn't have >= 25% translation on crowdin and therefor
was automatically removed from Gitea.
- Ref: f91092453e
2022-06-27 14:50:30 -05:00
Lunny Xiao
85d960d2a1
Hide notify mail setting ui if not enabled (#20138) 2022-06-28 00:59:47 +08:00
Jorge Ou
81eda36285
Fix custom folder name in customization docs (#20148) 2022-06-27 11:16:51 -05:00
Gusted
9eb6c4a0df
Add missing parameter for error in log message (#20144)
- Adds a `%v` for the last parameter, `err`.

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2022-06-27 16:52:22 +03:00
Gusted
5371964a4e
Show scrollbar when necessary (#20142)
- Firefox on Windows will unconditionally show scrollbars when you
specify `overflow: scroll`. This is bad behavior, as you don't always
need the scrollbar. Changing the scroll value to auto fixes this issue
and only shows the scrollbar when necessary.
- Resolves #20139

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-27 20:34:20 +08:00
Gusted
1f7c717b59
Add spacing between the properties of the key (#20145)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-27 13:20:29 +08:00
Gusted
0048595811
Remove U2F support (#20141)
- Completely remove U2F support from 1.18.0, 1.17.0 will be the last
release that U2F is somewhat supported. Users who used U2F would already
be warned about using U2F for a while now and should hopefully already
be migrated. But starting 1.18 definitely remove it.
2022-06-26 21:20:58 -05:00
Gusted
5d3f99c7c6
Make better use of i18n (#20096)
* Prototyping

* Start work on creating offsets

* Modify tests

* Start prototyping with actual MPH

* Twiddle around

* Twiddle around comments

* Convert templates

* Fix external languages

* Fix latest translation

* Fix some test

* Tidy up code

* Use simple map

* go mod tidy

* Move back to data structure

- Uses less memory by creating for each language a map.

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Add some comments

* Fix tests

* Try to fix tests

* Use en-US as defacto fallback

* Use correct slices

* refactor (#4)

* Remove TryTr, add log for missing translation key

* Refactor i18n

- Separate dev and production locale stores.
- Allow for live-reloading in dev mode.

Co-authored-by: zeripath <art27@cantab.net>

* Fix live-reloading & check for errors

* Make linter happy

* live-reload with periodic check (#5)

* Fix tests

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-06-26 22:19:22 +08:00
Gusted
711cbcce8d
Use neutral language in comments and docs (#20135)
- Replace `his/her` to `their`, as it's more neutral language.
2022-06-25 17:50:12 -05:00
Gusted
a8cdea013d
Fix remove file on initial comment (#20127)
Store the file uuid(which is returned by Gitea in the upload file
response) onto the file object, so it can be used for the remove feature
to specify this file.

Fix #20115
2022-06-25 20:49:56 +01:00
zeripath
2111741a48
Add doctor command to write commit-graphs (#20007)
This PR adds a doctor command to write the commit-graphs for the repositories:

`gitea doctor --run check-commit-graphs --fix`

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-25 20:02:29 +01:00
Daniil Gentili
95383b7a16
Add sitemap support (#18407) 2022-06-25 19:06:01 +02:00
Kyle D
97bfabc745
Use new config options (#20125) 2022-06-24 16:38:19 -04:00
Kyle D
8a3cd58463
Remove depricated queue indexer usage (#20124) 2022-06-24 15:04:30 -04:00
John Olheiser
02eb4b143b
Disable status checks in template if none found (#20088)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2022-06-24 12:22:08 -05:00
Petr Vaněk
d789d3646c
Fix typos related to ErrTaskDoesNotExist error (#20118)
Fixes: f2a3abc683 ("Move migrating repository from frontend to backend (#6200)")
2022-06-24 15:51:37 +02:00
silverwind
48ef12b27c
Move eslintrc/stylelintrc to non-deprecated extensions (#20110) 2022-06-24 14:09:53 +02:00
zeripath
4909493a9f
Allow manager logging to set SQL (#20064)
This PR adds a new manager command to switch on SQL logging and to turn it off.

```
gitea manager logging log-sql
gitea manager logging log-sql --off
```

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-24 12:49:47 +02:00
Robert Lützner
afea63f4e5
Replace pubkey with privkey in keys_ssh.tmpl (#20112)
If a user wants to verify an SSH public key from their account they have
to sign the randomly generated token with their private key.

Prior to this change the example command prompted to sign the token with
their public key instead.

Signed-off-by: Robert Lützner <robert.luetzner@pm.me>
2022-06-24 12:11:13 +02:00
Lunny Xiao
8575050eba
Update security information to add a public gpg key to make sending encrypted message possible (#20117) 2022-06-24 11:40:01 +02:00
wxiaoguang
55a22d1136
Improve log document (#20097)
* Improve log document

* Update docs/content/doc/help/seek-help.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/help/seek-help.en-us.md

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Use different log names to avoid conflicts

* Update seek-help.en-us.md

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-24 10:56:46 +08:00
Lunny Xiao
d0507efb6a
Fix wrong login requirement routers (#20101) 2022-06-23 12:56:39 +02:00
Jimmy Praet
b8cfd4605f
Respect setting.UI.FeedPagingNum (#20094)
Fixes #20080
2022-06-23 11:50:37 +02:00
Lunny Xiao
3ba09103a4 [skip ci] Updated translations via Crowdin 2022-06-23 00:10:20 +00:00
Lunny Xiao
fd97c4e0ae
Use correct variable for issue count (#20085) 2022-06-22 11:26:32 -05:00
Sandro
e9aa698cf0
Fix alias traversal (#20076)
see https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md

Co-authored-by: 6543 <6543@obermui.de>
2022-06-22 16:15:49 +08:00
Jordan Cech
031f5f7b7c
Update permissions.en-us.md (#20075)
* Update permissions.en-us.md

A few grammar tweaks to make docs a bit more clear.

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/usage/permissions.en-us.md

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-21 20:53:53 -04:00
6543
ae27050295
Changelog for 1.16.9 (#20059) (#20063)
* Changelog for 1.16.9 (#20059)

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-06-22 00:59:02 +02:00
6543
f6db650e9d
Release page show all tags in compare dropdown (#20070)
address #19936
2022-06-21 19:42:19 +02:00
s-hamann
7e733ee904
docs: Mention file extension for issue_template directory (#20057) 2022-06-21 16:08:31 +02:00
SteveTheEngineer
e67e685ed8 [skip ci] Updated translations via Crowdin 2022-06-21 00:10:11 +00:00
SteveTheEngineer
1e2c2edab6
Catch the error before the response is processed by goth. (#20000)
The code introduced by #18185 gets the error from response after it was processed by goth.

That is incorrect, as goth (and golang.org/x/oauth) doesn't really care about the error, and it sends a token request with an empty authorization code to the server anyway, which always results in a `oauth2: cannot fetch token: 400 Bad Request` error from goth.
It means that unless the "state" parameter is omitted from the error response (which is required to be present, according to [RFC 6749, Section 4.1.2.1](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1)) or the page is reloaded (makes the session invalid), a 500 Internal Server Error page will be displayed.
This fixes it by handling the error before the request is passed to goth.
2022-06-20 16:37:54 +01:00
Lunny Xiao
0649c54275
Adjust transaction handling via db.Context (#20031) 2022-06-20 14:38:58 +02:00
Wim
cb50375e2b
Add more linters to improve code readability (#19989)
Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability

- nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
- unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions
- wastedassign - https://github.com/sanposhiho/wastedassign -  wastedassign finds wasted assignment statements.
- notlintlint -  Reports ill-formed or insufficient nolint directives
- stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent
  - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)
2022-06-20 12:02:49 +02:00
Gusted
3289abcefc [skip ci] Updated translations via Crowdin 2022-06-20 00:10:43 +00:00
Gusted
02d745827b
Disable federation by default (#20045) 2022-06-20 07:48:17 +08:00
Wim
e91229eefb
Respond with a 401 on git push when password isn't changed yet (#20026)
If the user-agent starts with git and user must change password but
hasn't return a 401 with the message.

It must be a 401, git doesn't seem to show the contents of the error message
when we return a 403

Fixes #19090
2022-06-19 20:23:00 +01:00