Earl Warren
c01b10a593
Merge pull request 'chore(dependency): whitelist mholt/archiver/v3 CVE-2024-0406' ( #4034 ) from earl-warren/forgejo:wip-archiver into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4034
Reviewed-by: proton-ab <proton-ab@noreply.codeberg.org>
2024-06-05 21:42:26 +00:00
Earl Warren
3bfec270ac
chore(dependency): whitelist mholt/archiver/v3 CVE-2024-0406
...
It is not possible to tell vulncheck that Forgejo is not affected by
CVE-2024-0406. Use a mirror of the repository to do that.
Refs: https://github.com/mholt/archiver/issues/404
2024-06-05 22:07:40 +02:00
Earl Warren
14174896ad
Merge pull request 'Update ghcr.io/visualon/renovate Docker tag to v37.391.2' ( #4006 ) from renovate/ghcr.io-visualon-renovate-37.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4006
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-06-05 18:22:16 +00:00
Renovate Bot
8dd72661af
Update ghcr.io/visualon/renovate Docker tag to v37.391.2
2024-06-05 16:08:45 +00:00
Earl Warren
592469464b
test(oauth): RFC 6749 Section 10.2 conformance
...
See:
1b088fade6
Prevent automatic OAuth grants for public clients
07fe5a8b13
use existing oauth grant for public client
2024-06-05 17:50:15 +02:00
Earl Warren
432d1ff9a6
Merge pull request 'fix(oauth): HTML snippets in templates can be displayed' ( #4028 ) from earl-warren/forgejo:wip-html-templates into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4028
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-06-05 15:14:46 +00:00
Earl Warren
9ca80d30ce
Merge pull request '[gitea] webhooks openproject compatible (gitea#28435)' ( #4027 ) from oliverpool/forgejo:gitea-cp-28435 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4027
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-05 15:13:49 +00:00
Earl Warren
63f7a14883
Merge pull request 'test(oauth): coverage for the redirection of a denied grant' ( #4026 ) from earl-warren/forgejo:wip-oauth into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4026
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-06-05 13:59:19 +00:00
oliverpool
8763225972
add release note
2024-06-05 15:58:51 +02:00
André Rosenhammer
fb7b17d240
Make gitea webhooks openproject compatible (gitea#28435)
...
This PR adds some fields to the gitea webhook payload that
[openproject](https://www.openproject.org/ ) expects to exists in order
to process the webhooks.
These fields do exists in Github's webhook payload so adding them makes
Gitea's native webhook more compatible towards Github's.
2024-06-05 15:58:51 +02:00
oliverpool
1013da463f
test: webhook open project expected fields
2024-06-05 15:58:51 +02:00
Earl Warren
caadd1815a
fix(oauth): HTML snippets in templates can be displayed
...
These changes were missed when cherry-picking the following
c9d0e63c202827756c637d9ca7bbde685c1984b7 Remove unnecessary "Str2html" modifier from templates (#29319 )
Fixes: https://codeberg.org/forgejo/forgejo/issues/3623
2024-06-05 15:42:50 +02:00
Earl Warren
d7aaa0c6ef
Merge pull request 'chore(renovate): optimize config' ( #4023 ) from viceice/renovate-optimize into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4023
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-05 13:29:33 +00:00
Earl Warren
32c882af91
test(oauth): coverage for the redirection of a denied grant
...
See 886a675f62
Return `access_denied` error when an OAuth2 request is denied
2024-06-05 12:51:44 +02:00
Earl Warren
37253aae1f
Merge pull request 'test(avatar): deleting a user avatar is idempotent' ( #4024 ) from earl-warren/forgejo:wip-delete-avatar into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4024
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-05 09:50:39 +00:00
Michael Kriese
4a3197fbc5
chore(renovate): optimize config
2024-06-05 10:09:54 +02:00
Earl Warren
d4eeb06a20
Merge pull request 'chore(dependency): remove GitHub specific actionlint dependency' ( #4022 ) from earl-warren/forgejo:wip-lint-actions into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4022
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-06-05 07:31:57 +00:00
Earl Warren
2386206fe0
Merge pull request 'Update elasticsearch Docker tag to v7.17.21' ( #4018 ) from renovate/elasticsearch-7.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4018
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-05 07:30:09 +00:00
Earl Warren
d2c4d833f4
test(avatar): deleting a user avatar is idempotent
...
If the avatar file in storage does not exist, it is not an error and
the database can be updated.
See 1be797faba
Fix bug on avatar
2024-06-05 09:10:42 +02:00
Earl Warren
3f86741de7
Merge pull request 'Update dependency go to v1.22' ( #4021 ) from earl-warren/forgejo:wip-go-1.22 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4021
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-06-05 06:51:39 +00:00
Earl Warren
1e2d51eb77
chore(dependency): remove GitHub specific actionlint dependency
...
Forgejo has no GitHub workflows. The actionlint CLI is not flexible
enough to be used for the validation of Forgejo Actions.
2024-06-05 08:45:17 +02:00
Earl Warren
8b5642949a
Merge pull request 'Update module github.com/rhysd/actionlint/cmd/actionlint to v1.7.1' ( #4019 ) from renovate/github.com-rhysd-actionlint-cmd-actionlint-1.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4019
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-05 06:00:42 +00:00
Earl Warren
b3bcae8bd6
Update dependency go to v1.22
...
There is no need to pin the patch release for the build
environment. They are backward compatible and it prevents security
upgrades to be taken into account.
2024-06-05 07:38:42 +02:00
Renovate Bot
6c4855e1eb
Update module github.com/rhysd/actionlint/cmd/actionlint to v1.7.1
2024-06-05 00:05:27 +00:00
Renovate Bot
c071bdaf96
Update elasticsearch Docker tag to v7.17.21
2024-06-05 00:05:10 +00:00
Earl Warren
1b3ccfffe8
Merge pull request 'test(avatar): deleting a user avatar and file is atomic' ( #4015 ) from earl-warren/forgejo:wip-delete-avatar into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4015
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-04 22:38:07 +00:00
Earl Warren
df4af6127f
Merge pull request 'feat(release): upgrade to golang:1.22-alpine3.20' ( #4016 ) from earl-warren/forgejo:wip-alpine into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4016
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-04 22:26:51 +00:00
Earl Warren
c139efb1e9
test(avatar): deleting a user avatar and file is atomic
...
The avatar must not be unset in the database if there is a failure to
remove the avatar file from storage (file or S3). The two operations
are wrapped in a transaction for that purpose and this test verifies
it is effective.
See 1be797faba
Fix bug on avatar
2024-06-05 00:06:41 +02:00
Earl Warren
d71afb71da
feat(release): upgrade to golang:1.22-alpine3.20
...
This reverts commit d59ed64345
.
2024-06-04 23:50:47 +02:00
Earl Warren
20148e061a
test(storage): export UninitializedStorage to simulate failure
2024-06-04 23:20:20 +02:00
Earl Warren
d60ea440f6
Merge pull request 'chore(deps): update module github.com/redis/go-redis/v9 to v9.5.2' ( #4013 ) from efertone/forgejo:update-go-redis-to-v9.5.2 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4013
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-04 14:53:43 +00:00
Victoria Nadasdi
b80677d009
chore(deps): update module github.com/redis/go-redis/v9 to v9.5.2
...
Renovate tried to update redis/go-redis, but failed because they changes
the interface, they added two new functions: `BitFieldRO` and
`ObjectFreq`.
Changes:
- Update redis/go-redis
- Run mockgen:
```
mockgen -package mock -destination ./modules/queue/mock/redisuniversalclient.go github.com/redis/go-redis/v9 UniversalClient
```
References:
- https://codeberg.org/forgejo/forgejo/pulls/4009
2024-06-04 12:38:35 +02:00
Earl Warren
c2382d4f5b
Merge pull request '[gitea] week 2024-23 cherry pick (gitea/main -> forgejo)' ( #3989 ) from earl-warren/wcp/2024-23 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3989
Reviewed-by: Otto <otto@codeberg.org>
2024-06-04 07:40:35 +00:00
Mai-Lapyst
e58ce86264
Update the elasticsearch mappings for issues to use long instead of integer for int64 ( #3982 )
...
This updates the mapping definition of the elasticsearch issue indexer backend to use `long` instead of `integer`s wherever the go type is a `int64`. Without it larger instances could run into an issue.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3982
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-06-04 07:37:59 +00:00
Earl Warren
507c0143ee
Merge pull request 'Update air package URL' ( #4011 ) from 0ko/forgejo:fix-air into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4011
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-04 07:30:51 +00:00
0ko
fff9283ca4
Update air package URL
2024-06-04 11:52:58 +05:00
0ko
6672cf0812
Fix org view on mobile for members ( #3949 )
...
The row of buttons on the org view is pretty bad on mobile, as it doesn't leave enough space for the org name. My recent PR 3642 made it worse. I added a mitigation to allow buttons to go to an other row, so that the layout is usable on mobile. It is still non-ideal as it will continue going out of bounds on small screens, but is much better.
## Preview
[Old preview](/attachments/1e280a77-533c-41b5-954d-b336f1b72186)
![](/attachments/4a2c45e2-7da8-4d87-afb7-7c281e14c756)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3949
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
2024-06-04 04:08:54 +00:00
Earl Warren
c2f1d55c0e
Merge pull request 'docs(release): catch up on release notes' ( #4003 ) from earl-warren/forgejo:wip-release-notes-v8.0 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4003
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-03 08:15:59 +00:00
Earl Warren
7e8890cc55
docs(release): add release notes
2024-06-03 10:03:29 +02:00
Earl Warren
446ab058e3
Merge pull request 'chore(dependency): renovate is used for managing updates' ( #4002 ) from earl-warren/forgejo:wip-js-udpate into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4002
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-06-03 07:14:39 +00:00
Earl Warren
1571052a74
[skip ci] docs(release): week 2024-21-v7.0 cherry pick
...
Refs: https://codeberg.org/forgejo/forgejo/pulls/3859
2024-06-03 09:12:49 +02:00
Earl Warren
eee908d02c
[skip ci] docs(release): week 2024-21 cherry pick
...
Refs: https://codeberg.org/forgejo/forgejo/pulls/3838
2024-06-03 09:11:17 +02:00
Earl Warren
d43ce30663
[skip ci] docs(release): week 2024-22 cherry pick
...
Refs: https://codeberg.org/forgejo/forgejo/pulls/3917
2024-06-03 08:24:21 +02:00
Earl Warren
dcc9a1ae15
Merge pull request 'Update ghcr.io/visualon/renovate Docker tag to v37.385.0' ( #3966 ) from renovate/ghcr.io-visualon-renovate-37.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3966
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-03 05:30:08 +00:00
Earl Warren
e9ee514c9a
chore(dependency): renovate is used for managing updates
...
Remove https://github.com/silverwind/updates as a dependency
2024-06-03 07:21:19 +02:00
Renovate Bot
87b4a169ca
Update ghcr.io/visualon/renovate Docker tag to v37.385.0
2024-06-02 22:06:00 +00:00
Earl Warren
0bf83db41b
Merge pull request 'Update dependency @github/text-expander-element to v2.7.1' ( #3939 ) from renovate/github-text-expander-element-2.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3939
Reviewed-by: Otto <otto@codeberg.org>
2024-06-02 21:36:31 +00:00
Earl Warren
bbdba70db6
Merge pull request 'fix(hook): repo admins are wrongly denied the right to force merge' ( #3976 ) from earl-warren/forgejo:wip-admin-protection into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3976
Reviewed-by: Victoria <efertone@noreply.codeberg.org>
2024-06-02 19:48:44 +00:00
Earl Warren
09f3518069
fix(hook): repo admins are wrongly denied the right to force merge
...
The right to force merge is uses the wrong predicate and
applies to instance admins:
ctx.user.IsAdmin
It must apply to repository admins and use the following predicate:
ctx.userPerm.IsAdmin()
This regression is from the ApplyToAdmins implementation in
79b7089360
.
Fixes: https://codeberg.org/forgejo/forgejo/issues/3780
2024-06-02 21:16:46 +02:00
Lunny Xiao
62448bfb93
Fix push multiple branches error with tests ( #31151 )
...
(cherry picked from commit 5c1b550e00e9460078e00c41a32d206b260ef482)
Conflicts:
tests/integration/git_push_test.go
trivial context conflict because of
2ac3dcbd43
test: hook post-receive for sha256 repos
2024-06-02 20:39:42 +02:00