Commit graph

16532 commits

Author SHA1 Message Date
idk
cdd3d4b8d8
Allow the use of alternative net.Listener implementations by downstreams (#25855)
This is a simple PR which moves the `GetListener` function to a
`DefaultGetListener` function, and changes `GetListener` to be a
variable which by default points to the `DefaultGetListener` function.
This allows people who may exist quasi-downstream of Gitea to create
alternate "GetListener" functions, with identical signatures, which
return different implementations of the `net.Listener` interface. This
approach is expressly intended to be non-invasive and have the least
possible impact on the gitea codebase. A previous version of this idea
was rejected before: https://github.com/go-gitea/gitea/issues/15544 but
because of issues like: https://github.com/go-gitea/gitea/issues/22335 I
**really** think that recommending people configure proxies by hand is
exactly the wrong way to do things(This is why there is a Tor Browser.).
This tiny change lets me put proper hidden service configuration into
single `i2p.go` file which lives in `modules/graceful/` and which never
has to be checked in to your codebase or affect your dependencies or
bloat your project in any way, it can live on a branch in my fork and
I'll fast-forward every release and never the twain shall meet.

The main use-case for this is to listen on Peer-to-Peer networks and
Hidden Services directly without error-prone and cumbersome
port-forwarding configuration. For instance, I might implement an
"I2PGetListener" as follows:

```Go
// adapted from i2p.go which is unchecked-in in my modules/graceful/ directory
import "github.com/eyedeekay/onramp"

var garlic = &onramp.Garlic{}

func I2PGetListener(network, address string) (net.Listener, error) {
	// Add a deferral to say that we've tried to grab a listener
	defer GetManager().InformCleanup()
	switch network {
	case "tcp", "tcp4", "tcp6", "i2p", "i2pt":
		return garlic.Listen()
	case "unix", "unixpacket":
// I2P isn't really a replacement for the stuff you use Unix sockets for and it's also not an anonymity risk, so treat them normally
		unixAddr, err := net.ResolveUnixAddr(network, address)
		if err != nil {
			return nil, err
		}
		return GetListenerUnix(network, unixAddr)
	default:
		return nil, net.UnknownNetworkError(network)
	}
}
```

I could then substitute that GetListener function and be 50% of the way
to having a fully-functioning gitea-over-hidden-services instance
without any additional configuration(The other 50% doesn't require any
code-changes on gitea's part).

There are 2 advantages here, one being convenience, first this turns
hidden services into a zero-configuration option for self-hosting gitea,
and second safety, these Go libraries are passing around
hidden-service-only versions of the net.Addr struct, they're using
hidden-service-only versions of the sockets, which are both expressly
designed to never require access to any information outside the hidden
service network, manipulating the application so it reveals information
about the host becomes much more difficult, and some attacks become
nearly impossible. It also opens up TLS-over-Hidden Services support
which is niche right now, of course, but in a future where gitea
instances federate if hidden services want to be part of the federation
they're probably going to need TLS certificates. They don't need to be
painful to set up.

This doesn't fix an open issue, but it might affect:
- https://github.com/go-gitea/gitea/issues/22335 - my `i2p.go` file
actually has a mod that fixes this but it requires adding a handful of
new dependencies to gitea and isn't compatible with the normal way you
guys recommend using a proxy so I don't think it's ready to send to you
as a PR, but if I can find a non-invasive way to fix it I will.
 - https://github.com/go-gitea/gitea/issues/18240

I hereby agree to the Code of Conduct published here:
8b89563bf1/CODE_OF_CONDUCT.md
I have read and understood the recommendations published here:
8b89563bf1/CONTRIBUTING.md

Thank you for your consideration.

---------

Co-authored-by: eyedeekay <idk@mulder>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-24 07:18:17 +00:00
wxiaoguang
478f36a538
Add missing default value for some Bool cli flags (#26082)
In #25959 I forgot to add default values to some Bool flags (which were
BoolT in cli/v1, BoolT means default to be true)

This PR adds the default "Value" for them.

```
./cmd/manager_logging.go:							}, cli.BoolTFlag{
./cmd/manager_logging.go-								Name:  "rotate, r",
./cmd/manager_logging.go-								Usage: "Rotate logs",
--
./cmd/manager_logging.go:							}, cli.BoolTFlag{
./cmd/manager_logging.go-								Name:  "daily, d",
./cmd/manager_logging.go-								Usage: "Rotate logs daily",
--
./cmd/manager_logging.go:							}, cli.BoolTFlag{
./cmd/manager_logging.go-								Name:  "compress, z",
./cmd/manager_logging.go-								Usage: "Compress rotated logs",
--
./cmd/admin.go:		cli.BoolTFlag{
./cmd/admin.go-			Name:  "force-smtps",
./cmd/admin.go-			Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.",
--
./cmd/admin.go:		cli.BoolTFlag{
./cmd/admin.go-			Name:  "skip-verify",
./cmd/admin.go-			Usage: "Skip TLS verify.",
--
./cmd/admin.go:		cli.BoolTFlag{
./cmd/admin.go-			Name:  "disable-helo",
./cmd/admin.go-			Usage: "Disable SMTP helo.",
--
./cmd/admin.go:		cli.BoolTFlag{
./cmd/admin.go-			Name:  "skip-local-2fa",
./cmd/admin.go-			Usage: "Skip 2FA to log on.",
--
./cmd/admin.go:		cli.BoolTFlag{
./cmd/admin.go-			Name:  "active",
./cmd/admin.go-			Usage: "This Authentication Source is Activated.",
```
2023-07-24 06:49:18 +00:00
sillyguodong
f5c7d4cfdd
Reduce unnecessary DB queries for Actions tasks (#25199)
Close #24544

Changes:

- Create `action_tasks_version` table to store the latest version of
each scope (global, org and repo).
- When a job with the status of `waiting` is created, the tasks version
of the scopes it belongs to will increase.
- When the status of a job already in the database is updated to
`waiting`, the tasks version of the scopes it belongs to will increase.
- On Gitea side, in `FeatchTask()`, will try to query the
`action_tasks_version` record of the scope of the runner that call
`FetchTask()`. If the record does not exist, will insert a row. Then,
Gitea will compare the version passed from runner to Gitea with the
version in database, if inconsistent, try pick task. Gitea always
returns the latest version from database to the runner.

Related:

- Protocol: https://gitea.com/gitea/actions-proto-def/pulls/10
- Runner: https://gitea.com/gitea/act_runner/pulls/219
2023-07-24 06:11:27 +00:00
wxiaoguang
674df05b16
Use stderr as fallback if the log file can't be opened (#26074)
If the log file can't be opened, what should it do? panic/exit? ignore
logs? fallback to stderr?

It seems that "fallback to stderr" is slightly better than others ....
2023-07-24 04:57:21 +00:00
Panagiotis "Ivory" Vasilopoulos
4b6764bbb3
Make organization redirect warning more clear (#26077) 2023-07-24 04:17:32 +00:00
Chongyi Zheng
f2138d6968
Replace gogs/cron with go-co-op/gocron (#25977)
Replace `github.com/gogs/cron` with `github.com/go-co-op/gocron` as the
former package is not maintained for many years.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-24 04:13:41 +00:00
delvh
f3d41c61eb
Remove db.DefaultContext in routers/ and cmd/ (#26076)
Now, the only remaining usages of `models.db.DefaultContext` are in
  - `modules`
  - `models`
  - `services`
2023-07-23 23:47:27 -04:00
HesterG
24c3bb95ac
Categorize admin settings sidebar panel (#26030)
This PR reorganize and categorize the admin settings sidebar panel into
groups:

- User Accounts, User Emails, Organizations, Authentication Sources ->
Identity & Access
- Repositories, Packages -> Code Assets
- Webhooks, Applications -> Integrations

Before:

<img width="1346" alt="Screen Shot 2023-07-21 at 10 30 28"
src="https://github.com/go-gitea/gitea/assets/17645053/e0c5ae83-464f-4aaa-8bab-2c5258c9278d">

After:

all configurable settings enabled (package, oauth, webhook)

<img width="1153" alt="Screen Shot 2023-07-21 at 10 27 30"
src="https://github.com/go-gitea/gitea/assets/17645053/88acf3f5-0623-4307-8654-69c654d80874">

all configurable settings disabled (package, oauth, webhook)

<img width="1391" alt="Screen Shot 2023-07-21 at 10 25 19"
src="https://github.com/go-gitea/gitea/assets/17645053/9e13aa60-e75c-4077-afd6-3da9e0ae18dd">

only oauth enabled

<img width="1323" alt="Screen Shot 2023-07-21 at 10 26 23"
src="https://github.com/go-gitea/gitea/assets/17645053/ce4f9ec0-b141-4d5e-ac13-46d001724dc5">

only webhook enabled

<img width="1350" alt="Screen Shot 2023-07-21 at 10 26 55"
src="https://github.com/go-gitea/gitea/assets/17645053/702491bd-083e-44fa-82bc-52c4571e54ac">
2023-07-24 09:05:16 +08:00
GiteaBot
4e4a71f3a0 [skip ci] Updated translations via Crowdin 2023-07-24 00:27:48 +00:00
Lunny Xiao
a12a5f3652
Fix duplicated url prefix on issue context menu (#26066)
Fix #26060
2023-07-23 11:56:43 +02:00
Lunny Xiao
b167f35113
Add context parameter to some database functions (#26055)
To avoid deadlock problem, almost database related functions should be
have ctx as the first parameter.
This PR do a refactor for some of these functions.
2023-07-22 22:14:27 +08:00
Lunny Xiao
c42b71877e
Fix branch list auth (#26041)
The public repositories' branch list dropdown will return wrong because
it requires login wrongly.
Caused by #25719
2023-07-22 11:47:06 +00:00
wxiaoguang
a7e8273574
Fix the truncate and alignment problem for some admin tables (#26042)
Some "text truncate email" code were just copied&pasted, they are not
suitable for most admin tables.

For the table layouts, some "max-width" helpers could be very helpful.
At least, we can get rid of the confusing "email" CSS class.

![image](https://github.com/go-gitea/gitea/assets/2114189/0b0bd068-56fc-41cf-b4a3-ed45eb797401)

![image](https://github.com/go-gitea/gitea/assets/2114189/e7f843a3-5f46-4205-b383-4c7ef647ce83)

![image](https://github.com/go-gitea/gitea/assets/2114189/ce8d65e1-7e03-466e-a03b-9bd33815da91)
2023-07-22 10:54:48 +00:00
JonRB
acc74c2fc6
Update secrets.en-us.md (#26057)
Present documentation does not capture that secrets are only visible if
ACTIONS are enabled for a repository. This PR adds a short note
2023-07-22 09:34:01 +00:00
silverwind
73033b1ad8
Improve text for empty issue/pr description (#26047)
The previous text implied that content was going to be added later, but
I don't think we should make such assumptions.

<img width="346" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/518133a7-2c4c-4463-91ee-5fe439898032">
2023-07-22 17:32:50 +08:00
delvh
d6d39ccd33
Add changelog for 1.20.1 (#26015) 2023-07-22 17:01:38 +08:00
Peter Verraedt
48cd82b759
Fix version in rpm repodata/primary.xml.gz (#26009)
The version listed in rpm repodata should only contain the rpm version
(1.0.0) and not the combination of version and release (1.0.0-2). We
correct this behaviour in primary.xml.gz, filelists.xml.gz and
others.xml.gz.

Signed-off-by: Peter Verraedt <peter@verraedt.be>
2023-07-21 19:41:38 +00:00
wxiaoguang
52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00
HesterG
2f0e79e639
Use frontend fetch for branch dropdown component (#25719)
- Send request to get branch/tag list, use loading icon when waiting for
response.
- Only fetch when the first time branch/tag list shows.
- For backend, removed assignment to `ctx.Data["Branches"]` and
`ctx.Data["Tags"]` from `context/repo.go` and passed these data wherever
needed.
- Changed some `v-if` to `v-show` and used native `svg` as mentioned in
https://github.com/go-gitea/gitea/pull/25719#issuecomment-1631712757 to
improve perfomance when there are a lot of branches.
- Places Used the dropdown component:

     Repo Home Page
    
<img width="1429" alt="Screen Shot 2023-07-06 at 12 17 51"
src="https://github.com/go-gitea/gitea/assets/17645053/6accc7b6-8d37-4e88-ae1a-bd2b3b927ea0">

    Commits Page

<img width="1431" alt="Screen Shot 2023-07-06 at 12 18 34"
src="https://github.com/go-gitea/gitea/assets/17645053/2d0bf306-d1e2-45a8-a784-bc424879f537">

    Specific commit -> operations -> cherry-pick
    
<img width="758" alt="Screen Shot 2023-07-06 at 12 23 28"
src="https://github.com/go-gitea/gitea/assets/17645053/1e557948-3881-4e45-a625-8ef36d45ae2d">

    Release Page
    
<img width="1433" alt="Screen Shot 2023-07-06 at 12 25 05"
src="https://github.com/go-gitea/gitea/assets/17645053/3ec82af1-15a4-4162-a50b-04a9502161bb">

- Demo


https://github.com/go-gitea/gitea/assets/17645053/d45d266b-3eb0-465a-82f9-57f78dc5f9f3

- Note:

UI of dropdown menu could be improved in another PR as it should apply
to more dropdown menus.

Fix #14180

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-21 11:20:04 +00:00
Yarden Shoham
dbbae67f44
Remove commit status running and warning from the dashboard repo list (#26036)
Also added comments so the next time the dashboard repo list won't be
forgotten

Follows #25839

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-07-21 10:32:25 +00:00
wxiaoguang
d0dbe52e76
Refactor to use urfave/cli/v2 (#25959)
Replace #10912

And there are many new tests to cover the CLI behavior

There were some concerns about the "option order in hook scripts"
(https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314),
it's not a problem now. Because the hook script uses `/gitea hook
--config=/app.ini pre-receive` format. The "config" is a global option,
it can appear anywhere.

----

## ⚠️ BREAKING ⚠️

This PR does it best to avoid breaking anything. The major changes are:

* `gitea` itself won't accept web's options: `--install-port` / `--pid`
/ `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's
options.
    * Use `./gitea web --pid ....` instead
* `./gitea` can still run the `web` sub-command as shorthand, with
default options
* The sub-command's options must follow the sub-command
* Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd
--sub-opt` (well, might not ...)
    * After: only `./gitea subcmd --sub-opt` could be used
    * The global options like `--config` are not affected
2023-07-21 17:28:19 +08:00
caicandong
840830b655
Remove commit status running and warning to align GitHub (#25839)
Fix #25776. Close #25826.

In the discussion of #25776, @wolfogre's suggestion was to remove the
commit status of `running` and `warning` to keep it consistent with
github.

references:
-
https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#about-commit-statuses


## ⚠️ BREAKING ⚠️

So the commit status of Gitea will be consistent with GitHub, only
`pending`, `success`, `error` and `failure`, while `warning` and
`running` are not supported anymore.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-07-21 16:24:36 +08:00
yp05327
d57e55cd47
Fix escape problems in the branch selector (#25875)
Fix #25865
2023-07-21 06:18:40 +00:00
Pavel
e89adec2a5
Update README.md to fix the broken link of Hugo (#26008)
Fix gohugo installiation link
2023-07-21 04:47:47 +00:00
Lunny Xiao
037c9895a7
Support copy protected branch from template repository (#25889)
Fix #14303
2023-07-21 12:32:47 +08:00
silverwind
2b6f224336
Update JS dependencies (#26025)
- Update all JS dependencies
- Tweak eslint config, disable SequenceExpression aka. [Comma
operator](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Comma_operator),
remove deprecated rule
- Add new stylelint rule
- Tested Monaco and Swagger
2023-07-21 11:34:10 +08:00
silverwind
d021c88d29
Reduce margins on admin pages (#26026)
Reduce margins around admin boxes and reduce sidebar size from 275px to
240px. This is the same 16px margin we use on issue pages.

Before and After:
<img width="1270" alt="Screenshot 2023-07-21 at 00 28 11"
src="https://github.com/go-gitea/gitea/assets/115237/f9b0dcb0-8f7e-49b4-b130-54bf31c142fd">
<img width="1271" alt="Screenshot 2023-07-21 at 00 30 51"
src="https://github.com/go-gitea/gitea/assets/115237/ddd75d59-9ab9-4061-8989-852e89727560">
2023-07-21 03:11:42 +00:00
FuXiaoHei
f3d293d2bb
Actions Artifacts support uploading multiple files and directories (#24874)
current actions artifacts implementation only support single file
artifact. To support multiple files uploading, it needs:

- save each file to each db record with same run-id, same artifact-name
and proper artifact-path
- need change artifact uploading url without artifact-id, multiple files
creates multiple artifact-ids
- support `path` in download-artifact action. artifact should download
to `{path}/{artifact-path}`.
- in repo action view, it provides zip download link in artifacts list
in summary page, no matter this artifact contains single or multiple
files.
2023-07-21 10:42:01 +08:00
GiteaBot
3acaaa29dd [skip ci] Updated translations via Crowdin 2023-07-21 00:26:46 +00:00
wxiaoguang
9b25bfa8f4
Remove redundant "RouteMethods" method (#26024)
The `RouteMethods` is mainly an alias for `Methods` with different
argument order.

Remove it to keep the "route.go" code clear
2023-07-21 00:43:49 +02:00
puni9869
d12ba978a7
Adding remaining enum for migration repo model type. (#26021) 2023-07-20 12:28:38 -05:00
Dominik Heidler
2e128dd1fc
RPM Registry: Show zypper commands for SUSE based distros as well (#25981)
After RPM is supported with https://github.com/go-gitea/gitea/pull/23380
let's show the user
how to add the repo and install the RPM via all common package managers.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 17:37:31 +02:00
wxiaoguang
af22f33a93
Fix the route for pull-request's authors (#26016)
Close #25906

![image](https://github.com/go-gitea/gitea/assets/2114189/e689f3e1-9a90-46c0-89f4-2d61394d34d3)


Succeeded logs:

```
[I] router: completed GET /root/test/issues/posters?&q=%20&_=1689853025011 for [::1]:59271, 200 OK in 127.7ms @ repo/issue.go:3505(repo.IssuePosters)


[I] router: completed GET /root/test/pulls/posters?&q=%20&_=1689853968204 for [::1]:59269, 200 OK in 94.3ms @ repo/issue.go:3509(repo.PullPosters)
```
2023-07-20 12:41:28 +00:00
harryzcy
ec227d6682
Remove nfnt/resize and oliamb/cutter (#25999)
The package `github.com/nfnt/resize` is deprecated and archived by the
author. `github.com/oliamb/cutter` is not maintained since 2018. We
could use `golang.org/x/image/draw` instead.
2023-07-20 19:52:42 +08:00
John Olheiser
0ef2919bb6
Correctly refer to dev tags as nightly in the docker docs (#26004)
As title, `dev` tags are no longer used since we switched to `nightly`

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-20 17:26:02 +08:00
wxiaoguang
28ecac8024
Fix env config parsing for "GITEA____APP_NAME" (#26001)
Regression of #24832 

Fix the bug and add a test for it

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 09:16:29 +00:00
jeremiepozzigithub
d7a8d09da0
Add file status for API "Get a single commit from a repository" (#16205) (#25831)
#16205 To obtain a closer behavior to the api from github, the status
(added, modified, removed) of a file should be available in addition to
the filename.
See github doc :

https://docs.github.com/fr/rest/commits/commits?apiVersion=2022-11-28#get-a-commit
2023-07-20 16:35:47 +08:00
Noah Snelson
df55f9b189
Add a link to OpenID Issuer URL in WebFinger response (#26000)
This change adds an entry to the `links` field of the
`/.well-known/webfinger` response. The new entry points to the `appURL`
as an OpenID issuer. This is consistent with the output of
`/.well-known/openid-configuration`, which also uses the value of
`appURL`.

This change is required for Tailscale SSO to work, as it uses the OpenID
Issuer URL when querying the Tailscale user email during signup/login
([docs](https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup)).
2023-07-20 16:02:45 +08:00
Lunny Xiao
01c04607c7
Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882)
Fix #25858 

The option `dissmiss stale approvals` was listed on protected branch but
never implemented. This PR fixes that.

<img width="1006" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/60bfa968-4db7-4c24-b8be-2e5978f91bb9">


<img width="1021" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/8dabc14d-2dfe-40c2-94ed-24fcbf6e0e8f">
2023-07-20 15:18:52 +08:00
GiteaBot
cf467119ff [skip ci] Updated translations via Crowdin 2023-07-20 00:27:21 +00:00
silverwind
36010243f7
Fix commit status color on dashboard repolist (#25993)
Followup to https://github.com/go-gitea/gitea/pull/25935 which has
missed to change the icon on the repolist because the logic is not
shared with templates.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 01:04:41 +02:00
Earl Warren
e20f8f0977
Improve profile readme rendering (#25988)
- Tell the renderer to use the `document` mode, so it's consistent with
other renderers.
- Use the same padding as `.file-view.markup`, so it's consistent with
other containers that contain markup rendering.
- Resolves https://codeberg.org/forgejo/forgejo/issues/833

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-07-19 22:22:32 +00:00
Earl Warren
8833853dd6
avoid hard-coding height in language dropdown menu (#25986)
This commit removes the hard-coded height of 500px, using that as a
max-height instead. The height of items in the dropdown menu, assuming a
default font size of 16px, is 36px, so the old CSS would cause overly
large dropdown menus in instances where less than 14 languages are
offered.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1000

Co-authored-by: rome-user <rome-user@noreply.codeberg.org>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 23:30:57 +02:00
Earl Warren
ad4c09b59f
parseScope with owner/repo always sets owner to zero (#25987)
Refs: https://codeberg.org/forgejo/forgejo/pulls/1001
2023-07-19 21:21:51 +08:00
harryzcy
0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
wxiaoguang
50e14699d3
Update path related documents (#25417)
Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 11:22:57 +02:00
silverwind
06df92b5af
Update djlint, enable H026 and T027 (#25980)
New rules enabled as the bugs I reported were fixed:

- H026 | Empty id and class tags can be removed.
- T027 | Unclosed string found in template syntax.

Refs:

https://github.com/Riverside-Healthcare/djLint/issues/711
https://github.com/Riverside-Healthcare/djLint/issues/712
2023-07-19 10:35:25 +02:00
GiteaBot
c7455e9f23 [skip ci] Updated translations via Crowdin 2023-07-19 00:46:27 +00:00
Jason Song
6f1f3e6c08
Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947)
Since OAuth2 will callback the root URL, if the user starts signing in
from a wrong host, Gitea will return 500 because it cannot find the
session.

<details>
<summary>How to reproduce</summary>

<img width="901" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920">

<img width="1014" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1">

</details>


So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is
enabled.

<img width="1015" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa">
2023-07-18 22:14:30 +00:00
wxiaoguang
236c645bf1
Refactor "Content" for file uploading (#25851)
Before: the concept "Content string" is used everywhere. It has some
problems:

1. Sometimes it means "base64 encoded content", sometimes it means "raw
binary content"
2. It doesn't work with large files, eg: uploading a 1G LFS file would
make Gitea process OOM

This PR does the refactoring: use "ContentReader" / "ContentBase64"
instead of "Content"

This PR is not breaking because the key in API JSON is still "content":
`` ContentBase64 string `json:"content"` ``
2023-07-18 18:14:47 +00:00