Commit graph

54 commits

Author SHA1 Message Date
Gusted 0c4872f839
[CHORE] Update connect-go to maintained fork
- Update github.com/bufbuild/connect-go to
https://github.com/connectrpc/connect-go.
- This is a fork that's actively maintained and is recommend by the
original library. Looking at the recent release notes, it looks like
going in the right direction what one would expect of a library, no
strange features being added, lots of improvements.
- There's still an indirect dependency by
`code.gitea.io/actions-proto-go` on a old version of `connect-go`.
2024-02-28 09:40:56 +01:00
Earl Warren 094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Gusted 92413041bd
[GITEA] Use maintained gziphandler
- https://github.com/NYTimes/gziphandler doesn't seems to be maintained
anymore and Forgejo already includes
https://github.com/klauspost/compress which provides a maintained and
faster gzip handler fork.
- Enables Jitter to prevent BREACH attacks, as this *seems* to be
possible in the context of Forgejo.

(cherry picked from commit cc2847241d82001babd8d40c87d03169f21c14cd)
(cherry picked from commit 99ba56a8761dd08e08d9499cab2ded1a6b7b970f)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 711638193daa2311e2ead6249a47dcec47b4e335)
(cherry picked from commit 9c12a37fde6fa84414bf332ff4a066facdb92d38)
(cherry picked from commit d13065345431a499f9e0b7a3c2043d7487b8aa5b)
(cherry picked from commit 45a16f8c3c6f7d5e4aab8fdde6a621cf36e4801c)
(cherry picked from commit a497acb31f76d580c8b0567f9461274bd78080f4)
(cherry picked from commit fe87fd828973945192b98310c5c3b2001c6e0f86)
(cherry picked from commit 6ac12e6693cf45cb12109028dabd868957c4b74c)
(cherry picked from commit 981ec37e1e72ab19c20067ff4d2a7e20a60d3305)
(cherry picked from commit 5d6892ec10086f0ba63f26693faa82d0fd4e3f4a)
(cherry picked from commit 9df7968f4fc72de9788d84ca3f349e4c98ee630e)
(cherry picked from commit 7d588d183329cd760053663ea2e1e82e62958409)

Conflicts:
	routers/web/web.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit defb101281f5a6ba410abc763674bafa7b63dffd)
(cherry picked from commit 5830f204a17767fda3e45d16dbf3af8c32e7f387)
(cherry picked from commit 029f4e98636a7776f430684e9d7142d69a444f96)
(cherry picked from commit 816fe558126d0ecce969fdf2a196fa6afdcca792)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 99866d804560b415b6158371eb0efd17d097cfe0)
2024-02-05 16:09:40 +01:00
Caesar Schinas 31bfb80c03
[BRANDING] add Forgejo logo
(cherry picked from commit f42622c7d5a28859f535e0d86ece06101baad1ef)
(cherry picked from commit a39e7f2a79f6527d45439f21bd88378264160c3a)
(cherry picked from commit afa2a31bb99c0fd9cd25c3c0279e6c49695b1900)
(cherry picked from commit 276e8856e594ad7e73414382d34fdf0278cbca6a)
(cherry picked from commit 68e3bd469f2e8190db70d4e1564fb46d01feb5f4)
(cherry picked from commit af124b9ccbb0b699ea5d1bf1530613cb9a96f205)
(cherry picked from commit b89ab4874d403c784c92e579f4f6a854621c0078)
(cherry picked from commit 0f2a2f0d0ff9851428d6899e307f3547d7651f87)
(cherry picked from commit 80999363c73e4e01cbf9116491743c87baa952af)
(cherry picked from commit f8880b5463aa1db047d89080d21e7a69979eb4a6)
(cherry picked from commit 5f4cf4f6e143237c81da3e80875727cef4b76343)
(cherry picked from commit b38e26bc1a8bb117f571672961a8445cfc02c953)
(cherry picked from commit d839e0033244b63df16c8b548cc52106fc693629)
(cherry picked from commit 32ffe2e4f12c16a44a759c906078d40731c1a0c7)
(cherry picked from commit f1fd0504add78ae3fb5c710ab5a9ada20321afac)
(cherry picked from commit 6d77ea4d60a193d9d4175c4943b34077228e5964)
(cherry picked from commit 61a0a4a276303c3fd56f93fd109e3416cfdf7c60)
(cherry picked from commit a90b4126fdd55feef43f45d1dc3e3400806a476b)
(cherry picked from commit 9a20538fb4e88682e213a20813b77cc0f602fbfd)
(cherry picked from commit ce0fc02f0fbaa45b146fed175ce68bd02c507f3e)
(cherry picked from commit 541f7cb026f976d078ecb6da3a6c9e13cc4336f2)
(cherry picked from commit d6d0c2ab78a14d7aac8d7b6b0d007149de2f7295)
(cherry picked from commit 2c28f5ad2496cf30eb15d6caf9171b79e5017141)
(cherry picked from commit 9571bddb3308e3c1f0383e60f972ca61a0a467b7)
(cherry picked from commit c83ba08d01f149ecd52d983eec76bd60822c1ddd)
(cherry picked from commit 30e7d567ede79c015d0d115d9a2d535e6c681cb9)
(cherry picked from commit a8b8c3eba75511449dc97fa27b37db1076ce95f0)
(cherry picked from commit 8e053e1ade4710ade3b6e4bc6aa04fe9281243d7)
(cherry picked from commit 9e3b0f7520a56e5eb22cd0e33e231ea9063f0e1f)
(cherry picked from commit 2343b9bd09cda3e474b36842fae419f9fe32b134)
(cherry picked from commit 56572d4156050c2beb62f63a871375fdc2424271)
(cherry picked from commit 9b09eda1680282f8114f752e52afd544ef30350c)
(cherry picked from commit 86a8b7b4904158ea80d259d7a1846528a9b3c403)
(cherry picked from commit 99a550c0e3de3bd8d17a610b849da0c04f776dbd)
(cherry picked from commit bdcf3f51e07c9f5f067fca7501ad69c42f925197)
(cherry picked from commit cec8f2d31e1cd9237120ee57af80b17e4abf026e)
(cherry picked from commit 25aa22ba2b8b8bdb215c14002ebc137e2e70cad4)
(cherry picked from commit 31510249a01fad40cc001277f5bcbe57248b0330)
(cherry picked from commit 95dc569227ac57c2efe7817edb6749fcead0ec24)
(cherry picked from commit f6caf5f1b9f8f560fcfef29247525c018976dcde)
(cherry picked from commit aba34fbf70dce183907083593cab7716597575a3)
(cherry picked from commit 41b816fdac30cfca311d5c24c155301de5d08a40)
(cherry picked from commit c98e79b89f5a12b50b6eb1ff1d0afc2cbd756ca3)
(cherry picked from commit d33d4f193cd79493e3d206e0c73395aea5bd305c)
(cherry picked from commit 4e5bb41cbe9823f8c198a54b56f0ee66b9cf8bf8)
(cherry picked from commit 3aa8ddb8cb4cb836b98c465342b106d027868606)
(cherry picked from commit e8057040bb751d1bdcb0e7412495da353189a02f)
(cherry picked from commit f3bf61e51e8c44ac098dca03532507bae5b65fc1)
(cherry picked from commit e9d08aad76cc38a81e9489871e1116819f84052e)
2024-02-05 16:02:13 +01:00
Gusted 8735fcdb7d
[GITEA] Vendor rupture dependency
- The [rupture](https://github.com/ethantkoenig/rupture) dependency was
essentially outdated in the sense it was using old version of
dependencies.
- The usage by Forgejo was rather a small portion, so that portion is
now vendored (with its tests).
- Removes old dependencies from go.sum (less dependencies is better for
reviewing what the heck we're importing). Just to note that they were
likely not being used by Go's build process (according to
https://go.dev/ref/mod#minimal-version-selection), so it's really a
matter of formal cleaning up dependencies we don't use and therefor
don't want to download and be in our go.sum.

(cherry picked from commit aa72a5f009b5027b2324106343f91b466ba46293)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2148
(cherry picked from commit fbe8d65f0b1836b2e771991b4d5d12f1bfa938ed)
(cherry picked from commit e18debcb6a9476f60d364e847265b4ac7fb76c8e)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2245
(cherry picked from commit 8c43c2ada82102a0df44fd874c4f5fe3a36ef758)
2024-02-05 15:08:04 +01:00
wxiaoguang 82acf22d9c
Update go dependencies and fix go-git (#28893)
More details are in the comment of repo_base_gogit.go

And ref: https://github.com/go-git/go-git/issues/1006
2024-01-23 05:40:00 +00:00
wxiaoguang 11f0519ad8
Update go dependencies (#28518)
Update golang.org/x/crypto for CVE-2023-48795 and update other packages.
`go-git` is not updated because it needs time to figure out why some
tests fail.
2023-12-19 09:18:42 +08:00
Yevhen Pavlov cd2ff6e83d
Bump google/go-github to v57 (#28514) 2023-12-18 15:42:04 -06:00
techknowlogick e3229c8e9b
bump go-deps (#27489) 2023-10-07 05:55:08 +00:00
wxiaoguang 1432d4eab9
Update go dependencies (#26534) 2023-08-16 12:02:40 +00:00
Chongyi Zheng f2138d6968
Replace gogs/cron with go-co-op/gocron (#25977)
Replace `github.com/gogs/cron` with `github.com/go-co-op/gocron` as the
former package is not maintained for many years.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-24 04:13:41 +00:00
wxiaoguang d0dbe52e76
Refactor to use urfave/cli/v2 (#25959)
Replace #10912

And there are many new tests to cover the CLI behavior

There were some concerns about the "option order in hook scripts"
(https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314),
it's not a problem now. Because the hook script uses `/gitea hook
--config=/app.ini pre-receive` format. The "config" is a global option,
it can appear anywhere.

----

## ⚠️ BREAKING ⚠️

This PR does it best to avoid breaking anything. The major changes are:

* `gitea` itself won't accept web's options: `--install-port` / `--pid`
/ `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's
options.
    * Use `./gitea web --pid ....` instead
* `./gitea` can still run the `web` sub-command as shorthand, with
default options
* The sub-command's options must follow the sub-command
* Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd
--sub-opt` (well, might not ...)
    * After: only `./gitea subcmd --sub-opt` could be used
    * The global options like `--config` are not affected
2023-07-21 17:28:19 +08:00
harryzcy ec227d6682
Remove nfnt/resize and oliamb/cutter (#25999)
The package `github.com/nfnt/resize` is deprecated and archived by the
author. `github.com/oliamb/cutter` is not maintained since 2018. We
could use `golang.org/x/image/draw` instead.
2023-07-20 19:52:42 +08:00
harryzcy 0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
harryzcy c5e187c389
Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
isla w e882398c5a
Update emoji set to Unicode 15 (#25595)
Update emoji set to Unicode 15 which was added upstream here:
cb5c514d47

<img width="854" alt="Screenshot 2023-06-29 at 11 02 56 AM"
src="https://github.com/go-gitea/gitea/assets/1669571/7bfb663d-0804-4d23-a62d-f585a6783ca6">

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-29 16:29:48 +00:00
Yevhen Pavlov 5fa4415bbb
Update github.com/google/go-github to v53 (#25157)
The new `go-github` version
[53](https://github.com/google/go-github/releases/tag/v53.0.0) has been
released.
2023-06-09 19:42:51 +00:00
6543 4c81dae297
Update github.com/google/go-github to v52 (#24004)
based on https://github.com/google/go-github/pull/2743

because of
https://github.com/go-gitea/gitea/pull/23946#discussion_r1160317554

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-05-31 00:31:51 +00:00
KN4CK3R 05209f0d1d
Add RPM registry (#23380)
Fixes #20751

This PR adds a RPM package registry. You can follow [this
tutorial](https://opensource.com/article/18/9/how-build-rpm-packages) to
build a *.rpm package for testing.

This functionality is similar to the Debian registry (#22854) and
therefore shares some methods. I marked this PR as blocked because it
should be merged after #22854.


![grafik](https://user-images.githubusercontent.com/1666336/223806549-d8784fd9-9d79-46a2-9ae2-f038594f636a.png)
2023-05-05 20:33:37 +00:00
techknowlogick a1cd455c85
Bump golang deps (#24533) 2023-05-05 17:17:19 +08:00
KN4CK3R bf999e4069
Add Debian package registry (#24426)
Co-authored-by: @awkwardbunny

This PR adds a Debian package registry.
You can follow [this
tutorial](https://www.baeldung.com/linux/create-debian-package) to build
a *.deb package for testing.
Source packages are not supported at the moment and I did not find
documentation of the architecture "all" and how these packages should be
treated.


![grafik](https://user-images.githubusercontent.com/1666336/218126879-eb80a866-775c-4c8e-8529-5797203a64e6.png)

Part of #20751.

Revised copy of #22854.

---------

Co-authored-by: Brian Hong <brian@hongs.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-02 12:31:35 -04:00
Yarden Shoham c0ddec8a2a
Revert "Add Debian package registry" (#24412)
Reverts go-gitea/gitea#22854
2023-04-28 18:06:41 -04:00
KN4CK3R bf77e2163b
Add Debian package registry (#22854)
Co-authored-by: @awkwardbunny

This PR adds a Debian package registry. You can follow [this
tutorial](https://www.baeldung.com/linux/create-debian-package) to build
a *.deb package for testing. Source packages are not supported at the
moment and I did not find documentation of the architecture "all" and
how these packages should be treated.

---------

Co-authored-by: Brian Hong <brian@hongs.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-04-28 17:51:36 -04:00
silverwind 572af214a7
Ensure final newline in assets/go-licenses.json (#24407)
This will ensure that the file always has a final newline. I'm not sure
where this bug with inconsistent final newline actually comes from, it
is likely Windows-related.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-04-28 13:39:18 -04:00
JakobDev 65fe0fb22c
Allow webp images as avatars (#24248)
Users can now upload `webp` images.
Browsers supporting webp images then display this as the avatar of this
user (every major browser except IE).

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-21 13:15:49 -04:00
techknowlogick 985f76dc4b
Update redis library to support redis v7 (#24114) 2023-04-13 18:41:04 -04:00
harryzcy 1ee45305e0
Update github.com/google/go-github to v51 (#23946)
`github.com/google/go-github` has new major version releases frequently.
It is required to update all import path, in additional to `go.mod`
2023-04-08 19:27:30 +08:00
wxiaoguang 8f00979f73
Drop "unrolled/render" package (#23965)
None of the features of `unrolled/render` package is used. 

The Golang builtin "html/template" just works well. Then we can improve
our HTML render to resolve the "$.root.locale.Tr" problem as much as
possible.

Next step: we can have a template render pool (by Clone), then we can
inject global functions with dynamic context to every `Execute` calls.
Then we can use `{{Locale.Tr ....}}` directly in all templates , no need
to pass the `$.root.locale` again and again.
2023-04-08 14:21:50 +08:00
techknowlogick 92c160d8e7
Add meilisearch support (#23136)
Add meilisearch support

Fixes #20665
2023-03-28 22:23:23 -04:00
Jason Song 19bfea6d7d
Update act (#23512)
Update replace:
```diff
- replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744
+ replace github.com/nektos/act => gitea.com/gitea/act v0.243.1
```

Update require:
```diff
-	github.com/nektos/act v0.0.0
+	github.com/nektos/act v0.2.43
```

Actually, `v0.2.43` doesn't work, it will be replaced by `gitea/act`, so
it's OK to put any version here. But `gitea/act` is based on
`nektos/act`, so keeping the right upstream version will make security
dependabot help.

BTW, the [security
report](https://github.com/go-gitea/gitea/security/dependabot/20) is
false positive, we don't use the artifact server in act, see #22738.
2023-03-16 18:09:11 +08:00
zeripath 740a5ecdd9
Update go.mod dependencies (#23126)
This PR does a bulk update of a lot of our go deps.

I have not included nektos/act and xorm for the following reasons:
* Xorm updates can sometimes be complex and I'd rather do that in a
separate PR
* I think people more update with the actions code should double check
that the latest nektos/act library works correctly.

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-24 20:18:49 +00:00
KN4CK3R f8c1e14a13
Use import of OCI structs (#22765)
Fixes #22758

Otherwise we would need to rewrite the structs in `oci.go`.
2023-02-06 10:07:09 +00:00
Jason Song 4011821c94
Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
John Olheiser 2052a9e2b4
Consume hcaptcha and pwn deps (#22610)
This PR just consumes the
[hcaptcha](https://gitea.com/jolheiser/hcaptcha) and
[haveibeenpwned](https://gitea.com/jolheiser/pwn) modules directly into
Gitea.

Also let this serve as a notice that I'm fine with transferring my
license (which was already MIT) from my own name to "The Gitea Authors".

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-29 09:49:51 -06:00
KN4CK3R fc037b4b82
Add support for incoming emails (#22056)
closes #13585
fixes #9067
fixes #2386
ref #6226
ref #6219
fixes #745

This PR adds support to process incoming emails to perform actions.
Currently I added handling of replies and unsubscribing from
issues/pulls. In contrast to #13585 the IMAP IDLE command is used
instead of polling which results (in my opinion 😉) in cleaner code.

Procedure:
- When sending an issue/pull reply email, a token is generated which is
present in the Reply-To and References header.
- IMAP IDLE waits until a new email arrives
- The token tells which action should be performed

A possible signature and/or reply gets stripped from the content.

I added a new service to the drone pipeline to test the receiving of
incoming mails. If we keep this in, we may test our outgoing emails too
in future.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-14 23:57:10 +08:00
techknowlogick b36854df37
Update golang deps (#22410)
Note, hashicorp's LRU has been updated to v2 which supports generics but
this was left out as it is a more involved upgrade.
2023-01-12 09:21:16 +01:00
techknowlogick 6f231a7980
Replace deprecated Webauthn library (#22400)
Fix #22052

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-11 21:51:00 -05:00
isla w f41ad344cb
Update Emoji dataset to Unicode 14 (#22342)
Gitea emoji dataset was out of date because it gets manually built and
hasn't been rebuilt since it was added. This means Gitea doesn't
recognize some newer emoji or changes to existing ones.

After changing the max unicode version to 14 I just ran: `go run
build/generate-emoji.go`

This should address the initial issue seen in #22153 where Gitea doesn't
recognize a standard alias used elsewhere when importing content.

14 is the latest supported version from the upstream source as 15 is not
widely supported (in their opinion) yet
2023-01-04 11:52:48 -06:00
Lunny Xiao e72acd5e5b
Split migrations folder (#21549)
There are too many files in `models/migrations` folder so that I split
them into sub folders.
2022-11-02 16:54:36 +08:00
qwerty287 a813c9d8f3
Allow creation of OAuth2 applications for orgs (#18084)
Adds the settings pages to create OAuth2 apps also to the org settings
and allows to create apps for orgs.

Refactoring: the oauth2 related templates are shared for
instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers`
to share code for instance-wide/org/user.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-09 20:07:41 +08:00
delvh 81d7270cde
Add new CSS variables --color-accent and --color-small-accent (#21305)
At the moment, this is only used to replace the color of the `viewed`
checkbox and of the `has changed` label.
Previously, the used variable accentuated always either darker or
lighter, which meant that one theme looked good while the other didn't.

Co-authored-by: silverwind <me@silverwind.io>
2022-10-07 17:48:03 +08:00
delvh acee32ca09
Prevent invalid behavior for file reviewing when loading more files (#21230)
The problem was that many PR review components loaded by `Show more`
received the same ID as previous batches, which confuses browsers (when
clicked). All such occurrences should now be fixed.

Additionally improved the background of the `viewed` checkbox.

Lastly, the `go-licenses.json` was automatically updated.

Fixes #21228.
Fixes #20681.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-22 01:02:56 +08:00
silverwind b5d21c0adf
Generate go-licenses during tidy again (#21108)
We can not have the `frontend` target depend on golang because of they
way drone is set up. Move the `go-licenses` generation back into `tidy`
where it will now also be checked for consistency during `tidy-check`.

(I assume all `main` branch builds should currently fail [like
this](https://drone.gitea.io/go-gitea/gitea/60244/1/11)).

The reasony why it shouldn't be treated the same as for example `go
generate` is because output files are checked in. tidy is imho the
optimal target to run this after.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-09-09 11:33:01 -04:00
silverwind 52c2ef7902
Rewrite go license generator in go (#21078)
This removes the JS dependency in the checks pipeline. JSON output is
different because the previous JS did indent the license data
differently and a JSON key was changed, but the end result is the same
as it gets re-indented by wepack.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-09-07 17:35:54 -04:00
silverwind 49efd1fb96
Add go licenses to licenses.txt (#21034)
`make go-licenses` will generate `assets/go-licenses.json` which is then included in the webpack build. 

This step depends on both go and node being present, so unfortunately, I could not automate the generation by hooking it up to `tidy` as that target is triggered on CI where we do not have a docker image with both go an node.

It should be ran from time to time, ideally after each go mod update.
2022-09-04 00:20:46 +02:00
John Olheiser a48d6ba4b4
Go 1.19 format (#20758)
* 1.19 gofumpt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Change CSV test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Commit whitespace fixes from @zeripath

Co-authored-by: zeripath <art27@cantab.net>

* Update emoji

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* bump swagger & fix generate-swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-30 21:15:45 -05:00
Jan-Eric Schober b65ad70f53
Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
* Changed the filename of the favicon SVG

This allows the user to have a favicon which differs from the logo.

* Added favicon.svg

This is needed to accommodate the changes for allowing the user to have a differing logo and favicon

* Adjusted page to accommodate what icon is used as favicon

* Added functionality to also generate the favicon.svg via generate-images.js

* Adjusted the description for the new favicon compatibility

Co-authored-by: silverwind <me@silverwind.io>

* Updated generate-images.js to generate favicons from a separate favicons.svg file

This belongs to PR #18542.

* Added description on how custom favicons can be generated

* Replaced space indents with tabs

* Synced changes with current state of the file

* Synced changes with current state of the file

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-05-23 23:54:48 +08:00
techknowlogick f8a668ab0c
Clean up SVG (#13680)
* Clean up SVG

* update per feedback

* fix css style

* Delete gitea.png

* no new line at end of file

* fix newline?

Co-authored-by: 6543 <6543@obermui.de>
2020-12-17 16:33:53 -05:00
silverwind 7cf23399a0
Rework 'make generate-images' (#12316)
* Rework 'make generate-images'

- Remove external dependencies and replace it with a node script that
  does does the same.
- Move detail removal from gitea-sm.png to favicon.png
- Remove favicon.ico and its generation, it is unused and we already serve
  favicon.png in its place.

Fixes: https://github.com/go-gitea/gitea/issues/12314

* use proper centering value for preserveAspectRatio

* fix lint

* use fabric

* better linting fix

* fix typo

* mention detail-remove class in docs
2020-07-26 17:47:51 +08:00
silverwind 8188176b58
Direct SVG rendering (#12157)
Introduce 'make svg' which calls a node script that compiles svg files
to `public/img/svg`. These files are vendored to not create a dependency
on Node for the backend build.

On the frontend side, configure webpack using `raw-loader` so SVGs can
be imported as string.

Also moved our existing SVGs to web_src/svg for consistency.

Fixes: https://github.com/go-gitea/gitea/issues/11618
2020-07-12 12:10:56 +03:00