Commit graph

4332 commits

Author SHA1 Message Date
Gusted c6a53c3172
[SECURITY] Rework long-term authentication
- This is a 'front-port' of the already existing patch on v1.21 and
v1.20, but applied on top of what Gitea has done to rework the LTA
mechanism. Forgejo will stick with the reworked mechanism by the Forgejo
Security team for the time being. The removal of legacy code (AES-GCM) has been
left out.
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.

(cherry picked from commit e3d6622a63da9c33eed1e3d102cf28a92ff653d6)
(cherry picked from commit fef1a6dac5e25579e42d40209c4cfc06879948b9)
(cherry picked from commit b0c5165145fa52f2f7bbec1f50b308bdf1d20ef3)
(cherry picked from commit 7ad51b9f8d0647eecacd258f6ee26155da3872e1)
(cherry picked from commit 64f053f3834e764112cde26bb0d16c5e88d6b2af)
(cherry picked from commit f5e78e4c204ce50b800645d614218b6b6096eecb)

Conflicts:
	services/auth/auth_token_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2069
(cherry picked from commit f69fc23d4bbadf388c7857040ee0774b824e418e)
(cherry picked from commit d955ab3ab02cbb7f1245a8cddec426d64d3ac500)
(cherry picked from commit 9220088f902a25c4690bcabf5a40a8d02e784182)
(cherry picked from commit c73ac636962c41c71814c273510146f0533264ab)
(cherry picked from commit 747a176048ea93085b406429db0e25bb21912eda)

Conflicts:
	models/user/user.go
	routers/web/user/setting/account.go
	https://codeberg.org/forgejo/forgejo/pulls/2295
2024-02-05 15:06:15 +01:00
Gusted 089f51a63c
[DEADCODE] Add deadcode linter
- Add the experimental
[deacode](https://pkg.go.dev/golang.org/x/tools/internal/cmd/deadcode)
linter to Forgejo.
- To deal with false positives that can happen due to build tags or with code
that's currently only referenced by test code, the output of the tool is
compared against a known-good output.
- This commit doesn't make any attempt to remove any deadcode.

(cherry picked from commit ac462279e9361070326d512fc209b6f148f27865)
(cherry picked from commit b5ea6e85acecb8c02d18d51ec489bb1d329a33ce)
(cherry picked from commit 5915f3643c1939ab09dcac8f9fcb74bd4231a16d)

[CLEANUP] Remove deadcode

- This is deadcode since https://codeberg.org/forgejo/forgejo/pulls/1802
removed the usage of it.

(cherry picked from commit d840b9923e1a7aad7306c6b4d02df771ed0f40f4)
(cherry picked from commit 9442bab6266807141a14a647d3bc383233fc56e9)
(cherry picked from commit 0de9d18863c6af44941c7021548cdb07173ba3c0)
(cherry picked from commit 26abf783746ef29e66eea966160e2f9c139add26)
(cherry picked from commit 05d3a143c3785f3cc5e7f561aa2ad2ba556b55cc)
(cherry picked from commit 4b3d38d5e15b0fd02839d5687b634e7999e12666)
(cherry picked from commit a726e7198613b330a58c8c6dfc8866c360fbe555)
(cherry picked from commit cb62ae5b9885bcd5c2b6cb60f0e9cce6a991cc3c)
(cherry picked from commit 8195ba06d52fc1a05e9907149bb441b66887870e)
(cherry picked from commit 4570fb591aac0359a36800c8cadcd71613bdc7df)
(cherry picked from commit 1f4d33de2b68c776a305fe38fe6be5ae510ce983)
2024-02-05 14:45:09 +01:00
Earl Warren c7a389f2b2
[FEAT] allow setting the update date on issues and comments
This field adds the possibility to set the update date when modifying
an issue through the API.

A 'NoAutoDate' in-memory field is added in the Issue struct.
If the update_at field is set, NoAutoDate is set to true and the
Issue's UpdatedUnix field is filled.

That information is passed down to the functions that actually updates
the database, which have been modified to not auto update dates if
requested.

A guard is added to the 'EditIssue' API call, to checks that the
udpate_at date is between the issue's creation date and the current
date (to avoid 'malicious' changes). It also limits the new feature
to project's owners and admins.

(cherry picked from commit c524d33402c76bc4cccea2806f289e08a009baae)

Add a SetIssueUpdateDate() function in services/issue.go

That function is used by some API calls to set the NoAutoDate and
UpdatedUnix fields of an Issue if an updated_at date is provided.

(cherry picked from commit f061caa6555e0c9e922ee1e73dd2e4337360e9fe)

Add an updated_at field to the API calls related to Issue's Labels.

The update date is applied to the issue's comment created to inform
about the modification of the issue's labels.

(cherry picked from commit ea36cf80f58f0ab20c565a8f5d063b90fd741f97)

Add an updated_at field to the API call for issue's attachment creation

The update date is applied to the issue's comment created to inform
about the modification of the issue's content, and is set as the
asset creation date.

(cherry picked from commit 96150971ca31b97e97e84d5f5eb95a177cc44e2e)

Checking Issue changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPIEditIssueWithAutoDate
- TestAPIEditIssueWithNoAutoDate

- TestAPIAddIssueLabelsWithAutoDate
- TestAPIAddIssueLabelsWithNoAutoDate

- TestAPICreateIssueAttachmentWithAutoDate
- TestAPICreateIssueAttachmentWithNoAutoDate

(cherry picked from commit 4926a5d7a28581003545256632213bf4136b193d)

Add an updated_at field to the API call for issue's comment creation

The update date is used as the comment creation date, and is applied to
the issue as the update creation date.

(cherry picked from commit 76c8faecdc6cba48ca4fe07d1a916d1f1a4b37b4)

Add an updated_at field to the API call for issue's comment edition

The update date is used as the comment update date, and is applied to
the issue as an update date.

(cherry picked from commit cf787ad7fdb8e6273fdc35d7b5cc164b400207e9)

Add an updated_at field to the API call for comment's attachment creation

The update date is applied to the comment, and is set as the asset
creation date.

(cherry picked from commit 1e4ff424d39db7a4256cd9abf9c58b8d3e1b5c14)

Checking Comment changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPICreateCommentWithAutoDate
- TestAPICreateCommentWithNoAutoDate

- TestAPIEditCommentWithAutoDate
- TestAPIEditCommentWithNoAutoDate

- TestAPICreateCommentAttachmentWithAutoDate
- TestAPICreateCommentAttachmentWithNoAutoDate

(cherry picked from commit da932152f1deb3039a399516a51c8b6757059c91)

Pettier code to set the update time of comments

Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...)

XORM is smart enough to compose one single SQL UPDATE which all
columns + updated_unix.

(cherry picked from commit 1f6a42808dd739c0c2e49e6b7ae2967f120f43c2)

Issue edition: Keep the max of the milestone and issue update dates.

When editing an issue via the API, an updated_at date can be provided.
If the EditIssue call changes the issue's milestone, the milestone's
update date is to be changed accordingly, but only with a greater
value.

This ensures that a milestone's update date is the max of all issue's
update dates.

(cherry picked from commit 8f22ea182e6b49e933dc6534040160dd739ff18a)

Rewrite the 'AutoDate' tests using subtests

Also add a test to check the permissions to set a date, and a test
to check update dates on milestones.

The tests related to 'AutoDate' are:
- TestAPIEditIssueAutoDate
- TestAPIAddIssueLabelsAutoDate
- TestAPIEditIssueMilestoneAutoDate
- TestAPICreateIssueAttachmentAutoDate
- TestAPICreateCommentAutoDate
- TestAPIEditCommentWithDate
- TestAPICreateCommentAttachmentAutoDate

(cherry picked from commit 961fd13c551b3e50040acb7c914a00ead92de63f)
(cherry picked from commit d52f4eea44692ee773010cb66a69a603663947d5)
(cherry picked from commit 3540ea2a43155ca8cf5ab1a4a246babfb829db16)

Conflicts:
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1415
(cherry picked from commit 56720ade008c09122d825959171aa5346d645987)

Conflicts:
	routers/api/v1/repo/issue_label.go
	https://codeberg.org/forgejo/forgejo/pulls/1462
(cherry picked from commit 47c78927d6c7e7a50298fa67efad1e73723a0981)
(cherry picked from commit 2030f3b965cde401976821083c3250b404954ecc)
(cherry picked from commit f02aeb76981cd688ceaf6613f142a8a725be1437)

Conflicts:
	routers/api/v1/repo/issue_attachment.go
	routers/api/v1/repo/issue_comment_attachment.go
	https://codeberg.org/forgejo/forgejo/pulls/1575
(cherry picked from commit d072525b35e44faf7ff87143c0e52b8ba8a625c8)
(cherry picked from commit 8424d0ab3df75ac3ffa30f42d398e22995ada5e7)
(cherry picked from commit 5cc62caec788b54afd9da5b9193ce06ee8ec562b)
(cherry picked from commit d6300d5dcd01c7ddc65d8b0f326f9c19cb53b58e)

[FEAT] allow setting the update date on issues and comments (squash) apply the 'update_at' value to the cross-ref comments (#1676)

[this is a follow-up to PR #764]

When a comment of issue A referencing issue B is added with a forced 'updated_at' date, that date has to be applied to the comment created in issue B.

-----

Comment:

While trying my 'RoundUp migration script', I found that this case was forgotten in PR #764 - my apologies...

I'll try to write a functional test, base on models/issues/issue_xref_test.go

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1676
Co-authored-by: fluzz <fluzz@freedroid.org>
Co-committed-by: fluzz <fluzz@freedroid.org>
(cherry picked from commit ac4f727f63a2dd746dd84a31ebf7f70d5b5d7c52)
(cherry picked from commit 5110476ee9010ba8cdca0e0f37f765f8800e9fe1)
(cherry picked from commit 77ba6be1dab4f6f3678d79a394da56e6447ebbe1)
(cherry picked from commit 9c8337b5c442cfd72d97597c2089e776f42828b7)
(cherry picked from commit 1d689eb686f0f7df09c7861b3faf9d8683cb933b)
(cherry picked from commit 511c519c875a4c4e65c02ef0c4e3b941f4da4371)
(cherry picked from commit 2f0b4a8f610837d34844bb79cda1360ab23b6b1c)
(cherry picked from commit fdd4da111c449322901a0acf6d0857eac4716581)

[FEAT] allow setting the update date on issues and comments (squash) do not use token= query param

See https://codeberg.org/forgejo/forgejo/commit/33439b733a

(cherry picked from commit c5139a75b9e4af612a628171bd4f63a24860c272)
(cherry picked from commit c7b572c35d3e9e22017fd74045bcdc1109bd06df)
(cherry picked from commit aec7503ff6dd177980f3d9f367122ffc2fec8986)
(cherry picked from commit 87c65f2a490faeccb85088fa0981dd50f7199eb8)
(cherry picked from commit bd47ee33c20e53ae616a7e53d63c3b51809585fb)
(cherry picked from commit f3dbd90a747c14fb1b5b4271db6c10abbf86d586)
2024-02-05 14:44:33 +01:00
Earl Warren 20f022de72
[GITEA] add GetFile to config provider
(cherry picked from commit 88d1b53eeaa0d5ad0ed54c191236db928aadedf0)
(cherry picked from commit f63f71afad2aa8272772dba919485c5e858d2fae)
(cherry picked from commit 1f774145fc731e2d93cf8a6708dbf4c15722fa5e)
(cherry picked from commit 53e637693bcbb9fe9daca9a296c9d2c700fc915b)
(cherry picked from commit 4974cbf10a8b51d51591fa6f6281f4cd7a415c91)
(cherry picked from commit 554bca7fae7fa6f0235ab631598115875711d80e)
(cherry picked from commit 61b8cf83b988a2d8547b81cfb7aaeefaf2e17fba)
(cherry picked from commit d8bcc6f68c6dc972e8c99eb7b46a4f096f85cd61)
(cherry picked from commit ee04c340724cccada2c71db45ec510d19e92e099)
(cherry picked from commit 713153a6d63205984f2a85ee07f08269df3b0a85)
(cherry picked from commit 4e18c4f8bb35b02494d75311986fadb87328d477)
(cherry picked from commit 32be9db12df3dea9c12bf803a5226b6ae8cd7b32)
(cherry picked from commit fd50e9b9b4d7cd804e57418056126ed2df9bec6a)
(cherry picked from commit 11717b864bf4d820305511cf22ec50f61604a770)
(cherry picked from commit b70f3e0fa5db9cd90c961138c1ab748aa5c6a4d8)
(cherry picked from commit 2d802b2963d18b28a85a82e01f7a7f18ab8c3192)
(cherry picked from commit f61e2f71e2d629cc4e480f9e61c9b383675da0ef)
(cherry picked from commit 31723651c96d3f20811540aad94878815795da15)
(cherry picked from commit 38f6f703a0dfb04a9d436c8c806f1be513c7ea3a)
(cherry picked from commit 75f6716905755cbe3d7e49d965ab81a47f625bb7)
(cherry picked from commit fed2b2daf5d44348a0096572e91708ac3db5e9c8)
(cherry picked from commit a9bafa50213a3a385ba3901b2730fb84149855cc)
(cherry picked from commit 8ce897b3fe918c5702d5c86d97f1703a1f266697)
(cherry picked from commit c806addcd07c6afb20d9aca833cfa9a33ac680a7)
(cherry picked from commit e70d51bd26b49de93b2fe012a4f03efbe6c97607)
2024-02-05 14:44:33 +01:00
Earl Warren 726f3b1d84
[TESTS] verify facts for the admin storage documentation
(cherry picked from commit 57e597bf7e1e3bb3b7bcbcea66a4ea170a231f85)
(cherry picked from commit 643a2b0e81570e935779f6c509ebe4633fad74b9)
(cherry picked from commit f10faffb4febeef114d5be4e6abe57bd3cd72894)
(cherry picked from commit b440c5767eebdf406200e9a47446827778514425)

[TESTS] verify facts for the admin storage documentation (squash)

(cherry picked from commit d83d8ce57b8b39b4da849f5403198ecf706117ba)
(cherry picked from commit d8855ef27cd1b219184e95ce055bc6d84350ee26)
(cherry picked from commit 11230466ec0c1c4db1296cdd2ead74fc91a34491)
(cherry picked from commit b2cdd9d971b694fe32bab11f9ccdb41a38d7c6fe)
(cherry picked from commit a0a5e785241ac2c3a7493aa62637351021d48a39)
(cherry picked from commit 846413110fb936c386ba7fa80ff67e4394231464)
(cherry picked from commit 72b92d5a7854f5afbd949e0c6e53f3a4f5b72055)
(cherry picked from commit 7e039a9427d7a181ded17d653f49aa26679479e4)
(cherry picked from commit 227d42a1b69a1e542576ddc094d038de210183bb)
(cherry picked from commit 6488950a9b00b746c936fec41e6a9c59c4c02740)
(cherry picked from commit 0285c997749457cb6f67c5f3ca68e62721b53023)
(cherry picked from commit 0527bb20db0b22a1640f7d058399bc42ab8f9b98)
(cherry picked from commit b4d3fd43e314197f059830fe36d532888ef14c62)
(cherry picked from commit b45db6430024313f9530c1443d54630213f3b34b)
(cherry picked from commit 722ab376118847dca33ed5a47b6a41edda132b63)
(cherry picked from commit ff45632b42b1e5e741858a8f3bdb89a6d79cbe3e)
(cherry picked from commit 5144ae2aa7e1d903ecf6047902d9608cb6ae5500)
(cherry picked from commit f51438cd6888b9964c60369fecf64b727fe95ce1)
(cherry picked from commit 5ec304e5a178fb8c067b957233f54d8014df432f)
(cherry picked from commit 440b8c1af1d18f364f290fa385274d821b04c131)
(cherry picked from commit e5bbc626c1228a810bc8d6830cc5a3ee00d1baab)
(cherry picked from commit a996fe0fe4593d2f0432cbd8500f91cbbb011bb2)
2024-02-05 14:44:33 +01:00
Earl Warren 081a155cc1
[SEMVER] store SemVer in ForgejoSemVer after a database upgrade
(cherry picked from commit b7fe7cf401f4bddd6455efc651f7ac054f3fe1cf)
(cherry picked from commit cf339eed4f4851b18448dbdd83df32d00bc6f45b)
(cherry picked from commit 4f3a16168bbeced519a60c32e10e2895d9367238)
(cherry picked from commit 6f5bbc53fcebd614f5ee8627c7d6e3c637ffa694)
(cherry picked from commit aca42b422e76668387769c15868ef77b073bb7db)
(cherry picked from commit 5a7f7580e525694d1f27e12329c8532bd29273f8)
(cherry picked from commit 06c383c807ad49e1e35b429a10c6a11c65aeebe5)
(cherry picked from commit fe831dcb53b81b6cc632be751bfcbfb9bc00efd3)
(cherry picked from commit cd12cd0dbce47c6117ea579ae5019c182155b3a9)
(cherry picked from commit cc79163703ce31706c86b88c38fb8a20ed745e20)
(cherry picked from commit 0102a5715ea6a03b560cc2f0b6cbe2b2576c255e)
(cherry picked from commit 403f7520b3056eace36eae505afbab6a05f597b7)
(cherry picked from commit a3b61510a246f61c174ddc3c288e556522a6aab9)
(cherry picked from commit f83f0f9feb76a8b62ca4d74dc2785c713fbec282)
(cherry picked from commit fd1c3a6d09a057070844cd955d0920518e60f408)
(cherry picked from commit f7cdc3d6f1ad1ff01bb1814207fcb41210db80e8)
(cherry picked from commit 060121b644e0515a6b673cdd514d52e6fa1e6ec3)
(cherry picked from commit 62c847ff0235196e73e860d0d1658f0734985270)
(cherry picked from commit 4d051b51c2813828b978ef84b6b72c0ba051741b)
(cherry picked from commit 86e6981a936b1937065605892083b2488424bf5e)
(cherry picked from commit c1fc9e441b1467033911f3848f82a89aaacf98a9)
(cherry picked from commit 8bb2f0871a507d881acf74acf8fb90fd5ebff567)
(cherry picked from commit 0cd9fe52511ee06f1b8849325d196f60d8ccd151)
(cherry picked from commit b0b44778b4d3e51852d0669dfe6d9a6c334b90e4)
(cherry picked from commit 7c2f4f749f1c8986875eebf95254a3db151e5248)
2024-02-05 14:44:33 +01:00
Panagiotis "Ivory" Vasilopoulos 4df238bda0
[FEAT] Use OpenStreetMap in USER_LOCATION_MAP_URL by default
Follow-up to d58c542579 for Forgejo.

By default, Gitea does not select any map service that can be used
to introduce a 'Show this place on a map' button in the location
field of a user profile. Before I tried upstreaming this change to
Gitea, this was the case in Forgejo. This patch essentially recovers
this functionality, which is nice for public-facing instances and
communities.

Links to original PRs:
- https://codeberg.org/forgejo/forgejo/pulls/1076
- https://github.com/go-gitea/gitea/pull/26214

(cherry picked from commit bb187d5f617f8efceb41810d6ff9adcaa60450bb)
(cherry picked from commit ce02ef9078a8731921caa4f7b0c1b0ac3b59a784)
(cherry picked from commit 6b75c40e2575e23810880ee8e368dc1781e2b4e4)
(cherry picked from commit 6bc8e9f5737f5721ddcd1ef5926a778a7f66a4a3)
(cherry picked from commit 063f8afdf7c2cca014c60dcc3d78d270fd236f8f)
(cherry picked from commit c5cc736b72e1ba980519e9258686f41e4eb78b42)
(cherry picked from commit 7b1bb4bedc6196fb6e8516d9a34092b16d7fab05)
(cherry picked from commit 2a022dceb4b391e2fc25b077193ae22a71380eee)
(cherry picked from commit a946c142d2448cb92daaea11851cf7f00921f062)
(cherry picked from commit 8a4ea0c7ab8960f41a67442fa2f485fe0a901a96)
(cherry picked from commit 37bfb05b34e61194afe407acac5778258315b756)
(cherry picked from commit 12fbbb1754a1a836f6923431e47a5de95aec6b2e)
(cherry picked from commit abe9de2cd91d7c5f176ceddff20ce194439703c4)
(cherry picked from commit 84db57871785d84c2a32edc22f769821b3bec961)
(cherry picked from commit 1beab7af463727ede3b2cc577696f8223fca78d1)
(cherry picked from commit 8779d505f2ab738e24503f74dd7bb6dfc8187996)
(cherry picked from commit 21a788f2eb549a494d52ab23a47533d9a7534ee6)
(cherry picked from commit a7cc6d168772e13bcf0808da14ff1ddf9baa64b2)
(cherry picked from commit 25f840379f19e0b90e69078e6c09a3c36fdf13ac)
(cherry picked from commit 0db65f11224f030877e5279b85af4b9e3e975ca7)
(cherry picked from commit 0e08cbc854cc1561101f1efe68de1d0860f7c905)
(cherry picked from commit 57de51db8d965a6c5a90477f58d2600fa3e7feda)
(cherry picked from commit 5ab3dcabb1461f4453f58718c6802baeffff06c9)
(cherry picked from commit 7b5ad0c13b44a705320965414bb4b366cb5a2a10)
(cherry picked from commit adf449a11595e0f16e6aceaeb0e7bfa277a6c333)
(cherry picked from commit 77aa18227e9f5d675ddae6b9f058f664b0d30795)
2024-02-05 14:44:33 +01:00
Loïc Dachary de51b21624
[SECURITY] default to pbkdf2 with 320,000 iterations
(cherry picked from commit 3ea0b287d74b8fc0dad08b2a539105e1aa1c1e67)
(cherry picked from commit db8392a8ac093d4d3760e8bb40c56d8e194d44fb)
(cherry picked from commit bd2a5fa2923c320e01faeaa1fdc1ad823c337027)
(cherry picked from commit 2436acb3d986bad08aa134e450420fc4a08f5d62)
(cherry picked from commit 62f50e1c521c30729781e5cd58882e743bb8b851)
(cherry picked from commit dba18925217254d22f76306c0fe1c046c419268e)
(cherry picked from commit 4b58e3b6d41f9e42fd34469184a3c7d4c5205c86)
(cherry picked from commit 12470568569fec0644319d3d263a82bc7acdc0c3)
(cherry picked from commit afbaea700972ddd4cb788d0b6d5e78de5558756a)
(cherry picked from commit dcd4813d96f8d4e429914f4c8f951bd25b23afca)
(cherry picked from commit b51dc963d1625bd7b9869302ec1ae70bbafb4442)
(cherry picked from commit 611e895efd28026fdc4661893172356e76f6c3d0)
(cherry picked from commit fd492a03f5335c138e143e784657f7012484bd8c)
(cherry picked from commit 2c99991f44a15466339bb82b29d455c66795721b)
(cherry picked from commit 7426c1edb4b904424cded473c94c9739fde83ed0)
(cherry picked from commit 373244f8b2d449e8811e488e3a3732ba9bc79eaa)
(cherry picked from commit 4f6efecdb9d932459dd9f4d7ee393a121a7bbb96)
(cherry picked from commit 61d500808e443ce770b06fa1b87728a7785bd387)
(cherry picked from commit 65f8384b6361c39d48df95227b047a20977482be)
(cherry picked from commit 12ed28e734f79203ad6bf94774008715da6efd21)
(cherry picked from commit ec6cdc9e1a9544f4f2b0ad7256ed2a8b15cf5335)
(cherry picked from commit 08653ba05119906e066455a3e3913e66c179dbf3)
(cherry picked from commit d5847c87cbcf0fd15953fb7aeadd1cece989b6c9)
(cherry picked from commit 640a96e19be0c7faedf5aedfd90c15df8dc8f376)
(cherry picked from commit 46177814a9ee8596b58055b57bea5441a893de7f)
(cherry picked from commit b0098f5a80356757107cc4dd58bf24e2acba6b26)
(cherry picked from commit ce5ddeeca9fa39180a2f9630c82007f8e9410867)
(cherry picked from commit 5736fa1025681244b8eefef9a14b0715fa37d9a1)
(cherry picked from commit c43ca210fcbc2589158df8c2c3036dedb00eaa52)
(cherry picked from commit 7f92906bf3c72649dd2668263761ded71cf5ee91)
(cherry picked from commit f726525d2dba5e481f758624e62eeaa3d38be564)
(cherry picked from commit db86c93b0b7d2c1a7c17fcb6047b3d75873f9bbe)
(cherry picked from commit 6751bd93c3faf4be0f29b52b4c41626a244a2a54)
(cherry picked from commit 74bb523ac96062f93f20c174dcc9b1dc7ad94b13)
(cherry picked from commit 94f9045a81ef58ecb6671d1e8f2ad31a7758ea9a)
(cherry picked from commit 5297eac42d905d10060de688963f111cbefe49d4)
(cherry picked from commit 57e3c57c519f41a595845be3f2505610ae8ad690)
(cherry picked from commit c5cacfee51e2e7846234c9dd9c053b6cdfaf3947)
(cherry picked from commit dfa31ee0048dcf5c3b8d6fec6184f665a019f014)
(cherry picked from commit d7d10a76b41079cab423f00a96426a8de19fb876)
(cherry picked from commit 62bd4edd4622ea778d8994d05c535de677819544)
(cherry picked from commit 798c211f86f4ce713ab3fc18411fd72a57a219ef)
(cherry picked from commit 1f645aeceafdf6f4f74864b14d939c4bcdf096be)
(cherry picked from commit 8a8b62e10e9678fe33e32fa75f4b8c78e6aef68f)
(cherry picked from commit d3ff4e1fdfdaa272941d86735c91107f03280294)
(cherry picked from commit 81412571f8daeb4797556ba846ef7d7280844ef2)
(cherry picked from commit e9faa1f4e02c567721d2c28426580a839b96de5e)
(cherry picked from commit bce1ab85f7cef1696a4560f079bc346e813814b2)
2024-02-05 14:44:32 +01:00
Earl Warren 0dbcf3a3e8
[CI] Forgejo Actions based CI for PR & branches
(cherry picked from commit f9d75d4705ece5c119f2fd5e2bfbaf630d0bf739)
(cherry picked from commit 64f76f4ab269daa6a584305164732c68be0161c5)
(cherry picked from commit 5d024541551f1be98444923f0fa327a855104725)

[CI] Forgejo Actions workflows

(cherry picked from commit 3ff59b5379ebf761f32875f9d869a1d18f79741c)
(cherry picked from commit 8af826a6f7c70d03079ec68f10230041695017cd)
(cherry picked from commit d7c09d9cc80037a28d488da142ae2a2a99f59ac9)

[CI] use the docker label instead of ubuntu-latest

(cherry picked from commit b6a6470db6c8bae9963e204f9c8c408f309e81e3)

[CI] all tests need compliance before proceeding

(cherry picked from commit b35c496f2c3034164b9bb3a3550f35026adf9372)
(cherry picked from commit 36a4148a8ec654ae9fa5a6925a3b8606b96aebcc)
(cherry picked from commit 7ffcffa653808a284f422fdc31f6ea07874b585d)
(cherry picked from commit 8a246d296e502c181c6ee779d1773c9e78ca7acf)
(cherry picked from commit dd0b6e1826ba7699f967de2c00c1332909a53473)

[CI] Forgejo Actions based release process (squash) MySQL optimization

Refs: https://codeberg.org/forgejo/forgejo/issues/976
(cherry picked from commit b4b8c489e6e9fe36349eced5d4249467b25df2a7)
(cherry picked from commit 1e861db4afdc32549784381a96b16dac508ec1c0)
(cherry picked from commit a6c0e00330ded851c2f524039259f0b723d793e4)
(cherry picked from commit f97b336465fd6be15079e756c9ee3a580f0aa339)
(cherry picked from commit 6d65d5f0d6f798556a8f9e547896be03a5ee2f87)
(cherry picked from commit 79bfbadbed3bf84b96f2c027d119a4aa5c60d5e2)
(cherry picked from commit e86c40a34a97fc568c724ee5f8ee5b2bf46ebf19)
(cherry picked from commit da0c454adbcf1b5dbb95d9d74afaa371e32351a0)
(cherry picked from commit b49d892cda968b22ad6c29caade042690d96f2e2)

[CI] enable minio tests

(cherry picked from commit 4d8f4380311b872061bd20f561424662ecd8d817)
(cherry picked from commit c4eeb0a61ef579c21b0382edd61c62adebe93b28)

[CI] Forgejo Actions based CI for PR & branches (squash) cleanup

(cherry picked from commit 80eb20e84267552c971096693558734f0ec7afdd)
(cherry picked from commit d2ff589858961e4f25bc1d903cdf57df1db4c316)
(cherry picked from commit f6eedecb67fce992605bb1fcdd93c866ec47a9d4)
(cherry picked from commit cf458091e245e1c70944e940a214d5127f304303)
(cherry picked from commit ddd322cb2de165126080b222c1b09b2a91fea182)
(cherry picked from commit f0f5729b6467bea053d532c4c64c54a0fe737c98)

Conflicts:
	.github/workflows/pull-db-tests.yml
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit bb347aedd4e5030eea46ce22176a0444619df6b8)
(cherry picked from commit 0f5ebe8c3e78cef6f310ee9097a8413df904c08a)
(cherry picked from commit 9101cb4715ed88c6a3f0ad14443758d9bc9c61ed)
(cherry picked from commit ab118fe4efd96e9bb7134065643f094a379bb192)

[CI] Forgejo Actions based CI for PR & branches (squash) use node:20-bookworm

No longer use the custom test-env image, it is unecessary technical
debt.

Also upgrade to bitnami/minio:2023.8.31 to align with what Gitea tests

(cherry picked from commit d9b77fd2735a52043b4f8f1baaaa2e15073db621)
(cherry picked from commit ef8f099f9ea03d216324ceff348fe643240341dc)
(cherry picked from commit 6d3c675d203ba838de1f0540977f5e7e9f62f055)
(cherry picked from commit fc00ff45f2e810cc2a84bf57cdb2765830e5b07f)
(cherry picked from commit b7f02b9846b8c7087a4827a9c87f48eafd2ba1a2)
(cherry picked from commit d23d86e56728f4a263a0567c14e2dc20407baaff)
(cherry picked from commit e68e65460c40d343a3ada858c0c48d03a6a14bbb)
(cherry picked from commit 96f93a1fdb9f2c6ecbd05ac24c5375f3e0d631df)
(cherry picked from commit 2ff3080018633212075935ec6644654184009a2e)
(cherry picked from commit 8ea00bcff471b877e442f7b78bb46880c9e396f0)
(cherry picked from commit 85be961970b0d374d9816348a8a1b51289f7c787)
(cherry picked from commit 387b279fc33d79be1f0f0b35b32f5c17b0d64c9c)
(cherry picked from commit 219be7aa85fbf2bd5cb9daead3544b27f6200d83)
(cherry picked from commit 929b75ee39cd6d1a462bbd0c20597c357949c953)
(cherry picked from commit dd42a30d6a9e6cad26c9c916d733a0270d94a87e)
2024-02-05 13:33:59 +01:00
Loïc Dachary be2de105f5
[CI] Search .forgejo/workflows first
(cherry picked from commit 8b11cab677503be78b1deb17ed9dd5fb1c823a7d)
(cherry picked from commit be5927069674a17a4c09e7f0aa530bc4630851a9)
(cherry picked from commit e068f8b191585e2910d8a45ea78bfa1b78015bed)
(cherry picked from commit 7855bb0c60b5ec2a972ae04e4515ee5adb19a5e7)
(cherry picked from commit 45c4c8f44383dced75ab83f7c817b52e78968fab)
(cherry picked from commit 89520d67ffe0062e1accd39763e1e7dd5058d83a)
(cherry picked from commit 15eeb417a4b8bb948f888c73e20135c1e0fd1f63)
(cherry picked from commit 6db53a26432f02ae50da948483e2010bd962f9ce)
(cherry picked from commit 2f689b321fa275b6412f0b8686edc7aba97c3565)
(cherry picked from commit 04dc478314c3b4927cca78c354ca46ee217f035a)
(cherry picked from commit a554624f40f51c1c75d754d6cca14f7626bb599e)
(cherry picked from commit abca05f0d1c29680bba897cc0de7037053915ced)
(cherry picked from commit dc13e7eb22f2bde817f3845c646574d8f39c1b18)
(cherry picked from commit a161c5740eb5e76c13354ba2388fa34ae925fd8b)
(cherry picked from commit 06d33e2773f01b576ba050afe2b88718a7999434)
(cherry picked from commit f536275161cc4bf5d2f163bd68a4c4498c9fff3d)
(cherry picked from commit 84ac6f314a1840d45bdecb2ccd4482fb925fd2c2)
(cherry picked from commit 1e8126edfc3a6c78cda35f053bd0ac40ba9874ef)
(cherry picked from commit 0287ac3416563e0af05c3aeabc338b791c74ddb2)
(cherry picked from commit 3e5fca2aaea299013691f102b10417ac33988df0)
(cherry picked from commit 03b220bfeb86caa82eec2a67caf9a08460cf76c0)
(cherry picked from commit 1d033f4aaf2b7db1ae98e91d96ef3b8a0b07539e)
(cherry picked from commit 2ee9e3e9a395357885f16fa8a22a24cda79f637f)
(cherry picked from commit d28c2849931e7de2ae1660513774047bf6868e1a)
(cherry picked from commit 239df83859f88f7833f5796ee1f0811732c6e9a2)
(cherry picked from commit 96ae0c2e5d4fafbead44db52297e21242da0a6d0)
(cherry picked from commit 49aef71b322395674a5360bac7b93561e773ea35)
(cherry picked from commit 38b56d108d3f27faa0dc191518e6dbcb775fd7bf)
(cherry picked from commit 30f8d9ec3adecf4025fc3547e9a745d700f68d83)
(cherry picked from commit d5318618509f5d8bdef999445357553ab1c4cb5c)
(cherry picked from commit a75707deaa52cd3fedfda766460bcc8f2d7dea92)
(cherry picked from commit b1c73918b2ddaa4a59d9e7405b3b5bea5ccd496a)
(cherry picked from commit 53919170919bfcd3dca00ecbeb0778eadb0af075)
(cherry picked from commit a427f8dae539e9b38b8ca0e86ebb09cc2940e5a7)
(cherry picked from commit 6ba6f62c7e696b6975fbd797b1c596ff28c64e91)
2024-02-05 13:33:59 +01:00
Earl Warren c480d7fe6d
[CI] disable meilisearch/elasticsearch test, no server yet in CI
(cherry picked from commit a1381d9146fba42cb97d72d38525fa3e721bfb03)
(cherry picked from commit 74714e02461fb47fcc0901211668e4529fac68d0)
(cherry picked from commit 7749dbfe6684498a47e3037088e7bef3542b6ce5)
(cherry picked from commit 437924971136eaed795f77edd3d3dfffa5f68103)
(cherry picked from commit a69f55bebf82a0b68bc0f66bc029eaea836cddb7)
(cherry picked from commit 24dd5fbfdbc27c887dbc24661c1005fb2e14e3c6)
(cherry picked from commit dda856d6b83936fd1c96c84544b086cbd8f63115)
(cherry picked from commit bc14f4fa97fffe82d1c666e961e313f88433cb9e)
(cherry picked from commit 78fef4f1379d8854901151d4bc62135c73db868e)
(cherry picked from commit 69e013cc515e2a50006d8d02f575ff6490d272ff)
(cherry picked from commit f173c6a2734b2dccf1424d27cd8e10fc296e44a4)
(cherry picked from commit 92f9d02547017770deafd1f715c32ae4479b8ded)
(cherry picked from commit c99d51e665370ceb71b96b3fb65184090c7e4442)
(cherry picked from commit aa0650fd2b42738a5e564c229c3eb63b8ca77f9b)
(cherry picked from commit 0a8ef91302368751df22a1967857283222bc097f)
(cherry picked from commit 7b54fe01c2ded0bbbcae6b89d9e330ca4f6ab744)
(cherry picked from commit 0e154f366f14d106d14f500f605380c29b5a3f21)
(cherry picked from commit 02d88ee16d23b9ebb04bf1af843fc5d2074783ce)
(cherry picked from commit 411924e0172a7b10de7513f2e7f60ab5341b13e4)
(cherry picked from commit f4e9ca6db59f2c5c638a0560d4ea99833d61520b)
(cherry picked from commit cd80126a23573dd5aea1e9674ee0bfa34c63ec5a)
(cherry picked from commit da626702f9743fc6e1dd77d21aff5fc3afe75912)
(cherry picked from commit 4b81d0bd046fef267bb10d2ca0cbd342c87fd4e2)
(cherry picked from commit 53ac2606694fa060879a0f4c82f6164c6f42a4d0)
(cherry picked from commit 984081f08d108acc47d312307b1c3beee3058202)
(cherry picked from commit 1c39bae3ec9b485f9969e29ed7ae8fe37b32da69)
2024-02-05 13:33:58 +01:00
Earl Warren d26fce3995
[CI] disable redis test, no redis server yet in CI
(cherry picked from commit e1bbfa36197ebab97954e8195f7d36adf7c85d56)
(cherry picked from commit 91245ca9179a46047a351247dacecdace557111d)
(cherry picked from commit 705d0558be2c90d06e9e5b883044fd0b275b1113)
(cherry picked from commit 9247594970c9db109e3e6ca3fd87485450df921c)
(cherry picked from commit 9db1158a487e00e588810459fe402cc2ccea43f7)
(cherry picked from commit 3b36b77d87a90fbea03fc16638657e19328ccedc)
(cherry picked from commit 162fa1d8ae3753dd8ee51698555e495f2c63d925)
(cherry picked from commit d03d0afbb565c8bc8b723e10c8c70b69e7af7b80)
(cherry picked from commit 7b8f92f7871b838bc2eefa34e7dc48bcd141d1d5)
(cherry picked from commit 035abca9691d33e319062325dae402da66683c43)
(cherry picked from commit a8fbf6bb56046665cb2cde0ffcc753f56b2f0f2d)
(cherry picked from commit 3be681d037b07880236cae1aa70245e5eb4d1497)
(cherry picked from commit 7e5d471c832ee3fea378ecc97835b038bd55a8e1)
(cherry picked from commit 323801d935fec2c6d460192b62fa12b5204da76e)
(cherry picked from commit 3fdfe4bfea623111f1f97e50b71b98a63c8b38e7)
(cherry picked from commit 58a07421a4508ca298c1c3a45d33d49737ee98d8)
(cherry picked from commit dbb71a4c8502b640857d3500dda12ab4b5d74b29)
(cherry picked from commit d442113520d21149e155d1e62bbeb6a35a6aec08)
(cherry picked from commit d3329f01f8c7145c422b159509f544ec83604a51)
(cherry picked from commit 069a1d68b856898e2913d1d4456deb7f1e976a6c)
(cherry picked from commit 14919e609a4dd9ae9ca19880ffc459def8bea273)
(cherry picked from commit 49b76be1068d1f83169956bb141116481a7e6a3c)
(cherry picked from commit 0fe9f257d2bd277f5cd620fe04e4b80b5abcd585)
(cherry picked from commit b583bebeab3d0b182df6b5d087522a4fb89ba3e9)
(cherry picked from commit 5c616e43a64451d607b6ee24400708d2704fd4db)
(cherry picked from commit 854bcea9051dc615cfd6d3e8cb03986e9058fd65)
(cherry picked from commit c2acb181c57e6ffef37df1a3a3b1b63c326cdd43)
(cherry picked from commit 1cb07e71d14118871ae40a82adabcde851a3e172)
(cherry picked from commit 5d3f09e6351614a8db979995299ac1b94ebf08ee)
(cherry picked from commit f8bf1c8d42be0eb40f4d4fdc72e7e4cefa842e52)
(cherry picked from commit a471ed4576607a4e13cac980016c9e2a702d9fd5)
(cherry picked from commit 95c755f4e34bb753a0f94f87f02a17256d7d1619)
(cherry picked from commit 1d8bc5215f6918e11d8beb1f7e252b04d9c15bb6)
(cherry picked from commit 45c1e7b8d0920db98556ecfdf0d1111c2ffcb66e)
(cherry picked from commit 2eb4d93af7b5679228dc38578a746242250e5d92)
(cherry picked from commit 98dbce5e147432194d6f177133dcaabe04309712)
(cherry picked from commit fbe2fb5861c90fcc292f357f45f804ee87594b6e)
2024-02-05 13:33:58 +01:00
Earl Warren e90db3f5cc
[CLI] implement forgejo-cli
(cherry picked from commit 2555e315f7561302484b15576d34c5da0d4cdb12)
(cherry picked from commit 51b9c9092e21a451695ee0154e7d49753574f525)

[CLI] implement forgejo-cli (squash) support initDB

(cherry picked from commit 5c31ae602a45f1d9a90b86bece5393bc9faddf25)
(cherry picked from commit bbf76489a73bad83d68ca7c8e7a75cf8e27b2198)

Conflicts:
	because of d0dbe52e76
	upgrade to https://pkg.go.dev/github.com/urfave/cli/v2
(cherry picked from commit b6c1bcc008fcff0e297d570a0069bf41bc74e53d)

[CLI] implement forgejo-cli actions

(cherry picked from commit 08be2b226e46d9f41e08f66e936b317bcfb4a257)
(cherry picked from commit b6cfa88c6e2ae00e30c832ce4cf93c9e3f2cd6e4)
(cherry picked from commit 59704200de59b65a4f37c39569a3b43e1ee38862)

[CLI] implement forgejo-cli actions generate-secret

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)

[CLI] implement forgejo-cli actions register

(cherry picked from commit 2f95143000e4ccc94ef14332777b58fe778edbd6)
(cherry picked from commit 42f2f8731e876564b6627a43a248f262f50c04cd)

[CLI] implement forgejo-cli actions register (squash) no private

Do not go through the private API, directly modify the database

(cherry picked from commit 1ba7c0d39d0ecd190b7d9c517bd26af6c84341aa)

[CLI] implement forgejo-cli actions

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)
(cherry picked from commit 4c121ef022597e66d902c17e0f46839c26924b18)

Conflicts:
	cmd/forgejo/actions.go
	tests/integration/cmd_forgejo_actions_test.go
(cherry picked from commit 36997a48e38286579850abe4b55e75a235b56537)

[CLI] implement forgejo-cli actions (squash) restore --version

Refs: https://codeberg.org/forgejo/forgejo/issues/1134
(cherry picked from commit 9739eb52d8f94d32f61068d7209958e8d2582818)

[CI] implement forgejo-cli (squash) the actions subcommand needs config

(cherry picked from commit def638475122a26082ab3835842c84cd03839154)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1209
(cherry picked from commit a1758a391043123903607338cb11490161ac946d)
(cherry picked from commit 935fa650c77b151752a58f621d846b166b97cd79)
(cherry picked from commit cd21026bc94922043dce8e2a5baba68111d1e569)
(cherry picked from commit 1700b8973a58f0fc3469492d8a39b931019d2461)
(cherry picked from commit 1def42a37945cfe88947803f9afe9468fb8798fe)
(cherry picked from commit 839d97521d59a012b06e6c2b9b0655c56b41b6cd)
(cherry picked from commit fd8c13be6b45f9aa939be482c0a4e5a60c89344c)
(cherry picked from commit 588e5d552f044d91218a07fa46e84259d4892c5d)
(cherry picked from commit 151a726620f662ff9af37316dfda38a6bd6744bb)

[v1.22] [CLI] implement forgejo-cli

https://codeberg.org/forgejo/forgejo/pulls/1541
(cherry picked from commit 46708de7b9a3efac74aced8361327a39f45b6892)
(cherry picked from commit a8e5c1369ee3ee197579a30aeba519b4384360aa)
(cherry picked from commit c8a32aaf24fd851927432f140fcc59a274824d33)

Conflicts:
	models/actions/main_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1656
(cherry picked from commit 79f4553063c4f4ee70c98f95d9e62facd9d33c67)
(cherry picked from commit 0379da0cf5b14e7915f2f38502bd00036723071d)
(cherry picked from commit 331d58c085d6533ebcc528c1ac69d4f99e8e9acd)
(cherry picked from commit 89705502c477ec833bd7ce46c3cedc53fbd454bc)
(cherry picked from commit 4723d5febf4a5748b2ca038bc95235995ebb8c11)
(cherry picked from commit e71b26013039d5d029ec4c38befd25e6a447b3f1)
(cherry picked from commit 6a376a5b48b0b5187f492ddd73c72896cc8ae0a8)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1969
(cherry picked from commit 6ba97cf4b5bae19426fef9d65a20bc5527e41a90)
(cherry picked from commit e0a6ebfeca1ff20d53fe8d0baf4a737d6e10fce1)
(cherry picked from commit 5702aeab2d25fa1f79fb1d11ec359a5460dc0f91)
(cherry picked from commit f919c4d6c11423ac2d3ab624d9a6390661c07aa7)
(cherry picked from commit a26799a88aa2f320b498372717019fa601545931)
(cherry picked from commit b6ab4733959176aacfb25183e9f2f5e57195e35d)
(cherry picked from commit cf054a0461ea204f81774b4da52dae186970d1a8)
2024-02-05 13:33:58 +01:00
Earl Warren 4e5bf59579
[CI] DEFAULT_ACTIONS_URL = https://code.forgejo.org
[CI] Revert "Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581)"

This reverts commit 67bd9d4f1e.

(cherry picked from commit 0547e94023a545fafe82e280dd809e7efd6d86e2)
(cherry picked from commit d21ad654ad0abc243913532326e916899b0e387c)
(cherry picked from commit b905e9d8386c58206234a417769cc17b3be34b62)
(cherry picked from commit 251a5bf235b1723bc2bc324f9e8c03a8668bb5ae)
(cherry picked from commit b370e4769423bec92b0f265f3e3b2b683640024d)
(cherry picked from commit 2cc28d078507027749c14a5448e949ab54b79c66)
(cherry picked from commit ed870a39e98fbb69c435a3a3ef0434fe6163ebe7)
(cherry picked from commit 7bb0c4654ecbbd2feee2c74034c1e2cdca0d6828)
(cherry picked from commit bab1f552c385e3c7d0faa33d28fb8087780ea834)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413

[CI] DEFAULT_ACTIONS_URL = https://codeberg.org

(cherry picked from commit 52b364ddbd9ac82b9e6f9c1767db2d6b36165011)
(cherry picked from commit 99887cd5673f6da49664b590ad60c83fdbe25a4a)
(cherry picked from commit cd5788782aa5c2ee8baecd57ca1e7882f0854453)
(cherry picked from commit 71c698a704d307c568f247710550d48f27cca4ce)
(cherry picked from commit 71386241dd741a4fa0b67d59a07d84ac31e0b870)
(cherry picked from commit b7ab05aeac12c44acd117d5a4e8d7b4da2ba4aa7)
(cherry picked from commit e78b9ca59c0af867f94d9c9bfae48f8cc9381224)
(cherry picked from commit edb3adf4606af94ed0ab0bd844ef626a39a99297)
(cherry picked from commit 3e400881975340be9148c4549a744395a6dac665)

[BRANDING] DEFAULT_ACTIONS_URL = https://code.forgejo.org

(cherry picked from commit d0e4512c902dec669da36a055a2ea54adb107e0f)
(cherry picked from commit 8ba6e047095e9ecb107d77361664fa83b03ddaa2)
(cherry picked from commit 63490810449b4189ed8538a22182fde1bc89c057)
(cherry picked from commit e06bd444951d1fd94a71ce3d591a8f397f456363)
(cherry picked from commit d58219d8e13f0b4007108d78f8f6f96a1d842c2c)
(cherry picked from commit 052f2c2aa45ae1aa1d59aaf713db4f771f62773b)
(cherry picked from commit 29dc39538631f65eaaf5dcc4eeb747fbc68d7498)
(cherry picked from commit 9eef3f59f3a1347ccc7d6d3704c9f5b40a3b6555)
(cherry picked from commit d650391fedd5b2cac313e29d51cc8689d885a594)
(cherry picked from commit c2e6e8c55d955f1e2b781c983f05319dddcc4386)
(cherry picked from commit e28a47741dc668421989b6b2310365a6611b23b7)

[CI] DEFAULT_ACTIONS_URL support for self & github (squash)

Refs: https://codeberg.org/forgejo/forgejo/issues/1062
(cherry picked from commit 74cc25376ecd1dbab57abffe286ae1f918057cfd)
(cherry picked from commit 405430708ffbebcfd2cefdcdfd24a540985b817c)
(cherry picked from commit 0274a6dee7f383bcd6b65b995b991b5ab0ee635a)
(cherry picked from commit be5cda0fd03b265367c551aefed83456be257075)
(cherry picked from commit d27474849fc4dd4ec958c04b7be06eced8b74d6e)
(cherry picked from commit 4a5e9e2d81f89b5c9e6782d1c24880d62f802d7f)
(cherry picked from commit 65b31906b27c7a6ecaecf74af748e046c51aa7a8)
(cherry picked from commit 13cf0b0963bb110db7229dc5cd4d202e7dec11fb)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413
(cherry picked from commit 49529badce0a43a07a786b22e2a8705a6a1dbe63)

Conflicts:
	custom/conf/app.example.ini
	docs/content/administration/config-cheat-sheet.en-us.md
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1460
(cherry picked from commit 00327b9b1f8512ddb93a07b57fcaee53b701478b)
(cherry picked from commit 3b322e43d5695d540a52259abdde74505241dda9)
(cherry picked from commit 492cc5205908263a2733ba06a6562237406d4c11)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit 9027b655df24bf47f49cc25d3547b6e49f66dde5)
(cherry picked from commit 47643830286025dbff1538e9a6ffc23b05ea3e4b)
(cherry picked from commit fbb00fd1cf9ecf30292aa3053f41076d7bb9027e)
(cherry picked from commit 417cd6c801bb14b38f672fea3371486c12636ebf)
(cherry picked from commit 6b70773ad817f6f3958e958a58c3d918e7d7f00e)
(cherry picked from commit 9ba069327d0c5179bdae7e22ca580f3c460e9ac1)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1827
(cherry picked from commit 727edf19ee48648d1464f3bb38f85d82900870fa)
(cherry picked from commit 689326ce2093701e57371759eda23ed9b7781286)
(cherry picked from commit 745d60aec426e40a8ac98199e5f342113b39b871)
(cherry picked from commit cb4ae4582c24552167e692871e697cc02384c054)
(cherry picked from commit 48d5ffe1c0345f612e96acb2459c80431fa94993)

Conflicts:
	custom/conf/app.example.ini
	https://codeberg.org/forgejo/forgejo/pulls/2068
(cherry picked from commit bbd4725bfdd82aa801ec0541c7dbdef9b39dcb1d)
(cherry picked from commit 04eda91d10889febaee3f1b824defb2c0c9fb493)
(cherry picked from commit d3621e46349645ad5e194ba6a21d4f607c403c8c)
(cherry picked from commit 08da63cc4daacabf53ed18f4e521375b49bea8fe)
(cherry picked from commit dc6d291b7127e92ae05bb51c6ae018734fbc3fc7)
2024-02-05 13:33:58 +01:00
Sergey Bugaev 2da233ad8b
Propagate install_if and provider_priority to APKINDEX (#28899)
Resolves https://github.com/go-gitea/gitea/issues/28704

Example of an entry in the generated `APKINDEX` file:

```
C:Q1xCO3H9LTTEbhKt9G1alSC87I56c=
P:hello
V:2.12-r1
A:x86_64
T:The GNU Hello program produces a familiar, friendly greeting
U:https://www.gnu.org/software/hello/
L:GPL-3.0-or-later
S:15403
I:36864
o:hello
m:
t:1705934118
D:so:libc.musl-x86_64.so.1
p:cmd:hello=2.12-r1
i:foobar=1.0 !baz
k:42
```

the `i:` and `k:` entries are new.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-05 05:52:56 +00:00
Bram Hagens 50f55f11c4
Show whether a PR is WIP inside popups (#28975)
Fixes https://codeberg.org/forgejo/forgejo/issues/2257

Draft status of a PR is currently not exposed by the API. This PR adds a
'draft' field to pull requests in the API, which is used to correctly
set the PR color/icon in a ContextPopup.

---

Before:

![image](https://github.com/go-gitea/gitea/assets/5541521/72cbd30e-1175-4338-aa97-ac99c46c5118)

After:

![image](https://github.com/go-gitea/gitea/assets/5541521/111c9eba-460e-4d57-bcca-23a151c3a4f1)
2024-02-04 22:37:45 +00:00
KN4CK3R f8b471ace1
Unify user update methods (#28733)
Fixes #28660
Fixes an admin api bug related to `user.LoginSource`
Fixed `/user/emails` response not identical to GitHub api

This PR unifies the user update methods. The goal is to keep the logic
only at one place (having audit logs in mind). For example, do the
password checks only in one method not everywhere a password is updated.

After that PR is merged, the user creation should be next.
2024-02-04 13:29:09 +00:00
silverwind a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
yp05327 3aed8ae034
Fix default avatar image size in PR diff page (#28971)
Fix #28941

ps: didn't test. The repo is too big to migrate.
2024-02-02 10:01:11 +00:00
Zettat123 adc3598a75
Fix an actions schedule bug (#28942)
In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled
2024-01-31 14:55:12 +00:00
cchangwen 28fe3db1fb
Also match weakly validated ETags (#28957)
https://stackoverflow.com/questions/51973120/where-does-the-w-in-an-etag-appear-from

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag#

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-29 16:18:40 +00:00
Lunny Xiao 34633d85f1
Fix bug for generated repository object format (#28969)
A repository generated from a template repository should have the same
git ObjectFormat.
2024-01-28 20:18:15 +00:00
wackbyte d9b3849454
Fix inconsistent naming of OAuth 2.0 ENABLE setting (#28951)
Renames it to `ENABLED` to be consistent with other settings and
deprecates it.

I believe this change is necessary because other setting groups such as
`attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but
`oauth2` is the only one with an `ENABLE` setting, which could cause
confusion for users.

This is no longer a breaking change because `ENABLE` has been set as
deprecated and as an alias to `ENABLED`.
2024-01-28 12:36:44 +00:00
Lunny Xiao 5f82ead13c
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.

## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:

Firstly, there are temporary repositories which do not change:

```go
git.OpenRepository(ctx, diskPath)
```

Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:

```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```

Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.

## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 21:09:51 +01:00
silverwind 60e4a98ab0
Preserve BOM in web editor (#28935)
The `ToUTF8*` functions were stripping BOM, while BOM is actually valid
in UTF8, so the stripping must be optional depending on use case. This
does:

- Add a options struct to all `ToUTF8*` functions, that by default will
strip BOM to preserve existing behaviour
- Remove `ToUTF8` function, it was dead code
- Rename `ToUTF8WithErr` to `ToUTF8`
- Preserve BOM in Monaco Editor
- Remove a unnecessary newline in the textarea value. Browsers did
ignore it, it seems but it's better not to rely on this behaviour.

Fixes: https://github.com/go-gitea/gitea/issues/28743
Related: https://github.com/go-gitea/gitea/issues/6716 which seems to
have once introduced a mechanism that strips and re-adds the BOM, but
from what I can tell, this mechanism was removed at some point after
that PR.
2024-01-27 18:02:51 +00:00
KN4CK3R 01acd1eea3
Strip / from relative links (#28932)
Fixes #28915

Restores the old behaviour:

https://github.com/go-gitea/gitea/pull/26745/files#diff-d78a9d361b1fddc12218e4dd42f42d39d6be1fda184041e06bb6fb30f0d94c59L96
2024-01-27 11:36:01 +08:00
Lunny Xiao 534917d576
Don't remove all mirror repository's releases when mirroring (#28817)
Fix #22066

# Purpose

This PR fix the releases will be deleted when mirror repository sync the
tags.

# The problem

In the previous implementation of #19125. All releases record in
databases of one mirror repository will be deleted before sync.
Ref:
https://github.com/go-gitea/gitea/pull/19125/files#diff-2aa04998a791c30e5a02b49a97c07fcd93d50e8b31640ce2ddb1afeebf605d02R481

# The Pros

This PR introduced a new method which will load all releases from
databases and all tags on git data into memory. And detect which tags
needs to be inserted, which tags need to be updated or deleted. Only
tags releases(IsTag=true) which are not included in git data will be
deleted, only tags which sha1 changed will be updated. So it will not
delete any real releases include drafts.

# The Cons

The drawback is the memory usage will be higher than before if there are
many tags on this repository. This PR defined a special release struct
to reduce columns loaded from database to memory.
2024-01-26 06:18:19 +00:00
KN4CK3R ba24e0ba61
Use new RPM constants (#28931)
https://github.com/sassoftware/go-rpmutils/pull/24 got merged.
2024-01-25 21:40:24 +00:00
John Olheiser 76bbad4e74
Check for sha256 support to use --object-format flag (#28928)
This should fix https://github.com/go-gitea/gitea/issues/28927

Technically older versions of Git would support this flag as well, but
per https://github.com/go-gitea/gitea/pull/28466 that's the version
where using it (object-format=sha256) left "experimental" state.

`sha1` is (currently) the default, so older clients should be unaffected
in either case.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2024-01-25 13:04:50 -05:00
KN4CK3R c46316f7ae
Respect branch info for relative links (#28909)
Fix #28904

Co-authored-by: Giteabot <teabot@gitea.io>
2024-01-25 09:54:44 +01:00
JakobDev 4567a3a1ad
Allow to sync tags from admin dashboard (#28045)
Inspired by #28043

This PR adds a option to the Admin Dashboard to sync all tags to the
database.


![grafik](https://github.com/go-gitea/gitea/assets/15185051/26ac51ef-82a4-4fd9-a6a6-5aefec612ff6)
2024-01-24 03:02:04 +00:00
wxiaoguang 82acf22d9c
Update go dependencies and fix go-git (#28893)
More details are in the comment of repo_base_gogit.go

And ref: https://github.com/go-git/go-git/issues/1006
2024-01-23 05:40:00 +00:00
Lunny Xiao c4cdebacfe
Fix sort bug on repository issues list (#28897)
Fix #28896
2024-01-23 09:17:42 +08:00
KN4CK3R caad931385
Prevent anonymous container access if RequireSignInView is enabled (#28877)
Fixes #28875

If `RequireSignInView` is enabled, the ghost user has no access rights.
2024-01-21 16:31:29 +00:00
sdvcrx 80d48621cd
Fix incorrect PostgreSQL connection string for Unix sockets (#28865)
Fix #28864
2024-01-20 16:04:47 +00:00
Lunny Xiao 62f995203a
Move doctor package from modules to services (#28856) 2024-01-20 10:07:31 +08:00
Adam Majer d68a613ba8
Add support for sha256 repositories (#23894)
Currently only SHA1 repositories are supported by Gitea. This adds
support for alternate SHA256 with the additional aim of easier support
for additional hash types in the future.

Fixes: #13794
Limited by: https://github.com/go-git/go-git/issues/899
Depend on: #28138

<img width="776" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/5448c9a7-608e-4341-a149-5dd0069c9447">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 17:05:02 +01:00
KN4CK3R 461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984
(https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912)

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
2024-01-19 11:37:10 +00:00
Brecht Van Lommel 1167d523c4
Fix archive creating LFS hooks and breaking pull requests (#28848)
When LFS hooks are present in gitea-repositories, operations like git
push for creating a pull request fail. These repositories are not meant
to include LFS files or git push them, that is handled separately. And
so they should not have LFS hooks.

Installing git-lfs on some systems (like Debian Linux) will
automatically set up /etc/gitconfig to create LFS hooks in repositories.
For most git commands in Gitea this is not a problem, either because
they run on a temporary clone or the git command does not create LFS
hooks.

But one case where this happens is git archive for creating repository
archives. To fix that, add a GIT_CONFIG_NOSYSTEM=1 to disable using the
system configuration for that command.

According to a comment, GIT_CONFIG_NOSYSTEM is not used for all git
commands because the system configuration can be intentionally set up
for Gitea to use.

Resolves #19810, #21148
2024-01-19 05:49:18 +00:00
yp05327 b60a7c3358
Return responseText instead of string in some functions (#28836)
Follow
https://github.com/go-gitea/gitea/pull/28796#issuecomment-1891727591
2024-01-19 10:45:23 +08:00
Lunny Xiao c8ba17c73f
Remove duplicated checkinit on git module (#28824)
`checkInit` has been invoked in `InitSimple`. So it's unnecessary to
invoke it twice in `InitFull`.
2024-01-17 09:56:00 +00:00
Viktor Kuzmin 49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
Lunny Xiao 930e38d010
Use refname:strip-2 instead of refname:short when syncing tags (#28797)
Fix #28694 

Generally, `refname:short` should be equal to `refname:lstrip=2` except
`core.warnAmbiguousRefs is used to select the strict abbreviation mode.`

ref:
https://git-scm.com/docs/git-for-each-ref#Documentation/git-for-each-ref.txt-refname
2024-01-16 08:13:07 +01:00
wxiaoguang b0e6c25535
Caller should check the ResponseExtra.HasError() first to see whether the request fails (#28796)
`resp != nil` doesn't mean the request really succeeded. Add a comment
for requestJSONResp to clarify the behavior.
2024-01-15 11:15:31 +00:00
KN4CK3R 637451a45e
Rework markup link rendering (#26745)
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary> 

https://try.gitea.io/KN4CK3R

![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 08:49:24 +00:00
yp05327 c7e4629c02
Fix nil pointer panic when exec some gitea cli command (#28791)
panic:

![image](https://github.com/go-gitea/gitea/assets/18380374/7fcde2ad-1d42-4b60-b120-3b60a8926e8e)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/49d9f0ca-e590-4a35-8ca2-1317d1b7c939)
2024-01-15 07:43:53 +00:00
Jimmy Praet 5d3fdd1212
Add branch protection setting for ignoring stale approvals (#28498)
Fixes #27114.

* In Gitea 1.12 (#9532), a "dismiss stale approvals" branch protection
setting was introduced, for ignoring stale reviews when verifying the
approval count of a pull request.
* In Gitea 1.14 (#12674), the "dismiss review" feature was added.
* This caused confusion with users (#25858), as "dismiss" now means 2
different things.
* In Gitea 1.20 (#25882), the behavior of the "dismiss stale approvals"
branch protection was modified to actually dismiss the stale review.

For some users this new behavior of dismissing the stale reviews is not
desirable.

So this PR reintroduces the old behavior as a new "ignore stale
approvals" branch protection setting.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 07:20:01 +00:00
Lunny Xiao 70c4aad8e1
Move more functions to db.Find (#28419)
Following #28220

This PR move more functions to use `db.Find`.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 02:19:25 +00:00
Yarden Shoham 5a7bacb005
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly defined (#28783)
So we don't warn on default behavior

- Fixes https://github.com/go-gitea/gitea/issues/28758
- Follows https://github.com/go-gitea/gitea/pull/28390

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2024-01-14 21:20:18 +01:00
Lunny Xiao 97292da960
Fix schedule tasks bugs (#28691)
Fix #28157 

This PR fix the possible bugs about actions schedule.

## The Changes

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-12 21:50:38 +00:00