Commit graph

18082 commits

Author SHA1 Message Date
Earl Warren 3471adb14a Merge pull request '[FEAT] Enable ambiguous character detection in configured contexts' (#2427) from gusted/forgejo-ambigious-characters into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2427
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-24 12:25:31 +00:00
Earl Warren bc8d61d12e Merge pull request '[FEAT] Restrict file size of blame operation' (#2395) from gusted/forgejo-blame-restrict into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2395
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 23:17:02 +00:00
Lucas Hinderberger a4b0c0edc5 Fixes #2452 - Skipping SHA256 tests if unsupported
The test suite was broken e.g. on Debian 12 due to requiring a very
recent version of Git installed on the system. This commit skips SHA256
tests in the git module, if a Git version older than 2.42 or gogit is used.
2024-02-24 00:14:24 +01:00
Gusted f0ed6de89d
[FEAT] Check if commit is already present in target branch
- Check if someone is (accidentally) trying to create a pull request via
AGit with changes already in the target branch and fail if that is the
case.
- Added integration test.
2024-02-23 21:42:15 +01:00
Panagiotis "Ivory" Vasilopoulos bf7fb89178 [UI] Agit: Add AGit label to AGit-created PRs
Adds a label to Pull Requests that were created using AGit-Flow,
in order to prevent situations where a contributor uses AGit-Flow
to push new changes - only to realize that they did not use AGit-Flow
in the first place, and that they just opened a new PR accidentally
(that was me).

Also intended to raise general awareness about the feature. Some
additional work, such as adding a tooltip, still needs to be
done.

A small typo fix for a comment and (exclusively) formatting fixes
in the copyright header are also included.

Refs: https://codeberg.org/forgejo/forgejo/issues/2433
2024-02-23 21:09:08 +01:00
Gusted f304441341
[BUG] Fix diff patch operation in web UI
- The form used by the diff patch operation requires that the value of
`tree_path` is set, even though it's not used. Set it to `patch` so this
feature can be used again.
- Regression of 08fe6f8c7e.
2024-02-23 17:40:44 +01:00
Earl Warren b8563acedb Merge pull request '[CI] name the test release after the latest v*-dev tag' (#2448) from earl-warren/forgejo:wip-release-number into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2448
2024-02-23 16:31:51 +00:00
Earl Warren 2762dd9597
[CI] name the test release after the latest v*-dev tag
Also ignore the *-test tags when figuring out the Forgejo version,
they exist in the integration repository and experimental repository
for daily releases.
2024-02-23 15:37:46 +01:00
Earl Warren 6531d765a0 Merge pull request 'Fixes & Improvements for English locale' (#2437) from 0ko/forgejo:english240222 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2437
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-23 12:22:51 +00:00
Gusted 5b3a82d621
[FEAT] Enable ambiguous character detection in configured contexts
- The ambiguous character detection is an important security feature to
combat against sourcebase attacks (https://trojansource.codes/).
- However there are a few problems with the feature as it stands
today (i) it's apparantly an big performance hitter, it's twice as slow
as syntax highlighting (ii) it contains false positives, because it's
reporting valid problems but not valid within the context of a
programming language (ambiguous charachters in code comments being a
prime example) that can lead to security issues (iii) charachters from
certain languages always being marked as ambiguous. It's a lot of effort
to fix the aforementioned issues.
- Therefore, make it configurable in which context the ambiguous
character detection should be run, this avoids running detection in all
contexts such as file views, but still enable it in commits and pull
requests diffs where it matters the most. Ideally this also becomes an
per-repository setting, but the code architecture doesn't allow for a
clean implementation of that.
- Adds unit test.
- Adds integration tests to ensure that the contexts and instance-wide
is respected (and that ambigious charachter detection actually work in
different places).
- Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547
- Ref: https://codeberg.org/forgejo/forgejo/issues/564
2024-02-23 13:12:17 +01:00
Earl Warren 894a0eff9f Merge pull request 'Artifact deletion: port of gitea#27172 and gitea#29241' (#2431) from algernon/forgejo:gitea-port/artifact-deletion into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2431
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 12:00:03 +00:00
Earl Warren f47c17d532 Merge pull request '[REFACTOR] Simplify converting struct to map in admin stats' (#2442) from gusted/forgejo-admin-stats into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2442
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 11:32:17 +00:00
Gergely Nagy 98943fdb43
tests: Add a basic test for artifact deletion
Adds a very bare-bones test for artifact deletion. It does not exercise
the functionality itself, just the presence of the functionality.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-23 09:24:43 +01:00
FuXiaoHei 7f64e4d2a3
Expire artifacts before deleting them physically (#29241)
https://github.com/go-gitea/gitea/pull/27172#discussion_r1493735466

When cleanup artifacts, it removes storage first. If storage is not
exist (maybe delete manually), it gets error and continue loop. It makes
a dead loop if there are a lot pending but non-existing artifacts.

Now it updates db record at first to avoid keep a lot of pending status
artifacts.
2024-02-23 09:06:14 +01:00
FuXiaoHei c551d3f3ab
Artifact deletion in actions ui (#27172)
Add deletion link in runs view page.
Fix #26315

![image](https://github.com/go-gitea/gitea/assets/2142787/aa65a4ab-f434-4deb-b953-21e63c212033)

When click deletion button. It marks this artifact `need-delete`.

This artifact would be deleted when actions cleanup cron task.
2024-02-23 09:06:14 +01:00
Earl Warren c47e6ceb82 Merge pull request '[FEAT] repo search using git grep' (#1594) from snematoda/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1594
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-22 22:21:44 +00:00
Panagiotis "Ivory" Vasilopoulos 62f3ff6074 [UI] Actions: I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
2024-02-22 22:31:26 +01:00
Panagiotis "Ivory" Vasilopoulos 2a0a5c6ec0 [UI] Actions: Oops, forgot to lint the tests. 2024-02-22 22:26:11 +01:00
Gusted f68bc0ec6a
[REFACTOR] Simplify converting struct to map in admin stats
- Instead of relying on JSON to convert the struct to map, use
`reflect` to do this conversion. Also simplify it a bit by only passing
one variable to the template.
- This avoids issues where the conversion to JSON causes changes in
the value, for example huge numbers are converted to its scientific
notation but are consequently not converted back when being displayed.
- Adds unit tests.
- Resolves an issue where the amount of comments is being displayed in
scientific notation on Codeberg.
2024-02-22 22:25:19 +01:00
Panagiotis "Ivory" Vasilopoulos 785f336c12 [UI] Actions: Improve frontend testing 2024-02-22 22:12:44 +01:00
Earl Warren ec1b64637e Merge pull request 'Do not run e2e tests in parallel' (#2440) from maltejur/forgejo:e2e_parallel into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2440
2024-02-22 18:57:05 +00:00
Earl Warren c06af395af Merge pull request 'Enable e2e testing on Firefox' (#2439) from maltejur/forgejo:e2e_firefox into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2439
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-22 18:56:29 +00:00
Malte Jürgens 9018b4c9fe
Enable e2e testing on Firefox 2024-02-22 19:27:03 +01:00
Malte Jürgens e8585eff5c
Do not run e2e tests in parallel 2024-02-22 19:26:25 +01:00
0ko e5b5585ee2 Fixes & Improvements for English locale 2024-02-22 22:33:22 +05:00
Earl Warren e7a97a39a6 Merge pull request '[TESTS] verify sanitization of names to prevent XSS' (#2435) from earl-warren/forgejo:wip-xss into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2435
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-22 16:06:38 +00:00
Gusted ca798e4cc2
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
2024-02-22 15:33:20 +01:00
Earl Warren 6f41188ac1 Merge pull request '[RELEASE] v1.21.6-0 release notes' (#2410) from earl-warren/forgejo:wip-release-notes-1.21 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2410
2024-02-22 14:08:00 +00:00
Gusted 565e331238
[SECURITY] Test XSS in wiki last commit information
On the wiki and revisions page, information is shown about the last
commit that modified that wiki page. This includes the time it was last
edited and by whom. Verify it is sanitized.
2024-02-22 15:03:15 +01:00
Earl Warren 704615fa65
[RELEASE] v1.21.6-0 release notes
Refs: https://codeberg.org/forgejo/forgejo/issues/2408
2024-02-22 14:22:32 +01:00
Panagiotis "Ivory" Vasilopoulos 1668904513 [UI] Actions: Link to Workflow in View 2024-02-22 13:18:06 +01:00
Earl Warren 2f5b266cca Merge pull request 'Add e2e debug server' (#2423) from maltejur/forgejo:e2e_debugserver into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2423
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 20:34:06 +00:00
Malte Jürgens 5c67c34ce8
Add e2e debug server
This adds the ability to run `make test-e2e-debugserver` to start a
forgejo server pupulated with the test data from `models/fixtures`. This
is particularly useful for debugging the e2e tests with a external tool,
such as the Playwright extension for VSCode [1].

[1] https://open-vsx.org/extension/ms-playwright/playwright
2024-02-21 20:47:57 +01:00
Earl Warren 3be80c9e95 Merge pull request '[THEMES] Port console colors' (#2419) from gusted/forgejo-port-css into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2419
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 14:39:50 +00:00
Codeberg Translate 0081e59243 [I18N] Translations update from Weblate (#2384)
Translations update from [Weblate](https://translate.codeberg.org) for [Forgejo/forgejo](https://translate.codeberg.org/projects/forgejo/forgejo/).

Current translation status:

![Weblate translation status](https://translate.codeberg.org/widget/forgejo/forgejo/horizontal-auto.svg)

Co-authored-by: earl-warren <contact@earl-warren.org>
Co-authored-by: Kaede Fujisaki <psi@7io.org>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Wuzzy <wuzzy@disroot.org>
Co-authored-by: meskobalazs <meskobalazs@fsf.hu>
Co-authored-by: Xinayder <me+codeberg@aoalmeida.com>
Co-authored-by: Anonymous <noreply@weblate.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Salif Mehmed <mail@salif.eu>
Co-authored-by: Dirk <dirk@0x7be.de>
Co-authored-by: fnetX <otto@codeberg.org>
Co-authored-by: Squeljur <squeljur+git@gmail.com>
Co-authored-by: noureddin <noureddin@protonmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2384
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
2024-02-21 13:36:00 +00:00
Earl Warren 9daf97b46e Merge pull request '[BUG] Initalize Git for hook regeneration' (#2416) from gusted/forgejo-init-git into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2416
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:29:02 +00:00
Earl Warren 726ce5e3f9 Merge pull request '[BUG] Load AllUnitsEnabled when necessary' (#2420) from gusted/forgejo-add-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2420
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:25:38 +00:00
Michael Kriese 849de07064 feat(xorm): add max idle time setting for db connections (#2418)
Add a new optional `CONN_MAX_IDLETIME`[^1]

This allows to set the `SetConnMaxIdleTime` on `database/sql`.
It's useful to allow to close more idle connections to reduce database connections, especially on postgresql.
For me i would like to use it to set a higher max idle connections but they will all be closed after being idle.
So also the last idle connection will be closed when there is no load on forgejo.
I also use it with max connection lifetime, because currently `database/sql` doesn't detect a postgresql master change[^2] and i'll get `[E] can't update runner status: pq: cannot execute UPDATE in a read-only transaction`[^3] on forgejo until the connection is closed.

[^1]: https://pkg.go.dev/database/sql#DB.SetConnMaxIdleTime
[^2]: https://stackoverflow.com/questions/51858659/how-to-safely-discard-golang-database-sql-pooled-connections-for-example-when-t
[^3]: https://matrix.to/#/!zpNKWqkiEOyljSMQDK:matrix.org/$_AJft_amsGn5hXGOYw75JoBJQnW3aKJEpb-Iw53L_TU?via=schinas.net&via=matrix.org&via=nitro.chat

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2418
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2024-02-21 12:17:16 +00:00
Gusted 6fbfe441de
[BUG] Load AllUnitsEnabled when necessary
- In order to determine if the "Add more..." tab should be shown, the
template has to know if the repository has all units enabled, this is
done in the repository header which can be shown for quite a lot of
pages (code, issues, projects, actions etc.)
- This was previously set in the `RepoRefByType` function, which would
be called by pages such as code, issues and releases, but it was not
being called for all pages such as actions, packages and wiki. Which
would in turn incorrectly show the "Add more..." button when it
shouldn't.
- Now call it from the template itself, so the value is 'always' loaded
when necessary.
2024-02-21 12:48:26 +01:00
Gusted c6d366e283
[THEMES] Port console colors
- Port 1fd7e3d6be to the Forgejo themes,
they are a copy paste, but have a bit darker console background color to
have better contrast and match better with the overal Forgejo dark
theme's shade.
2024-02-21 12:19:15 +01:00
Gusted 815abad84c
[BUG] Initalize Git for hook regeneration
- The hook regeneration code relies on `git.SupportProcReceive` being
set to determine if the `proc-receive` hook should be written, this
variable is set when the git module is initialized.
- Resolves #2414
2024-02-20 19:39:50 +01:00
Shiny Nematoda 51fb6f3983 [FEAT] add fallback repo search using git grep 2024-02-20 13:00:34 +00:00
Earl Warren 0533022d63 Merge pull request '[gitea] cherry-pick' (#2397) from earl-warren/forgejo:wip-gitea-cherry-pick into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2397
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-19 23:03:10 +00:00
Gusted f128b6efc9 Merge pull request '[BUG] Restrict when to make link absolute in markdown' (#2403) from gusted/forgejo-custom-url into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2403
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-02-19 22:16:23 +00:00
Şahin Akkaya 8125fe0634
Deduplicate translations for contributors graph (#29256)
I have implemented three graph pages
([contributors](https://github.com/go-gitea/gitea/pull/27882), [code
frequency](https://github.com/go-gitea/gitea/pull/29191) and [recent
commits](https://github.com/go-gitea/gitea/pull/29210)) and they have
all same page title as the tab name so I decided to use same
translations for them. This PR is for contributors graph. Other PR's
have their own respective commits.

(cherry picked from commit 39a77d92d9677b0a0049cb8696960d6d2ac052d6)
2024-02-19 22:58:33 +01:00
wxiaoguang c7c20ff5ab
Remove DataRaceCheck (#29258)
Since #26254, it started using `{{ctx.Locale.Tr ...}}`

Now the `ctx` seems stable enough, so the check could be removed.

(cherry picked from commit 567a68a0bf78c8d70f08c8ab948fdbb455225aa9)
2024-02-19 22:58:33 +01:00
Johan Van de Wauw 5fffab8d9d
Fix c/p error in inline documentation (#29148)
Fix small copy/paste error in inline documentation

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 740c6a226c4df26432641018fbfd9186977d573f)
2024-02-19 22:58:33 +01:00
KN4CK3R 369fe56966
Show commit status for releases (#29149)
Fixes #29082

![grafik](https://github.com/go-gitea/gitea/assets/1666336/bb2ccde1-ee99-459d-9e74-0fb8ea79e8b3)

(cherry picked from commit 7e8ff709401d09467c3eee7c69cd9600d26a97a3)
2024-02-19 22:58:33 +01:00
Markus Amshove b1d66f50fb
Disallow merge when required checked are missing (#29143)
fixes #21892

This PR disallows merging a PR when not all commit status contexts
configured in the branch protection are met.

Previously, the PR was happy to merge when one commit status was
successful and the other contexts weren't reported.

Any feedback is welcome, first time Go :-)
I'm also not sure if the changes in the template break something else

Given the following branch protection:

![branch_protection](https://github.com/go-gitea/gitea/assets/2401875/f871b4e4-138b-435a-b496-f9ad432e3dec)

This was shown before the change:

![before](https://github.com/go-gitea/gitea/assets/2401875/60424ff0-ee09-4fa0-856e-64e6e3fb0612)

With the change, it is now shown as this:

![after](https://github.com/go-gitea/gitea/assets/2401875/4e464142-efb1-4889-8166-eb3be26c8f3d)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a11ccc9fcd61fb25ffb1c37b87a0df4ee9efd84e)
2024-02-19 22:58:33 +01:00
Jason Song e96e1beded
Do not use lower tag names to find releases/tags (#29261)
Fix #26090, see
https://github.com/go-gitea/gitea/issues/26090#issuecomment-1952013206

Since `TagName` stores the original tag name and `LowerTagName` stores
the lower tag name, it doesn't make sense to use lowercase tags as
`TagNames` in `FindReleasesOptions`.

5e72526da4/services/repository/push.go (L396-L397)

While the only other usage looks correct:

5e72526da4/routers/web/repo/repo.go (L416)
(cherry picked from commit 0ea8de2d0729e1e1d0ea9de1e59fbcb673e87fd2)
2024-02-19 22:58:33 +01:00