Commit graph

274 commits

Author SHA1 Message Date
Gergely Nagy
75aa4c28f0 Fix user mention processing
When mentioning a user, the markup post-processor did not handle the
case where the mentioned user did not exist well: it tried to skip to
the next node, which in turn, ended up skipping the rest of the line.

To fix this, lets skip just the mentioned, but non-existing user, and
continue processing the current node from there.

Fixes #3535.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 9a01062ae2)
2024-04-30 12:28:49 +00:00
0ko
c7ba51518c s/Gitea/Forgejo in various log messages and comments
(cherry picked from commit 469c214ec8)
2024-04-22 14:41:17 +00:00
Mai-Lapyst
9641273b2b Fix panic where now a third link breaks everything
(cherry picked from commit acfae43253)
2024-04-20 10:24:54 +00:00
Mai-Lapyst
ae0615561a Fix issue where rendering stops after the first invalid parmalink
(cherry picked from commit e9eacdecd2)
2024-04-20 10:24:54 +00:00
Mai-Lapyst
9c81060eb9 Fix some edge cases; closes #3232
- Fixes wrong usage of AppURL
- Fixes wrong rendering with extra path segments when AppSubURL is empty
- Now also renders all links when 2+ permalinks are present

(cherry picked from commit 5b6b3f3fb3)
2024-04-20 10:24:54 +00:00
Mai-Lapyst
dbf1d06ff6 Fix inline permalinks across repo; closes #2965 (#3042)
This PR fixes the possible ambiguity of rendered inline permalinks across repos by adding it as a suffix to the title element if the permalink refers to a file not inside the current repository. Closes #2965

![grafik](/attachments/e70e37b8-24c7-4f7b-ab52-92f1e8dfb009)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3042
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
(cherry picked from commit 1d1c0131bb)
2024-04-12 22:38:57 +00:00
Giteabot
39bc868092
Fixes #27605: inline math blocks can't be preceeded/followed by alphanumerical characters (#30175) (#30251)
Backport #30175 by @jmlt2002

- Inline math blocks couldn't be preceeded or succeeded by
alphanumerical characters due to changes introduced in PR #21171.
Removed the condition that caused this (precedingCharacter condition)
and added a new exit condition of the for-loop that checks if a specific
'$' was escaped using '\' so that the math expression can be rendered as
intended.
- Additionally this PR fixes another bug where math blocks of the type
'$xyz$abc$' where the dollar sign was not escaped by the user, generated
an error (shown in the screenshots below)
- Altered the tests to accomodate for the changes

Former behaviour (from try.gitea.io):

![image](https://github.com/go-gitea/gitea/assets/114936010/8f0cbb21-321d-451c-b871-c67a8e1e9235)

Fixed behaviour (from my local build):

![image](https://github.com/go-gitea/gitea/assets/114936010/5c22687c-6f11-4407-b5e7-c14b838bc20d)

(Edit) Source code for the README.md file:
```
$x$ -$x$ $x$-

a$xa$ $xa$a 1$xb$ $xb$1

$a a$b b$

a$b $a a$b b$

$a a\$b b$
```

Signed-off-by: João Tiago <joao.leal.tintas@tecnico.ulisboa.pt>
Co-authored-by: João Tiago <114936010+jmlt2002@users.noreply.github.com>
(cherry picked from commit ac65aeecbd42ed30cc0838b3fad12b58daadf3ad)
2024-04-08 11:49:51 +02:00
Gusted
aefdf17a75 [BUG] Fix crash in issue forms
- Fix a crash in the issue forms, because `ctx.Ctx` was trying to be
accessed, however this is not set in all contexts thus could result to NPE.
- Adds integration test.
- Resolves #3011

(cherry picked from commit b0cd0ebb91)
2024-04-04 16:57:55 +00:00
Gusted
06e72e22d5 [BUG] Center icon and callout text
- Wrap the icon and callout into a seperate `<p>` which has `display:
flex; align-items: center` set. To center the icon with the callout text.
- Resolves #3006

(cherry picked from commit 6ffae461d4)
2024-04-04 12:18:32 +00:00
Mai-Lapyst
22aedc6c96
[v7.0/forgejo] Render inline file permalinks
Backport: https://codeberg.org/forgejo/forgejo/pulls/2669

(cherry picked from commit 1d3240887c)
(cherry picked from commit 781a37fbe1)
(cherry picked from commit 8309f008c2)
(cherry picked from commit fae8d9f70d)
(cherry picked from commit 6721cba75b)
(cherry picked from commit 562e5cdf32)
(cherry picked from commit d789d33229)
(cherry picked from commit 8218e80bfc)
(cherry picked from commit 10bca456a9)
(cherry picked from commit db6f6281fc)
(cherry picked from commit ed8e8a792e)
(cherry picked from commit d6428f92ce)
(cherry picked from commit 069d87b80f)
(cherry picked from commit 2b6546adc9)
(cherry picked from commit 4c7cb0a5d2)
(cherry picked from commit 7e0014dd13)
(cherry picked from commit 16a8658878)
(cherry picked from commit 6e98bacbbd)
2024-04-01 16:15:58 +02:00
Gusted
e428231b38 [BUG] Don't color dot literal color names
- Colordots are generated for colors in inline code, such as `red`,
`rgb(255, 0, 124)`, `#ffaabb` and `hsl(124, 52%, 50%)`. However this
shouldn't be doon for literal color names as these can be too common
assiocated with non-color related stuff _and matches the behavior of
some other forge_.
- Move the regexes from bluemonday to Forgejo and do the checking
ourselves.
- Adds unit tests.
- Resolves https://codeberg.org/Codeberg/Community/issues/1510
2024-03-30 22:12:40 +00:00
wxiaoguang
d4ea1c2559
Fix some pending problems (#29985)
These changes are quite independent and trivial, so I don't want to open
too many PRs.

* https://github.com/go-gitea/gitea/pull/29882#discussion_r1529607091
    * the `f.Close` should be called properly
* the error message could be more meaningful
(https://github.com/go-gitea/gitea/pull/29882#pullrequestreview-1942557935)
*
https://github.com/go-gitea/gitea/pull/29859#pullrequestreview-1942324716
    * the new translation strings don't take arguments
* https://github.com/go-gitea/gitea/pull/28710#discussion_r1443778807
    * stale for long time
*  #28140
    * a form was forgotten to be changed to work with backend code

(cherry picked from commit 226231ea27d4f2b0f09fa4efb39501507613b284)

Conflicts:
	templates/repo/issue/view_content/pull.tmpl
	discarded because unexplained
	templates/status/404.tmpl
	implemented differently in Forgejo
2024-03-26 19:04:26 +01:00
coldWater
664052fb0b
Fix missing error check of bufio.Scanner (#29882)
maybe more

(cherry picked from commit 0e183d81fc5283f9d2047472de580e4f04a046c1)
2024-03-26 19:04:25 +01:00
Earl Warren
af0bb6e68a Merge pull request '[port] gitea#29833: Refactor markdown attention render' (#2747) from algernon/forgejo:gitea/port/29833/refactor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2747
2024-03-23 19:44:45 +00:00
Gergely Nagy
d571a2c202
Remove some more dead code from the markup sanitizer
This removes some more dead code from the markup sanitizer:

- Allowing unlabelled labels is no longer neccessary as of
  41e8b834af.
- Allowing `style` attributes on `span` and `p` are no longer necessary,
  `bluemonday` allows them by default now.

Selectively cherry picked from commit 66902d89e567ab1ae6dfb828636999c61ff0149e.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-23 17:16:22 +01:00
Earl Warren
b5775f6d6e Merge pull request 'modules/markup/markdown/ast: Drop IsColorPreview' (#2746) from algernon/forgejo:gitea/cherry-pick/29833/dead-code-removal into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2746
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-23 15:25:08 +00:00
Gergely Nagy
58d4af8fdb
Refactor the GitHub Legacy callout renderer too
Following up on the previous commit, change the GitHub Legacy callout
renderer to render the same as the refactored modern renderer.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-23 15:38:43 +01:00
wxiaoguang
ec2201a3da
Refactor markdown attention render (#29833)
* Remove some deadcode
* Use 2-word name for CSS class names
* Remove "gt-*" rules for sanitizer

The UI doesn't change much.

(cherry picked from commit 66902d89e567ab1ae6dfb828636999c61ff0149e)
2024-03-23 15:38:43 +01:00
Gergely Nagy
8af8682f7d
modules/markup/markdown/ast: Drop IsColorPreview
The function isn't used anywhere, it's dead code. Remove it.

Partially cherry picked from commit 46c3f3b9e81e25c3ed08ba6c5bfeb8802b3ba1fd.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-23 14:47:15 +01:00
Yarden Shoham
20446ac6b3
Don't use <br /> in alert block (#29650)
- Follows https://github.com/go-gitea/gitea/pull/29121

When I implemented alert blocks I was always testing the markdown in
issue comments. I used `<br />` for line breaks and it looked good. I
have since learned that the markdown on README files doesn't allow these
tags. So a comment with

```md
> [!NOTE]
> If you're interested in using our APIs, we have experimental support with [documentation](https://try.gitea.io/api/swagger).
```

looked like this in a comment

![image](https://github.com/go-gitea/gitea/assets/20454870/96b1de01-2c87-4d4f-83dd-98192b83e9d0)
but looked like this in a README

![image](https://github.com/go-gitea/gitea/assets/20454870/474b636d-dd7a-4b7f-ba27-643803c71aa3)

So I changed how we render the alert block by having the alert itself
have a dedicated paragraph, so line breaks happen naturally between
paragraphs.

![image](https://github.com/go-gitea/gitea/assets/20454870/474b636d-dd7a-4b7f-ba27-643803c71aa3)

![image](https://github.com/go-gitea/gitea/assets/20454870/167a8d37-9a44-4479-9340-5dc80347b595)

![image](https://github.com/go-gitea/gitea/assets/20454870/2f99fec0-98ff-4ba8-97fe-b4567041ae79)

![image](https://github.com/go-gitea/gitea/assets/20454870/ffdeae11-fb06-4d00-b497-eae135f0d7ad)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-03-23 12:18:40 +01:00
coldWater
d413a8fcac
Refactor markup/csv: don't read all to memory (#29760)
(cherry picked from commit e79a807a8461a73bd66146d816f635b66e198c89)
2024-03-20 08:46:29 +01:00
KN4CK3R
024bfb7f34
Use relative links for commits, mentions, and issues in markdown (#29427)
Fixes #29404

Use relative links for
- commits
- mentions
- issues

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 85c59d6c21e10ef9d3ccf11713548f50e47e920f)
2024-03-20 08:46:28 +01:00
yp05327
b6e480fcbb
Fix inconsistent rendering of block mathematical expressions (#29677)
Fix #28735

GitHub render `\```math\``` ` as a block now.
Add `display` class will render it as a block.

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/2a1c20c7-438e-4ab1-8c66-cf91c8343087)

![image](https://github.com/go-gitea/gitea/assets/18380374/b81b8a93-8bca-46a5-b7db-e0d2f53e1342)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 8fc1a8f0eb642c574610a346e858d42c433ebe01)
2024-03-20 08:46:28 +01:00
yp05327
fb77784017
Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize (#29653)
Fix #29506

(cherry picked from commit 9dc8a6336edddca0f3f90392bbc398f4ceaeaf13)
2024-03-11 23:36:59 +07:00
KN4CK3R
8f55cf199d
Port "Fix wrong test usage of AppSubURL"
- Port of https://github.com/go-gitea/gitea/pull/29459
- The tests use an invalid `setting.AppSubURL`. The wrong behaviour
disturbs other PRs like https://github.com/go-gitea/gitea/pull/29222
and https://github.com/go-gitea/gitea/pull/29427.
2024-03-06 21:47:44 +01:00
Earl Warren
58bc3af08d
Refactor some Str2html code (followup)
* [BUG] Restrict when to make link absolute in markdown
2024-03-06 12:10:44 +08:00
wxiaoguang
68099f2f00
Refactor some Str2html code (#29397)
This PR touches the most interesting part of the "template refactoring".

1. Unclear variable type. Especially for "web/feed/convert.go":
sometimes it uses text, sometimes it uses HTML.
2. Assign text content to "RenderedContent" field, for example: `
project.RenderedContent = project.Description` in web/org/projects.go
3. Assign rendered content to text field, for example: `r.Note =
rendered content` in web/repo/release.go
4. (possible) Incorrectly calling `{{Str2html
.PackageDescriptor.Metadata.ReleaseNotes}}` in
package/content/nuget.tmpl, I guess the name Str2html misleads
developers to use it to "render string to html", but it only sanitizes.
if ReleaseNotes really contains HTML, then this is not a problem.

(cherry picked from commit e71eb8930a5d0f60874b038c223498b41ad65592)

Conflicts:
	modules/templates/util_string.go
	trivial context conflict
2024-03-06 12:10:44 +08:00
Gusted
65b9a959b8
[BUG] Restrict when to make link absolute in markdown
- In markdown, links are proccessed to be made absolute against the
relevant base in that context. Such that `./src` will be transformed
into `http://example.com/owner/repo/src/branch/main/src`.
- Don't try to make the link absolute if the link has a schema that's
defined in `[markdown].CUSTOM_URL_SCHEMES`, because they can't be made
absolute and doing so could lead to problems (see test case, double
slash was transformed to single slash).
- Adds unit test.
- Resolves https://codeberg.org/Codeberg/Community/issues/1489
2024-02-19 20:56:00 +01:00
Gusted
a2442793d2
[BUG] Fix relative links on orgmode
- For regular non-image nonvideo links, they should be made relative,
this was done against `r.Ctx.Links.Base`, but since 637451a45e, that
should instead be done by `SrcLink()` if there's branch information set
in the context, because branch and treepath information are no longer
set in `r.Ctx.Links.Base`.
- This is consistent with how #2166 _fixed_ relative links.
- Media is not affected, `TestRender_Media` test doesn't fail.
- Adds unit tests.
- Ref https://codeberg.org/Codeberg/Community/issues/1485
2024-02-18 21:09:35 +01:00
Gergely Nagy
b594188623
Restore compatibility with the legacy GitHub callout syntax
Although GitHub removed support for the legacy callout syntax, we don't
have to! Restore this support via another AST transformer.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 18:35:45 +01:00
Gergely Nagy
a177a5c4cb
modules/markup: Lift out the GitHub callout transformer
This lifts out the GitHub callout transformer from
`modules/markup/markdown/goldmark.go` to `callout/github.go`.

While there, clean up the transformer code:

- Use a map to look up supported callout types, rather than a regexp.
- Allow the callout type to be in any case, rather than just uppercase.
- Simplified `.Segment.Value()` to `.Text()`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 18:04:55 +01:00
Yarden Shoham
0b3193bbbe
Add alert blocks in markdown (#29121)
- Follows https://github.com/go-gitea/gitea/pull/21711
- Closes https://github.com/go-gitea/gitea/issues/28316

Implement GitHub's alert blocks markdown feature

Docs:
-
https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
- https://github.com/orgs/community/discussions/16925

### Before

![image](https://github.com/go-gitea/gitea/assets/20454870/14f7b02a-5de5-4fd0-8437-a055dadb31f2)

### After

![image](https://github.com/go-gitea/gitea/assets/20454870/ed06a869-e545-42f1-bf25-4ba20b1be196)

## ⚠️ BREAKING ⚠️

The old syntax no longer works

How to migrate:

If you used
```md
> **Note** My note
```

Switch to
```md
> [!NOTE]
> My note
```

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-17 18:04:55 +01:00
wxiaoguang
65248945c9
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.

(cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8)

Conflicts:
	modules/web/middleware/binding.go
	routers/web/feed/convert.go
	tests/integration/branches_test.go
	tests/integration/repo_branch_test.go
	trivial context conflicts
2024-02-16 15:20:52 +01:00
Gusted
2ed825c5be
[GITEA] Fix orgmode link resolver for text descriptions
- It's possible that the description of an `Regularlink` is `Text` and not
another `Regularlink`. Therefor if it's `Text`, convert it to an
`Regularlink` trough the 'old' behavior (pass it trough `org.String` and
trim `file:` prefix).
- Adds unit tests.
- Resolves https://codeberg.org/Codeberg/Community/issues/1430

(cherry picked from commit 385fc6ee6b)
2024-02-05 16:57:56 +01:00
Gusted
701882cc08
[GITEA] Add footnote testing
- This adds coverage to the most common and the edge cases of what the
footnote implementation should be capable of. This was partly done to
ensure no hidden surprises when changing the implementation, as markdown
rendering is one of the more important features of Forgejo.

(cherry picked from commit 16ecdb4170)
(cherry picked from commit 19dc5ef5e5)
(cherry picked from commit d5955efc0a)
(cherry picked from commit 2cdaf10836)
(cherry picked from commit 251b567794)

Conflicts:
	modules/markup/markdown/markdown_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2153
(cherry picked from commit f863f4b005)
(cherry picked from commit f39f108934)
(cherry picked from commit 6d46f9ee40)
2024-02-05 16:09:41 +01:00
Earl Warren
6b5bfffe5d
[GITEA] test markdown CleanValue to prevent regression
It will determine how anchors are created and will break existing
links otherwise.

Adapted from Revert "Make `user-content-* ` consistent with github (#26388)

(cherry picked from commit 1666fba8f5)
(cherry picked from commit 48f38280e8)
(cherry picked from commit 03adb3a2b4)
(cherry picked from commit a0ad36f0ad)
(cherry picked from commit 3aac990064)
(cherry picked from commit 137daabc9b)
(cherry picked from commit b438aed4c1)
(cherry picked from commit 90b36f2e67)
2024-02-05 16:09:41 +01:00
Earl Warren
7b79294684
[GITEA] Revert "Make user-content-* consistent with github (#26388)"
Refs: https://codeberg.org/forgejo/forgejo/issues/1943

This reverts commit d41aee1d1e.

(cherry picked from commit d29ec91e91)
(cherry picked from commit a0f5a9750e)
(cherry picked from commit 26bfc3bc14)
(cherry picked from commit 59f57a1bc9)
(cherry picked from commit ce3b73a033)
(cherry picked from commit 2c426c28af)
(cherry picked from commit 155a08bca7)
(cherry picked from commit 8934fd895c)
2024-02-05 16:09:41 +01:00
Gusted
e1a82a15d3
[GITEA] Require Latex code to have a end sequence
- Currently the parser will look for `\[` and `$$` to detect when Latex
code starts, it will look for `\]` and `$$` respectively in order to
determine the end of the code. However if no end is found the parser
assumes the rest of the input is part of the Latex code.
- Adjust the parser's behavior to not allow the case to assume the rest
of the input is part of the Latex code and requires in order to
determine if some input is Latex code that the end sequence is also
specified.
- Example: `\[hello]` would no longer be detected as Latex code with
this patch.
- Added unit tests.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1817

(cherry picked from commit 452aef1bb1)
(cherry picked from commit 8a857c24b0)
(cherry picked from commit acd1456db9)
(cherry picked from commit 6523b45073)
(cherry picked from commit e2e1a8afe7)
(cherry picked from commit a46ef652eb)
(cherry picked from commit 54d5a8c073)
(cherry picked from commit 4a88dc6416)
(cherry picked from commit f88b58be3f)
(cherry picked from commit 316ff9767f)
2024-02-05 16:09:41 +01:00
silverwind
a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
KN4CK3R
01acd1eea3
Strip / from relative links (#28932)
Fixes #28915

Restores the old behaviour:

https://github.com/go-gitea/gitea/pull/26745/files#diff-d78a9d361b1fddc12218e4dd42f42d39d6be1fda184041e06bb6fb30f0d94c59L96
2024-01-27 11:36:01 +08:00
KN4CK3R
c46316f7ae
Respect branch info for relative links (#28909)
Fix #28904

Co-authored-by: Giteabot <teabot@gitea.io>
2024-01-25 09:54:44 +01:00
Adam Majer
d68a613ba8
Add support for sha256 repositories (#23894)
Currently only SHA1 repositories are supported by Gitea. This adds
support for alternate SHA256 with the additional aim of easier support
for additional hash types in the future.

Fixes: #13794
Limited by: https://github.com/go-git/go-git/issues/899
Depend on: #28138

<img width="776" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/5448c9a7-608e-4341-a149-5dd0069c9447">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 17:05:02 +01:00
KN4CK3R
637451a45e
Rework markup link rendering (#26745)
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary> 

https://try.gitea.io/KN4CK3R

![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 08:49:24 +00:00
Brecht Van Lommel
12c0487e01
Make cross-reference issue links work in markdown documents again (#28682)
In #26365 issue references were disabled entirely for documents,
intending to match GitHub behavior. However cross-references do appear
to work in documents on GitHub.

This is useful for example to write release notes in a markdown document
and reference issues. While the simpler syntax may create links when not
intended, hopefully the cross-reference syntax is unique enough to avoid
it.
2024-01-03 14:01:12 +08:00
wxiaoguang
e4a24d6727
Fix the issue ref rendering for wiki (#28556)
Fix #28526, regression of 
* #26365

(although the author of #26365 has recent activities, but there is no
response for the regression, so I proposed this quick fix and keep the
fix simple to make it easier to backport to 1.21)
2023-12-20 14:11:59 +00:00
wxiaoguang
20929edc99
Add option to disable ambiguous unicode characters detection (#28454)
* Close #24483
* Close #28123
* Close #23682
* Close #23149

(maybe more)
2023-12-17 14:38:54 +00:00
Earl Warren
1075ff74b5
Use restricted sanitizer for repository description (#28141)
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit 631c87cc23)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-23 16:34:25 +00:00
Yarden Shoham
1c0566f66d
Render email addresses as such if followed by punctuation (#27987)
Added the following characters to the regular expression for the email:

- ,
- ;
- ?
- !

Also added a test case.

- Fixes #27616 

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/c57eac26-f281-43ef-a51d-9c9a81b63efa)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/fc7d5c08-4350-4af0-a7f0-d1444d2d75af)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-11-11 05:08:19 +01:00
KN4CK3R
481e738e7f
Remove title from elements on Org mode (#27968)
The Org mode rendering has some problems:
1.  `[[https://example.com][pre https://example.com/example.mp4 post]]`
 renders as
`<p><a href="https://example.com" title="pre <video
src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post">pre <video src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post</a></p>`
As you can see, the `title` attribute contains the inner html in
unescaped form. I removed the `title` attribute because it is of little
value.
3. The `title` attribute on `img` and `video` is of little value.
4. The inner elements of `video` are different depending on the `if`.
2023-11-10 01:45:13 +00:00
silverwind
ce83609ff6
Upgrade to golangci-lint@v1.55.0 (#27756)
https://github.com/golangci/golangci-lint/releases/tag/v1.55.0
2023-10-24 02:54:59 +00:00