Commit graph

19592 commits

Author SHA1 Message Date
Earl Warren
ef1d579c41 Merge pull request '[UI] Agit: Add AGit label to AGit-created PRs' (#2444) from n0toose/agit-indicator into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2444
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-25 14:48:09 +00:00
Gusted
490b81a8ed Merge pull request 'Move permission check from ArtifactsDeleteView to the route' (#2464) from algernon/forgejo:gitea-port/artifact-deletion/refactor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2464
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-25 14:15:03 +00:00
0ko
a748ba70a8 10-year old images are gone 2024-02-25 18:13:59 +05:00
0ko
e34ead7a46 [I18N] eliminate wrapping quotes 2024-02-25 17:03:09 +05:00
Gergely Nagy
0ea021c8c9
Allow instance-wide disabling of forking
For small, personal self-hosted instances with no user signups, the fork
button is just a noise. This patch allows disabling them like stars can
be disabled too.

Disabling forks does not only remove the buttons from the web UI, it
also disables the routes that could be used to create forks.

Fixes #2441.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-25 12:00:17 +01:00
0ko
186f1f5669 [THEME] refactor display of 404/500 error pages 2024-02-25 15:59:12 +05:00
Gergely Nagy
9372bdd4a3
Move permission check from ArtifactsDeleteView to the route
As suggested by @Gusted in #2431, move the permission checking from
`ArtifactsDeleteView` into the route instead, where it belongs.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-25 10:52:11 +01:00
Earl Warren
8a5a7a88be
[REFACTOR] cli: prepareWorkPathAndCustomConf is not just for actions
Split prepareWorkPathAndCustomConf out of the actions sub-command.

In the CLI prepareWorkPathAndCustomConf is a preparation step that is
needed before running the sub-command actions in the Forgejo CLI. It
is currently specific to this sub-command but it will be useful for
other sub-commands such as F3.
2024-02-25 09:54:25 +01:00
Earl Warren
b7ea2ea463 Merge pull request 'Fixes #2452 - Skipping SHA256 tests if unsupported' (#2456) from lhinderberger/forgejo:2452-skip-sha256-if-unsupported into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2456
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-24 16:55:05 +00:00
Lucas Hinderberger
c8ae3498e7 gofmt-ed modules/git/utils_test.go due to linter 2024-02-24 15:53:38 +01:00
Earl Warren
3471adb14a Merge pull request '[FEAT] Enable ambiguous character detection in configured contexts' (#2427) from gusted/forgejo-ambigious-characters into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2427
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-24 12:25:31 +00:00
Earl Warren
bc8d61d12e Merge pull request '[FEAT] Restrict file size of blame operation' (#2395) from gusted/forgejo-blame-restrict into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2395
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 23:17:02 +00:00
Lucas Hinderberger
a4b0c0edc5 Fixes #2452 - Skipping SHA256 tests if unsupported
The test suite was broken e.g. on Debian 12 due to requiring a very
recent version of Git installed on the system. This commit skips SHA256
tests in the git module, if a Git version older than 2.42 or gogit is used.
2024-02-24 00:14:24 +01:00
Gusted
f0ed6de89d
[FEAT] Check if commit is already present in target branch
- Check if someone is (accidentally) trying to create a pull request via
AGit with changes already in the target branch and fail if that is the
case.
- Added integration test.
2024-02-23 21:42:15 +01:00
Panagiotis "Ivory" Vasilopoulos
bf7fb89178 [UI] Agit: Add AGit label to AGit-created PRs
Adds a label to Pull Requests that were created using AGit-Flow,
in order to prevent situations where a contributor uses AGit-Flow
to push new changes - only to realize that they did not use AGit-Flow
in the first place, and that they just opened a new PR accidentally
(that was me).

Also intended to raise general awareness about the feature. Some
additional work, such as adding a tooltip, still needs to be
done.

A small typo fix for a comment and (exclusively) formatting fixes
in the copyright header are also included.

Refs: https://codeberg.org/forgejo/forgejo/issues/2433
2024-02-23 21:09:08 +01:00
Gusted
f304441341
[BUG] Fix diff patch operation in web UI
- The form used by the diff patch operation requires that the value of
`tree_path` is set, even though it's not used. Set it to `patch` so this
feature can be used again.
- Regression of 08fe6f8c7e.
2024-02-23 17:40:44 +01:00
Earl Warren
b8563acedb Merge pull request '[CI] name the test release after the latest v*-dev tag' (#2448) from earl-warren/forgejo:wip-release-number into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2448
2024-02-23 16:31:51 +00:00
Earl Warren
2762dd9597
[CI] name the test release after the latest v*-dev tag
Also ignore the *-test tags when figuring out the Forgejo version,
they exist in the integration repository and experimental repository
for daily releases.
2024-02-23 15:37:46 +01:00
Earl Warren
6531d765a0 Merge pull request 'Fixes & Improvements for English locale' (#2437) from 0ko/forgejo:english240222 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2437
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-23 12:22:51 +00:00
Gusted
5b3a82d621
[FEAT] Enable ambiguous character detection in configured contexts
- The ambiguous character detection is an important security feature to
combat against sourcebase attacks (https://trojansource.codes/).
- However there are a few problems with the feature as it stands
today (i) it's apparantly an big performance hitter, it's twice as slow
as syntax highlighting (ii) it contains false positives, because it's
reporting valid problems but not valid within the context of a
programming language (ambiguous charachters in code comments being a
prime example) that can lead to security issues (iii) charachters from
certain languages always being marked as ambiguous. It's a lot of effort
to fix the aforementioned issues.
- Therefore, make it configurable in which context the ambiguous
character detection should be run, this avoids running detection in all
contexts such as file views, but still enable it in commits and pull
requests diffs where it matters the most. Ideally this also becomes an
per-repository setting, but the code architecture doesn't allow for a
clean implementation of that.
- Adds unit test.
- Adds integration tests to ensure that the contexts and instance-wide
is respected (and that ambigious charachter detection actually work in
different places).
- Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547
- Ref: https://codeberg.org/forgejo/forgejo/issues/564
2024-02-23 13:12:17 +01:00
Earl Warren
894a0eff9f Merge pull request 'Artifact deletion: port of gitea#27172 and gitea#29241' (#2431) from algernon/forgejo:gitea-port/artifact-deletion into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2431
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 12:00:03 +00:00
Earl Warren
f47c17d532 Merge pull request '[REFACTOR] Simplify converting struct to map in admin stats' (#2442) from gusted/forgejo-admin-stats into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2442
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 11:32:17 +00:00
Gergely Nagy
98943fdb43
tests: Add a basic test for artifact deletion
Adds a very bare-bones test for artifact deletion. It does not exercise
the functionality itself, just the presence of the functionality.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-23 09:24:43 +01:00
FuXiaoHei
7f64e4d2a3
Expire artifacts before deleting them physically (#29241)
https://github.com/go-gitea/gitea/pull/27172#discussion_r1493735466

When cleanup artifacts, it removes storage first. If storage is not
exist (maybe delete manually), it gets error and continue loop. It makes
a dead loop if there are a lot pending but non-existing artifacts.

Now it updates db record at first to avoid keep a lot of pending status
artifacts.
2024-02-23 09:06:14 +01:00
FuXiaoHei
c551d3f3ab
Artifact deletion in actions ui (#27172)
Add deletion link in runs view page.
Fix #26315

![image](https://github.com/go-gitea/gitea/assets/2142787/aa65a4ab-f434-4deb-b953-21e63c212033)

When click deletion button. It marks this artifact `need-delete`.

This artifact would be deleted when actions cleanup cron task.
2024-02-23 09:06:14 +01:00
Earl Warren
c47e6ceb82 Merge pull request '[FEAT] repo search using git grep' (#1594) from snematoda/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1594
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-22 22:21:44 +00:00
Panagiotis "Ivory" Vasilopoulos
62f3ff6074 [UI] Actions: I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
2024-02-22 22:31:26 +01:00
Panagiotis "Ivory" Vasilopoulos
2a0a5c6ec0 [UI] Actions: Oops, forgot to lint the tests. 2024-02-22 22:26:11 +01:00
Gusted
f68bc0ec6a
[REFACTOR] Simplify converting struct to map in admin stats
- Instead of relying on JSON to convert the struct to map, use
`reflect` to do this conversion. Also simplify it a bit by only passing
one variable to the template.
- This avoids issues where the conversion to JSON causes changes in
the value, for example huge numbers are converted to its scientific
notation but are consequently not converted back when being displayed.
- Adds unit tests.
- Resolves an issue where the amount of comments is being displayed in
scientific notation on Codeberg.
2024-02-22 22:25:19 +01:00
Panagiotis "Ivory" Vasilopoulos
785f336c12 [UI] Actions: Improve frontend testing 2024-02-22 22:12:44 +01:00
Earl Warren
ec1b64637e Merge pull request 'Do not run e2e tests in parallel' (#2440) from maltejur/forgejo:e2e_parallel into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2440
2024-02-22 18:57:05 +00:00
Earl Warren
c06af395af Merge pull request 'Enable e2e testing on Firefox' (#2439) from maltejur/forgejo:e2e_firefox into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2439
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-22 18:56:29 +00:00
Malte Jürgens
9018b4c9fe
Enable e2e testing on Firefox 2024-02-22 19:27:03 +01:00
Malte Jürgens
e8585eff5c
Do not run e2e tests in parallel 2024-02-22 19:26:25 +01:00
0ko
e5b5585ee2 Fixes & Improvements for English locale 2024-02-22 22:33:22 +05:00
Earl Warren
e7a97a39a6 Merge pull request '[TESTS] verify sanitization of names to prevent XSS' (#2435) from earl-warren/forgejo:wip-xss into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2435
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-22 16:06:38 +00:00
Gusted
ca798e4cc2
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
2024-02-22 15:33:20 +01:00
Earl Warren
6f41188ac1 Merge pull request '[RELEASE] v1.21.6-0 release notes' (#2410) from earl-warren/forgejo:wip-release-notes-1.21 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2410
2024-02-22 14:08:00 +00:00
Gusted
565e331238
[SECURITY] Test XSS in wiki last commit information
On the wiki and revisions page, information is shown about the last
commit that modified that wiki page. This includes the time it was last
edited and by whom. Verify it is sanitized.
2024-02-22 15:03:15 +01:00
Earl Warren
704615fa65
[RELEASE] v1.21.6-0 release notes
Refs: https://codeberg.org/forgejo/forgejo/issues/2408
2024-02-22 14:22:32 +01:00
Panagiotis "Ivory" Vasilopoulos
1668904513 [UI] Actions: Link to Workflow in View 2024-02-22 13:18:06 +01:00
Earl Warren
2f5b266cca Merge pull request 'Add e2e debug server' (#2423) from maltejur/forgejo:e2e_debugserver into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2423
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 20:34:06 +00:00
Malte Jürgens
5c67c34ce8
Add e2e debug server
This adds the ability to run `make test-e2e-debugserver` to start a
forgejo server pupulated with the test data from `models/fixtures`. This
is particularly useful for debugging the e2e tests with a external tool,
such as the Playwright extension for VSCode [1].

[1] https://open-vsx.org/extension/ms-playwright/playwright
2024-02-21 20:47:57 +01:00
Earl Warren
3be80c9e95 Merge pull request '[THEMES] Port console colors' (#2419) from gusted/forgejo-port-css into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2419
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 14:39:50 +00:00
Codeberg Translate
0081e59243 [I18N] Translations update from Weblate (#2384)
Translations update from [Weblate](https://translate.codeberg.org) for [Forgejo/forgejo](https://translate.codeberg.org/projects/forgejo/forgejo/).

Current translation status:

![Weblate translation status](https://translate.codeberg.org/widget/forgejo/forgejo/horizontal-auto.svg)

Co-authored-by: earl-warren <contact@earl-warren.org>
Co-authored-by: Kaede Fujisaki <psi@7io.org>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Wuzzy <wuzzy@disroot.org>
Co-authored-by: meskobalazs <meskobalazs@fsf.hu>
Co-authored-by: Xinayder <me+codeberg@aoalmeida.com>
Co-authored-by: Anonymous <noreply@weblate.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Salif Mehmed <mail@salif.eu>
Co-authored-by: Dirk <dirk@0x7be.de>
Co-authored-by: fnetX <otto@codeberg.org>
Co-authored-by: Squeljur <squeljur+git@gmail.com>
Co-authored-by: noureddin <noureddin@protonmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2384
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
2024-02-21 13:36:00 +00:00
Earl Warren
9daf97b46e Merge pull request '[BUG] Initalize Git for hook regeneration' (#2416) from gusted/forgejo-init-git into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2416
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:29:02 +00:00
Earl Warren
726ce5e3f9 Merge pull request '[BUG] Load AllUnitsEnabled when necessary' (#2420) from gusted/forgejo-add-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2420
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:25:38 +00:00
Michael Kriese
849de07064 feat(xorm): add max idle time setting for db connections (#2418)
Add a new optional `CONN_MAX_IDLETIME`[^1]

This allows to set the `SetConnMaxIdleTime` on `database/sql`.
It's useful to allow to close more idle connections to reduce database connections, especially on postgresql.
For me i would like to use it to set a higher max idle connections but they will all be closed after being idle.
So also the last idle connection will be closed when there is no load on forgejo.
I also use it with max connection lifetime, because currently `database/sql` doesn't detect a postgresql master change[^2] and i'll get `[E] can't update runner status: pq: cannot execute UPDATE in a read-only transaction`[^3] on forgejo until the connection is closed.

[^1]: https://pkg.go.dev/database/sql#DB.SetConnMaxIdleTime
[^2]: https://stackoverflow.com/questions/51858659/how-to-safely-discard-golang-database-sql-pooled-connections-for-example-when-t
[^3]: https://matrix.to/#/!zpNKWqkiEOyljSMQDK:matrix.org/$_AJft_amsGn5hXGOYw75JoBJQnW3aKJEpb-Iw53L_TU?via=schinas.net&via=matrix.org&via=nitro.chat

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2418
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2024-02-21 12:17:16 +00:00
Gusted
6fbfe441de
[BUG] Load AllUnitsEnabled when necessary
- In order to determine if the "Add more..." tab should be shown, the
template has to know if the repository has all units enabled, this is
done in the repository header which can be shown for quite a lot of
pages (code, issues, projects, actions etc.)
- This was previously set in the `RepoRefByType` function, which would
be called by pages such as code, issues and releases, but it was not
being called for all pages such as actions, packages and wiki. Which
would in turn incorrectly show the "Add more..." button when it
shouldn't.
- Now call it from the template itself, so the value is 'always' loaded
when necessary.
2024-02-21 12:48:26 +01:00
Gusted
c6d366e283
[THEMES] Port console colors
- Port 1fd7e3d6be to the Forgejo themes,
they are a copy paste, but have a bit darker console background color to
have better contrast and match better with the overal Forgejo dark
theme's shade.
2024-02-21 12:19:15 +01:00