Commit Graph

10492 Commits

Author SHA1 Message Date
6543
151bedab52
Fix bug on avatar middleware (#15125)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-23 18:45:06 +00:00
zeripath
6198403fbc
Fix another clusterfuzz identified issue (#15096) (#15114)
Backport #15096

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-22 16:27:21 -04:00
a1012112796
a6290f603f
fix #15104 (#15106)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-03-22 15:15:44 -04:00
silverwind
2f09e5775f
Fix markdown rendering in milestone content (#15056) (#15092)
- Add missing markdown class for rendered markdown.
- Increase font size of milestone name in list.

Fixes: https://github.com/go-gitea/gitea/issues/15046
2021-03-21 18:03:52 +01:00
zeripath
b0819efaea
Place wrapper around comment as diff to catch panics (#15085) (#15086)
* Place wrapper around comment as diff to prevent panics

* propagate the panic up

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-21 16:16:07 +01:00
6543
d7a3bcdd70
Changelog v1.13.5 (#15084) 2021-03-21 15:05:21 +01:00
zeripath
7a85e228d8
Update to goldmark 1.3.3 (#15059) (#15061)
Backport #15059

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-20 10:31:28 +00:00
6543
a461d90415
Fix bug when upload on web (#15042) (#15055)
* Fix bug when upload on web

* move into own function

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-03-20 09:37:53 +08:00
6543
70e4134130
Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
* Doctor: find IssueLabels without existing label

* Repo Delete: delete labels & issue_labels too
2021-03-19 22:13:39 +01:00
zeripath
909f2be99d
Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
Backport #15015

Unfortunately there is a subtle problem with recreatetable on postgres which
leads to the sequences not being renamed and not being left at 0.

Fix #14725

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-19 04:23:58 +01:00
6543
645c0d8abd
another clusterfuzz spotted issue (#15032) (#15034)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-03-19 00:21:33 +02:00
zeripath
8c461eb261
Fix several render issues (#14986) (#15013)
Backport #14986

* Fix an issue with panics related to attributes
* Wrap goldmark render in a recovery function
* Reduce memory use in render emoji
* Use a pipe for rendering goldmark - still needs more work and a limiter

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-17 10:58:58 +02:00
Norwin
fff66eb016
API: fix set milestone on PR creation (#14981) (#15001)
* API: fix set milestone on PR creation

pr creation via API failed with 404, because we searched
for milestoneID 0, due to uninitialized var usage D:

* add tests

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
2021-03-15 11:01:04 -04:00
zeripath
c965ed6529
Make sure sibling images get a link too (#14979) (#14995)
Backport #14979

Due a problem with the ast.Walker in the our transformer in goldmark
an image with a sibling image will not be transformed to gain a parent
link. This PR fixes this.

Fix #12925

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-15 12:34:56 +08:00
zeripath
71a2adbf10
Fix Anchor jumping with escaped query components (#14969) (#14977)
Backport #14969

Fix #14968

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-13 09:54:53 +00:00
Norwin
3231b70043
check if original author is set (#14972)
Co-authored-by: 6543 <6543@obermui.de>
2021-03-13 11:05:56 +08:00
Norwin
e3c44923d7
fix release mail html template (#14976)
was missing an </a>
2021-03-12 20:39:05 +00:00
zeripath
3e7dccdf47
Fix excluding more than two labels on issues list (#14962) (#14973)
Backport #14962

Fix #14840

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Norwin Roosen <git@nroo.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>

Co-authored-by: Norwin Roosen <git@nroo.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
2021-03-12 18:12:14 +01:00
6543
33c2c49627
Prevent panic when editing forked repos by API (#14960) (#14963)
When editing forked repos using the API the BaseRepository needs to loaded
in order to check its visibility otherwise there will be NPE panic.

Fix #14956

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-03-12 08:54:18 +08:00
fnetX (aka fralix)
05ac72cf33
Add "captcha" to list of reserved usernames (#14930)
Signed-off-by: Otto Richter <git@fralix.ovh>
2021-03-08 17:50:13 +01:00
zeripath
906ecfd173
Re-enable import local paths after reversion from #13610 (#14925) (#14927)
Backport #14925

PR #13610 unfortunately disabled importing repositories from local paths.
This PR restores this functionality.

Fix #14700

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 14:50:57 +01:00
6543
75496b9ff5
Changelog v1.13.4 (#14917)
* Changelog v1.13.4

* nit
2021-03-07 23:02:54 +08:00
zeripath
8dad47a94a
Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
Backport #14895

Continuing on from #14888

The previous implementation has race whereby an incomplete upload or
hash mismatch upload can end up in the ContentStore. This PR moves the
validation into the reader so that if there is a hash error or size
mismatch the reader will return with an error instead of an io.EOF
causing the storage to abort the storage.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-07 00:53:37 +02:00
6543
8e792986bb
Fix a couple of issues with a feeds (#14897) (#14903)
Backport (#14897)

witch fix couple of issues with feeds
2021-03-06 06:13:38 +01:00
6543
da80e90ac8
Fix race in local storage (#14888) (#14901)
LocalStorage should only put completed files in position

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-06 05:07:03 +01:00
6543
74dc22358b
When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
Fix #14821

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-03-06 11:12:11 +08:00
John Olheiser
7d3e174906
Signed-off-by: jolheiser <john.olheiser@gmail.com> (#14898) (#14899) 2021-03-05 23:54:01 +02:00
6543
8456700411
[Docs] Fix how lfs data path is set (#14855) (#14884)
* fix docs: lfs data path

* DEPRECATED | 已废弃

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-04 22:10:15 +01:00
6543
8a6acbbc12
IsUserAllowedToUpdate should igonre if user is nil (#14886) 2021-03-04 21:28:28 +01:00
Lunny Xiao
98b3d8d5e1
Add changelog for v1.13.3 (#14877)
Add changelog for v1.13.3

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
2021-03-04 15:42:57 +01:00
zeripath
e663f7459a
Fix paging of file commit logs (#14831) (#14879)
Backport #14831

Unfortunately `git log revision ... --skip=x -- path` skips the number of commits
not the number of commits relating to the path.

This PR changes the function to have a reader that reads and skips the
necessary number of commits by hand instead.

Fix #8716

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
2021-03-04 19:53:28 +08:00
6543
7e85cba3e5
Print usefull error if SQLite is used in settings but not supported (#14476) (#14874)
* move log output to points where they are relefant

* check explicit of sqlite3 in settings
2021-03-03 21:54:32 +00:00
zeripath
26628aa1d1
Fix display since time round (#14226) (#14873)
Backport #14226

* Fix display since time round

* Fix since time

* Fix tests

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-03 21:17:34 +00:00
zeripath
d9d2e8f1e8
When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
Backport #14823

When Deleting Repository only explicitly close PRs whose base is not this repository

Fix #14775

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-02 21:44:14 +08:00
zeripath
4558eeb21a
Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
Backport #14834

When using HCaptcha on link account pages the site key needs to be passed
in. This PR ensures that HCaptchaSiteKey is set in the data.

Fix #14766

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-01 16:12:48 +01:00
zeripath
be25afc6de
Fix a couple of CommentAsPatch issues. (#14804) (#14820)
Backport #14804

* CutDiffAroundLine makes the incorrect assumption that `---` and `+++` always represent part of the header of a diff.

This PR adds a flag to its parsing to prevent this problem and adds a streaming parsing technique to CutDiffAroundLine using an io.pipe instead of just sending data to an unbounded buffer.

Fix #14711

* Handle unquoted comment patch files

When making comment patches unfortunately the patch does not always quote the filename
This makes the diff --git header ambiguous again.

This PR finally adds handling for ambiguity in to parse patch

Fix #14812

* Add in testing for no error

There is no way currently for CutDiffAroundLine in this test to cause an
error however, it should still be tested.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-28 15:19:51 +02:00
zeripath
90bf1e7961
Disable broken OAuth2 providers at startup (#14802) (#14811)
Backport #14802

Instead of causing a log.Fatal, we should handle broken OAuth2
providers by disabling them.

Fix #8930

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-26 11:44:45 +01:00
6543
77ce08976d
Re-enable transfer repo back from org to user account (#14807)
* re-enable transfer repo back from org to user account

* add test case
2021-02-26 11:08:09 +02:00
6543
8f389c5dfa
Build for only available darwin target (#14771) (#14798)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-25 15:29:03 +01:00
6543
edef62e69e
Backport: Repo Transfer permission checks (#14792) (#14794)
* Backport: Repo Transfer permission checks (#14792)

* update tests
2021-02-25 15:49:27 +08:00
a1012112796
cdff144f76
Fix double alert in oauth2 application edit view (#14764) (#14768)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-02-23 00:22:49 +01:00
zeripath
ad6084a222
Fix broken spans in diffs (#14678) (#14683)
Backport #14678

Gitea runs diff on highlighted code fragment for each line in order to
provide code highlight diffs. Unfortunately this diff algorithm is not
aware that span tags and entities are atomic and cannot be split.

The current fixup code makes some attempt to fix these broken tags
however, it cannot handle situations where a tag is split over multiple
blocks.

This PR provides a more algorithmic fixup mechanism whereby spans and
entities are completely coalesced into their respective blocks.

This may result in a incompletely reduced diff but - it will definitely
prevent the broken entities and spans that are currently possible.

As a result of this fixup several inconsistencies were discovered in our
testcases and these were also fixed.

Fix #14231

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-15 00:30:07 +01:00
zeripath
d3200db041
HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
This PR improves HasPreviousCommit to prevent the automatic and recursive loading
of previous commits using git merge-base --is-ancestor and git rev-list

Fix #13684

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-15 00:44:26 +02:00
zeripath
f305cffcaf
Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
Backport #14651

There is potentially a race with a slow starting internal
queue causing a NPE if Has is checked before the internal
queue has been setup.

This PR adds a lock on the Has() fn.

Fix #14311

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-14 01:50:50 +01:00
Lunny Xiao
c0320065b6
Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one (#14673) (#14675)
* Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one

* Add a warning on document

Co-authored-by: zeripath <art27@cantab.net>
2021-02-13 21:19:33 +01:00
zeripath
a1b74c5509
Allow org labels to be set with issue templates (#14593) (#14647)
Backport #14593

Fix #13688

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-13 19:34:47 +01:00
zeripath
101fb0d7e2
Do not assume all 40 char strings are SHA1s (#14624) (#14648)
Backport #14624

GetCommit() assumes that all 40 char strings are SHA1s. This leads to an
error if you try to do a PR on a branch which is 40 characters long.

This PR attempts the SHA first - and if it fails will switch to using rev-parse.

Fix #14470

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-14 01:25:47 +08:00
zeripath
82637c240a
Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
Backport #13989

Fix #13984

Fix #14566

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-08 09:25:30 +08:00
6543
d0174d45ed
Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
* Fix bug about ListOptions and stars/watchers pagnation

* fix unit test
2021-02-05 21:11:15 +00:00
Anton Khimich
da7a525c5c
Fix GPG key deletion during account deletion (#14561) (#14569)
Per #14531, deleting a user account will delete the user's GPG keys
from the `gpg_key` table but not from `gpg_key_import`, which causes
an error when creating an account with the same email and attempting
to re-add the same key. This commit deletes all entries from
`gpg_key_import` that match any GPG key IDs belonging to the user.

Co-authored-by: Anton Khimich <anton.khimicha@mail.utoronto.ca>
2021-02-04 21:28:48 +01:00