Commit Graph

9661 Commits

Author SHA1 Message Date
zeripath
3a02f0896e
Escape more things that are passed through str2html (#12622) (#12850)
Backport #12622

* Escape more things that are passed through str2html

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Bloody editors!

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update routers/user/oauth.go
2020-09-15 18:43:10 -04:00
zeripath
408db95dc1
Fix notifications page links (#12838) (#12853)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-15 17:53:30 +01:00
6543
6305f07fdc
On Migration respect old DefaultBranch (#12843) (#12858)
* On Migration respect old DefaultBranch

* add DefaultBranch int test set

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-15 12:12:07 -04:00
zeripath
ff9d99f63d
Stop cloning unnecessarily on PR update (#12839) (#12852)
Backport #12839

Fix #12740

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-15 13:09:25 +03:00
techknowlogick
37572551d7
Remove double escape on labels addition in comments (#12809) (#12810)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-11 00:56:12 -04:00
赵智超
0ee823be0b
Fix "only mail on mention" bug (#12775) (#12789)
* fix mail mention bug

fix #12774

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-10 11:32:54 +03:00
zeripath
062ea40a79
Fix yet another bug with diff file names (#12771) (#12776)
Backport #12771

Following further testing it has become apparent that the diff line
cannot be used to determine filenames for diffs with any sort of predictability
the answer therefore is to use the other lines that are provided with a diff

Fix #12768

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-09 19:03:54 +01:00
6543
7a25441abe
gitea dump: include version & Check InstallLock (#12760) (#12762)
* gitea dump: include version

* Check InstallLock
2020-09-07 20:44:45 -04:00
6543
dc71d00393
RepoInit Respect AlternateDefaultBranch (#12746) (#12751) 2020-09-06 18:03:50 -04:00
6543
0bb56a413d
Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
* Update Vendor github.com/nfnt/resize

* switch resize algo NearestNeighbor -> Bilinear
2020-09-06 22:14:59 +01:00
6543
2806a312e1
[Backport] Fix go1.15 lint error in modules/public/public.go (#12707) (#12708)
* fix go1.15 lint error in modules/public/public.go

* CI.restart()
2020-09-04 08:28:08 +03:00
techknowlogick
8a51c48eb6
Changelog for 1.12.4 release (#12687)
Co-authored-by: zeripath <art27@cantab.net>
2020-09-03 17:00:13 -04:00
6543
0fa538e552
[Backport] Fix comment broken issue ref dependence (#12651) (#12692)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* CI.restart()
2020-09-03 17:23:36 +08:00
6543
69e4b6910b
Make default StaticRootPath compile time settable (#12371) (#12652)
Make it possible to compile the default location of StaticRootPath independent from AppWorkPath

Co-authored-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-02 19:12:24 -04:00
techknowlogick
0e9dcc9500
When reading expired sessions - expire them (#12686) (#12690)
* When reading expired sessions - expire them

Update to latest macaron/session following merge of
https://gitea.com/macaron/session/pulls/11

Also remove old memory provider as 11 updates the memory provider to
make it unnecessary.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and macaron/session/pulls/12

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-02 18:51:56 -04:00
6543
87f02d90cf
Escape provider name in oauth2 provider redirect (#12650)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-08-30 23:55:19 +01:00
John Olheiser
21cd7ab812
Mark Cache with ini tag (#12605) (#12611)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-08-26 11:53:14 -04:00
John Olheiser
981216c9fe
Escape Email in forgot_password.tmpl (#12610) (#12612)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-26 10:12:09 -05:00
techknowlogick
cfbfb73c56
go1.15 on windows (#12589) (#12593)
We don't support go1.15 on 1.12.x branch, however this will allow users who chose to build with go1.15 on windows to be successful
2020-08-24 18:38:47 -04:00
zeripath
4a548a0332
Fix diff path unquoting (#12554) (#12575)
Backport #12554

* Fix diff path unquoting

services/gitdiff/gitdiff.go whereby there it assumed that the path would
always be quoted on both sides

This PR simplifies the code here and uses fmt.Fscanf to parse the
strings as necessary.

Fix #12546

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add testcase as per @mrsdizzie

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 16:58:09 +03:00
zeripath
8bf2ee1e02
Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
Backport #12556

SSPI fails badly on authentication attempts to /api/internal which
it can never succesfully authenticate.

Fix #11260

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-22 17:09:14 -04:00
zeripath
a687980412
Default empty merger list to those with write permissions (#12535) (#12560)
Backport #12535

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-22 23:35:56 +03:00
zeripath
1f85815a3b
models: break out of loop (#12386) (#12561)
Backport #12386

Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2020-08-22 16:22:07 +01:00
silverwind
ee5e5a5093
Improve HTML escaping helper (#12562)
The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
2020-08-22 13:36:56 +01:00
zeripath
03ba12aabf
Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:52:20 +03:00
John Olheiser
24ed1b5feb
Remove hardcoded ES indexername (#12521) (#12526)
Co-authored-by: Wim <wim@42.be>
2020-08-18 21:42:22 -04:00
zeripath
8282697734
Keys should not verify revoked email addresses (#12486) (#12495)
Backport #12486

Fix #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-17 12:06:31 -04:00
techknowlogick
ec48618d40
Fix bug preventing transfer to private organization (#12497) (#12501)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere

Co-authored-by: zeripath <art27@cantab.net>
2020-08-17 09:32:33 +03:00
techknowlogick
f0dd07129a
Do not add prefix on http/https submodule links (#12477) (#12479)
Fix #12345

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-13 11:53:40 -04:00
techknowlogick
6d3b8141df
Fix ignored login on compare (#12476) (#12478)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-12 16:36:22 -04:00
techknowlogick
13c4c7a132
Match GH with Commit page (#12425) (#12431)
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:49:12 +08:00
techknowlogick
6015d30dd6
Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
* Fix incorrect logging in oauth2.go

Fix #11945

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle ErrAlreadyInQueue in stats indexer

Fix #12380

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fixes type in error message of indexer

Add the missing character in the error message.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
2020-08-04 16:27:43 +08:00
6543
b1cfb0d7a2
[Vendor] upgrade google/go-github to v32.1.0 (#12361) (#12390)
* upgrate go-github client to v32.1.0

* migrate
2020-07-31 12:02:23 -04:00
6543
48a423a8a8
Rendoer emoji's of Commit message on feed-page (#12373) 2020-07-29 17:09:47 -04:00
zeripath
cc8a7c9345
Git 2.28 no longer permits diff with ... on unrelated branches (#12370)
Backport #12364

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-29 12:42:22 -04:00
6543
77af0a23c4
Changelog v1.12.3 (#12356)
* Changelog v1.12.3

* better description for 12351

* @techknowlogick suggestions
2020-07-28 16:41:36 -04:00
Richard Mahn
87bfe02b5b
Backport to v1.12 for #12341 - Release date fix (#12351)
* Backport for Issue #12341 PR #12343 - Release date fix

* Adds sleep for comparing times

* Fixes imports

* Fixes tests
2020-07-28 14:10:50 -04:00
techknowlogick
9bac656b7d
Show 404 page when release not found (#12328) (#12332)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-27 00:39:44 +03:00
silverwind
ad68c9ccb2
Backport emoji fixes to 1.12 (#12327)
* Fix emoji detection in certain cases (#12320)

* Fix emoji detection certain cases

Previous tests weren't complicated enough so there were some situations where emojis were't detected properly. Find the earliest occurance in addition to checking for the longest combination.

Fixes #12312

* ok spell bot

Co-authored-by: Lauris BH <lauris@nix.lv>

* Reduce emoji size (#12317)

* Reduce emoji size

Rendering should now pretty much match GitHub with 1.25em. I verified
that emojis don't increase the line height and removed unecessary size
overrides because now all emojis should appear similar in relation to
the font size.

* fix reaction hover

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-25 12:50:57 -04:00
techknowlogick
8d1cd4d252
Fix double-indirection bug in logging IDs (#12294) (#12308)
This PR fixes a bug in log.NewColoredIDValue() which led to a double
indirection and incorrect IDs being printed out.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-07-24 02:24:22 +03:00
techknowlogick
64eaa2a942
[ui] Link to pr list page on sidebar when view pr (#12256) (#12263)
Fix #12254

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
2020-07-16 11:56:09 -04:00
zeripath
489e9162fc
Extend Notifications API and return pinned notifications by default (#12164) (#12232)
Backport #12164

This PR extends the notifications API to allow specific notification statuses to be searched for and to allow setting of notifications to statuses other than read.

By default unread and pinned statuses will be returned when querying for notifications - however pinned statuses will not be marked as read.

Close #12152

Signed-off-by: Andrew Thornton art27@cantab.net
2020-07-13 21:52:05 +01:00
Lauris BH
5e62137fe3
Changelog for v1.12.2 (#12214)
* Changelog for v1.12.2

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
2020-07-11 19:53:26 +03:00
赵智超
6a081f95c0
Decrease the num_stars when deleting a repo (#11954) (#12188)
* Decrease the  num_stars when deleting a repo

fix #11949

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migration

* use batch

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* fix lint

* fix ci

* fix ci2

* add doctor

* duplicate code

* fix migration

* fix some nits

* add start

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-08 17:52:40 -04:00
techknowlogick
c3c246cffc
Fix regression: Gitea commits API again returns commit summaries, not full messages (#12186) (#12187)
Closes #12185

Co-authored-by: Kristian Antonsen <kristian@derfor.dk>
2020-07-08 11:22:07 -04:00
techknowlogick
85be939c2a
properly set symbolic-ref HEAD when a repo is created with a non-master default branch (#12135) (#12182)
This fixes an issue I noticed with #10803: when you create a repo with a non-master default branch, gitea doesn't change the remote ref HEAD, so it still points at refs/heads/master. As a result, cloning my repos gives me error messages and doesn't check out the desired default branch, so I need to manually check it out after cloning.

Co-authored-by: xenofem <45297511+xenofem@users.noreply.github.com>
2020-07-08 00:40:22 -04:00
Jürgen Hötzel
a680c911e4
Trim to 255 runes instead of bytes (#12150)
* Trim to 255 runes instead of bytes

Prevents invalid UTF-8 encoding for Description and Website. Refs #7905

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-07 19:05:35 -04:00
zeripath
d9c18cbba0
Ensure Subkeys are verified (#12155) (#12168)
Backport #12155

When attempting to verify subkeys the email address verification step
requires checking the emails however, these emails are not stored on
subkeys but instead on the primary key.

This PR will obtain the primaryKey and check against these emails too.

Fix #12128

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-06 20:13:18 -04:00
Lauris BH
3daedb3877
Use hash of repo path, ref and entrypath as cache key (#12151) (#12161) 2020-07-06 16:51:45 +08:00
zeripath
2bf987229a
Multiple small admin dashboard fixes (#12153) (#12156)
* Prevent (EXTRA string) comments in Task headers
* Redirect tasks started from monitor page back to monitor
* Fix #12107 - redirects from process cancel should use AppSubUrl
* When wrapping queues set the name correctly

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-05 21:19:53 +01:00