Commit Graph

18570 Commits

Author SHA1 Message Date
Kemal Zebari
7adc4717ec
Include file extension checks in attachment API (#32151)
From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.
2024-11-06 21:34:32 +00:00
Bruno Sofiato
f64fbd9b74
Updated tokenizer to better matching when search for code snippets (#32261)
This PR improves the accuracy of Gitea's code search. 

Currently, Gitea does not consider statements such as
`onsole.log("hello")` as hits when the user searches for `log`. The
culprit is how both ES and Bleve are tokenizing the file contents (in
both cases, `console.log` is a whole token).

In ES' case, we changed the tokenizer to
[simple_pattern_split](https://www.elastic.co/guide/en/elasticsearch/reference/current/analysis-simplepatternsplit-tokenizer.html#:~:text=The%20simple_pattern_split%20tokenizer%20uses%20a,the%20tokenization%20is%20generally%20faster.).
In such a case, tokens are words formed by digits and letters. In
Bleve's case, it employs a
[letter](https://blevesearch.com/docs/Tokenizers/) tokenizer.

Resolves #32220

---------

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2024-11-06 20:51:20 +00:00
wxiaoguang
b573512312
Correctly query the primary button in a form (#32438)
The "primary button" is used at many places, but sometimes they might
conflict (due to button switch, hidden panel, dropdown menu, etc).

Sometimes we could add a special CSS class for the buttons, but
sometimes not (see the comment of QuickSubmit)

This PR introduces `querySingleVisibleElem` to help to get the correct
primary button (the only visible one), and prevent from querying the
wrong buttons.

Fix #32437

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-11-07 04:21:53 +08:00
wxiaoguang
41b4ef825d
Use 8 as default value for git lfs concurrency (#32421) 2024-11-05 13:10:57 +00:00
Lunny Xiao
24b83ff63e
Fix milestone deadline and date related problems (#32339)
Use zero instead of 9999-12-31 for deadline
Fix #32291

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-05 07:46:40 +00:00
Lunny Xiao
1887c75c35
Only query team tables if repository is under org when getting assignees (#32414)
It's unnecessary to query the team table if the repository is not under
organization when getting assignees.
2024-11-05 07:13:52 +00:00
wxiaoguang
61c35590c7
Refactor RepoRefByType (#32413)
1. clarify the "filepath" could(should) contain "{ref}"
2. remove unclear RepoRefLegacy and RepoRefAny, use RepoRefUnknown to guess
3. by the way, avoid using AppURL
2024-11-05 06:35:54 +00:00
wxiaoguang
4a469c8e1b
Refactor template ctx and render utils (#32422)
Clean up the templates
2024-11-05 14:04:26 +08:00
wxiaoguang
b068dbd40e
Refactor DateUtils and merge TimeSince (#32409)
Follow #32383 and #32402
2024-11-04 11:30:00 +00:00
wxiaoguang
61be51e56b
Refactor markup package (#32399)
To make the markup package easier to maintain:
1. Split some go files into small files
2. Use a shared util.NopCloser, remove duplicate code
3. Remove unused functions
2024-11-04 10:59:50 +00:00
wxiaoguang
af28ce59b8
Add some handy markdown editor features (#32400)
There were some missing features from EasyMDE:

1. H1 - H3 style
2. Auto add task list
3. Insert a table

And added some tests
2024-11-04 10:14:36 +00:00
Royce Remer
54146e62c0
Make LFS http_client parallel within a batch. (#32369)
Signed-off-by: Royce Remer <royceremer@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-04 04:49:08 +00:00
wxiaoguang
f2a6df03d9
Refactor repo legacy (#32404)
Only move code, no unnecessary logic change. (There are many problems in
old code, but changing them is not in this PR's scope)

Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-03 11:00:12 +00:00
wxiaoguang
259811617b
Replace DateTime with proper functions (#32402)
Follow #32383

This PR cleans up the "Deadline" usages in templates, make them call
`ParseLegacy` first to get a `Time` struct then display by `DateUtils`.

Now it should be pretty clear how "deadline string" works, it makes it
possible to do further refactoring and correcting.
2024-11-02 21:04:53 +00:00
wxiaoguang
e524f63d58
Fix git error handling (#32401) 2024-11-02 11:20:22 +00:00
Lunny Xiao
13a203828c
Fix created_unix for mirroring (#32342)
Fix #32233
2024-11-02 06:11:38 +00:00
wxiaoguang
fec6b3d500
Replace DateTime with DateUtils (#32383) 2024-11-02 04:08:28 +00:00
Rowan Bohde
7dcccc3bb1
improve performance of diffs (#32393)
This has two major changes that significantly reduce the amount of work
done for large diffs:

* Kill a running git process when reaching the maximum number of files
in a diff, preventing it from processing the entire diff.
* When loading a diff with the URL param `file-only=true`, skip loading
stats. This speeds up loading both hidden files of a diff and sections
of a diff when clicking the "Show More" button.

A couple of minor things from profiling are also included:

* Reuse existing repo in `PrepareViewPullInfo` if head and base are the
same.

The performance impact is going to depend heavily on the individual diff
and the hardware it runs on, but when testing locally on a diff changing
100k+ lines over hundreds of files, I'm seeing a roughly 75% reduction
in time to load the result of "Show More"

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-02 11:29:37 +08:00
wxiaoguang
ec2d1593c2
Refactor tests to prevent from unnecessary preparations (#32398) 2024-11-01 23:18:29 +08:00
Kyle D.
66971e591e
Add artifacts test fixture (#30300)
Closes https://github.com/go-gitea/gitea/issues/30296

- Adds a DB fixture for actions artifacts
- Adds artifacts test files
- Clears artifacts test files between each run
- Note: I initially initialized the artifacts only for artifacts tests,
but because the files are small it only takes ~8ms, so I changed it to
always run in test setup for simplicity
- Fix some otherwise flaky tests by making them not depend on previous
tests
2024-11-01 10:29:54 +08:00
Zettat123
0690cb076b
Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365)
Fix #28121

I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.

348d1d0f32/routers/api/packages/container/container.go (L712-L717)
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>

In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.

```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```

---

Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.

b7fb20e73e/modules/storage/minio.go (L214-L221)
2024-10-31 15:28:25 +00:00
silverwind
8107823026
Fix a number of typescript issues (#32308)
- Prefer
[window.location.assign](https://developer.mozilla.org/en-US/docs/Web/API/Location/assign)
over assigning to
[window.location](https://developer.mozilla.org/en-US/docs/Web/API/Window/location)
which typescript does not like. This works in all browsers including
PaleMoon.
- Fix all typescript issues in `web_src/js/webcomponents`, no behaviour
changes.
- ~~Workaround bug in `@typescript-eslint/no-unnecessary-type-assertion`
rule.~~
- Omit vendored file from type checks.
- `tsc` error count is reduce by 53 with these changes.
2024-10-31 14:57:40 +00:00
wxiaoguang
5e6523aa57
Update go dependencies (#32389) 2024-10-31 12:05:54 +00:00
silverwind
9914c9ab08
Update JS and PY dependencies (#32388)
- Update all JS dependencies excluding stylelint (because of
https://github.com/AndyOGo/stylelint-declaration-strict-value/issues/379).
- Update all PY dependencies.
- Replace `eslint-plugin-deprecation` with
`@typescript-eslint/no-deprecated` rule.
- Enabled `unicorn/prefer-math-min-max` and autofixed issues.
- Tested all dependencies.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-31 04:19:15 +00:00
wxiaoguang
a4a121c684
Fix suggestions for issues (#32380) 2024-10-30 20:06:36 +00:00
Oleksandr Redko
f4d3aaeeb9
refactor: remove redundant err declarations (#32381) 2024-10-30 19:36:24 +00:00
yp05327
dd1f67491f
Fix the missing menu in organization project view page (#32313)
#29248 didn't modify the view page.
The class name is not good enough, so this is a quick fix.

Before:
org:

![image](https://github.com/user-attachments/assets/3e26502d-66b4-4043-ab03-003ba7391487)
user:

![image](https://github.com/user-attachments/assets/9b22b90c-d63c-4228-acad-4d9fb20590ac)


After:
org:

![image](https://github.com/user-attachments/assets/21bf98a7-8a5b-4dc6-950a-88f529e36450)
user: (no change)

![image](https://github.com/user-attachments/assets/fea0dcae-3625-44e8-bb9e-4c3733da8764)

Co-authored-by: Giteabot <teabot@gitea.io>
2024-10-30 19:05:40 +00:00
wxiaoguang
aee9801d46
Fix toAbsoluteLocaleDate and add more tests (#32387) 2024-10-31 02:36:02 +08:00
6543
58eb16eda7
Respect UI.ExploreDefaultSort setting again (#32357)
fix regression of https://github.com/go-gitea/gitea/pull/29430

---
*Sponsored by Kithara Software GmbH*
2024-10-30 12:33:25 +00:00
wxiaoguang
ce4d909bd6
Fix absolute-date (#32375) 2024-10-30 17:50:19 +08:00
cloudchamb3r
f938dbc9b5
Fix undefined errors on Activity page (#32378)
close #32377

Co-authored-by: Giteabot <teabot@gitea.io>
2024-10-30 14:48:13 +08:00
Royce Remer
c60e4dc109
Add new [lfs_client].BATCH_SIZE and [server].LFS_MAX_BATCH_SIZE config settings. (#32307)
This contains two backwards-compatible changes:
* in the lfs http_client, the number of lfs oids requested per batch is
loaded from lfs_client#BATCH_SIZE and defaulted to the previous value of
20
* in the lfs server/service, the max number of lfs oids allowed in a
batch api request is loaded from server#LFS_MAX_BATCH_SIZE and defaults
to 'nil' which equates to the previous behavior of 'infinite'

This fixes #32306

---------

Signed-off-by: Royce Remer <royceremer@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-30 05:41:55 +00:00
Rowan Bohde
1cd3f69859
remove unused call to $.HeadRepo in view_title template (#32317)
This is only populated in
[`ParseCompareInfo`](https://github.com/search?q=repo%3Ago-gitea%2Fgitea%20%20.Data%5B%22HeadRepo%22%5D&type=code)
which is called in two handlers:

*
[`CompareAndPullRequestPost`](9206fbb55f/routers/web/repo/pull.go (L1246))
- a JSON post handler that doesn't render templates
*
[`CompareDiff`](9206fbb55f/routers/web/repo/compare.go (L706))
- which can render `diff/box.tmpl` and `diff/compare.tmpl`
2024-10-30 13:12:48 +08:00
Lunny Xiao
feca8802b8
Fix clean tmp dir (#32360)
Try to fix #31792 

Credit to @jeroenlaylo
Copied from
https://github.com/go-gitea/gitea/issues/31792#issuecomment-2311920520

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-29 18:27:03 +02:00
6543
5d43801b72
Optimize branch protection rule loading (#32280)
before if it was nonglob each load would try to glob it and the check
that is not glob ... now we only do that once and no future loading will
trigger it


---
*Sponsored by Kithara Software GmbH*
2024-10-29 15:43:47 +01:00
Anbraten
b7fb20e73e
Suggestions for issues (#32327)
closes #16872
2024-10-29 17:20:49 +08:00
Anbraten
348d1d0f32
Migrate vue components to setup (#32329)
Migrated a handful Vue components to the `setup` syntax using
composition api as it has better Typescript support and is becoming the
new default in the Vue ecosystem.

- [x] ActionRunStatus.vue    
- [x] ActivityHeatmap.vue
- [x] ContextPopup.vue       
- [x] DiffFileList.vue
- [x] DiffFileTree.vue       
- [x] DiffFileTreeItem.vue    
- [x] PullRequestMergeForm.vue
- [x] RepoActivityTopAuthors.vue  
- [x] RepoCodeFrequency.vue
- [x] RepoRecentCommits.vue
- [x] ScopedAccessTokenSelector.vue

Left some larger components untouched for now to not go to crazy in this
single PR:
- [ ] DiffCommitSelector.vue  
- [ ] RepoActionView.vue
- [ ] RepoContributors.vue
- [ ] DashboardRepoList.vue  
- [ ] RepoBranchTagSelector.vue
2024-10-28 20:15:05 +00:00
wxiaoguang
a920fcfd91
Fix db engine (#32351)
Fix #32349
2024-10-27 18:48:07 -04:00
wxiaoguang
d70af38447
Refactor the DB migration system slightly (#32344)
Introduce "idNumber" for each migration, and clarify the difference
between the migration ID number and database version.
2024-10-27 19:54:35 +08:00
yp05327
7cf611d197
Fix broken image when editing comment with non-image attachments (#32319)
Fix #32316
2024-10-23 17:39:10 +02:00
Lunny Xiao
2abdbe88b5
Fix disable 2fa bug (#32320) 2024-10-23 06:41:00 +00:00
Lunny Xiao
d46d34a655
Upgrade rollup to 4.24.0 (#32312) 2024-10-23 05:00:32 +00:00
Lunny Xiao
500774277c
Upgrade vue to 3.5.12 (#32311) 2024-10-23 04:55:17 +00:00
Tim
de2ad2e1b1
Make admins adhere to branch protection rules (#32248)
This introduces a new flag `BlockAdminMergeOverride` on the branch
protection rules that prevents admins/repo owners from bypassing branch
protection rules and merging without approvals or failing status checks.

Fixes #17131

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-10-23 12:39:43 +08:00
박상철
620f19610e
Prevent from submitting issue/comment on uploading (#32263)
fix #32262

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-10-23 10:48:04 +08:00
Lunny Xiao
a264c46fb0
Add warn log when deleting inactive users (#32318)
Add log for the problem #31480
2024-10-23 09:28:28 +08:00
Zettat123
9206fbb55f
Add DISABLE_ORGANIZATIONS_PAGE and DISABLE_CODE_PAGE settings for explore pages and fix an issue related to user search (#32288)
These settings can allow users to only display the repositories explore page.

Thanks to yp05327 and wxiaoguang !

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-22 13:09:19 +08:00
wangjingcun
3d6ccbac3f
chore: fix some function names in comment (#32300)
fix some function names in comment
2024-10-22 08:41:05 +08:00
6543
d638067d3c
API: enhance SearchIssues swagger docs (#32208)
this will result in better api clients generated out of the openapi docs
... for SearchIssues

---
*Sponsored by Kithara Software GmbH*
2024-10-19 20:11:56 +00:00
YR Chen
08c963c921
Update github.com/go-enry/go-enry to v2.9.1 (#32295)
`go-enry` v2.9.1 includes latest file patterns from Linguist, which can
identify more generated file type, eg. `pdm.lock`.
2024-10-19 20:51:55 +08:00