Commit graph

11522 commits

Author SHA1 Message Date
silverwind
9b7d692e9e
Use node 16 on release tasks too (#15936)
Forgot these in https://github.com/go-gitea/gitea/pull/15804.
2021-05-20 16:37:20 -04:00
zeripath
17be645498
Encrypt LDAP bind password in db with SECRET_KEY (#15547)
* Encrypt LDAP bind password in db with SECRET_KEY

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove ui warning regarding unencrypted password

Co-authored-by: silverwind <me@silverwind.io>
2021-05-20 09:29:57 +01:00
GiteaBot
124b256c53 [skip ci] Updated translations via Crowdin 2021-05-20 00:25:08 +00:00
silverwind
c636ef8f1d
Disable legal comments in esbuild (#15929)
We already serve licenses.txt so we don't need these inline comments
preserved during esbuild minification. Saves around 4kB before gzip.
2021-05-19 22:46:30 +01:00
Norwin
e542b416a7
api: fix overly strict edit pr permissions (#15900)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-05-19 10:48:48 -04:00
silverwind
370cfde35e
Fix and restyle menu on code line (#15913)
* Fix and restyle menu on code line

* fix multiline and more tweaks

* move to separate files

* remove has-context-menu class

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-18 23:16:02 -04:00
zeripath
0e56e9c9d9
Restore token authentication for git http when 2FA active (#15915)
There was a small regression in #15303 whereby token auth
with 2FA active would be disallowed.

This PR fixes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-05-18 22:30:33 -04:00
GiteaBot
825547b20e [skip ci] Updated translations via Crowdin 2021-05-19 00:25:09 +00:00
Ikko Ashimine
3e068fcdcb
Fix typo in hacking-on-gitea.en-us.md (#15918)
* continously -> continuously
* continous -> continuous
2021-05-18 19:35:59 +02:00
GiteaBot
1da0d156bc [skip ci] Updated translations via Crowdin 2021-05-18 00:25:04 +00:00
silverwind
4c3e56da13
Use Wants= over Requires= in systemd file (#15897)
`Requires=` has the behaviour of stopping `gitea.service` when the
database is stopped but not bringing it up again after the database is
started again. Use `Wants=` to define a weak requirement instead,
meaning `gitea.service` will be kept running when the database is
stopped, which is not an issue because gitea will just reconnect later
on.

Fixes: https://github.com/go-gitea/gitea/issues/15866

Co-authored-by: zeripath <art27@cantab.net>
2021-05-17 16:09:15 +03:00
Norwin
a137ee7a68
git migration: don't prompt interactively for clone credentials (#15902)
* don't prompt interactively for clone credentials

* apply GIT_TERMINAL_PROMPT=0 to all git cmds

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-17 18:59:31 +08:00
GiteaBot
131b59ef89 [skip ci] Updated translations via Crowdin 2021-05-17 00:25:05 +00:00
Norwin
ba76bd78b6
remove unimplemented searchbar from project view (#15901) 2021-05-17 02:10:30 +02:00
silverwind
a32bfd867d
Issue sidebar and misc css fixes (#15524)
- Replace remaining font icons with SVG in issue sidebar
- Rework issue due date display
- Realign avatar in timeline
- Fix font size in repo search and code explore
- Consolidate active button styles
- Fix loading form on arc-green
- Align time tracker buttons vertically

Fixes: https://github.com/go-gitea/gitea/issues/15896
2021-05-16 22:18:18 +02:00
Lunny Xiao
892e6561ff
Use a special name for update default branch on repository setting (#15893) 2021-05-16 14:24:47 -04:00
Ian Wienand
c3aaf5eafd
Rework Token API comments (#15162)
Move the token API discussion into a common section discussing the
generation and listing of the tokens.  Add a note on the display of
the sha1 during creation and listing.

Co-authored-by: Norwin <noerw@users.noreply.github.com>
2021-05-16 15:51:53 +02:00
Lunny Xiao
0bf8d34630
improve empty notice (#15890) 2021-05-16 19:58:26 +08:00
zeripath
3a04d6f43f
Systemd needs After as well as Require (#15881)
If the gitea service is stopped because of the db going down
it needs an `After=db.service` to ensure it is restarted in
addition to the `Requires=db.service` to ensure that the db
is started before gitea is started.

Fix #15866

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-16 16:41:37 +08:00
GiteaBot
41136db47e [skip ci] Updated licenses and gitignores 2021-05-16 00:25:04 +00:00
zeripath
58646cab22
Move sans-serif fallback font higher than emoji fonts (#15855)
The Tor browser does not use the system-ui font and no other fonts in the stack match
its default fonts. In fact it is possible that it will in future only
match generic fonts. This means that all rendering will first try the
emoji fonts before falling back to the sans-serif font for glyphs.

In this case has the emoji fall back fonts for Tor contains empty glyphs
for numbers - in order to protect privacy - and leads to numbers being
rendered as empty glyphs. This is clearly not ideal and whilst we could
use the Arimo font - as I state above I suspect that Tor will eventually
ban detecting this and we should instead move the sans-serif font higher
in the stack so that it matches before the emoji fonts.

Partial fix of #15844

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-16 02:12:55 +02:00
6543
e0c93fed05
GitHub: migrate draft releases too (#15884)
* GitHub: migrate draft releases too

* refactor
2021-05-15 18:37:17 -04:00
zeripath
8e32eeb5de
Hold the event source when there are no listeners (#15725)
* Hold the event source when there are no listeners

The event source does not need to run when there are no listeners. Therefore
pause it when there are none.

* add some more logging

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-15 23:46:13 +02:00
zeripath
f582ec4e53
Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username

ReverseProxy users should generate a session on reverse proxy username change.

Also prevent ReverseProxy users from changing their username.

Fix #2407

* add testcase

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-15 20:33:13 +02:00
zeripath
17c5c654a5
Prevent double-login for Git HTTP and LFS and simplify login (#15303)
* Prevent double-login for Git HTTP and LFS and simplify login

There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.

This duplicated code had individual inconsistencies that were not
helpful and caused confusion.

This PR does the following:

* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.

* add test

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-15 17:32:09 +02:00
zeripath
ba526ceffe
Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
* move shutdownfns, terminatefns and hammerfns out of separate goroutines

Coalesce the shutdownfns etc into a list of functions that get run at shutdown
rather then have them run at goroutines blocked on selects.

This may help reduce the background select/poll load in certain
configurations.

* The LevelDB queues can actually wait on empty instead of polling

Slight refactor to cause leveldb queues to wait on empty instead of polling.

* Shutdown the shadow level queue once it is empty

* Remove bytefifo additional goroutine for readToChan as it can just be run in run

* Remove additional removeWorkers goroutine for workers

* Simplify the AtShutdown and AtTerminate functions and add Channel Flusher

* Add shutdown flusher to CUQ

* move persistable channel shutdown stuff to Shutdown Fn

* Ensure that UPCQ has the correct config

* handle shutdown during the flushing

* reduce risk of race between zeroBoost and addWorkers

* prevent double shutdown

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-15 16:22:26 +02:00
Naohisa Murakami
9f19c2b8cc
Fix error message when saving generated LOCAL_ROOT_URL config (#15880) 2021-05-15 11:23:21 +01:00
Norwin
b6b8b194ca
Fix blame row height alignment (#15863)
* fix blame row alignment on firefox

* fix blame row alignment in chrome

* fix blame row alignment in safari

as per @silverwind

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-14 21:15:53 -04:00
GiteaBot
f3febeb594 [skip ci] Updated translations via Crowdin 2021-05-15 00:25:06 +00:00
zeripath
d0ea10b21f
Close the gitrepo when deleting the repository (#15876)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-14 21:19:38 +01:00
Lunny Xiao
f6be429781
Upgrade xorm to v1.1.0 (#15869) 2021-05-14 20:17:06 +01:00
Blake Miner
e2f39c2b64
Fix bound address/port for caddy's certmagic library (see #15848) (#15859) 2021-05-14 15:39:10 +01:00
KN4CK3R
df72cf6211
Fix LFS commit finder not working (#15856)
* Create a copy of the sha bytes.


Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-14 14:12:11 +01:00
zeripath
1a5659943e
Add timeout to writing to responses (#15831)
In #15826 it has become apparent that there are a few occasions when a response can
hang during writing, and because there is no timeout go will happily just block
interminably. This PR adds a fixed 5 second timeout to all writes to a connection.

Fix #15826

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-14 13:26:03 +01:00
zeripath
2d87a84709
Stop calling WriteHeader in Write (#15862)
Fixes http: superfluous response.WriteHeader call from code.gitea.io/gitea/modules/context.(*Response).WriteHeader (response.go:67)

* Looking again we don't need this writeHeader as all of our downstream
implementations will always do it for us

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-14 11:05:50 +03:00
silverwind
05fb1f61d5
Add jest rootDir and test-frontend dependency (#15860)
- Define jest rootDir to limit where it looks for test files
- Add missing dependency on test-frontend target so it can be ran from a
  clean checkout
2021-05-14 07:28:51 +01:00
Jimmy
44286e29f0
reverse proxy for IIS (#15555)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-14 00:36:53 -04:00
zeripath
418c5feded
Add information on how to rotate logging from outside container (#15852)
Fix #15842

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-14 00:36:23 -04:00
zeripath
bbbe625343
Only write config in environment-to-ini if there are changes (#15861)
* Only write config in environment-to-ini if there are changes

Only write the new config in environment-to-ini if there are changes or the
destination is not the same as the customconf.

Fix #15719
Fix #15857

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-05-14 01:01:05 +02:00
zeripath
d234d37aa8
Restore PAM user autocreation functionality (#15825)
* Restore PAM user autocreation functionality

PAM autoregistration of users currently fails due to email invalidity.
This PR adds a new setting to PAM to allow an email domain to be set
or just sets the email to the noreply address and if that fails falls
back to uuid@localhost

Fix #15702

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per KN4CKER

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-13 23:11:47 +01:00
silverwind
9545c345a8
Update JS dependencies, use Node 16 (#15804)
- Update all JS dependencies to latest version
- Use Node 16 on CI
- Add new lint rules
- Add some gitignore entries for debug files

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-13 11:12:36 -04:00
zeripath
0ada74edbc
Only offer hostcertificates if they exist (#15849)
A common bug report is the otherwise harmless sshd logging:

```
Could not load host certificate "/data/ssh/ssh_host_ed25519_cert": No such file or directory
```

This PR simply checks if these files exist before creation of sshd_config and if
they do not exist, doesn't add a reference to them.

Fix #14110 amongst others.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-13 15:11:28 +03:00
mlpo
52f8dcda43
Allow custom highlight mapping beyond file extensions (#15808)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-13 12:31:23 +03:00
yan
27b29ffb22
fix truncate utf8 string (#15828)
* fix truncate utf8 string.

* revoke truncated user info.
2021-05-13 08:50:57 +01:00
GiteaBot
6d2a333fdc [skip ci] Updated translations via Crowdin 2021-05-13 00:25:06 +00:00
Blake Miner
6a8e5f69cf
Fix bound address/port for caddy's certmagic library (#15758)
* Fix bound address/port for caddy's certmagic library

* Fix bug

Co-authored-by: zeripath <art27@cantab.net>
2021-05-12 20:58:55 +01:00
techknowlogick
ffbd0fef06
change s3 bucket name (#15847) 2021-05-12 15:08:33 -04:00
silverwind
8ab815ae93
Unregister non-matching serviceworkers (#15834)
* Unregister non-matching serviceworkers

With the addition of the /assets url, users who visited a previous
version of the site now may have two active service workers, one with
the old scope `/` and one with scope `/assets`. This check for
serviceworkers that do not match the current script path and unregisters
them.

Also included is a small refactor to publicpath.js which was simplified
because AssetUrlPrefix is always present now. Also it makes use of the
new joinPaths helper too.

Fixes: https://github.com/go-gitea/gitea/pull/15823
2021-05-12 20:36:53 +02:00
Lunny Xiao
b61092bcb0
Upgrade unrolled/render to v1.1.1 (#15845) 2021-05-12 18:47:05 +01:00
Oymate
ec2addc0ed
Update README.md | Add translation section (#15830)
* Update README.md

* chinese translation

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update README.md

* Update README.md

* Update README.md

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-12 11:02:55 -04:00