Commit graph

755 commits

Author SHA1 Message Date
a1012112796
672e5a752d
prevent double click new issue/pull/comment button (#16157)
* prevent double click new issue/pull/comment button

when network is not good, these button maybe
double clicked, then more than one same issues
pulls or comments will be created. this pull
request will fix this bug.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-05-07 14:24:02 +02:00
Gusted
0eac09e066
Improve reviewing PR UX (#19612) 2022-05-07 01:35:12 -04:00
Eekle
9c04da37d0
Make .cs highlighting legible on dark themes. (#19604) 2022-05-04 16:58:38 +08:00
Gusted
3725fa28cc
Improve UI on mobile (#19546)
Start making the mobile experience not painful and be actually usable. This contains a few smaller changes to enhance this experience.

- Submit buttons on the review forms aren't columns anymore and are now allowed to be displayed on one row.
- The label/milestone & New Issue buttons were given each own row even tough, there's enough place to do it one the same row. This commit fixes that.
- The issues+Pull tab on repo's has a third item besides the label/milestone & New Issue buttons, the search bar. On desktop there's enough place to do this on one row, for mobile it isn't, currently it was using for each item a new row. This commits fixes that by only giving the searchbar a new row and have the other two buttons on the same row.
- The notification table will now be show a scrollbar instead of overflow.
- The repo buttons(Watch, Star, Fork) on mobile were showing quite big and the SVG wasn't even displayed on the same line, if the count of those numbers were too high it would even overflow. This commit removes the SVG, as there isn't any place to show them on the same row and allows them to have a new row if the counts of those buttons are high.
- The admin page can show you a lot of interesting information, on mobile the System Status + Configuration weren't properly displayed as the margin's were too high. This commit fixes that by reducing the margin to a number that makes sense on mobile.
- Fixes to not overflow the tables but instead force them to be scrollable.
- When viewing a issue or pull request, the comments aren't full-width but instead 80% and aligned to right, on mobile this is a annoyance as there isn't much width to begin with. This commits fixes that by forcing full-width and removing the avatars on the left side and instead including them inline in the comment header.
2022-05-01 18:11:21 +02:00
parnic
3e2bba0803
Fix Pull Request comment filename word breaks (#19535)
* Fix word breaks in Chrome

This fixes word wrapping on the filename for a comment on a PR. A previous commit fixed this problem in Firefox, but not Chrome.

Fixes #16248

* Don't break Outdated badge

This prevents the Outdated badge on a PR from wrapping in the middle of the word for a comment on a long filename.

* Move word break to recommended element

* Add overflow-wrap per PR review

* Update web_src/less/helpers.less

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-04-29 12:30:54 +03:00
qwerty287
8eb1cd9264
Add "Allow edits from maintainer" feature (#18002)
Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7).
If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option.
Then users with write access to the base branch get more permissions on this branch:
* use the update pull request button
* push directly from the command line (`git push`)
* edit/delete/upload files via web UI
* use related API endpoints

You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions.

This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR.

Closes #17728

Co-authored-by: 6543 <6543@obermui.de>
2022-04-28 17:45:33 +02:00
Gusted
ca4b920bbc
Make repository file list useable on mobile (#19515)
* Make repository file list useable on mobile

- When you're browsing a repository on mobile, you're met by a giant
block called the "repository file list". The current design is not
useable for mobile and is a big annoyance while browsing a repo on
mobile. This PR removes that annoyance by making it more suitable design
when on mobile.
- Adds HTML for the commit/file time to align it vertically(noticeable
on mobile, not on PC).
- Show all information horizontally and not vertically.
- Remove the last commit message of the file, there isn't enough space
on mobile to place this anywhere, so we're not trying to make a
best-effort here and instead just not display it.

* Remove unnecessary `!important`

* Fix broken HTML

* Simplify code
2022-04-28 03:59:49 +02:00
Gusted
076eaad743
Improve dashboard's repo list performance (#18963)
* Improve dashboard's repo list performance

- Avoid a lot of database lookups for all the repo's, by adding a
undocumented "minimal" mode for this specific task, which returns the
data that's only needed by this list which doesn't require any database
lookups.
- Makes fetching these list faster.
- Less CPU overhead when a user visits home page.

* Refactor javascript code + fix Fork icon

- Use async in the function so we can use `await`.
- Remove `archivedFilter` check for count, as it doesn't make sense to
  show the count of repos when you can't even see them(as they are
  filited away).

* Add `count_only`

* Remove uncessary code

* Improve comment

Co-authored-by: delvh <dev.lh@web.de>

* Update web_src/js/components/DashboardRepoList.js

Co-authored-by: delvh <dev.lh@web.de>

* Update web_src/js/components/DashboardRepoList.js

Co-authored-by: delvh <dev.lh@web.de>

* By default apply minimal mode

* Remove `minimal` paramater

* Refactor count header

* Simplify init

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-04-26 16:34:30 -04:00
Gusted
89eec15dd9
By default force vertical tabs on mobile (#19486)
* By default force vertical tabs on mobile

- While experimenting with using vertical tabs instead of horizontal
tabs on gitea for a better mobile experience, I made a recent
PR(https://github.com/go-gitea/gitea/pull/19468) in order to see if
there was any objections to this new behavior for the repo headers(one
of the most annoying horizontal tabs). This PR had no objections and
even a user commenting that this change is brilliant.
- This PR now improves upon the previous PR by making this the de-facto
behavior for all menu's on mobile. The only exemption is the navbar
which also uses the menu but caught some layout errors with the changes.

* Fix organisation

* Fix repo/wiki buttons

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-04-26 16:31:58 -04:00
parnic
2347c9ebbe
Allow commit status popup on /pulls page (#19507)
* Allow commit status popup on /pulls page

The /pulls page doesn't contain a "repository" element, so the early-out here was preventing the commit status popup hook from working. However, the only thing the .repository element is being used for here is determining whether the popup should be on the right or on the left, so we don't actually need the element to exist for the hook to work.

Pull request #19375 allows the statuses on /pulls pages to appear clickable, but this commit is required to make the popup actually work there.

* Move commit statuses popup hook to dedicated func

* Add missing import
2022-04-26 21:09:46 +02:00
Lunny Xiao
03eba32bd9
Add a new menu in file view to open blame view and fix blame view select range bug (#19500) 2022-04-26 13:54:40 +03:00
wxiaoguang
fef26c159c
Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl
Co-authored-by: 6543 <6543@obermui.de>
2022-04-26 11:14:01 +08:00
Gusted
4e912a61c8
Improve Stopwatch behavior (#18930)
- Don't send empty stopwatch over and over again, only send once.
- Stop interval to update stopwatch's timer when there is no more stopwatch.
2022-04-25 22:45:22 +02:00
ktprograms
ef164d33c2
Add RSS Feed buttons to Repo, User and Org pages (#19370) 2022-04-24 22:03:39 +02:00
Gusted
1f05417805
Use horizontal tabs for repo header on mobile (#19468)
* Use horizontal tabs for repo header on mobile

- The current behavior of the repo header on mobile is to display them
vertically column-by-column. I've only experience annoyance due to this
while trying to visit gitea instanced on mobile. This commit changes
this behavior to use horizontal tabs, it uses less tabs and doesn't
bloat 60% of your mobile screen with the repo headers.
- A small fix added in this commit is to give some space around the repo
buttons, current behavior is that they are too "close" to the repo
title.

* Fix lint
2022-04-23 18:56:33 +02:00
KN4CK3R
18727df73a
Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
delvh
4dabc212c7
Disallow selecting the text of buttons (#19330)
Introduce a CSS class `.unselectable`
2022-04-14 16:57:19 +08:00
Lunny Xiao
783a021889
Never use /api/v1 from Gitea UI Pages (#19318)
Reusing `/api/v1` from Gitea UI Pages have pros and cons.
Pros:
1) Less code copy

Cons:
1) API/v1 have to support shared session with page requests.
2) You need to consider for each other when you want to change something about api/v1 or page.

This PR moves all dependencies to API/v1 from UI Pages.

Partially replace #16052
2022-04-07 20:59:56 +02:00
wxiaoguang
5b7466053d
Skip frontend ROOT_URL check on installation page, remove unnecessary global var (#19291)
Skip `checkAppUrl` message on installation page because the ROOT_URL is not determined yet
Move global var `supportedDbTypeNames` into `install.Init` as a local var
2022-04-01 16:00:26 +08:00
silverwind
1eb0da58c3
Update JS dependencies (#19281)
- Upgrade all JS dependencies minus vue and vue-loader
- Adapt to breaking change of octicons
- Update eslint rules
- Tested Swagger UI, sortablejs and prod build
2022-04-01 02:15:46 +02:00
KN4CK3R
1d332342db
Add Package Registry (#16510)
* Added package store settings.

* Added models.

* Added generic package registry.

* Added tests.

* Added NuGet package registry.

* Moved service index to api file.

* Added NPM package registry.

* Added Maven package registry.

* Added PyPI package registry.

* Summary is deprecated.

* Changed npm name.

* Sanitize project url.

* Allow only scoped packages.

* Added user interface.

* Changed method name.

* Added missing migration file.

* Set page info.

* Added documentation.

* Added documentation links.

* Fixed wrong error message.

* Lint template files.

* Fixed merge errors.

* Fixed unit test storage path.

* Switch to json module.

* Added suggestions.

* Added package webhook.

* Add package api.

* Fixed swagger file.

* Fixed enum and comments.

* Fixed NuGet pagination.

* Print test names.

* Added api tests.

* Fixed access level.

* Fix User unmarshal.

* Added RubyGems package registry.

* Fix lint.

* Implemented io.Writer.

* Added support for sha256/sha512 checksum files.

* Improved maven-metadata.xml support.

* Added support for symbol package uploads.

* Added tests.

* Added overview docs.

* Added npm dependencies and keywords.

* Added no-packages information.

* Display file size.

* Display asset count.

* Fixed filter alignment.

* Added package icons.

* Formatted instructions.

* Allow anonymous package downloads.

* Fixed comments.

* Fixed postgres test.

* Moved file.

* Moved models to models/packages.

* Use correct error response format per client.

* Use simpler search form.

* Fixed IsProd.

* Restructured data model.

* Prevent empty filename.

* Fix swagger.

* Implemented user/org registry.

* Implemented UI.

* Use GetUserByIDCtx.

* Use table for dependencies.

* make svg

* Added support for unscoped npm packages.

* Add support for npm dist tags.

* Added tests for npm tags.

* Unlink packages if repository gets deleted.

* Prevent user/org delete if a packages exist.

* Use package unlink in repository service.

* Added support for composer packages.

* Restructured package docs.

* Added missing tests.

* Fixed generic content page.

* Fixed docs.

* Fixed swagger.

* Added missing type.

* Fixed ambiguous column.

* Organize content store by sha256 hash.

* Added admin package management.

* Added support for sorting.

* Add support for multiple identical versions/files.

* Added missing repository unlink.

* Added file properties.

* make fmt

* lint

* Added Conan package registry.

* Updated docs.

* Unify package names.

* Added swagger enum.

* Use longer TEXT column type.

* Removed version composite key.

* Merged package and container registry.

* Removed index.

* Use dedicated package router.

* Moved files to new location.

* Updated docs.

* Fixed JOIN order.

* Fixed GROUP BY statement.

* Fixed GROUP BY #2.

* Added symbol server support.

* Added more tests.

* Set NOT NULL.

* Added setting to disable package registries.

* Moved auth into service.

* refactor

* Use ctx everywhere.

* Added package cleanup task.

* Changed packages path.

* Added container registry.

* Refactoring

* Updated comparison.

* Fix swagger.

* Fixed table order.

* Use token auth for npm routes.

* Enabled ReverseProxy auth.

* Added packages link for orgs.

* Fixed anonymous org access.

* Enable copy button for setup instructions.

* Merge error

* Added suggestions.

* Fixed merge.

* Handle "generic".

* Added link for TODO.

* Added suggestions.

* Changed temporary buffer filename.

* Added suggestions.

* Apply suggestions from code review

Co-authored-by: Thomas Boerger <thomas@webhippie.de>

* Update docs/content/doc/packages/nuget.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Thomas Boerger <thomas@webhippie.de>
2022-03-30 16:42:47 +08:00
wxiaoguang
2bce1ea986
Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
* ROOT_URL issues: some users did wrong to there app.ini config, then:
    * The assets can not be loaded (AppSubUrl != "" and users try to access http://host:3000/)
    *The ROOT_URL is wrong, then many URLs in Gitea are broken.
Now Gitea show enough information to users.

* JavaScript error issues, there are many users affected by JavaScript errors, some are caused by frontend bugs, some are caused by broken customized templates. If these JS errors can be found at first time, then maintainers do not need to ask about how bug occurs again and again.

* Some people like to modify the `head.tmpl`, so we separate the script part to `head_script.tmpl`, then it's much safer.

* use specialized CSS class "js-global-error", end users still have a chance to hide error messages by customized CSS styles.
2022-03-30 13:52:24 +08:00
wxiaoguang
d4c789dfc1
Refactor repo clone button and repo clone links, fix JS error on empty repo page (#19208)
The last PR about clone buttons introduced an JS error when visiting an empty repo page:
* https://github.com/go-gitea/gitea/pull/19028
* `Uncaught ReferenceError: isSSH is not defined`, because the variables are scoped and doesn't share between sub templates.

This:
1. Simplify `templates/repo/clone_buttons.tmpl` and make code clear
2. Move most JS code into `initRepoCloneLink`
3. Remove unused `CloneLink.Git`
4. Remove `ctx.Data["DisableSSH"] / ctx.Data["ExposeAnonSSH"] / ctx.Data["DisableHTTP"]`, and only set them when is is needed (eg: deploy keys / ssh keys)
5. Introduce `Data["CloneButton*"]` to provide data for clone buttons and links
6. Introduce `Data["RepoCloneLink"]` for the repo clone link (not the wiki)
7. Remove most `ctx.Data["PageIsWiki"]` because it has been set in the `/wiki` middleware
8. Remove incorrect `quickstart` class in `migrating.tmpl`
2022-03-29 05:21:30 +02:00
Roger Luo
bbce905b6a
Feature: show issue assignee on project board (#15232)
* Show assignees in project boards.
2022-03-09 00:42:28 +08:00
wxiaoguang
3e28fa72ce
Fix EasyMDE error when input Enter (#19004)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-03-06 01:53:34 +08:00
wxiaoguang
997deecbfa
Fix the editor height in review box (#19003)
Fix the height problem in  https://github.com/go-gitea/gitea/pull/18862#issuecomment-1059329539

I have tested this fix.

# Screenshots

### Min-height

<img width="1138" alt="image" src="https://user-images.githubusercontent.com/2114189/156811831-93d4d31a-1b0a-4c4c-a7b4-fafc706133d6.png">

### Max-height

<img width="1126" alt="image" src="https://user-images.githubusercontent.com/2114189/156811889-10ae41de-c63b-45e7-9d89-21a1ed29e58b.png">
2022-03-04 20:57:26 +00:00
silverwind
329b959160
Remove CodeMirror dependencies (#18911)
EasyMDE already loads all the modes and plugins it needs, so there is no reason for neither the webpack dependency nor the vendored copy
2022-02-26 23:47:52 +08:00
Kyle D
f7085f718b
Set max text height to prevent overflow (#18862)
Sets a max height for review text boxes to prevent a very annoying bug where users cannot access the "submit" button.

Before:
![image](https://user-images.githubusercontent.com/12700993/155253001-e1dab086-aaf3-4338-889d-6a861728274a.png)

After:
![image](https://user-images.githubusercontent.com/12700993/155253144-5b9a3547-9582-412f-867f-41a45a14a0fe.png)

Interestingly, I don't see this bug on Firefox.
2022-02-23 20:17:14 +00:00
Gusted
c918521d01
Fix behavior or checkbox submission. (#18851) 2022-02-22 14:43:11 -05:00
CommanderRoot
1ab88da0e4
Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796)
String.prototype.substr() is deprecated (see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) so we replace it with the slice() method which works similarily but isn't deprecated.

Signed-off-by: Tobias Speicher <rootcommander@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-18 14:50:36 +08:00
silverwind
bd71245c53
Allow mermaid render error to wrap (#18790) 2022-02-17 15:42:43 +08:00
silverwind
616146f904
Various Mermaid improvements (#18776)
* Various Mermaid improvments

- Render into iframe for improved security
- Use built-in dark theme instead of color inversion
- Remove flexbox attributes, resulting in more consistent size rendering
- Update API usage and update to latest version

* restart ci

* misc tweaks

* remove unneccesary declaration

* make it work without allow-same-origin, add loading=lazy

* remove loading attribute, does not seem to work

* rename variable

* skip roundtrip to DOM for rendering

* don't guess chart height

* update comment to make it clear it's intentional

* tweak

* replace deprecated 'scrolling' property

* remove unused css file

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-16 11:28:29 +08:00
Jimmy Praet
9444135ff5
Fix source code line highlighting (#18729)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-02-12 05:00:24 +00:00
Sven Seeberg
832ce406ae
Add LDAP group sync to Teams, fixes #1395 (#16299)
* Add setting for a JSON that maps LDAP groups to Org Teams.
* Add log when removing or adding team members.
* Sync is being run on login and periodically.
* Existing group filter settings are reused.
* Adding and removing team members.
* Sync not existing LDAP group.
* Login with broken group map JSON.
2022-02-11 22:24:58 +08:00
zeripath
eb748f5f3c
Add apply-patch, basic revert and cherry-pick functionality (#17902)
This code adds a simple endpoint to apply patches to repositories and
branches on gitea. This is then used along with the conflicting checking
code in #18004 to provide a basic implementation of cherry-pick revert.

Now because the buttons necessary for cherry-pick and revert have 
required us to create a dropdown next to the Browse Source button
I've also implemented Create Branch and Create Tag operations.

Fix #3880 
Fix #17986 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-09 20:28:55 +00:00
Bruno Raoult
439ad34c71
C preprocessor colors improvement (#18671)
* C preprocessor colors improvement

Fixes #18670

* Update web_src/less/chroma/light.less

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* typo

missing semi

* add color for #include filenames

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-09 20:02:06 +00:00
zeripath
2f76608221
Prevent security failure due to bad APP_ID (#18678)
WebAuthn may cause a security exception if the provided APP_ID is not allowed for the
current origin. Therefore we should reattempt authentication without the appid
extension.

Also we should allow [u2f] as-well as [U2F] sections.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-09 15:37:58 +08:00
zeripath
88939a5663
Remove the spurious space in the .ui.right additional selector (#18605)
Somehow a spurious space sneaked in to #18538
this PR simply removes it.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-04 15:53:43 +00:00
zeripath
3c7374106e
Ensure commit-statuses box is sized correctly in headers (#18538)
* Ensure commit-statuses box is sized correctly in headers

When viewing commits as commits the commit-status box will be fixed at 30px in height
due to being forced to be this size by a fomantic selector. This PR simply adds a
few more selectors to force this to have height auto.

Fix #18498

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update web_src/less/_repository.less

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-02-04 23:21:51 +08:00
confusedsushi
f6f4e1ddb9
Fix review excerpt (#18502)
Currently the "File Changed" tab of a PR is somehow broken. This is also true for the current release 1.16.0.

When you are on the "File Changed" tab, and want to look at code excerpt before or after the code changes, the layout breaks. You can test this on try.gitea.io here: https://try.gitea.io/testnotexisting/magic_enum/pulls/2/files

The problem occurs for the unified view and for the split view.

Kind of the same problem was there for commenting a line of code, this was fixed in #18321 and #18403.

For consistency, I changed the solution of #18321, I removed the ``colspan`` and instead added a ``<td>``. The goal was to have code similarly with the split view.

Also the separator line in the split view was in the wrong column, this was fixed too.* more consistent unified review comment

Fix #18516

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-02-01 19:08:33 +00:00
silverwind
99e1e30b0b
Update JS dependencies, fix lint (#18389)
- Update all JS dependencies, including a security issue in mermaid
- Fix new linter errors related to value-keyword-case
- Tested Mermaid and Swagger

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-02-01 13:21:08 -05:00
silverwind
19b017f398
Use explicit jQuery import, remove unused eslint globals (#18435)
- Don't rely on globals (window.$) for jQuery import
- Remove eslint globals no longer in use
2022-01-28 21:00:11 +00:00
zeripath
93250bfe27
Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403)
Fix #18391
Fix #18320

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-25 12:18:30 +00:00
wxiaoguang
9837773f0e
Prevent showing webauthn error for every time visiting /user/settings/security (#18385) 2022-01-24 14:57:01 -05:00
Gusted
e36f0b6add
Don't underline commit status icon on hover (#18372)
- Don't underline the commit status icon, as it isn't a link per-se.
2022-01-23 17:02:15 +00:00
wxiaoguang
84f8ef3df6
Fix PR comments UI (#18323)
Closes:
* Review comment cannot be edited #17768
* Changing PR Comment Resolved State Disables Further Changes #18315
2022-01-19 01:28:38 +08:00
wxiaoguang
11b4827791
Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
And shrink the height of Dropzone.
2022-01-19 00:57:57 +08:00
JonRB
483409716d
Place inline diff comment dialogs in the 4th column. (#18321)
Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with.

This problem has occurred due to an unrecognised conflict between #17562 and #17315. 

Fix as zeripath suggested in #18320

Fix #18320 

Co-authored-by: zeripath <art27@cantab.net>
2022-01-18 10:28:45 +00:00
silverwind
7dde39a6db
Minor tweak to tag list (#18295)
Slightly reduce the font size and padding in the tags table, it seemed a bit too big to me.
2022-01-17 14:26:35 +01:00
wxiaoguang
4d0a72a271
Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)
This reverts commit 661d3d28e9.
2022-01-16 11:19:26 +00:00
Gusted
661d3d28e9
Prevent possible XSS when using jQuery (#18289)
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
2022-01-16 13:14:32 +08:00
zeripath
d7c2a2951c
Webauthn nits (#18284)
This contains some additional fixes and small nits related to #17957 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-15 17:52:56 +01:00
Lunny Xiao
35c3553870
Support webauthn (#17957)
Migrate from U2F to Webauthn

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-14 16:03:31 +01:00
silverwind
f635d60344
Prevent underline hover on cards (#18259)
Prevent a undesired underline effect on hovered cards.

This was regressed by #17898.
2022-01-13 14:33:04 +00:00
wxiaoguang
70d7475356
Fix EasyMDE image paste bug during refactoring (#18207) 2022-01-08 21:33:32 +08:00
silverwind
3dbdf36d95
Fix CSS specificity issue with easymde's css (#18201)
* Fix CSS specificity issue with easymde's css

PR #18069 introduced a regression in certain overwritten editor styles
because the dynamic loading of easymde.min.css causes its's style to
apply after our supposed override styles.

Solve this by bundling the styles into index.css. We should later aim to
completely replace easymde.min.css completely with our own styles so there
are no more conflicts.

* Update web_src/js/features/comp/EasyMDE.js

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-07 16:41:31 +08:00
zeripath
21ed4fd8da
Add warning for BIDI characters in page renders and in diffs (#17562)
Fix #17514

Given the comments I've adjusted this somewhat. The numbers of characters detected are increased and include things like the use of U+300 to make à instead of à and non-breaking spaces.

There is a button which can be used to escape the content to show it.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Gwyneth Morgan <gwymor@tilde.club>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-07 02:18:52 +01:00
wxiaoguang
a38ba634a4
Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
This PR makes frontend load EasyMDE/CodeMirror dynamically, and removes `RequireEasyMDE`.
2022-01-05 13:17:25 +01:00
wxiaoguang
48aab263d1
Fix EasyMDE validation (#18161) 2022-01-03 17:53:53 +01:00
Gusted
496acbe9e5
Require codereview to have content (#18156)
- Report a validityError when the codeReview have no comment.
- Resolves #18151
- Refactor
2022-01-02 23:31:03 +01:00
Gusted
e4e3df6c66
Handle invalid issues (#18111)
* Handle invalid issues

- When you hover over a issue reference, and the issue doesn't exist, it
will just hang on the loading animation.
- This patch fixes that by showing them the pop-up with a "Error
occured" message.

* Add I18N

* refactor

* fix comment for lint

* fix unit test for i18n

* fix unit test for i18n

* add comments

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-28 21:28:27 +08:00
wxiaoguang
31a2bf29ed
Fix a navbar UI bug in Safari (#18092) 2021-12-24 23:42:01 +02:00
Lunny Xiao
d7770539f6
Improve interface when comparing a branch which has created a pull request (#17911)
* Improve interface when comparing a branch which has created a pull request

* Take the note back
2021-12-24 12:14:42 +00:00
silverwind
3f34f09537
Extract CodeMirror styles (#17960)
- Extract CodeMirror-related styles to separate files
- Generalize CodeMirror styles where possible
- Improve fullscreen and side-by-side mode for dark theme

Co-authored-by: 6543 <6543@obermui.de>
2021-12-20 20:07:49 +00:00
silverwind
9296baf65a
Change <a> elements to underline on hover (#17898)
Fomantic brings a opinionated style that removed underline on mouse
hover which I think is important UX to have.

This re-enables the underline in the Fomantic config and fixes a few
cases where underline was deemed disruptive.
2021-12-18 05:29:00 +00:00
qwerty287
c3eea2f8af
Improve behavior of "Fork" button (#17288)
* Improbe behaviour of fork button

* Apply suggestions from code review

* Remove old lines

* Apply suggestions

* Fix test

* Remove unnecessary or

* Update templates/repo/header.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Add comment

* Fix situation if you can't fork but don't have forks

* Fix lint

* Apply changes from #17783

* fmt

* fmt

* Apply tweaks

Co-authored by: silverwind <me@silverwind.io>

* Rm dupl css

* Fix build

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-13 09:59:09 +08:00
rinsuki
e0118b0d9b
Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954) 2021-12-13 00:04:18 +01:00
silverwind
379a5241c6
Fix overflow in commit graph (#17947)
* Fix overflow in commit graph

Limit commit message to 50% width. This is rather crude but should work
for common use cases with not too-long author names.

Fixes: https://github.com/go-gitea/gitea/issues/17944

* Make it work with dynamic width

* use span

* use explicit none

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-11 16:12:18 +02:00
wxiaoguang
0a9fcf63a4
Clean legacy SimpleMDE code (#17926)
Since we are using EasyMDE now, we do not need to keep the SimpleMDE code anymore.

This PR removes all legacy SimpleMDE code, and makes some related changes:
* `createCommentEasyMDE` can accept native DOM element, and it doesn't need `jQuery.data` to store EasyMDE editor object (as discussed about the frontend guideline).
* introduce `getAttachedEasyMDE` to get the attached EasyMDE editor object, it's easier to find all the usage of EasyMDE.
* rename variable names from `$simplemde` to `easyMDE`, the `$` was incorrect because it is a EasyMDE editor, not a jQuery object.

With this PR, it will be easier to do more refactoring or replacing EasyMDE with other editors.
2021-12-10 10:51:27 +08:00
Anbraten
0ff18a808c
Support sorting for project board issuses (#17152)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-08 14:57:18 +08:00
wxiaoguang
4cbe792562
Remove unnecessary X-Remote HTTP header in AJAX request (#17932) 2021-12-08 14:18:07 +08:00
wxiaoguang
a6f961fba4
Refactor install page (db type) (#17919)
* Refactor install page (db type)

* set correct default DB HOST for different DB TYPE
* remove legacy TiDB from documents
* unify the usage of DB TYPE, in code we only use "mysql". "MySQL" is only shown to users for friendly name.

* Gitea can use TiDB via MySQL protocol

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-07 13:44:08 +08:00
silverwind
12a42baa5e
Apply CSS Variables to all message elements (#17920)
Fixes #17918. Applies color variables to all ui message on both themes.
The colorization on .segment is a customization not present in fomantic
ui, only used on user/repo/org delete pages.
2021-12-06 23:49:30 +08:00
Gusted
9d6208965c
Fix loading content history on show more (#17819)
* Fix loading content history on show more

- Call `initRepoIssueContentHistory` so that the newly loaded issues
also get their content history.
- Resolves #17767

* apply history to show diff too

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-12-06 11:57:51 +08:00
silverwind
8d85a62e4d
Fix svg colors in file list table (#17903)
* Fix svg colors in file list table

Turns out this can be fixed by just removing rules. Directory and file
icons have other rules that still make them color correctly.

* tweak color on file icons

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-04 21:17:22 +08:00
silverwind
f7094c8161
Update JS dependencies, adjust eslint config (#17904)
- Update all JS dependencies to latest versions
- Add new lint rules, enable es2022 eslint parser features
- Disable github/no-then, I feel the rule was too restricting
2021-12-04 14:43:14 +08:00
KN4CK3R
87be76213a
Add migrate from Codebase (#16768)
This PR adds [Codebase](https://www.codebasehq.com/) as migration source.

Supported:
- Milestones
- Issues
- Pull Requests
- Comments
- Labels
2021-12-02 23:24:02 +01:00
KN4CK3R
fbf3208229
Added missing data- prefix. (#17884) 2021-12-03 00:36:00 +08:00
wxiaoguang
042cac5fed
Improve install code to avoid low-level mistakes. (#17779)
* Improve install code to avoid low-level mistakes.

If a user tries to do a re-install in a Gitea database, they gets a warning and double check.
When Gitea runs, it never create empty app.ini automatically.

Also some small (related) refactoring:

* Refactor db.InitEngine related logic make it more clean (especially for the install code)
* Move some i18n strings out from setting.go to make the setting.go can be easily maintained.
* Show errors in CLI code if an incorrect app.ini is used.
* APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more).
2021-12-01 15:50:01 +08:00
silverwind
3fd502cca8
Rework commit page header (#17849)
- Remove blue background and use regular header styling
- Use flexbox on author and signature segments
- Add shield-type icons besides gpg key, replacing icon font icons
- Ensure author and signature line are same height
- Remove erronous green background on arc-green signature line
- Turn signing colors into CSS variables
- Consolidate the two warning states into one

Co-authored-by: zeripath <art27@cantab.net>
2021-12-01 01:40:17 +02:00
silverwind
d894c90b70
Fix position of label color picker colors (#17866) 2021-11-30 17:54:00 +00:00
silverwind
9ecfc54a8f
Refactor commit graph styling to use css variables (#17860)
- Use common variables for colors and font
- Alter graph color 5 to provide enough contrast on both themes
2021-11-30 10:47:18 +08:00
fnetX (aka fralix)
830ab75ce0
Switch archive URL code back to href attributes (#17796)
* Add fallback href link
* Switch async archive generation to use href links
* Edit all templates to use href instead of data-url for archives
* Add consistent rel="nofollow" as per wxiaoguang
2021-11-29 21:50:43 +08:00
KN4CK3R
e8f1f09132
Fixed org styles. (#17807)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-25 21:05:04 +08:00
ThetaDev
af901a4ca9
Detect dark theme via css variable (#17800)
* detect dark theme via css variable
* minor refactor, add documentation

If your custom theme is considered a dark theme, set the global css variable `--is-dark-theme` to `true`.
This allows gitea to adjust the Monaco code editor's theme accordingly.
2021-11-25 15:14:48 +08:00
Lunny Xiao
49933c7fb0
Create menus for organization pages (#17802)
* Create menus for organization pages

* Fix frontend lint

* Fix frontend lint
2021-11-25 00:12:54 +08:00
silverwind
71ed96b0d5
Preserve color when inverting emojis (#17797)
Fixes: https://github.com/go-gitea/gitea/issues/17795
2021-11-24 20:42:03 +08:00
silverwind
9450410ff7
Improve ellipsis buttons (#17773)
* Improve ellipsis buttons

- Remove icon font usage
- Add aria-expanded attribute

* rename function to match

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-22 21:44:38 -05:00
velengel
a1f5c7bfce
Add copy Commit ID button in commits list (#17759)
* fix: implement commit id copy to clipboard

* fix: remove abundant attributes / consider edge-case

* fix: locale_en fixed

* fix: use ui button

* tune copy button

* fix: button size

* Fix merge

Co-authored-by: Ysmr-Ry <ryo.yossy@live.jp>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-22 21:44:10 -05:00
Jimmy Praet
a3efd048a7
Improvements to content history (#17746)
* Improvements to content history

* initialize content history when making an edit to an old item created before the introduction of content history
* show edit history for code comments on pull request files tab

* Fix a flaw in keepLimitedContentHistory
Fix a flaw in keepLimitedContentHistory, the first and the last should never be deleted

* Remove obsolete eager initialization of content history
2021-11-22 20:20:16 +08:00
wxiaoguang
49b2cb998b
Fix project board bug and improve documents (#17753)
* the project board was broken, this PR fixes it, and refactor the code, and we prevent the uncategorized column from being dragged.
* improve the frontend guideline (as discussed in https://github.com/go-gitea/gitea/pull/17699)
2021-11-22 19:40:17 +08:00
silverwind
a159c3175f
Add new JS linter rules (#17699)
* Add new JS linter rules

Adds a few useful rules from eslint-plugin-github. Notable changes:

- Forbid dataset usage, its camel-casing behaviour makes it hard to
  grep for attributes.
- Forbid .then() and .catch(), we should generally prefer await for new
  code. For rare cases where they are useful, a eslint-disable-line
  directive can be set.
- Add docs js to linting

* also enable github/array-foreach

* small tweak

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-22 16:19:01 +08:00
zeripath
8511eec4d4
Allow Loading of Diffs that are too large (#17739)
* Allow Loading of Diffs that are too large

This PR allows the loading of diffs that are suppressed because the file
is too large. It does not handle diffs of files which have lines which
are too long.

Fix #17738

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-22 00:51:08 +08:00
zeripath
0d69e64e03
Make a.add-code-comment click handler an event handler (#17737)
Instead of directly attaching the add-code-comment on click handler to
the a.add-code-comment elements - make this an event handler on the
document instead.

Fix #17736

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-20 20:12:59 +08:00
Gusted
96ec656cf1
perf: sent data-path once for each file (#17657)
- Don't sent it with each line, instead send it at the top-element for each file.
- Related:
https://github.com/go-gitea/gitea/pull/17618#issuecomment-968192761

2.5K Additions:
No-Patch:
Unified: 2.14 MB (2.14 MB size)
Split: 2.59 MB (2.59 MB size)

Patch:
Unified: 2.10 MB (2.10 MB size) (-1.8%)
Split: 2.55 MB (2.55 MB size) (-1.5%)
2021-11-19 10:28:27 +08:00
wxiaoguang
55be5fe339
Refactor repo-legacy.js, remove messy global variables. Fix errors. (#17646)
Refactor repo-legacy.js, remove messy global variables. Fix errors.
Fix an error in Sortable
Fix a incorrect call assignMenuAttributes from the template
2021-11-19 00:45:00 +08:00
silverwind
6874fe90e5
Cleanup and use global style on popups (#17674)
* Cleanup and use global style on popups

- Fix typo 'poping' to 'popping'
- Remove most inline 'data-variation' attributes
- Initialize all popups with 'inverted tiny' variation

* misc tweaks

* rename to .tooltip, use jQuery

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-18 11:26:50 +08:00
Gusted
d8a8961b99
Sanitize user-input on file name (#17666)
* Sanitize user-input on file name

- Sanitize user-input before it get passed into the DOM.
- Prevent things like "<iframe onload=alert(1)></iframe>" from being
executed. This isn't a XSS attack as the server seems to be santizing
the path as well.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-17 18:08:25 +00:00
zeripath
bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Gusted
447428f446
Remove superfluous argument (#17667)
As title.
2021-11-16 19:36:03 +08:00