diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index 876630d70e..5d37d5a75d 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -52,7 +52,7 @@ A [companion blog post](https://forgejo.org/2024-07-release-v8-0/) provides addi - feat: add [Reviewed-on and Reviewed-by variables](https://codeberg.org/forgejo/forgejo/commit/4ddd9af50fbfcfb2ebf629697a803b3bce56c4af) to the merge template. - feat(perf): [add the `[ui.csv].MAX_ROWS` setting](https://codeberg.org/forgejo/forgejo/commit/433b6c6910f8699dc41787ef8f5148b122b4677e) to avoid displaying a large number of lines (defaults to 2500). - feat: [add a setting to override or add headers of all outgoing emails](https://codeberg.org/forgejo/forgejo/commit/1d4bff4f65d5e4a3969871ef91d3612daf272b45), for instance `Reply-To` or `In-Reply-To`.<!--description--> - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4027): <!--number 4027 --><!--number--><!--description - Gitea/Forgejo webhook payload include additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatbility with [OpenProject](https://www.openproject.org/), ported from [gitea#28435](https://github.com/go-gitea/gitea/pull/28435).-->the Gitea/Forgejo webhook payload includes additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatbility with [OpenProject](https://www.openproject.org/).<!--description--> + - [PR](https://codeberg.org/forgejo/forgejo/pulls/4027): <!--number 4027 --><!--number--><!--description - Gitea/Forgejo webhook payload include additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatibility with [OpenProject](https://www.openproject.org/), ported from [gitea#28435](https://github.com/go-gitea/gitea/pull/28435).-->the Gitea/Forgejo webhook payload includes additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatibility with [OpenProject](https://www.openproject.org/).<!--description--> - [PR](https://codeberg.org/forgejo/forgejo/pulls/4026): <!--number 4026 --><!--number--><!--description - when an OAuth grant request submitted to a Forgejo user is denied, the server from which the request originates is not notified that it has been denied-->when an OAuth grant request submitted to a Forgejo user is denied, the server from which the request originates is notified that it has been denied.<!--description--> - [PR](https://codeberg.org/forgejo/forgejo/pulls/3989): <!--number 3989 --><!--number--><!--description multine placeholder--> - feat: API endpoints that return a repository now [also include the topics](https://codeberg.org/forgejo/forgejo/commit/ee2247d77c0b13b0b45df704d7589b541db03899). @@ -76,7 +76,7 @@ A [companion blog post](https://forgejo.org/2024-07-release-v8-0/) provides addi - [PR](https://codeberg.org/forgejo/forgejo/pulls/3724): <!--number 3724 --><!--number--><!--description multine placeholder--> - [CERT management was improved](https://codeberg.org/forgejo/forgejo/pulls/3724) when [`ENABLE_ACME=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#server-server) - Draft support for draft-03 of [ACME Renewal Information (ARI)](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/) which assists with deciding when to renew certificates. This augments CertMagic's already-advanced logic using cert lifetime and OCSP/revocation status. - - New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accesed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support. + - New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accessed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support. - DNS challenges should be smoother in some cases as we've improved propagation checking. - In the odd case your ACME account disappears from the ACME server, CertMagic will automatically retry with a new account. (This happens in some test/dev environments.) - ACME accounts are identified only by their public keys, but CertMagic maps accounts by CA+email for practical/storage reasons. So now you can "pin" an account key to use by specifying your email and the account public key in your config, which is useful if you need to absolutely be sure to use a specific account (like if you get rate limit exemptions from a CA).<!--description--> @@ -2219,7 +2219,7 @@ This stable release includes a security fix for `git` and bug fixes. ### Git -Git [recently announced](https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/) new versions to address two CVEs ([CVE-2023-22490](https://cve.circl.lu/cve/CVE-2023-22490), [CVE-2023-23946](https://cve.circl.lu/cve/CVE-2023-23946)). On 14 Februrary 2023, Git published the maintenance release v2.39.2, together with releases for older maintenance tracks v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. All major GNU/Linux distributions also provide updated packages via their security update channels. +Git [recently announced](https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/) new versions to address two CVEs ([CVE-2023-22490](https://cve.circl.lu/cve/CVE-2023-22490), [CVE-2023-23946](https://cve.circl.lu/cve/CVE-2023-23946)). On 14 February 2023, Git published the maintenance release v2.39.2, together with releases for older maintenance tracks v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. All major GNU/Linux distributions also provide updated packages via their security update channels. We recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible. diff --git a/models/db/log.go b/models/db/log.go index 307788ea2e..457ee80ff5 100644 --- a/models/db/log.go +++ b/models/db/log.go @@ -67,7 +67,7 @@ func (l *XORMLogBridge) Warn(v ...any) { l.Log(stackLevel, log.WARN, "%s", fmt.Sprint(v...)) } -// Warnf show warnning log +// Warnf show warning log func (l *XORMLogBridge) Warnf(format string, v ...any) { l.Log(stackLevel, log.WARN, format, v...) } diff --git a/models/user/user_test.go b/models/user/user_test.go index 1d49402c19..ba29cbc3af 100644 --- a/models/user/user_test.go +++ b/models/user/user_test.go @@ -646,7 +646,7 @@ func TestEmailTo(t *testing.T) { {"Hi Its <Mee>", "ee@mail.box", `"Hi Its Mee" <ee@mail.box>`}, {"Sinéad.O'Connor", "sinead.oconnor@gmail.com", "=?utf-8?b?U2luw6lhZC5PJ0Nvbm5vcg==?= <sinead.oconnor@gmail.com>"}, {"Æsir", "aesir@gmx.de", "=?utf-8?q?=C3=86sir?= <aesir@gmx.de>"}, - {"new😀user", "new.user@alo.com", "=?utf-8?q?new=F0=9F=98=80user?= <new.user@alo.com>"}, + {"new😀user", "new.user@alo.com", "=?utf-8?q?new=F0=9F=98=80user?= <new.user@alo.com>"}, // codespell-ignore {`"quoted"`, "quoted@test.com", `"quoted" <quoted@test.com>`}, {`gusted`, "gusted@test.com", `"gusted" <gusted@test.com>`}, {`Joe Q. Public`, "john.q.public@example.com", `"Joe Q. Public" <john.q.public@example.com>`}, diff --git a/modules/forgefed/activity.go b/modules/forgefed/activity.go index c1ca57c4a8..247abd255a 100644 --- a/modules/forgefed/activity.go +++ b/modules/forgefed/activity.go @@ -21,8 +21,8 @@ type ForgeLike struct { func NewForgeLike(actorIRI, objectIRI string, startTime time.Time) (ForgeLike, error) { result := ForgeLike{} result.Type = ap.LikeType - result.Actor = ap.IRI(actorIRI) // Thats us, a User - result.Object = ap.IRI(objectIRI) // Thats them, a Repository + result.Actor = ap.IRI(actorIRI) // That's us, a User + result.Object = ap.IRI(objectIRI) // That's them, a Repository result.StartTime = startTime if valid, err := validation.IsValid(result); !valid { return ForgeLike{}, err diff --git a/modules/indexer/code/indexer_test.go b/modules/indexer/code/indexer_test.go index f43e8e42b6..967aad1b54 100644 --- a/modules/indexer/code/indexer_test.go +++ b/modules/indexer/code/indexer_test.go @@ -119,7 +119,7 @@ func TestBleveIndexAndSearch(t *testing.T) { } defer idx.Close() - testIndexer("beleve", t, idx) + testIndexer("bleve", t, idx) } func TestESIndexAndSearch(t *testing.T) { diff --git a/modules/indexer/code/search.go b/modules/indexer/code/search.go index 04af733cd7..f45907ad90 100644 --- a/modules/indexer/code/search.go +++ b/modules/indexer/code/search.go @@ -105,7 +105,7 @@ func HighlightSearchResultCode(filename string, lineNums []int, highlightRanges !ok || // token was marked as used token == "" || - // the token is not an valid html tag emited by chroma + // the token is not an valid html tag emitted by chroma !(len(token) > 6 && (token[0:5] == "<span" || token[0:6] == "</span")) { count++ } else if !isOpen { diff --git a/modules/indexer/internal/bleve/query.go b/modules/indexer/internal/bleve/query.go index 21422b281c..90626da4f1 100644 --- a/modules/indexer/internal/bleve/query.go +++ b/modules/indexer/internal/bleve/query.go @@ -13,8 +13,8 @@ import ( // NumericEqualityQuery generates a numeric equality query for the given value and field func NumericEqualityQuery(value int64, field string) *query.NumericRangeQuery { f := float64(value) - tru := true - q := bleve.NewNumericRangeInclusiveQuery(&f, &f, &tru, &tru) + tru := true // codespell-ignore + q := bleve.NewNumericRangeInclusiveQuery(&f, &f, &tru, &tru) // codespell-ignore q.SetField(field) return q } diff --git a/modules/structs/repo.go b/modules/structs/repo.go index 2aa4136597..76479ad79d 100644 --- a/modules/structs/repo.go +++ b/modules/structs/repo.go @@ -317,7 +317,7 @@ const ( ) // Name represents the service type's name -// WARNNING: the name have to be equal to that on goth's library +// WARNING: the name have to be equal to that on goth's library func (gt GitServiceType) Name() string { return strings.ToLower(gt.Title()) } diff --git a/modules/structs/user.go b/modules/structs/user.go index be20349e53..f2747b1473 100644 --- a/modules/structs/user.go +++ b/modules/structs/user.go @@ -62,7 +62,7 @@ type User struct { // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility func (u User) MarshalJSON() ([]byte, error) { - // Re-declaring User to avoid recursion + // Redeclaring User to avoid recursion type shadow User return json.Marshal(struct { shadow diff --git a/pyproject.toml b/pyproject.toml index cfcc44c4c3..8670587b1e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -18,10 +18,10 @@ skip = '.git,*.pdf,*.svg,package-lock.json,go.mod,locale,license,*.git,objects,* # precise hits for CamelCased words,various other curious cases which require regex to ignore # entire line or some portion of it # TODO: Resolve Treshold typo in API and remove from here -ignore-regex = '(\b(Treshold|mx claus|commitT|ReadBy|#afile|respOne|commitI|[cC]rossReference)\b|shouldbe\.|women’s.*womens|"emoji":.*|,bu,|assert\.Equal.*"fo\b|github\.com/unknwon|Copyright 2014 Unknwon|allowed\.noone|[hH]eadErr|atLeast|{"\\U.*)|Iif|FilterIn|.*codespell-ignore.*' +ignore-regex = '(\b(Treshold|mx claus|commitT|ReadBy|#afile|respOne|commitI|[cC]rossReference|SMove|reVer|CheckIn|NotIn)\b|shouldbe\.|women’s.*womens|"emoji":.*|,bu,|assert\.Equal.*"fo\b|github\.com/unknwon|Copyright 2014 Unknwon|allowed\.noone|[hH]eadErr|atLeast|{"\\U.*)|Iif|FilterIn|.*codespell-ignore.*' #|.*(Maskenpflicht|Geimpft),.*)' # te - TreeEntry variable # commiter - wrong spelling but seems used in API # ALLWAYS - is a config var # infact - other variable(s) -ignore-words-list = 'crate,te,commiter,befores,allways,infact,startd,unknow' +ignore-words-list = 'bleve,crate,te,commiter,befores,allways,infact,startd,unknow' diff --git a/release-notes/3724.md b/release-notes/3724.md index 8af3bc893c..5cc96f761e 100644 --- a/release-notes/3724.md +++ b/release-notes/3724.md @@ -1,6 +1,6 @@ - [CERT management was improved](https://codeberg.org/forgejo/forgejo/pulls/3724) when [`ENABLE_ACME=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#server-server) - Draft support for draft-03 of [ACME Renewal Information (ARI)](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/) which assists with deciding when to renew certificates. This augments CertMagic's already-advanced logic using cert lifetime and OCSP/revocation status. - - New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accesed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support. + - New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accessed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support. - DNS challenges should be smoother in some cases as we've improved propagation checking. - In the odd case your ACME account disappears from the ACME server, CertMagic will automatically retry with a new account. (This happens in some test/dev environments.) - ACME accounts are identified only by their public keys, but CertMagic maps accounts by CA+email for practical/storage reasons. So now you can "pin" an account key to use by specifying your email and the account public key in your config, which is useful if you need to absolutely be sure to use a specific account (like if you get rate limit exemptions from a CA). diff --git a/release-notes/4027.md b/release-notes/4027.md index bdae695679..710f827706 100644 --- a/release-notes/4027.md +++ b/release-notes/4027.md @@ -1 +1 @@ -- Gitea/Forgejo webhook payload include additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatbility with [OpenProject](https://www.openproject.org/), ported from [gitea#28435](https://github.com/go-gitea/gitea/pull/28435). +- Gitea/Forgejo webhook payload include additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatibility with [OpenProject](https://www.openproject.org/), ported from [gitea#28435](https://github.com/go-gitea/gitea/pull/28435). diff --git a/routers/api/actions/artifacts.go b/routers/api/actions/artifacts.go index 7b26e4703f..bc29e4481d 100644 --- a/routers/api/actions/artifacts.go +++ b/routers/api/actions/artifacts.go @@ -428,8 +428,8 @@ func (ar artifactRoutes) getDownloadArtifactURL(ctx *ArtifactContext) { } if itemPath != artifacts[0].ArtifactName { - log.Error("Error dismatch artifact name, itemPath: %v, artifact: %v", itemPath, artifacts[0].ArtifactName) - ctx.Error(http.StatusBadRequest, "Error dismatch artifact name") + log.Error("Error mismatch artifact name, itemPath: %v, artifact: %v", itemPath, artifacts[0].ArtifactName) + ctx.Error(http.StatusBadRequest, "Error mismatch artifact name") return } diff --git a/tailwind.config.js b/tailwind.config.js index 42962b972b..e14daf27df 100644 --- a/tailwind.config.js +++ b/tailwind.config.js @@ -99,7 +99,7 @@ export default { }, plugins: [ plugin(({addUtilities}) => { - // base veriables required for tranform utilities + // base variables required for transform utilities // added as utilities since base is not imported // note: required when using tailwind's transform classes addUtilities({ diff --git a/tests/e2e/profile_actions.test.e2e.js b/tests/e2e/profile_actions.test.e2e.js index aeccab019c..55c44e7042 100644 --- a/tests/e2e/profile_actions.test.e2e.js +++ b/tests/e2e/profile_actions.test.e2e.js @@ -12,7 +12,7 @@ test('Follow actions', async ({browser}, workerInfo) => { // Check if following and then unfollowing works. // This checks that the event listeners of - // the buttons aren't dissapearing. + // the buttons aren't disappearing. const followButton = page.locator('.follow'); await expect(followButton).toContainText('Follow'); await followButton.click(); diff --git a/tests/integration/api_packages_nuget_test.go b/tests/integration/api_packages_nuget_test.go index 321bcd7e1c..03e2176fe5 100644 --- a/tests/integration/api_packages_nuget_test.go +++ b/tests/integration/api_packages_nuget_test.go @@ -451,7 +451,7 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`) packageName, "almost.similar.dependency", "almost.similar", - "almost.similar.dependant", + "almost.similar.dependent", } for _, fakePackageName := range fakePackages { diff --git a/tests/integration/git_push_test.go b/tests/integration/git_push_test.go index 06d985cff7..c9c33dc110 100644 --- a/tests/integration/git_push_test.go +++ b/tests/integration/git_push_test.go @@ -79,7 +79,7 @@ func testGitPush(t *testing.T, u *url.URL) { } pushed = append(pushed, "master") - // push all, so that master are not chagned + // push all, so that master are not changed doGitPushTestRepository(gitPath, "origin", "--all")(t) return pushed, deleted diff --git a/tests/integration/repo_badges_test.go b/tests/integration/repo_badges_test.go index 522ff94ff9..f1a61bd414 100644 --- a/tests/integration/repo_badges_test.go +++ b/tests/integration/repo_badges_test.go @@ -133,7 +133,7 @@ func TestBadges(t *testing.T) { err := release.CreateNewTag(git.DefaultContext, owner, repo, "main", "v1", "message") require.NoError(t, err) - // Now the workflow is wating + // Now the workflow is waiting req = NewRequestf(t, "GET", "/user2/%s/actions/workflows/tag-test.yaml/badge.svg", repo.Name) resp = MakeRequest(t, req, http.StatusSeeOther) assertBadge(t, resp, "tag--test.yaml-waiting-lightgrey") diff --git a/tools/lint-go-gopls.sh b/tools/lint-go-gopls.sh index 4bb69f4c16..a222ea14d7 100755 --- a/tools/lint-go-gopls.sh +++ b/tools/lint-go-gopls.sh @@ -8,7 +8,7 @@ IGNORE_PATTERNS=( ) # lint all go files with 'gopls check' and look for lines starting with the -# current absolute path, indicating a error was found. This is neccessary +# current absolute path, indicating a error was found. This is necessary # because the tool does not set non-zero exit code when errors are found. # ref: https://github.com/golang/go/issues/67078 ERROR_LINES=$("$GO" run "$GOPLS_PACKAGE" check "$@" 2>/dev/null | grep -E "^$PWD" | grep -vFf <(printf '%s\n' "${IGNORE_PATTERNS[@]}"));