Backport #25701 by @CaiCandong
we refactored `userIDFromToken` for the token parsing part into a new
function `parseToken`. `parseToken` returns the string `token` from
request, and a boolean `ok` representing whether the token exists or
not. So we can distinguish between token non-existence and token
inconsistency in the `verfity` function, thus solving the problem of no
proper error message when the token is inconsistent.
close#24439
related #22119
Co-authored-by: caicandong <50507092+CaiCandong@users.noreply.github.com>
Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit ee87b4e18c)
Backport #25746Fix#25736
Caused by #24048
Right now we only check the activity type for `pull_request` event when
`types` is specified or there are no `types` and filter. If a workflow
only specifies filters but no `types` like this:
```
on:
pull_request:
branches: [main]
```
the workflow will be triggered even if the activity type is not one of
`[opened, reopened, sync]`. We need to check the activity type in this
case.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit bd1946e372)
Backport #22759 by @KN4CK3R
related #16865
This PR adds an accessibility check before mounting container blobs.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 5bfe469821)
Backport #25698.
Fix#25697.
Just avoid panic, maybe there's another bug to trigger this case.
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 53276d3e49)
Backport #25721 by @wolfogre
Set the correct permissions on the .ssh directory and authorized_keys
file, or sshd will refuse to use them and lead to clone/push/pull
failures.
It could happen when users have copied their data to a new volume and
changed the file permission by accident, and it would be very hard to
troubleshoot unless users know how to check the logs of sshd which is
started by s6.
Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit e6801df99c)
as we only backport fixes ... it's not important to fix upcoming browser
changes that will result in slightly different web-UI behavior
(cherry picked from commit 6ac353b693)
Backport #25214 by @KN4CK3R
The ghost user leads to inclusion of limited users/orgs in
`BuildCanSeeUserCondition`.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit a9ebf911fa)
Backport https://github.com/go-gitea/gitea/pull/25143
If redirect_to parameter has set value starting with \\example.com
redirect will be created with header Location: /\\example.com that will
redirect to example.com domain.
(cherry picked from commit a9030052a7)
Backport #24567 by @lunny
- Fix possible parallel creating commit status index problem and
creating issues/pull request index problem work with Mysql5/Mysql8
- Add parallel tests
- Reenable TestRepoCommitsStatusParallel on CI
Fix#22109
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 3ef97932d5)
Backport #25019 by @lunny
Caused by #24362
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
(cherry picked from commit 73ae6b21d1)
Backport #24925, partially backport #24934
(`docs/content/doc/help/faq.zh-cn.md` file)
Part of backport has already done by #24942
Also backport #24881 to avoid "deadlock"
---------
Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit 37b73b3337)
Backport #24979
Changes:
1. Use uniform links types relative to doc folder (start with `doc/`)
2. According to [docusaurus
links](https://docusaurus.io/docs/markdown-features/links), if `<a>` is
used, the `href` is resolved as URL location, but not file location. So
need to use `[text]({{< relref "path" >}})` instead.
(cherry picked from commit d2c9fb02dd)
replace #24868
just a patch to fix#24824 in v1.19.4
The reference name of commits when synchronizing should also has prefix
like refs/heads/<branch-name>.
(cherry picked from commit 826b7b979c)
It seems that `opts.RefFullName` may occassionally be set
to just the branch name, without the `refs/heads/` prefixing.
(cherry picked from commit 7dc46ffbaa)
Backport #24962 by @techknowlogick
caddy v1 is loong eol. v2 should be used.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
(cherry picked from commit 8a6a1143a4)
Backport #23939 by @lunny
This PR also adjusts the weights.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit d1af0a3e4c)
Backport #24900Fix#24896
If users set different languages by `linguist-language`, the `stats` map
could be: `java: 100, Java: 200`.
Language stats are stored as case-insensitive in database and there is a
unique key.
So, the different language names should be merged to one unique name:
`Java: 300`
(cherry picked from commit a83d597989)
`Secrets` options should be hidden if `Actions` feature is disabled.
This fixes in release/v1.19. In main probably fixed in
63a401ac40 (didn't check).
Fixes: 659055138b
Author-Change-Id: IB#1134011
Signed-off-by: Pawel Boguslawski <pawel.boguslawski@ib.pl>
(cherry picked from commit c5dee8823c)