Commit graph

21851 commits

Author SHA1 Message Date
Renovate Bot
6bb87ee6d7 Update dependency chartjs-plugin-zoom to v2.2.0 2024-11-27 00:03:02 +00:00
Gusted
a8c61532d2
feat: migrate TOTP secrets to keying
- Currently the TOTP secrets are stored using the `secrets` module with
as key the MD5 hash of the Secretkey, the `secrets` module uses general
bad practices. This patch migrates the secrets to use the `keying`
module () which is easier to use and use better practices to store
secrets in databases.
- Migration test added.
- Remove the Forgejo migration databases, and let the gitea migration
databases also run forgejo migration databases. This is required as the
Forgejo migration is now also touching tables that the forgejo migration
didn't create itself.
2024-11-27 00:34:16 +01:00
Earl Warren
e5417fdede Merge pull request '[gitea] week 2024-48 cherry pick (gitea/main -> forgejo)' () from earl-warren/wcp/2024-48 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6062
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-26 16:42:38 +00:00
Earl Warren
a7cae463b2 Merge pull request 'Improve colors used by colorblind-friendly forgejo themes' () from DanielGibson/forgejo:improve-colorblind-themes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6059
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-26 16:30:53 +00:00
Otto
72f088ac05 Merge pull request 'Add Low German to list of default languages' () from Nordfriese/forgejo:low-german into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6072
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-11-25 22:58:45 +00:00
Benedikt Straub
cd900449af
Update app.example.ini with language definitions from config-cheat-sheet.md 2024-11-25 19:34:49 +01:00
Benedikt Straub
cc8e02edda
Add Low German to list of default languages 2024-11-25 18:36:14 +01:00
Oto Šťáva
767467b9ae
Cap wiki search width at 80% container width
Co-Authored-By: Zuzana Slavíková <zuza.slavik@email.cz>
2024-11-25 09:51:26 +01:00
Oto Šťáva
c0777279fe
Fix wiki search overflowing on wide screens ()
Confine the search menu to be at most the width of the page, or 80% of
the viewport width, whichever is smaller. To do this, introduce a new
`--container-width` variable for the descendant elements of
`.ui.container` to be able to access.

Also update the relevant e2e test: add a long 'lorem ipsum' page, add a
search for it, parameterize the width.
2024-11-25 09:50:13 +01:00
Earl Warren
ad70e7dfb3 Merge pull request 'Lock file maintenance (forgejo)' () from renovate/forgejo-lock-file-maintenance into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6067
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-25 07:39:00 +00:00
Earl Warren
cc4b7bc21b Merge pull request 'Show page titles in wiki search results ()' () from spiffyk/forgejo:wiki-search-titles into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6052
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-11-25 07:37:29 +00:00
Renovate Bot
bd84864288 Update dependency sortablejs to v1.15.4 2024-11-25 03:10:44 +00:00
Renovate Bot
17b1282817 Lock file maintenance 2024-11-25 02:04:53 +00:00
Renovate Bot
5f0049bfea Update renovate to v39.28.0 (forgejo) ()
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
2024-11-25 00:33:00 +00:00
Earl Warren
d3ebc5b161
chore(release-notes): notes for the week 2024-48 weekly cherry pick 2024-11-24 15:43:19 +00:00
Rowan Bohde
eb0645f185
disable gravatar in test ()
When running e2e tests on flaky networks, gravatar can cause a timeout
and test failures. Turn off, and populate avatars on e2e test suite run
to make them reliable.

(cherry picked from commit 9ac74a1a408136455a9e0586fb8e65163048597b)

Conflicts:
	models/fixtures/user.yml
	services/repository/contributors_graph_test.go
  trivial context conflicts
2024-11-24 15:42:36 +00:00
Lunny Xiao
32a91add34
Fix GetInactiveUsers ()
Fix 

(cherry picked from commit 9bf821ae6c108379d22ae11d8d5784a4ed7ad647)

Conflicts:
	models/user/user_test.go
  trivial context conflict
2024-11-24 15:42:36 +00:00
Oto Šťáva
fc31fa0eeb
Show page titles in wiki search results ()
Replace wiki page filenames with page titles in the search results,
fixing the problem with them showing unreadable URI-encoded names.
2024-11-24 15:55:34 +01:00
Daniel Gibson
4ec627c0b1 Improve colors used by colorblind-friendly forgejo themes
I found them to have too little contrast so I tweaked them a bit.
Screenshots and discussion can be found at:
https://codeberg.org/forgejo/forgejo/pulls/1746#issuecomment-2442469

Thanks a lot to @jpkhawam for creating the colorblind themes and for
helping me improving my changes even further! :)
2024-11-24 14:04:27 +00:00
Lunny Xiao
6482429091
Fix submodule parsing
(cherry picked from commit 33850a83fe4ebd23a762a7aac81614c42e303bfa)

This really is just the cherry pick of 407b6e6dfc7ee9ebb8a16c7f1a786e4c24d0516e
which is the first commit of the pull request, the one with the
change. The rest of the changes is a refactor that is unrelated to the
bug fix.

Conflicts:
	modules/git/commit_test.go
  trivial context conflict
2024-11-24 11:00:06 +00:00
Rowan Bohde
ddabba5f89
allow the actions user to login via the jwt token ()
We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used,
attempting to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.

(cherry picked from commit 407b6e6dfc7ee9ebb8a16c7f1a786e4c24d0516e)

Conflicts:
	services/auth/oauth2.go
  trivial context conflicts because OAuth2 scopes are in Forgejo and
  not yet in Gitea
2024-11-24 10:41:56 +00:00
Marcell Mars
262c48409b
Support HTTP POST requests to /userinfo, aligning to OpenID Core specification ()
This PR adds support for the HTTP POST requests to `/userinfo` endpoint.
While the OpenID Core specification says both are supported and
recommends using HTTP GET.

ref: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
(cherry picked from commit 56bff7ae234ee21d0e4524e401a49385c383ccaf)

Conflicts:
	routers/web/web.go
  trivial context conflict
2024-11-24 10:22:40 +00:00
Kemal Zebari
e9928b7577
Remove duplicate empty repo check in delete branch API ()
Found while working on .

This branch will never be executed because we have would have already
made the same check a couple lines above.

(cherry picked from commit 355889dbc2432554f0bcdb22f918488849f0016c)
2024-11-24 10:20:19 +00:00
Lunny Xiao
f3afd18b76
Remove unnecessary code ()
PushMirrors only be used in the repository setting page. So it should
not be loaded on every repository page.

(cherry picked from commit 0d5abd9b3e04a09f5d7de720c99e3451723e028e)
2024-11-24 10:17:44 +00:00
Kerwin Bryant
203f79a121
Fix a compilation error in the Gitpod environment ()
When opening the latest code in **Gitpod** and running `make
lint-backend`, the following error occurs:
```bash
gitpod /workspace/gitea (main) $ make lint-backend
go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.60.3 run
# internal/profilerecord
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goarch
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf8
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/coverage/rtcov
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/byteorder
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# cmp
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/itoa
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/race
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goos
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/unsafeheader
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/godebugs
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/asan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# math/bits
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goexperiment
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/msan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# sync/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/syscall
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# encoding
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# log/internal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/cryptobyte/asn1
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/golangci/golangci-lint/pkg/exitcodes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/cpu
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf16
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# container/list
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/subtle
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goversion
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/maps
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/ccojocar/zxcvbn-go/match
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/constraints
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/tools/internal/packagesinternal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/go-ruleguard/dsl/types
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/nettrace
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/google/go-cmp/cmp/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/gobwas/glob/util/runes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/platform
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/boring/sig
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/gogrep/internal/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/daixiang0/gci/pkg/utils
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/Antonboom/testifylint/internal/testify
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# hash/maphash
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/nunnatsa/ginkgolinter/version
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# google.golang.org/protobuf/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
make: *** [Makefile:413: lint-go] Error 1
```

(cherry picked from commit 32456b6f314f993efdc65fc90248b6fd1a8d55ef)
2024-11-24 10:17:27 +00:00
Earl Warren
19bde653c1 Merge pull request 'Update module github.com/stretchr/testify to v1.10.0 (forgejo)' () from renovate/forgejo-github.com-stretchr-testify-1.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6058
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-24 08:54:49 +00:00
Renovate Bot
8f0de303f3 Update module github.com/stretchr/testify to v1.10.0 2024-11-24 00:03:18 +00:00
Otto
c1ba9d37ab Merge pull request 'fix: Do not delete global Oauth2 applications' () from fnetx/global-oauth-corruption into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6054
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-23 22:47:51 +00:00
Otto Richter
1d5aee6ef8 fix: Do not delete global Oauth2 applications 2024-11-23 19:59:25 +01:00
Otto Richter
665d5f7317 test: Global OAuth should not be deleted
Expected to fail: Global (instance-wide) OAuth application should not be deleted, but it is
2024-11-23 19:49:55 +01:00
Nirmal Kumar R
9057100182 fix: Preview picture not visible on Markdown file ()
Extend API MarkupOptions to contain branch path.

The `api.MarkupOptions{}`  to have `BranchPath` which contains the
current branch. The `RenderMarkup` function utilizes a struct since there
are too many variables passed as arguments and that is not a good sign
for readability.

And `repo-editor.js` will contain a new form data which is `branch-path`
which will then be utilized by `edit.tmpl` as `data-branch-path`.

Closes: 

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [x] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5781
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Nirmal Kumar R <tildezero@gmail.com>
Co-committed-by: Nirmal Kumar R <tildezero@gmail.com>
2024-11-23 15:00:18 +00:00
JakobDev
b074e08f34
Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
Earl Warren
d3f442a209 Merge pull request 'test: fix e2e test' () from viceice/test/e2e-fix into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6045
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-22 10:49:14 +00:00
Michael Kriese
c1212e3d8c Merge pull request 'ci: use more tmpfs and noatime for faster CI' () from viceice/ci/test-perf into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6046
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-22 10:40:48 +00:00
Michael Kriese
5888a1ad5b
test: fix e2e test 2024-11-22 11:20:32 +01:00
Michael Kriese
caea17ccb2
ci: use more tmpfs and noatime for faster CI 2024-11-22 11:13:04 +01:00
Earl Warren
475c16f627 Merge pull request 'Apply smaller padding to comment headers' () from 0ko/forgejo:ui-comment-headers-size into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6027
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-22 07:05:37 +00:00
Earl Warren
1597dc078d Merge pull request '[gitea] week 2024-47 cherry pick (gitea/main -> forgejo)' () from earl-warren/wcp/2024-47 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5997
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-21 18:15:34 +00:00
Codeberg Translate
b576a2fd40 i18n: update of translations from Codeberg Translate ()
Co-authored-by: yumechi <yumechi@users.noreply.translate.codeberg.org>
Co-authored-by: Edgarsons <Edgarsons@users.noreply.translate.codeberg.org>
Co-authored-by: xtex <xtexchooser@duck.com>
Co-authored-by: SomeTr <SomeTr@users.noreply.translate.codeberg.org>
Co-authored-by: artnay <artnay@users.noreply.translate.codeberg.org>
Co-authored-by: Fjuro <fjuro@alius.cz>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Benedikt Straub <Nordfriese@users.noreply.translate.codeberg.org>
Co-authored-by: Atul_Eterno <Atul_Eterno@users.noreply.translate.codeberg.org>
Co-authored-by: Atalanttore <Atalanttore@users.noreply.translate.codeberg.org>
Co-authored-by: Juno Takano <jutty@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5960
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
2024-11-21 13:43:40 +00:00
Earl Warren
ce6cdd8f20 Merge pull request 'feat: add setting to block disposable emails' () from Ironfractal/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5787
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: jerger <jerger@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-21 12:22:41 +00:00
James Hatfield
16d06705b3 feat: add setting to block disposable emails
- Add a new setting `EMAIL_DOMAIN_BLOCK_DISPOSABLE` that will append a list of
  domains that are known for being used by temporary or disposable email
  services.

- Add a utility to automatically download and format the list of domains from
  the disposable-email-domains project on github.

  (https://github.com/disposable-email-domains/disposable-email-domains)
  license: CC0 1.0 Universal (CC0 1.0) [Public Domain]

  from README:
  """
  This repo contains a list of disposable and temporary email address domains often used to register dummy users in order to spam or abuse some services.

  We cannot guarantee all of these can still be considered disposable but we do basic checking so chances are they were disposable at one point in time.
  """
2024-11-20 23:17:37 -06:00
Earl Warren
7015bdfa48 Merge pull request 'chore(ci): remove unused experimental DNS updates' () from earl-warren/forgejo:wip-dns-update into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6034
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-20 15:45:12 +00:00
Earl Warren
a69943085a
chore(ci): remove unused experimental DNS updates 2024-11-20 15:13:53 +00:00
JakobDev
45fa9e5ae9 fix: Allow Organisations to remove the Email Address ()
It is possible to set a Email for a Organization. This Email is optional and only used to be displayed on the profile page. However, once you set an EMail, you can no longer remove it. This PR fixes that.

While working on the tests, I found out, that the API returns a 500 when trying to set an invalid EMail. I fixed that too. It returns a 422 now.

Fixes 

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5517
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2024-11-20 12:31:34 +00:00
0ko
1316f4d338 Merge pull request 'Fix regression from ' () from JakobDev/forgejo:notefix into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6029
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-11-19 19:23:56 +00:00
JakobDev
f4c70a3c43
Fix regression from 2024-11-19 19:17:46 +01:00
0ko
33c2caa0c8 fix(ui): apply smaller padding to comment headers 2024-11-19 17:11:37 +05:00
Earl Warren
3674e90c93 Merge pull request 'Improve git notes UI' () from 0ko/forgejo:ui-notes-followup into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6025
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-19 07:09:26 +00:00
Earl Warren
0a39ee3bbe Merge pull request 'chore(release-notes-assistant): security fix / features come first' () from earl-warren/forgejo:wip-release-security into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6003
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-19 06:32:48 +00:00
Earl Warren
8636a8b228 Merge pull request 'Update dependency chartjs-plugin-zoom to v2.1.0 (forgejo)' () from renovate/forgejo-chartjs-plugin-zoom-2.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6023
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-19 06:05:22 +00:00