Commit graph

11976 commits

Author SHA1 Message Date
zeripath
6eaebda1b5
Quote references to the user table in consistency checks (#18072) (#18073)
Backport #18072

Although #17487 ensured that the table was quoted in the join it missed that the
query part of the check also needed to be quoted.

Fix #17485

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-22 23:29:05 +00:00
zeripath
6100935a77
Add NotFound handler (#18062) (#18067)
Backport #18062

PR #17997 means that urls with terminal '/' are no longer immediately mapped
to the url without a terminal slash. However, it has revealed that the NotFound handler
appears to have been lost.

This PR adds back in a NotFound handler that simply redirects to a path without the
terminal slash or runs the NotFound handler.

Fix #18060

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-22 15:26:37 +00:00
zeripath
6de75224de
Ensure that git repository is closed before transfer (#18049) (#18057)
Backport #18049

Repository Transfer requires that the repository directory is renamed - which
is not possible on Windows if the git repository is open.

Fix #17885

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-21 18:27:46 +00:00
Lunny Xiao
9086916eb7
Fix code search result hint on zh-CN (#18053) 2021-12-21 16:08:06 +08:00
zeripath
877040e652
Update Changelog (#18047) 2021-12-20 22:12:46 -05:00
Lunny Xiao
91f5be889a
Fix delete u2f keys bug (#18042)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-20 15:53:25 -05:00
zeripath
a818a48c76
Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
Backport #18045

The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.

Fix #18037

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 15:53:08 -05:00
zeripath
76e1c130fb
Reset Session ID on login (#18018) (#18041)
Backport #18018

When logging in the SessionID should be reset and the session cleaned up.

Also logs the user in on completion of linking account

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 20:06:54 +00:00
zeripath
148a417774
Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
* Prevent off-by-one error on comments on newly appended lines (#18029)

Backport #18029

There was a bug in CutDiffAroundLine whereby if a file without a terminal new line
has a patch which appends lines to it and a comment is placed on one of those lines
the comment diff will be a line out of place.

This fixes CutDiffAroundLine to simply ignore the missing terminal newline - however,
we should really improve this rendering to add a marker to say that there was a
previously missing terminal newline.

Fix #17875

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-20 11:38:58 -05:00
zeripath
6081948ef0
Changelog 1.15.8 (#18026)
## [1.15.8](https://github.com/go-gitea/gitea/releases/tag/v1.15.8) - 2021-12-19

* BUGFIXES
  * Reset locale on login (#18023) (#18025)
  * Fix reset password email template (#17025) (#18022)
  * Fix outType on gitea dump (#18000) (#18016)
  * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
  * Fix rename notification bug (#18011)
  * Prevent double decoding of % in url params  (#17997) (#18001)
  * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
  * Prevent deadlock in create issue (#17970) (#17982)
* TESTING
  * Use non-expiring key. (#17984) (#17985)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update CHANGELOG.md

Co-authored-by: 6543 <6543@obermui.de>
2021-12-20 12:32:07 +02:00
zeripath
48bd54286c
Stop printing 03d after escaped characters in logs (#18030) (#18034)
Backport #18030

Strangely a weird bug was present in the log escaping code whereby any escaped
character would gain 03d - this was due to a mistake in the format string where
it should have read %03o but read instead %o03d. This has led to spurious 03d
trailing characters on these escaped characters!

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-19 21:35:29 +00:00
zeripath
c69b3b65f3
Reset locale on login (#18023) (#18025)
Backport #18023

Although we reset the locale in a number of places there were several ways of logging in that were missing the same code.

Fix #18020

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2021-12-19 15:04:31 +00:00
zeripath
fe91d9617b
Fix reset password email template (#17025) (#18022) 2021-12-18 17:55:26 -05:00
Gusted
711ca52f1f
backport: fix outType on gitea dump (#18016)
- Backport from #18000

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-18 09:55:24 +08:00
Lunny Xiao
a15f0cb010
Fix rename notification bug (#18011) 2021-12-17 18:59:08 -05:00
zeripath
2051f850ef
Ensure complexity, minlength and ispwned are checked on password setting (#18005) (#18015)
Backport #18005

It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.

Fix #17977

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-17 21:24:59 +00:00
zeripath
3ae4c4898b
Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
* Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991)

Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix compilation bug

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the missing directories to the testrepos

* fixup! Add the missing directories to the testrepos

* and ensure that all of the other places have the objects directories too

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-17 10:08:00 +08:00
zeripath
3a77465e4e
Prevent double decoding of % in url params (#17997) (#18001) 2021-12-16 18:03:20 -05:00
zeripath
fc8c23edb7
Prevent deadlock in create issue (#17970) (#17982) 2021-12-14 21:06:40 -05:00
KN4CK3R
31df892059
Use non-expiring key. (#17984) (#17985) 2021-12-14 17:42:03 -05:00
Lunny Xiao
9879e23c57
Changelog for v1.15.7 (#17871)
* Changelog for v1.15.7

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-12-02 21:16:33 +01:00
Lunny Xiao
56a3b50136
Check if column exist before rename if exist, just return with no error (#17870) (#17882)
* Check if column exist before rename if exist, just return with no error

* Also check if errors column exist

* Add comment for migration

* Fix sqlite test
2021-12-02 18:12:11 +01:00
a1012112796
9a8532d928
fix 500 error while use a reserved name in org rename (#17878) (#17881)
fix #17876

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-12-02 19:52:08 +08:00
Lunny Xiao
d29a0fc3be
Fix user primary email changed (#17840) 2021-11-28 12:04:44 +01:00
Gusted
04517e17d6
Use correct user on releases (#17818)
- Backport #17806
2021-11-26 07:06:26 +00:00
KN4CK3R
3a222ee416
Fixed commit count (#17698) (#17790)
* Fixed commit count (#17698)

Added "Tag" label.
Unified branch, tag and commit name.

* Keep 1.15 behaviour.

* Removed locale change.
2021-11-26 00:21:56 +01:00
silverwind
add85f5a85
Preserve color when inverting emojis (#17799)
Fixes: https://github.com/go-gitea/gitea/issues/17795
2021-11-24 22:43:22 +08:00
Gusted
76ad83f05e
backport: use correct sender on title change (#17792) 2021-11-24 03:53:18 -05:00
Lunny Xiao
714ecd9f1e
Fix close issue but time watcher still running (#17761)
* Fix bug

* Update models/issue_stopwatch.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-11-23 20:05:44 +08:00
Lunny Xiao
a08856606e
Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
* Return 400 but not 500 when request archive with wrong format (#17691)
* Remove bundle because it's not in this version
2021-11-20 00:31:29 +08:00
99rgosse
7be2d7b136
Fix Migrate Description - backport (#17727) 2021-11-19 17:52:47 +08:00
Lunny Xiao
6f3596e33c
Fix bug when project board get open issue number (#17703) (#17726)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-19 14:28:37 +08:00
Lunny Xiao
0305a73633
Fix bug when read mysql database max lifetime (#17682) (#17690) 2021-11-17 21:28:41 +08:00
wxiaoguang
6cd1ccef3d
Backport #17649, fix database deadlock when update issue labels (#17665) 2021-11-17 13:32:31 +08:00
Gusted
ea0fe83888
Fix golangci-lint warnings (#17598 et al) (#17668)
Backport #17598 
Backport #17606 
Backport #17608 
Backport #17609

- Since https://gitea.com/gitea/test-env/pulls/10 the golangci-lint has been upgraded and is erroring about new warnings in the code, this PR fixes those warnings.
2021-11-16 20:38:49 +00:00
Lunny Xiao
1cec7f5ab5
Fix bug on detect issue/comment writer (#17592) 2021-11-09 16:00:40 +08:00
Gusted
1cb1101d44
backport(1.15): Fix stats upon searching issues (#17578)
- Backport of https://github.com/go-gitea/gitea/pull/17566

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-11-08 23:14:57 +02:00
zeripath
653dff4e57
Remove appSubUrl from pasted images (#17572) (#17588)
Backport #17572

* Remove appSubUrl from pasted images

Since we fixed the url base for the links in repositories we no longer need to add
the appsuburl to pasted image links.

Fix #17057

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-08 20:28:10 +00:00
Gusted
b661bbaed7
backport(1.15): make ParsePatch more robust (#17580)
- Backport of https://github.com/go-gitea/gitea/pull/17573
2021-11-08 11:28:16 +08:00
wxiaoguang
20ae184967
Only allow webhook to send requests to allowed hosts (#17482) (#17510)
Backport #17482

* Only allow webhook to send requests to allowed hosts (backport #17482)

* use ALLOWED_HOST_LIST=* for default to keep the legacy behavior in 1.15.x
2021-11-06 09:23:43 +00:00
zeripath
15b44496ec
Escape issue titles in comments list (#17555) (#17556)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-05 23:20:51 +00:00
Gusted
0d0ff5e32a
backport(1.15): Use correct defaultValue for stracktrace (#17557)
- Backporting https://github.com/go-gitea/gitea/pull/17552
2021-11-05 22:55:33 +08:00
Lunny Xiao
f25f7c592f
Fix zero created time bug on commit api (#17547)
Co-authored-by: zeripath <art27@cantab.net>
2021-11-05 14:15:44 +08:00
delvh
e8cf04bad7
Show correct "No" icon (#17538) 2021-11-04 15:29:37 -04:00
Lunny Xiao
251fdaaf41
Fix database keyword quote problem on migration v161 (#17523)
* support rerun migration v161
2021-11-03 06:33:38 +02:00
Lunny Xiao
f572fb906f
fix email with + when active (#17518) (#17520)
Co-authored-by: zeripath <art27@cantab.net>
2021-11-03 00:52:38 +02:00
zeripath
9340269d84
Stop double encoding blame commit messages (#17498) (#17500)
Backport #17498

The call to html.EscapeString in routers/web/repo/blame.go:renderBlame is extraneous
as the commit message is now rendered by the template. The template will correctly
escape strings - therefore we are currently double escaping.

This PR fixes this.

Fix #17492

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-31 17:46:51 +08:00
zeripath
34650b925b
Quote the table name in CountOrphanedObjects (#17487) (#17488)
Backport #17487

CountOrphanedObjects needs to quote the table it is joining with as this table may
be `user`.

Fix #17485

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-30 12:01:22 +02:00
zeripath
718e0db12e
Run Migrate in Install rather than just SyncTables (#17475) (#17486)
Backport #17475

The underlying problem in #17328 appears to be that users are re-running the install
page during upgrades. The function that tests and creates the db did not intend for
this and thus instead the migration scripts being run - a simple sync tables occurs.

This then causes a weird partially migrated DB which causes, in this release cycle,
the duplicate column in task table error. It is likely the cause of some weird
partial migration errors in other cycles too.

This PR simply ensures that the migration scripts are also run at this point too.

Fix #17328

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-30 10:28:11 +01:00
qwerty287
6110ddc280
Fix login redirection links (#17473) 2021-10-28 21:47:26 +08:00