Commit Graph

274 Commits (9ad2aa8f4d4e66f77798751ce09c75e7d4235079)

Author SHA1 Message Date
guillep2k 5fe2ec264f Retry create issue to cope with duplicate keys (#7898)
* Retry create issue to cope with duplicate keys

* Use  .SetExpr().Where().Insert()
2019-08-26 22:17:23 -04:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
guillep2k 5661773018 Remove unique filter from repo indexer analyzer. (#7878)
* Remove unique filter from repo indexer analyzer.

* Bump repoIndexerLatestVersion to 4

* Corrrect fmt

* make vendor to remove unique dependency
2019-08-15 23:38:55 +08:00
guillep2k 2594693a46 Remove camel case tokenization from repo indexer (#7733)
* Make repository indexer tokenize by camel case selectable

* Revert "Make repository indexer tokenize by camel case selectable"

This reverts commit a8d4e40af56ffeab9c040a13e01b9e0d5487bd3b.

* Remove app.ini setting, permanently remove camel case tokenizer

* Increase repoIndexerLatestVersion to force indexes to be rebuilt

* Changes introduced by the commmand make vendor
2019-08-06 07:38:16 +03:00
Antoine GIRARD 52feff5a5c deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
* deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 from 1.2.0 to 1.3.0

* deps: vendor updates
2019-08-05 15:52:41 +08:00
Antoine GIRARD bb22e3a1e1 update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705) 2019-08-01 12:31:03 -04:00
Antoine GIRARD a9b4c8171f Update src-d/go-git to v4.13.0 (#7688)
* update gopkg.in/src-d/go-git.v4 v4.13.0

* mod tidy

* vendor
2019-07-31 12:45:42 -04:00
zeripath 78e5317242
Update to latest mssqldriver (#7613)
* New driver does not tolerate USE - handle this by closing db and reopening db in the new dbname
2019-07-26 05:10:20 +01:00
Tamal Saha 5efd3630bc Update to xorm@v0.7.4 (#7596)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-25 00:39:14 +03:00
Lunny Xiao d2958d9f46 Move status table to cron package (#7370) 2019-07-15 20:13:03 -04:00
Tamal Saha 2102f9d92d Support setting cookie domain (#6288)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-12 09:57:31 -04:00
Lunny Xiao b84a251fca
upgrade macaron/captcha to fix random error problem (#7407) 2019-07-10 13:26:42 +08:00
Lunny Xiao f03e5b7c3e
fix vendor (#7394) 2019-07-09 14:27:02 +08:00
EpicCoder 8d9d6aa903 Add additional password hash algorithms (closes #5859) (#6023) 2019-07-07 02:01:01 -04:00
techknowlogick d0ec940dd7
switch to use gliderlabs/ssh for builtin server (#7250)
resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash)

Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
2019-07-06 21:28:09 -04:00
Cherrg 86750325c7 workaround broken drone build (#7362)
* workaround broken swagger

only master brach is not working, latest release seems to work

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* make vendor

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* Don't export GO111MODULE

* set go-swagger to fixed release version

mentioned here: https://github.com/go-gitea/gitea/pull/7362#discussion_r300831537

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-06 16:16:43 +01:00
Filip Navara 6e2a59e4ce Use commit graph files for listing pages (#7314)
* Experimental support for git commit graph files and bloom filter index

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Force vendor of commitgraph

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Remove bloom filter experiment and debug prints

* Remove old code for building commit graphs

* Remove unused function

* Remove mmap usage

* gofmt

* sort vendor/modules.txt

* Add copyright header and log commit-graph error
2019-07-02 10:15:14 +08:00
Antoine GIRARD 1e46eedce7 update mssql drive to last working version 20180314172330-6a30f4e59a44 (#7306) 2019-06-30 11:28:17 +08:00
Lunny Xiao aa7c34cf86 Fix error log when loading issues caused by a xorm bug (#7271)
* fix error log when loading issues caused by a xorm bug

* upgrade packages

* fix fmt

* fix Consistency

* fix tests
2019-06-23 18:22:43 +03:00
techknowlogick 33ad554800 update go-git to v4.12.0 - fixes #7248 (#7249) 2019-06-19 10:14:15 +08:00
Lunny Xiao 83b90e4199 Use vfsgen instead of go-bindata (#7080)
* use vfsgen instead of go-bindata

* fix templates

* fix fmt

* vendor vsfgen
2019-06-03 00:43:47 +03:00
Lunny Xiao 8a343dda39 update go git from v4.10.0 to v4.11.0 (#7096) 2019-05-31 20:34:46 +01:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
Tamal Saha 34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
techknowlogick 1dc401635b
update sdk to latest (#6903) 2019-05-10 16:49:29 -04:00
Lunny Xiao 08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
techknowlogick 46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Antoine GIRARD 2933ae4e88 Update https://github.com/urfave/cli to version 1.2.0 (#6838)
From un-tagged pervious version : https://github.com/urfave/cli/compare/d86a009f5e13...master
2019-05-03 08:49:14 -04:00
Lunny Xiao 5be1780045 update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815) 2019-05-01 11:44:16 -04:00
Filip Navara 2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
Segev Finer 34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
Antoine GIRARD 84fd24246c Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.2.2...v1.3.0)
2019-04-16 23:45:40 -04:00
Antoine GIRARD 4183c846e3 [mod]: Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
Bumps [gopkg.in/src-d/go-git.v4](https://github.com/src-d/go-git) from 4.8.0 to 4.10.0.
- [Release notes](https://github.com/src-d/go-git/releases)
- [Commits](https://github.com/src-d/go-git/compare/v4.8.0...v4.10.0)
2019-04-16 22:04:23 -04:00
techknowlogick 3fb038c53a
upgrade version of lib/pq to v1.1.0 (#6640)
Adds SCRAM-SHA-256 authentication
2019-04-15 16:14:31 -04:00
Lunny Xiao e7d7dcb090 Issue indexer queue redis support (#6218)
* add redis queue

* finished indexer redis queue

* add redis vendor

* fix vet

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* switch to go mod

* Update required changes for new logging func signatures
2019-04-08 12:05:15 +03:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Mura Li d77176912b Use Go1.11 module (#5743)
* Migrate to go modules

* make vendor

* Update mvdan.cc/xurls

* make vendor

* Update code.gitea.io/git

* make fmt-check

* Update github.com/go-sql-driver/mysql

* make vendor
2019-03-27 19:15:23 +08:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
Richard Mahn ecce28f9df Updates SDK dep (#6406) 2019-03-22 11:38:49 -04:00
Richard Mahn 50631b5ac3 Updates vendor/code.gitea.io/git (#6286) 2019-03-11 14:01:00 -04:00
Lunny Xiao 4334fe754e
update git vendor to fix wrong release commit id and add migrations (#6224)
* update git vendor to fix wrong release commit id and add migrations

* fix count

* fix migration release

* fix tests
2019-03-11 11:44:58 +08:00
Jonas Franz e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
mrsdizzie f2de5dc8c8 Replace linkRegex with xurls library (#6261)
* Replace linkRegex with xurls library

Rather than maintaining a complicated regex to match URLs for
autolinking, gitea can use this existing go library that takes care of
the matching with very little code change to gitea itself. After
spending a while trying to find the perfect regex for all cases this library
still works better as it is more flexible than a single regex ever will be.

This will also fix the following issues: #5844 #3095 #3381

This passes all our current tests and I've added new ones mentioned in
those issues as well.

* Use xurls.StrictMatchingScheme instead of xurls.Strict

This is much faster and we only care about https? links to preserve
existing behavior.
2019-03-07 15:12:01 -05:00
Lanre Adelowo 141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
John Olheiser 7548037a64 Adds MustChangePassword to user create/edit API, defaults to true (#6193)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-27 21:37:57 +02:00
Segev Finer 594f591691 Increase Username and Orgname MaxSize 35 -> 40 (#6178)
* Increase Username and Orgname MaxSize 35 -> 40

Signed-off-by: Segev Finer <segev@codeocean.com>

* Dep update code.gitea.io/sdk

Signed-off-by: Segev Finer <segev@codeocean.com>

* Run generate-swagger

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-02-25 13:56:47 -05:00
Lunny Xiao 830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
zeripath 22770c324d
Move to ldap.v3 to fix #5928 (#6105)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-18 12:34:37 +00:00
Lunny Xiao a380cfd8e0 Update bleve dependency to latest master revision (#6100)
* update bleve to master b17287a86f6cac923a5d886e10618df994eeb54b6724eac2e3b8dde89cfbe3a2

* remove unused pkg from dep file

* change bleve from master to recent revision
2019-02-17 19:50:26 -05:00
Lunny Xiao 01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Richard Mahn da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
Gabriel Silva Simões 3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lanre Adelowo c20034be31 Display the branch name in the commit view (#5950)
* add branch info

* Remove blank lines

* Remove blank lines

* update git dependency
2019-02-05 21:47:01 +00:00
techknowlogick 9de871a0f8
add other session providers (#5963) 2019-02-05 11:52:51 -05:00
Lunny Xiao ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
Lauris BH fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lauris BH 331c9120e8
Request for public keys only if LDAP attribute is set (#5816)
* Update go-ldap dependency

* Request for public keys only if attribute is set
2019-01-24 01:25:33 +02:00
Lunny Xiao 477a80f658 upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
should fix #5736
2019-01-17 06:07:23 +00:00
Harshit Bansal 5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
Zsombor c2dcb35148 Fixing #5728: (#5747)
* Format boolean values to true/false even when it is returned as byte-slice,
* Fix the sequence generation, the proper sequence name is used (instead of 'table_id_seq'), and fix the next value be max+1 always
2019-01-16 16:24:09 -05:00
techknowlogick 5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Zsombor 31aa00fa4b Update xorm to fix issue #5659 and #5651 (#5680) 2019-01-09 17:18:06 -05:00
Lunny Xiao fe55ab2a68 fix forgot removed records when deleting user (#5429)
* fix forgot removed records when deleting user

* fix migration

* fix rewritekey lock on sqlite

* remove unused codes
2018-12-18 11:26:26 -05:00
kolaente 6db7dbd333 Added test environment for mssql (#4282)
* Added test environment for m$sql

* Added template for test environment for m$sql

* Fix password

* Fix password (again)

* Fix password (again again)

* Fix db

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Create master database for mssql integration tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Create database only if master do not exist

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix mssql integration tests by using custom database "gitea"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved defer

* bump xorm

* updated xorm

* Fixed build
2018-12-12 09:01:41 +08:00
Kasi Reddy d5d847e5c4 Git-Trees API (#5403)
* Git-Trees API

* update vendor'd libs

* added comments to exported function and formatted.

* make fmt

* update per @lafirks feedback
2018-11-28 16:17:09 -05:00
Michael Kuhn 0222623be9 Explicitly disable Git credential helper (#5367)
* Explicitly disable Git credential helper

If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.

There are two problems with credential helpers when combined with Gitea:

1. Credentials entered by a user when doing a migration or setting up a
   mirror will end up in the credential store. In the worst case, this
   is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
   mirrors by all users. For example, if user A sets up a mirror, their
   credentials will be stored. If user B later sets up a mirror from the
   same host and does not enter any credentials, user A's credentials
   will be used.

This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
24321375cd

* Update git module
2018-11-28 09:00:25 +02:00
Lauris BH 08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
Peter Hoffmann e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Antoine GIRARD 4c1f1f9646 Remove x/net/context vendor by using std package (#5202)
* Update dep github.com/markbates/goth

* Update dep github.com/blevesearch/bleve

* Update dep golang.org/x/oauth2

* Fix github.com/blevesearch/bleve to c74e08f039e56cef576e4336382b2a2d12d9e026

* Update dep golang.org/x/oauth2
2018-11-10 18:55:36 -05:00
Lunny Xiao b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
Peter Hoffmann fb14458010 fix: Add secret to all webhook's payload where it has been missing (#5199)
* fix: Add secret to all webhook's payload where it has been missing

affects webhooks for:
* Delete
* Fork
* IssueComment
* Release
2018-10-28 18:03:02 -04:00
Antonio Huete Jimenez 99c09dfbfa Update vendor/golang.org/x/sys (#5059) 2018-10-26 19:18:40 -04:00
Antoine GIRARD 2af57c7820 Update x/net (#5169) 2018-10-26 19:05:56 -04:00
Kim "BKC" Carlbäcker aeb5655c25 Update go-macaron/session to latest mast to fix RCE-bug (#5177) 2018-10-25 19:53:39 +08:00
Mura Li 317ddb7283 Update vendor/github.com/mattn/go-sqlite3 (#5162)
To fix build failure on Windows/386
2018-10-24 16:18:51 +08:00
Mura Li 2ce72d4e00 Update vendor/go-sqlite3 (#5133) 2018-10-23 13:28:10 +08:00
Mura Li dba955be7c Upgrade gopkg.in/testfixtures.v2 (#4999) 2018-10-02 15:20:02 -04:00
Lauris BH ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00
OvermindDL1 07af31d004 Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
Signed-off-by: Gabriel Robertson <overminddl1@gmail.com>
2018-09-20 22:17:34 +03:00
Lauris BH fa4663e61e Add push webhook support for mirrored repositories (#4127) 2018-09-06 22:06:09 -04:00
EnricoFerro 912953e82a API /admin/users/{username} missing parameter (#4775) 2018-08-23 19:59:47 -04:00
Fluf b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Lauris BH 0c59edaafa Update xorm to latest version and fix correct `user` table referencing in sql (#4473) 2018-07-20 10:10:17 +08:00
techknowlogick ab55ca7ebd
Add ability to delete a token (#4235)
Fix #4234
2018-07-06 21:54:30 -04:00
Antoine GIRARD 74f9f98f78 Simply remove tidb and deps (#3993) 2018-07-04 16:23:23 -04:00
techknowlogick 9d4c1ddfa1
Dep upgrade mysql lib (#4161)
*  update gopkg file to add sql dep
2018-07-03 17:58:31 -04:00
David Schneiderbauer 0be2b34cec update git vendor (#4059) 2018-05-27 21:47:34 +03:00
Magnus Lindvall cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Aleksandr Bulyshchenko ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
Antoine GIRARD 3f3383dc0a Migrate to dep (#3972)
* Update makefile to use dep

* Migrate to dep

* Fix some deps

* Try to find a better version for golang.org/x/net

* Try to find a better version for golang.org/x/oauth2
2018-05-21 15:34:20 +03:00
Lunny Xiao 6bdc556b7f
Fix some webhooks bugs (#3981)
* fix some webhooks bugs

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* fix test

* fix clearlabels

* fix pullrequest webhook bug fix #3492

* update release webhook description

* remove unused code

* fix push webhook in pull request

* small changes
2018-05-21 10:28:29 +08:00
Antoine GIRARD edc78b9633 Update to last common x/text (#3994) 2018-05-20 18:09:00 +08:00
Antoine GIRARD 8dca5ad526 Fetch missing file in github.com/davecgh/go-spew/spew (#3995) 2018-05-20 09:09:35 +03:00
Jonas Franz 951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
Antoine GIRARD 917b9641ec Update to last common bleve (#3986) 2018-05-19 20:49:46 +08:00
Lunny Xiao 24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
Lauris BH e74055878f Update xormstore dependency to fix OAuth2 support for MySQL (#3955) 2018-05-13 13:10:50 +08:00
kolaente 1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00