Commit Graph

375 Commits (e2f39c2b64e1c5360702e507e0cac56255ca61c3)

Author SHA1 Message Date
6543 8d2059a201
update: macaron cores,gzip,session (#10522)
Co-authored-by: zeripath <art27@cantab.net>
2020-02-28 10:51:18 +01:00
oscar.lofwenhamn 0eeee9c721
Update markbates/goth (#10444)
- Fixes a JWT decoding issue in the OpenID provider
- Updates the GitHub provider to use the authorization header for authentication
- Updates the Twitch provider for Twitch's v5 API changes
- Adds the email and is_private_email fields to the Apple provider's GetUser implementation
- Modifies gothic to export a non-collidable context key for setting the Provider in a context.Context
- Adds new scopes to the Spotify provider
- Adds the IDToken from OpenID providers on the user struct
- Make Apple provider's SecretParams public
- Adds support for sign in with Apple, and drops support for Go versions 1.7 and 1.8
- Fixes the Slack provider's FetchURL logic to use the appropriate scope for the info it needs
Signed-off-by: Oscar LÃfwenhamn <oscar.lofwenhamn@cgi.com>
2020-02-24 12:08:43 -05:00
techknowlogick 63a6e71ac2
update crypto vendors (#10385) 2020-02-20 16:03:34 -05:00
Lauris BH 3c45cf8494
Add detected file language to code search (#10256)
Move langauge detection to separate module to be more reusable

Add option to disable vendored file exclusion from file search

Allways show all language stats for search
2020-02-20 16:53:55 -03:00
Lunny Xiao 5dbf36f356
Issue search support elasticsearch (#9428)
* Issue search support elasticsearch

* Fix lint

* Add indexer name on app.ini

* add a warnning on SearchIssuesByKeyword

* improve code
2020-02-13 14:06:17 +08:00
6543 bfd62b6f01
update vendor keybase/go-crypto (#10234) 2020-02-11 20:58:23 +02:00
John Olheiser 86fdba177a
Add Octicon SVG spritemap (#10107)
* Add octicon SVG sprite

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Static prefix

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* SVG for all repo icons

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make vendor

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Swap out octicons

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move octicons to top of less imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix JS

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Definitely not a search/replace

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Missed regex

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move to more generic calls and webpack

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make svg -> make webpack

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove svg-sprite

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Missed a test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove svg from makefile

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Attempt to fix test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert timetracking test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Swap .octicon for .svg in less

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add aria-hidden

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Replace mega-octicon

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix webpack globbing on Windows

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert

Co-Authored-By: silverwind <me@silverwind.io>

* Fix octions from upstream

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix Vue and missed JS function

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add JS helper and PWA

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Preload SVG

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-02-11 12:02:41 -05:00
Lauris BH ad2642a8aa
Language statistics bar for repositories (#8037)
* Implementation for calculating language statistics

Impement saving code language statistics to database

Implement rendering langauge stats

Add primary laguage to show in repository list

Implement repository stats indexer queue

Add indexer test

Refactor to use queue module

* Do not timeout for queues
2020-02-11 11:34:17 +02:00
Lauris BH 20c513be6e
Show download count info in release list (#10124)
* Show download count info in release list

* Use go-humanize
2020-02-03 21:50:37 +02:00
zeripath 2c903383b5
Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
* Upgrade levelqueue to version 0.2.0

This adds functionality for Unique Queues

* Add UniqueQueue interface and functions to create them

* Add UniqueQueue implementations

* Move TestPullRequests over to use UniqueQueue

* Reduce code duplication

* Add bytefifos

* Ensure invalid types are logged

* Fix close race in PersistableChannelQueue Shutdown
2020-02-02 23:19:58 +00:00
John Olheiser 28216bde46 More expansions in template repositories (#10021)
* Super expansion
* Explain which features are in 1.11 vs 1.12
* Move imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-01-28 13:57:15 +00:00
guillep2k ad1b6d439f Add support for database schema in PostgreSQL (#8819)
* Add support for database schema

* Require setting search_path for the db user

* Add schema setting to admin/config.tmpl

* Use a schema different from default for psql tests

* Update postgres scripts to use custom schema

* Update to xorm/core 0.7.3 and xorm/xorm c37aff9b3a

* Fix migration test

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-20 16:45:14 +01:00
Damien Cassou c6a32ddb47 Update go-org to 0.1.9 (#9782)
* Update go-org to 0.1.9

What I did to generate this commit:

$ go get github.com/niklasfasching/go-org

* make vendor
2020-01-16 09:27:41 +01:00
6543 a5a79f702d update gitea.com/macaron/macaron to 1.4.0 (#9608) 2020-01-05 15:27:25 +01:00
zeripath 27757714d0 Change markdown rendering from blackfriday to goldmark (#9533)
* Move to goldmark

Markdown rendering moved from blackfriday to the goldmark.

Multiple subtle changes required to the goldmark extensions to keep
current rendering and defaults.

Can go further with goldmark linkify and have this work within markdown
rendering making the link processor unnecessary.

Need to think about how to go about allowing extensions - at present it
seems that these would be hard to do without recompilation.

* linter fixes

Co-authored-by: Lauris BH <lauris@nix.lv>
2019-12-31 03:53:28 +02:00
6543 599c0ee75f go-mssqldb UPDATE (#9522) 2019-12-28 17:14:38 +00:00
Antoine GIRARD 559fb6ccf0 chore: update github.com/couchbase/gomemcached and github.com/couchbase/go-couchbase (#9419) 2019-12-18 21:03:26 -05:00
6543 90057ca27e [Vendor Update] go-swagger v0.20.1 -> v0.21.0 (#9410)
* Update go-swagger v0.20.1 -> v0.21.0

* go mod tidy
2019-12-18 16:05:30 +01:00
6543 6d811bcb14 Hide not allowed Reactions (#9387)
* Hide not allowed Reactions

* filter in query :D

* use `

Co-Authored-By: Alexey 〒erentyev <axifnx@gmail.com>

* update xorm v0.8.0 -> v0.8.1
2019-12-18 21:07:36 +08:00
zeripath 60b31c8f01
Fix the intermittent TestGPGGit failures (#9360)
* Fix the intermittent TestGPGGit failures

Reattempt to open the listener if the port is busy with a delay up to a second
Switch from generating a private key each time, just use a known good key
2019-12-15 16:21:16 +00:00
Antoine GIRARD 81a52442a1 deps: update and fix chardet import (#9351) 2019-12-14 02:15:48 +02:00
Lunny Xiao 3bdce82ce9
upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
Mura Li 9591185c8f Upgrade blevesearch to v0.8.1 (#9177)
For #1441

a91b427b59
2019-11-27 11:23:33 +02:00
QuaSoft 7b4d2f7a2a Add single sign-on support via SSPI on Windows (#8463)
* Add single sign-on support via SSPI on Windows

* Ensure plugins implement interface

* Ensure plugins implement interface

* Move functions used only by the SSPI auth method to sspi_windows.go

* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected

* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.

* Update documentation for the new 'SPNEGO with SSPI' login source

* Mention in documentation that ROOT_URL should contain the FQDN of the server

* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)

* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)

* Add option in SSPIConfig for removing of domains from logon names

* Update helper text for StripDomainNames option

* Make sure handleSignIn() is called after a new user object is created by SSPI auth method

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates

* Remove code duplication

* Log errors in ActiveLoginSources

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert suffix of randomly generated E-mails for Reverse proxy authentication

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert unneeded white-space change in template

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add copyright comments at the top of new files

* Use loopback name for randomly generated emails

* Add locale tag for the SSPISeparatorReplacement field with proper casing

* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields

* Update docs/content/doc/features/authentication.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Remove Priority() method and define the order in which SSO auth methods should be executed in one place

* Log authenticated username only if it's not empty

* Rephrase helper text for automatic creation of users

* Return error if more than one active SSPI auth source is found

* Change newUser() function to return error, letting caller log/handle the error

* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed

* Refactor initialization of the list containing SSO auth methods

* Validate SSPI settings on POST

* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page

* Make 'Default language' in SSPI config empty, unless changed by admin

* Show error if admin tries to add a second authentication source of type SSPI

* Simplify declaration of global variable

* Rebuild gitgraph.js on Linux

* Make sure config values containing only whitespace are not accepted
2019-11-23 01:33:31 +02:00
zeripath cbaa1de9ec Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
* Graceful Shutdown for windows and others

Restructures modules/graceful, adding shutdown for windows, removing and
replacing the old minwinsvc code.

Creates a new waitGroup - terminate which allows for goroutines to
finish up after the shutdown of the servers.

Shutdown and terminate hooks are added for goroutines.

* Remove unused functions - these can be added in a different PR

* Add startup timeout functionality

* Document STARTUP_TIMEOUT
2019-11-21 13:32:02 -05:00
techknowlogick 05f6eccf27
update golang.org/x/crypto vendor to use acme v2 (#9056) 2019-11-20 00:30:46 -05:00
Lunny Xiao 9ff6312627
Move modules/gzip to gitea.com/macaron/gzip (#9058)
* Move modules/gzip to gitea.com/macaron/gzip

* Fix vendor
2019-11-18 13:18:33 +08:00
Lauris BH 05e7715c4b Update go-org to optimize code (#8824) 2019-11-05 16:39:03 +08:00
Lauris BH 086a46994a Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
* Rewrite markdown rendering to blackfriday v2.0

* Fix style

* Fix go mod with golang 1.13

* Fix blackfriday v2 import

* Inital orgmode renderer migration to go-org

* Vendor go-org dependency

* Ignore errors :/

* Update go-org to latest version

* Update test

* Fix go-org test

* Remove unneeded code

* Fix comments

* Fix markdown test

* Fix blackfriday regression rendering HTML block
2019-10-31 01:06:25 +00:00
Lunny Xiao d151503d34 Upgrade xorm to v0.8.0 (#8536) 2019-10-17 11:26:49 +02:00
Colin Arnott 66e99d722a upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
editorconfig-core-go made breaking api changes and has recently released
v2.1.1. This change consumes the new api and fixes up any breaking
references.
2019-10-15 22:24:16 +01:00
Colin Arnott 80655026d2 upgrade gopkg.in/ini.v1 (#8500)
ini released v1.48.0 and deprecated the ini.AllCapsUnderscore symbol, as
such, during the upgrade we migrated to using ini.SnackCase.
2019-10-15 16:45:39 +01:00
zeripath 167e8f18da
Restore Graceful Restarting & Socket Activation (#7274)
* Prevent deadlock in indexer initialisation during graceful restart

* Move from gracehttp to our own service to add graceful ssh

* Add timeout for start of indexers and make hammer time configurable

* Fix issue with re-initialization in indexer during tests

* move the code to detect use of closed to graceful

* Handle logs gracefully - add a pid suffix just before restart

* Move to using a cond and a holder for indexers

* use time.Since

* Add some comments and attribution

* update modules.txt

* Use zero to disable timeout

* Move RestartProcess to its own file

* Add cleanup routine
2019-10-15 14:39:51 +01:00
Antoine GIRARD ba201aaa44 vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495) 2019-10-14 08:38:15 +08:00
guillep2k f05a3353f4 Update strk.kbt.io/projects/go/libravatar to latest; closes #7860 (#8429) 2019-10-08 15:48:57 -04:00
Lunny Xiao c9f819eae0 Upgrade xorm to v0.7.9 to fix some bugs (#8354)
* upgrade xorm to v0.7.9 to fix some bugs

* upgrade xormstore to v1.3.1
2019-10-02 16:47:20 -04:00
Antoine GIRARD 149758c912
Update to github.com/lafriks/xormstore@v1.3.0 (#8317) 2019-10-02 02:32:12 +02:00
Lunny Xiao aa9a99cf5f
Upgrade xorm to latest to fix insert issue bug (#8309)
* upgrade xorm to latest to fix insert issue bug

* add newissue unit tests

* update xorm version

* fix tests
2019-09-29 20:52:39 +08:00
John Olheiser f8882f4fa9 Update xorm (#8286)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-09-25 22:02:54 +03:00
Lunny Xiao 29dda47cbb
Fix label count (#8267)
* fix label count

* fix vendor

* fix import order

* update xorm to fix bug

* fix tests

* fix mssql bug
2019-09-24 21:22:39 +08:00
techknowlogick 7a8e299c7c migrate gplus to google oauth2 provider (#7885)
* migrate gplus to google oauth2 provider. this still provides support for old gplus connections.

* Update models/oauth2.go

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* make vendor
2019-09-14 12:02:39 +02:00
techknowlogick 2837563147
oauth2 with remote Gitea - Fix #8093 (#8149) 2019-09-12 22:15:36 -04:00
techknowlogick 3f5cdfe359 use go 1.13 (#8088)
* use go 1.13

* use go 1.13 in gomod file

* Update Makefile

* update swagger deps
2019-09-12 14:58:32 +03:00
WGH 6ddd3b0b47 Implement webhook branch filter (#7791)
* Fix validate() function to handle errors in embedded anon structs

* Implement webhook branch filter

See #2025, #3998.
2019-09-09 08:48:21 +03:00
Antoine GIRARD 9fe4437bda Use vendored go-swagger (#8087)
* Use vendored go-swagger

* vendor go-swagger

* revert un wanteed change

* remove un-needed GO111MODULE

* Update Makefile

Co-Authored-By: techknowlogick <matti@mdranta.net>
2019-09-04 22:53:54 +03:00
guillep2k 4cb1bdddc8 Strict name matching for Repository.GetTagID() (#8074)
* Strict name matching for Repository.GetTagID()

* Perform make swagger-check swagger-validate vendor

* Add test for GetTagID()
2019-09-04 08:48:17 +03:00
guillep2k 765be70323 Make CI work (#8057)
* Use export GOPROXY=https://goproxy.cn before build

* Add go version to generate command

* Reproduced the entire build procedure - see notes

I've used:

sudo go clean -i -r -cache -testcache -modcache
make clean
make generate
make golangci-lint
make revive
make swagger-check
make swagger-validate
make test-vendor            <--- this now fails
make vendor                 <--- this now produced changes
git commit -a               <--- this commit

* Add fix from #8059 to complete CI tests
2019-09-02 15:12:29 -04:00
Lauris BH 9ef1e5da27
Fix vendor modules.txt (#8032) 2019-08-29 16:16:09 +03:00
Antoine GIRARD 187ae109d0 Update to mod enabled version goquery (#8021)
* update to mod enabled version goquery

* manually set appengine new release
2019-08-29 11:18:42 +08:00
guillep2k cedb285e25 Update github.com/lafriks/xormstore and tidy up mod.go (#8020) 2019-08-28 23:17:14 +02:00
Antoine GIRARD 256b178176
Update swagger to 0.20.1 (#8010)
* update swagger to 0.20.1

* fiw swagger version for validate
2019-08-28 08:55:22 +02:00
guillep2k 5fe2ec264f Retry create issue to cope with duplicate keys (#7898)
* Retry create issue to cope with duplicate keys

* Use  .SetExpr().Where().Insert()
2019-08-26 22:17:23 -04:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
guillep2k 5661773018 Remove unique filter from repo indexer analyzer. (#7878)
* Remove unique filter from repo indexer analyzer.

* Bump repoIndexerLatestVersion to 4

* Corrrect fmt

* make vendor to remove unique dependency
2019-08-15 23:38:55 +08:00
guillep2k 2594693a46 Remove camel case tokenization from repo indexer (#7733)
* Make repository indexer tokenize by camel case selectable

* Revert "Make repository indexer tokenize by camel case selectable"

This reverts commit a8d4e40af56ffeab9c040a13e01b9e0d5487bd3b.

* Remove app.ini setting, permanently remove camel case tokenizer

* Increase repoIndexerLatestVersion to force indexes to be rebuilt

* Changes introduced by the commmand make vendor
2019-08-06 07:38:16 +03:00
Antoine GIRARD 52feff5a5c deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
* deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 from 1.2.0 to 1.3.0

* deps: vendor updates
2019-08-05 15:52:41 +08:00
Antoine GIRARD bb22e3a1e1 update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705) 2019-08-01 12:31:03 -04:00
Antoine GIRARD a9b4c8171f Update src-d/go-git to v4.13.0 (#7688)
* update gopkg.in/src-d/go-git.v4 v4.13.0

* mod tidy

* vendor
2019-07-31 12:45:42 -04:00
zeripath 78e5317242
Update to latest mssqldriver (#7613)
* New driver does not tolerate USE - handle this by closing db and reopening db in the new dbname
2019-07-26 05:10:20 +01:00
Tamal Saha 5efd3630bc Update to xorm@v0.7.4 (#7596)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-25 00:39:14 +03:00
Lunny Xiao d2958d9f46 Move status table to cron package (#7370) 2019-07-15 20:13:03 -04:00
Tamal Saha 2102f9d92d Support setting cookie domain (#6288)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-12 09:57:31 -04:00
Lunny Xiao b84a251fca
upgrade macaron/captcha to fix random error problem (#7407) 2019-07-10 13:26:42 +08:00
Lunny Xiao f03e5b7c3e
fix vendor (#7394) 2019-07-09 14:27:02 +08:00
EpicCoder 8d9d6aa903 Add additional password hash algorithms (closes #5859) (#6023) 2019-07-07 02:01:01 -04:00
techknowlogick d0ec940dd7
switch to use gliderlabs/ssh for builtin server (#7250)
resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash)

Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
2019-07-06 21:28:09 -04:00
Cherrg 86750325c7 workaround broken drone build (#7362)
* workaround broken swagger

only master brach is not working, latest release seems to work

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* make vendor

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* Don't export GO111MODULE

* set go-swagger to fixed release version

mentioned here: https://github.com/go-gitea/gitea/pull/7362#discussion_r300831537

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-06 16:16:43 +01:00
Filip Navara 6e2a59e4ce Use commit graph files for listing pages (#7314)
* Experimental support for git commit graph files and bloom filter index

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Force vendor of commitgraph

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Remove bloom filter experiment and debug prints

* Remove old code for building commit graphs

* Remove unused function

* Remove mmap usage

* gofmt

* sort vendor/modules.txt

* Add copyright header and log commit-graph error
2019-07-02 10:15:14 +08:00
Antoine GIRARD 1e46eedce7 update mssql drive to last working version 20180314172330-6a30f4e59a44 (#7306) 2019-06-30 11:28:17 +08:00
Lunny Xiao aa7c34cf86 Fix error log when loading issues caused by a xorm bug (#7271)
* fix error log when loading issues caused by a xorm bug

* upgrade packages

* fix fmt

* fix Consistency

* fix tests
2019-06-23 18:22:43 +03:00
techknowlogick 33ad554800 update go-git to v4.12.0 - fixes #7248 (#7249) 2019-06-19 10:14:15 +08:00
Lunny Xiao 83b90e4199 Use vfsgen instead of go-bindata (#7080)
* use vfsgen instead of go-bindata

* fix templates

* fix fmt

* vendor vsfgen
2019-06-03 00:43:47 +03:00
Lunny Xiao 8a343dda39 update go git from v4.10.0 to v4.11.0 (#7096) 2019-05-31 20:34:46 +01:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
Tamal Saha 34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
techknowlogick 1dc401635b
update sdk to latest (#6903) 2019-05-10 16:49:29 -04:00
Lunny Xiao 08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
techknowlogick 46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Antoine GIRARD 2933ae4e88 Update https://github.com/urfave/cli to version 1.2.0 (#6838)
From un-tagged pervious version : https://github.com/urfave/cli/compare/d86a009f5e13...master
2019-05-03 08:49:14 -04:00
Lunny Xiao 5be1780045 update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815) 2019-05-01 11:44:16 -04:00
Filip Navara 2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
Segev Finer 34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
Antoine GIRARD 84fd24246c Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.2.2...v1.3.0)
2019-04-16 23:45:40 -04:00
Antoine GIRARD 4183c846e3 [mod]: Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
Bumps [gopkg.in/src-d/go-git.v4](https://github.com/src-d/go-git) from 4.8.0 to 4.10.0.
- [Release notes](https://github.com/src-d/go-git/releases)
- [Commits](https://github.com/src-d/go-git/compare/v4.8.0...v4.10.0)
2019-04-16 22:04:23 -04:00
techknowlogick 3fb038c53a
upgrade version of lib/pq to v1.1.0 (#6640)
Adds SCRAM-SHA-256 authentication
2019-04-15 16:14:31 -04:00
Lunny Xiao e7d7dcb090 Issue indexer queue redis support (#6218)
* add redis queue

* finished indexer redis queue

* add redis vendor

* fix vet

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* switch to go mod

* Update required changes for new logging func signatures
2019-04-08 12:05:15 +03:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Mura Li d77176912b Use Go1.11 module (#5743)
* Migrate to go modules

* make vendor

* Update mvdan.cc/xurls

* make vendor

* Update code.gitea.io/git

* make fmt-check

* Update github.com/go-sql-driver/mysql

* make vendor
2019-03-27 19:15:23 +08:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
Richard Mahn ecce28f9df Updates SDK dep (#6406) 2019-03-22 11:38:49 -04:00
Richard Mahn 50631b5ac3 Updates vendor/code.gitea.io/git (#6286) 2019-03-11 14:01:00 -04:00
Lunny Xiao 4334fe754e
update git vendor to fix wrong release commit id and add migrations (#6224)
* update git vendor to fix wrong release commit id and add migrations

* fix count

* fix migration release

* fix tests
2019-03-11 11:44:58 +08:00
Jonas Franz e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
mrsdizzie f2de5dc8c8 Replace linkRegex with xurls library (#6261)
* Replace linkRegex with xurls library

Rather than maintaining a complicated regex to match URLs for
autolinking, gitea can use this existing go library that takes care of
the matching with very little code change to gitea itself. After
spending a while trying to find the perfect regex for all cases this library
still works better as it is more flexible than a single regex ever will be.

This will also fix the following issues: #5844 #3095 #3381

This passes all our current tests and I've added new ones mentioned in
those issues as well.

* Use xurls.StrictMatchingScheme instead of xurls.Strict

This is much faster and we only care about https? links to preserve
existing behavior.
2019-03-07 15:12:01 -05:00
Lanre Adelowo 141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
John Olheiser 7548037a64 Adds MustChangePassword to user create/edit API, defaults to true (#6193)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-27 21:37:57 +02:00
Segev Finer 594f591691 Increase Username and Orgname MaxSize 35 -> 40 (#6178)
* Increase Username and Orgname MaxSize 35 -> 40

Signed-off-by: Segev Finer <segev@codeocean.com>

* Dep update code.gitea.io/sdk

Signed-off-by: Segev Finer <segev@codeocean.com>

* Run generate-swagger

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-02-25 13:56:47 -05:00
Lunny Xiao 830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
zeripath 22770c324d
Move to ldap.v3 to fix #5928 (#6105)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-18 12:34:37 +00:00
Lunny Xiao a380cfd8e0 Update bleve dependency to latest master revision (#6100)
* update bleve to master b17287a86f6cac923a5d886e10618df994eeb54b6724eac2e3b8dde89cfbe3a2

* remove unused pkg from dep file

* change bleve from master to recent revision
2019-02-17 19:50:26 -05:00
Lunny Xiao 01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Richard Mahn da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
Gabriel Silva Simões 3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lanre Adelowo c20034be31 Display the branch name in the commit view (#5950)
* add branch info

* Remove blank lines

* Remove blank lines

* update git dependency
2019-02-05 21:47:01 +00:00
techknowlogick 9de871a0f8
add other session providers (#5963) 2019-02-05 11:52:51 -05:00
Lunny Xiao ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
Lauris BH fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lauris BH 331c9120e8
Request for public keys only if LDAP attribute is set (#5816)
* Update go-ldap dependency

* Request for public keys only if attribute is set
2019-01-24 01:25:33 +02:00
Lunny Xiao 477a80f658 upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
should fix #5736
2019-01-17 06:07:23 +00:00
Harshit Bansal 5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
Zsombor c2dcb35148 Fixing #5728: (#5747)
* Format boolean values to true/false even when it is returned as byte-slice,
* Fix the sequence generation, the proper sequence name is used (instead of 'table_id_seq'), and fix the next value be max+1 always
2019-01-16 16:24:09 -05:00
techknowlogick 5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Zsombor 31aa00fa4b Update xorm to fix issue #5659 and #5651 (#5680) 2019-01-09 17:18:06 -05:00
Lunny Xiao fe55ab2a68 fix forgot removed records when deleting user (#5429)
* fix forgot removed records when deleting user

* fix migration

* fix rewritekey lock on sqlite

* remove unused codes
2018-12-18 11:26:26 -05:00
kolaente 6db7dbd333 Added test environment for mssql (#4282)
* Added test environment for m$sql

* Added template for test environment for m$sql

* Fix password

* Fix password (again)

* Fix password (again again)

* Fix db

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Create master database for mssql integration tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Create database only if master do not exist

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix mssql integration tests by using custom database "gitea"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved defer

* bump xorm

* updated xorm

* Fixed build
2018-12-12 09:01:41 +08:00
Kasi Reddy d5d847e5c4 Git-Trees API (#5403)
* Git-Trees API

* update vendor'd libs

* added comments to exported function and formatted.

* make fmt

* update per @lafirks feedback
2018-11-28 16:17:09 -05:00
Michael Kuhn 0222623be9 Explicitly disable Git credential helper (#5367)
* Explicitly disable Git credential helper

If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.

There are two problems with credential helpers when combined with Gitea:

1. Credentials entered by a user when doing a migration or setting up a
   mirror will end up in the credential store. In the worst case, this
   is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
   mirrors by all users. For example, if user A sets up a mirror, their
   credentials will be stored. If user B later sets up a mirror from the
   same host and does not enter any credentials, user A's credentials
   will be used.

This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
24321375cd

* Update git module
2018-11-28 09:00:25 +02:00
Lauris BH 08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
Peter Hoffmann e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Antoine GIRARD 4c1f1f9646 Remove x/net/context vendor by using std package (#5202)
* Update dep github.com/markbates/goth

* Update dep github.com/blevesearch/bleve

* Update dep golang.org/x/oauth2

* Fix github.com/blevesearch/bleve to c74e08f039e56cef576e4336382b2a2d12d9e026

* Update dep golang.org/x/oauth2
2018-11-10 18:55:36 -05:00
Lunny Xiao b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
Peter Hoffmann fb14458010 fix: Add secret to all webhook's payload where it has been missing (#5199)
* fix: Add secret to all webhook's payload where it has been missing

affects webhooks for:
* Delete
* Fork
* IssueComment
* Release
2018-10-28 18:03:02 -04:00
Antonio Huete Jimenez 99c09dfbfa Update vendor/golang.org/x/sys (#5059) 2018-10-26 19:18:40 -04:00
Antoine GIRARD 2af57c7820 Update x/net (#5169) 2018-10-26 19:05:56 -04:00
Kim "BKC" Carlbäcker aeb5655c25 Update go-macaron/session to latest mast to fix RCE-bug (#5177) 2018-10-25 19:53:39 +08:00
Mura Li 317ddb7283 Update vendor/github.com/mattn/go-sqlite3 (#5162)
To fix build failure on Windows/386
2018-10-24 16:18:51 +08:00
Mura Li 2ce72d4e00 Update vendor/go-sqlite3 (#5133) 2018-10-23 13:28:10 +08:00
Mura Li dba955be7c Upgrade gopkg.in/testfixtures.v2 (#4999) 2018-10-02 15:20:02 -04:00
Lauris BH ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00
OvermindDL1 07af31d004 Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
Signed-off-by: Gabriel Robertson <overminddl1@gmail.com>
2018-09-20 22:17:34 +03:00
Lauris BH fa4663e61e Add push webhook support for mirrored repositories (#4127) 2018-09-06 22:06:09 -04:00
EnricoFerro 912953e82a API /admin/users/{username} missing parameter (#4775) 2018-08-23 19:59:47 -04:00
Fluf b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Lauris BH 0c59edaafa Update xorm to latest version and fix correct `user` table referencing in sql (#4473) 2018-07-20 10:10:17 +08:00
techknowlogick ab55ca7ebd
Add ability to delete a token (#4235)
Fix #4234
2018-07-06 21:54:30 -04:00
Antoine GIRARD 74f9f98f78 Simply remove tidb and deps (#3993) 2018-07-04 16:23:23 -04:00
techknowlogick 9d4c1ddfa1
Dep upgrade mysql lib (#4161)
*  update gopkg file to add sql dep
2018-07-03 17:58:31 -04:00
David Schneiderbauer 0be2b34cec update git vendor (#4059) 2018-05-27 21:47:34 +03:00
Magnus Lindvall cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Aleksandr Bulyshchenko ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
Antoine GIRARD 3f3383dc0a Migrate to dep (#3972)
* Update makefile to use dep

* Migrate to dep

* Fix some deps

* Try to find a better version for golang.org/x/net

* Try to find a better version for golang.org/x/oauth2
2018-05-21 15:34:20 +03:00
Lunny Xiao 6bdc556b7f
Fix some webhooks bugs (#3981)
* fix some webhooks bugs

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* fix test

* fix clearlabels

* fix pullrequest webhook bug fix #3492

* update release webhook description

* remove unused code

* fix push webhook in pull request

* small changes
2018-05-21 10:28:29 +08:00
Antoine GIRARD edc78b9633 Update to last common x/text (#3994) 2018-05-20 18:09:00 +08:00
Antoine GIRARD 8dca5ad526 Fetch missing file in github.com/davecgh/go-spew/spew (#3995) 2018-05-20 09:09:35 +03:00
Jonas Franz 951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
Antoine GIRARD 917b9641ec Update to last common bleve (#3986) 2018-05-19 20:49:46 +08:00
Lunny Xiao 24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
Lauris BH e74055878f Update xormstore dependency to fix OAuth2 support for MySQL (#3955) 2018-05-13 13:10:50 +08:00