Commit graph

1021 commits

Author SHA1 Message Date
Earl Warren
89d9307d56 Merge pull request '[gitea] week 2024-39 cherry pick (gitea/main -> forgejo)' (#5372) from earl-warren/wcp/2024-39 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5372
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-09-27 08:12:43 +00:00
Jamie Schouten
9d34731198
Add bin to Composer Metadata (#32099)
This PR addresses the missing `bin` field in Composer metadata, which
currently causes vendor-provided binaries to not be symlinked to
`vendor/bin` during installation.

In the current implementation, running `composer install` does not
publish the binaries, leading to issues where expected binaries are not
available.

By properly declaring the `bin` field, this PR ensures that binaries are
correctly symlinked upon installation, as described in the [Composer
documentation](https://getcomposer.org/doc/articles/vendor-binaries.md).

(cherry picked from commit d351a42494e71b5e2da63302c2f9b46c78e6dbde)
2024-09-27 08:42:48 +02:00
KN4CK3R
526054332a
Fix incorrect /tokens api (#32085)
Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 08adbc468f8875fd4763c3656b334203c11adc0a)
2024-09-27 08:42:48 +02:00
Earl Warren
6275d1bc50
Refactor CSRF protector (#32057) (fix forgejo tests)
Fix the tests unique to Forgejo that are impacted by the refactor.
2024-09-27 08:42:48 +02:00
wxiaoguang
1ae3b127fc
Refactor CSRF protector (#32057)
Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")

(cherry picked from commit 1fede04b83288d8a91304a83b7601699bb5cba04)

Conflicts:
	options/locale/locale_en-US.ini
	tests/integration/repo_branch_test.go
  trivial context conflicts
2024-09-27 08:42:48 +02:00
Michael Kriese
1e5f7d2116
chore: fix lint error 2024-09-25 10:15:02 +02:00
Otto
8b62d3d5da Merge pull request 'i18n: UX improvements: Team permissions and issue closing' (#5383) from fnetx/team-permissions-i18n into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5383
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-09-24 21:16:40 +00:00
Otto Richter
dc9a268d3c i18n: UX improvements: Team permissions and issue closing
Change word order for issue comment actions
-  An attempt to address https://codeberg.org/forgejo/forgejo/issues/2650

Org team permissions improvements

- consistency: added missing dot
- clarity: explain what external units mean
- use dedicated keys to explain the permissions.
- split in read/write permissions
- use explicit labels for accessibility
- ext_wiki.desc and ext_issues.desc are no longer in use.
2024-09-24 19:03:30 +02:00
Bram Hagens
4a74113dee
feat(ui): add more emoji and code block rendering in issues 2024-09-24 14:20:33 +02:00
Exploding Dragon
a6508f5b03 Fix: database not updated when using git push --tags --force (#5319)
Closes #4274

link: https://github.com/go-gitea/gitea/pull/32040

### Release notes

- [ ] I do not want this change to show in the release notes.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/5319): <!--number 5319 --><!--line 0 --><!--description Rml4OiBkYXRhYmFzZSBub3QgdXBkYXRlZCB3aGVuIHVzaW5nIGBnaXQgcHVzaCAtLXRhZ3MgLS1mb3JjZWA=-->Fix: database not updated when using `git push --tags --force`<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5319
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-22 07:35:25 +00:00
Earl Warren
64d3fcd403 Merge pull request '[gitea] week 2024-38 cherry pick (gitea/main -> forgejo)' (#5325) from algernon/wcp/2024-38 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5325
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-09-20 05:06:42 +00:00
Otto
a0c11f58dd Merge pull request 'Fix milestone assignment in new issue' (#5180) from esainane/forgejo:five-hundred-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5180
Reviewed-by: Otto <otto@codeberg.org>
2024-09-17 16:50:42 +00:00
Sai Nane
7f02f4722c Test: Milestone assignment in new issue
This test currently fails, as expected, given this functionality is currently
broken.
2024-09-17 17:45:02 +02:00
Otto Richter
61314f05fc tests(e2e): Test overflow in commit graph 2024-09-17 17:33:00 +02:00
Shiny Nematoda
9c70c7a8ea test(code-search): fix oops 2024-09-16 16:20:55 +02:00
Shiny Nematoda
30d07c3ba3 test(code-search): add for options dropdown 2024-09-16 16:20:55 +02:00
Otto Richter
804ca6590f tests(e2e): long search result overflow
Test fails before https://codeberg.org/forgejo/forgejo/pulls/5260
2024-09-14 22:28:24 +02:00
Kemal Zebari
eb765dabfd
Handle invalid target when creating releases using API (#31841)
A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

(cherry picked from commit f05d9c98c4cb95e3a8a71bf3e2f8f4529e09f96f)
2024-09-14 18:45:18 +02:00
Otto Richter
ef473d34f5 docs(e2e): Add parametric viewport example test 2024-09-14 12:49:57 +02:00
Shiny Nematoda
14abf65269 feat: set created_by as the default filter for /issues and /pulls (#5286)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5286
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-09-13 12:55:39 +00:00
Otto Richter
5bf0af1aaf tests(e2e): Refactor branch protection test
- ensuring the afterEach hook runs should reduce flakiness and allow retries
- the hook cleans up a rule if it exists or does nothing if not
2024-09-12 14:32:35 +02:00
Michael Kriese
192a5ea68b Merge pull request 'tests(e2e): Allow running in parallel' (#5288) from fnetx/e2e-parallel into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5288
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-09-12 11:48:41 +00:00
Otto
c98996f0d2 Merge pull request 'Improve textarea paste (part of gitea#31948)' (#5269) from algernon/forgejo:gitea/port/31948-partial into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5269
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-09-12 11:15:53 +00:00
Otto
742991abca Merge pull request 'Fix bad spacing on new release page' (#5261) from maltejur/forgejo:push-nnnyrrvzlqqy into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5261
Reviewed-by: Otto <otto@codeberg.org>
2024-09-11 22:21:43 +00:00
Otto Richter
3ff15d03f3 tests(e2e): assert URL paste behaviour 2024-09-11 21:44:10 +02:00
Otto Richter
3695f5d096 Parallelize playwright tests
- allow running with multiple workers (tested with up to four workers locally which
  didn't show signs of flakiness)
- prevent race condition with webauthn tests (running them in parallel
  on the same user could prevent another test from logging in)
- fix flakiness on CI action status (Chromium sometimes needs a long
  time to fill the href field, firefox is always faster)

This reverts commit e8585eff5c.
2024-09-11 16:53:51 +02:00
Otto Richter
e4234fe6ab tests(e2e): remove unnecessary example test
The login behaviour is basically covered in login_user from utils_e2e.js, too.
2024-09-11 14:30:29 +02:00
Otto Richter
a62521f241 New release form semantics
- correctly render labels without help text
- accessibility: fix external release button focus
- accessibility: test form aspects in browser test
2024-09-11 13:30:30 +02:00
Shiny Nematoda
6178a46fe2 feat: set fuzzy as default for issue search (#5270)
Closes #5225

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5270
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-09-10 15:57:58 +00:00
Otto Richter
0f3ba99ff0 Add detailed instructions for e2e testing
- rewrite parts of and improve README
- simplify repo declaration
- list coverage in workflow path filter
2024-09-09 14:06:10 +02:00
Otto Richter
d06da0d9c6 Update integration test README
and remove outdated chinese version
2024-09-09 14:06:10 +02:00
Solomon Victorino
829e661c39 test: assert navigation URLs in release E2E test
- last one waits for release deletion before the next browser run
- disambiguates failures due to error responses
2024-09-01 10:33:29 -06:00
Otto
1004ecd56b Merge pull request 'fix: WIP toggle by reducing max issue title' (#5143) from fnetx/wip-toggle-workaround into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5143
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-29 21:05:35 +00:00
Gusted
38076a44d7 Merge pull request 'Update module github.com/go-webauthn/webauthn to v0.11.2 (forgejo)' (#5147) from renovate/forgejo-github.com-go-webauthn-webauthn-0.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5147
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-29 20:35:23 +00:00
Exploding Dragon
6eb88be6e8 Merge branch 'forgejo' into bugfix-arch 2024-08-29 12:39:16 +00:00
Gusted
63736e8301
[FEAT] Add support for webauthn credential level 3
- For WebAuthn Credential level 3, the `backup_eligible` and
`backup_state` flags are checked if they are consistent with the values
given on login. Forgejo never stored this data, so add a database
migration that makes all webauthn credentials 'legacy' and on the next
first use capture the values of `backup_eligible` and `backup_state`.
As suggested in https://github.com/go-webauthn/webauthn/discussions/219#discussioncomment-10429662
- Adds unit tests.
- Add E2E test.
2024-08-29 10:05:03 +02:00
Gusted
c87655b7ff Merge pull request '[CHORE] Move cache & captcha library' (#5146) from gusted/forgejo-captcha into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5146
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-29 08:02:09 +00:00
Otto Richter
7eac5feb74 fix: WIP toggle by reducing max issue title
- when the PR title has the maximum length, the WIP toggle switch does nothing
- work around this by slightly reducing the max input size (- 10 characters for eventually long prefixes)
- test WIP toggling edge case in playwright

fix(e2e): increase timeouts

A look at recent runs suggests they should be increased globally. The timeouts in the config file have no timeout by default.
2024-08-29 01:36:58 +02:00
Exploding Dragon
95f6cb7513 Merge branch 'forgejo' into bugfix-arch 2024-08-28 10:48:33 +00:00
Gusted
5a871f6095
[SEC] Ensure propagation of API scopes for Conan and Container authentication
- The Conan and Container packages use a different type of
authentication. It first authenticates via the regular way (api tokens
or user:password, handled via `auth.Basic`) and then generates a JWT
token that is used by the package software (such as Docker) to do the
action they wanted to do. This JWT token didn't properly propagate the
API scopes that the token was generated for, and thus could lead to a
'scope escalation' within the Conan and Container packages, read
access to write access.
- Store the API scope in the JWT token, so it can be propagated on
subsequent calls that uses that JWT token.
- Integration test added.
- Resolves #5128
2024-08-28 10:33:32 +02:00
Exploding Dragon
3a55604d3c Merge branch 'forgejo' into bugfix-arch 2024-08-28 00:38:10 +00:00
Gusted
0404662e99
[CHORE] Move captcha library
- This is a fork of https://github.com/dchest/captcha, as
https://gitea.com/go-chi/captcha is a fork of
github.com/go-macaron/captcha which is a fork (although not properly
credited) of a older version of https://github.com/dchest/captcha. Hence
why I've just forked the original.
- The fork includes some QoL improvements (uses standard library for
determistic RNG instead of rolling your own crypto), and removal of
audio support (500KiB unused data that bloated the binary otherwise).
Flips the image over the x-asis.
47270f2b55..main
- This move is needed for the next commit, because
gitea.com/go-chi/captcha included the gitea.com/go-chi/cache dependency.
2024-08-27 21:28:16 +02:00
Earl Warren
9addaedaf3 Merge pull request '[gitea] week 2024-35 cherry pick (gitea/main -> forgejo)' (#5109) from algernon/wcp/2024-35 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5109
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-27 06:09:19 +00:00
Exploding Dragon
bc4849a904 Merge branch 'forgejo' into bugfix-arch 2024-08-27 02:34:54 +00:00
dragon
60b54c42ec add zst,xz,gz tests 2024-08-27 10:02:43 +08:00
dragon
97ec997a04 add zst,xz,gz tests 2024-08-27 09:58:08 +08:00
Otto
bf65f1e510 Merge pull request 'feat: Trivial default quota configuration' (#5125) from algernon/forgejo:falling-in-reverse into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5125
Reviewed-by: Otto <otto@codeberg.org>
2024-08-27 01:22:41 +00:00
Otto
c856f77622 Merge pull request 'Update links affected by the renaming of 'developer' documentation sub-path into 'contributor'' (#5129) from floss4good/forgejo__forgejo:contrib-doc into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5129
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-08-26 18:50:40 +00:00
Otto
e5ea08b38b Merge pull request 'feat: Improve diffs generated by Forgejo' (#5110) from fnetx/better-diffs into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5110
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-26 18:47:21 +00:00
Gusted
d623126103 Merge pull request '[PORT] Refactor the usage of batch catfile (gitea#31754)' (#5122) from gusted/forgejo-port-gt-31754 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5122
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-26 16:04:47 +00:00
floss4good
5879cdc6fa
Update the translator contributing guide from user language settings. 2024-08-26 17:43:35 +03:00
Otto Richter
d97e36f6d7 Playwright testing for commit diffs
includes:

- easier repo declaration for playwright tests by @Gusted
- full backend build for pushing Git repos by @Gusted
- playwright testing (which fails with the current diff algorithm, but
  passes with the new)
- disable eslint rule for conditional expect, because it defeats the
  purpose (working around it would result in much more complex test code
  in our cases)
2024-08-26 13:57:42 +02:00
Gergely Nagy
3b70949651
feat: Trivial default quota configuration
This adds a new configuration setting: `[quota.default].TOTAL`, which
will be used if no groups are configured for a particular user. The new
option makes it possible to entirely skip configuring quotas via the API
if all that one wants is a total size.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-26 13:25:34 +02:00
Earl Warren
190b5a3859 Merge pull request '[FIX] Don't allow SSH authentication without ssh executable' (#5123) from gusted/forgejo-prevent-no-ssh into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5123
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-26 08:03:52 +00:00
Earl Warren
e2ae389184 Merge pull request '[CHORE] Move to new sessioner library' (#5090) from gusted/forgejo-sessioner-fork into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5090
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-26 07:31:56 +00:00
Gusted
1a68d14cf8
[FIX] Don't allow SSH authentication without ssh executable
- Follow up of #4819
- When no `ssh` executable is present, disable the UI and backend bits
that allow the creation of push mirrors that use SSH authentication. As
this feature requires the usage of the `ssh` binary.
- Integration test added.
2024-08-26 08:58:35 +02:00
Gusted
b44dcf553c
[TESTS] Fix usage of LoadRepoCommit
It loads the Commit with a temporary open GitRepo. This is incorrect,
the GitRepo should be open as long as the Commit can be used. This
mainly removes the usage of this function as it's not needed.
2024-08-26 08:03:48 +02:00
Otto
32735b1e61 Merge pull request '[TESTS] Move CreateDeclarativeRepo to more accessible location' (#5108) from gusted/forgejo-chore-declerative-repo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5108
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-08-25 11:15:22 +00:00
Gergely Nagy
0aa3e6e4e4
tests: Use require.NoError in tests picked from Gitea
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-25 13:02:19 +02:00
Lunny Xiao
dda53569b1
Fix agit automerge (#31207)
(cherry picked from commit 8b92eba21f5c5cca277b8101ada0ea7a1fb32ae0)
2024-08-25 10:47:37 +02:00
Lunny Xiao
bdf477f6ef
Fix actions notify bug (#31866)
Try to fix
https://github.com/go-gitea/gitea/issues/31757#issuecomment-2295131062

(cherry picked from commit 4f5c96627b4622d64593db2d436b1f3befa5f3c3)
2024-08-25 10:41:24 +02:00
Gusted
fc40a5e242
[CHORE] Move to new sessioner library
- Moves to a fork of gitea.com/go-chi/session that removed support for
couchbase (and ledis, but that was never made available in Forgejo)
along with other code improvements.
f8ce677595..main
- The rationale for removing Couchbase is quite simple. Its not licensed
under FOSS
license (https://www.couchbase.com/blog/couchbase-adopts-bsl-license/)
and therefore cannot be tested by Forgejo and shouldn't be supported.
This is a similair vein to the removal of MSSQL
support (https://codeberg.org/forgejo/discussions/issues/122)
- A additional benefit is that this reduces the Forgejo binary by ~600Kb.
2024-08-25 03:47:08 +02:00
Gusted
f78e397dd6
[TESTS] Move CreateDeclarativeRepo to more accessible location
- This allows `CreateDeclarativeRepo` to be used by other testing
packages such as E2EE testing.
- Removes unused function in `services/webhook/sourcehut/builds_test.go`.
2024-08-25 02:54:43 +02:00
Gusted
4f54918381 Merge pull request 'fix(ui): prevent exceptions on other users' repo migration pages' (#4875) from solomonv/forgejo:fix-migration-guest-exception into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4875
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-24 23:49:20 +00:00
Gusted
5dbacb70f4 Merge pull request 'Allow pushmirror to use publickey authentication' (#4819) from ironmagma/forgejo:publickey-auth-push-mirror into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4819
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-24 16:53:56 +00:00
Otto Richter
00276dfc30 feat(i18n): Branch protection improvements
- adds a header to indicate creating a new rule
  - test that header is different between new and edit form
- consistently avoids colons in the form
- excludes some accessibility checks that require a global solution for
  forms
2024-08-22 22:05:12 +02:00
Earl Warren
3bbd129270 Merge pull request 'Reintroduce tests of updated pull request icons' (#4598) from bramh/forgejo:update-pr-icons into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4598
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-22 16:54:28 +00:00
Bram Hagens
7f62acb4d9 ui: fix go to citation button url (#4597)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4597
Reviewed-by: Ghost <twenty-panda@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Bram Hagens <bram@bramh.me>
Co-committed-by: Bram Hagens <bram@bramh.me>
2024-08-22 15:36:12 +00:00
Bram Hagens
d39c8fec8c
ui: update pull request icons
Added a new icon for closed PRs (similar to GitHub, GitLab, etc),
Fixes https://codeberg.org/forgejo/forgejo/issues/4454.

Before:
- https://codeberg.org/attachments/b17c5846-506f-4b32-97c9-03f31c5ff758
- https://codeberg.org/attachments/babcd011-d340-4a9e-94db-ea17ef6d3c2b
- https://codeberg.org/attachments/dbca009a-413e-48ab-84b1-55ad7f4fcd3d

After:
- https://codeberg.org/attachments/3e161f7b-4172-4a8c-a8eb-54bcf81c0cae
- https://codeberg.org/attachments/0c308f7e-25a0-49a3-9c86-1b1f9ab39467
- https://codeberg.org/attachments/b982b6b8-c78a-4332-8269-50d01de834e0

Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4455
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Bram Hagens <bram@bramh.me>
Co-committed-by: Bram Hagens <bram@bramh.me>
2024-08-22 17:06:10 +02:00
Philip Peterson
03508b33a8
[FEAT] Allow pushmirror to use publickey authentication
- Continuation of https://github.com/go-gitea/gitea/pull/18835 (by
@Gusted, so it's fine to change copyright holder to Forgejo).
- Add the option to use SSH for push mirrors, this would allow for the
deploy keys feature to be used and not require tokens to be used which
cannot be limited to a specific repository. The private key is stored
encrypted (via the `keying` module) on the database and NEVER given to
the user, to avoid accidental exposure and misuse.
- CAVEAT: This does require the `ssh` binary to be present, which may
not be available in containerized environments, this could be solved by
adding a SSH client into forgejo itself and use the forgejo binary as
SSH command, but should be done in another PR.
- CAVEAT: Mirroring of LFS content is not supported, this would require
the previous stated problem to be solved due to LFS authentication (an
attempt was made at forgejo/forgejo#2544).
- Integration test added.
- Resolves #4416
2024-08-22 17:05:07 +02:00
Earl Warren
f19f31ac73
cron task to cleanup dangling container images with version sha256:*
Fixes: https://codeberg.org/forgejo/forgejo/issues/4378
2024-08-22 09:10:15 +02:00
Solomon Victorino
a4814bca2d fix(ui): prevent exceptions on other users' repo migration pages
- don't expect the retry button to always be attached
- don't parse status response as JSON when it was a login redirect
- add E2E test
2024-08-21 19:57:08 +00:00
Gusted
e3243a9465 Merge pull request 'feat(ui): Add rel="nofollow" to in-list labels' (#5002) from xlii/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5002
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-21 19:54:59 +00:00
Otto Richter
83d2b3b7fa Implement CSS-only input toggling, refactor related forms
UX/Translation changes:

- new teams: remove redundant tooltips that don't add meaningful information
  - move general information to table fieldset
- new teams: rename "general" to "custom" access for clarity
- new teams: show labels beside options on mobile

Accessibility:

- semantic form elements allow easier navigation (fieldset, mostly)
- improve better labelling of new teams table
- fix accessibility scan issues
- TODO: the parts that "disable" form elements were not yet touched and
  are not really accessible to screenreaders

Technical:

- replace two JavaScript solutions with one CSS standard
- implement a simpler grid (.simple-grid)
- simplify markup
- remove some webhook settings specific CSS

Testing:

- check more form content for accessibility issues
- but exclude tooltips from the scan :(
- reuse existing form tests from previous PR
2024-08-21 15:03:19 +02:00
Otto
c20c534b90 Merge pull request 'fix: validate title length when updating an issue' (#4809) from thilinajayanath/forgejo:validate-issue-title-update into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4809
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-21 12:55:26 +00:00
thilinajayanath
1e922d906f validate the title length when updating an issue and add integration test for issue title update
using middleware validator to validate title length on update

use error name from binding package

add integration test for title update

rebase upstream and update test var name

fix test slice formatting

just a try (#1)

Reviewed-on: https://codeberg.org/thilinajayanath/forgejo/pulls/1
Co-authored-by: Otto Richter <git@otto.splvs.net>
Co-committed-by: Otto Richter <git@otto.splvs.net>

fix errors + add test for 255 char title

fix test domain

fix CSRF token error on test

updaate result struct that's used to decode the json response

add json tags for struct and check changed title when http 200 is received

try to decode the title if the request succeeded

add comment in integration test
2024-08-21 08:56:52 +02:00
Gusted
68cc61b537
Add integration test 2024-08-20 19:09:22 +02:00
Gusted
f28cde134e Merge pull request '[UI] Adjust trailing EOL behavior for empty file' (#5013) from gusted/forgejo-adjust-eol into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5013
Reviewed-by: Otto <otto@codeberg.org>
2024-08-20 13:42:04 +00:00
Earl Warren
c76a73ad35 Merge pull request '[gitea] week 2024-34 cherry pick (gitea/main -> forgejo)' (#4998) from earl-warren/wcp/2024-34 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4998
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-08-20 06:32:09 +00:00
Gusted
e9a89a188e
[UI] Adjust trailing EOL behavior for empty file
- Follow up #4835
- Currently for empty files (file size is shown in the file header) the
"No EOL" information is being shown, even though it doesn't really
make sense to show that for empty files.
- Add integration test.
- Ref: https://codeberg.org/Codeberg/Community/issues/1612#issuecomment-2169437
2024-08-19 20:23:15 +02:00
Otto
3b8ac4388a Merge pull request 'Refactor grouped forms to semantic HTML' (#4995) from fnetx/refactor-grouped-forms into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4995
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-08-19 14:53:35 +00:00
Otto Richter
c9e402afdc feat(tmpl): Introduce semantic HTML in forms
Modifies forms:

- (new) org team
- (new) repo webhook
- (new) repo protected branch

The forms are not completely rewritten to semantic HTML yet. The focus
of this change was on standard elements, some custom solutions were left
untouched for now.

- swaps the order fo permission radio buttons as per https://codeberg.org/forgejo/forgejo/issues/4983
- uses fieldsets to group related inputs
  - ensures consistent styling across forms
  - can be improved later, e.g. using horizontal lines between sections
- fixes: previous font size of labels was smaller than the font size of the help text
- help text are now part of the label, clicking them now also activates the input
- drop unused CSS (no required checkboxes in grouped class remain)
- playwright testing:
  - move login boilerplate to utils
  - automated form accessibility checking
    - allow defining the scope, because legacy parts of the forms are not yet accessible
  - assert some CSS properties that should not be overriden
- the Makefile adjustment was necessary, because eslint scanned some internal files in the tests/e2e/reports directory
2024-08-19 01:14:18 +02:00
Gusted
fe18428806
Fix linting issues 2024-08-18 16:25:13 +02:00
Rowan Bohde
ebfdc659d8
render plain text file if the LFS object doesn't exist (#31812)
We had an issue where a repo was using LFS to store a file, but the user
did not push the file. When trying to view the file, Gitea returned a
500 HTTP status code referencing `ErrLFSObjectNotExist`. It appears the
intent was the render this file as plain text, but the conditional was
flipped. I've also added a test to verify that the file is rendered as
plain text.

(cherry picked from commit 1310649331648d747c57a52ea3bc92da85e7d4d1)

Conflicts:
	tests/integration/lfs_view_test.go
  trivial context conflict
2024-08-18 05:58:33 +02:00
Jason Song
7f1db1df3e
Show lock owner instead of repo owner on LFS setting page (#31788)
Fix #31784.

Before:

<img width="1648" alt="image"
src="https://github.com/user-attachments/assets/03f32545-4a85-42ed-bafc-2b193a5d8023">

After:

<img width="1653" alt="image"
src="https://github.com/user-attachments/assets/e5bcaf93-49cb-421f-aac1-5122bc488b02">

(cherry picked from commit 0470646d46f90c20f40fde718be6ef8d8c84ee2c)
2024-08-18 05:47:06 +02:00
Gusted
760b99bd5a Merge pull request 'test: fail on unhandled JS exceptions' (#4959) from solomonv/e2e-fail-on-errors into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4959
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-17 00:58:18 +00:00
Earl Warren
24eb401a0a Merge pull request 'Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access' (#4449) from marcellmars/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4449
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-16 12:38:15 +00:00
Solomon Victorino
750deb9367 test: fail on unhandled JS exceptions 2024-08-14 15:35:20 -06:00
Otto
b77f45f46b Merge pull request 'Revert "Prevent allow/reject reviews on merged/closed PRs"' (#4907) from caesar/forgejo:revert-no-closed-pr-review into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4907
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-08-13 23:25:54 +00:00
Otto
01affa0908 Merge pull request 'fix: Run full PR checks on agit push' (#4885) from viceice/forgejo:fix/agit/force-push into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4885
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-08-13 18:23:40 +00:00
Jason Song
a627b885c7
Support compression for Actions logs (#31761)
Support compression for Actions logs to save storage space and
bandwidth. Inspired by
https://github.com/go-gitea/gitea/issues/24256#issuecomment-1521153015

The biggest challenge is that the compression format should support
[seekable](https://github.com/facebook/zstd/blob/dev/contrib/seekable_format/zstd_seekable_compression_format.md).
So when users are viewing a part of the log lines, Gitea doesn't need to
download the whole compressed file and decompress it.

That means gzip cannot help here. And I did research, there aren't too
many choices, like bgzip and xz, but I think zstd is the most popular
one. It has an implementation in Golang with
[zstd](https://github.com/klauspost/compress/tree/master/zstd) and
[zstd-seekable-format-go](https://github.com/SaveTheRbtz/zstd-seekable-format-go),
and what is better is that it has good compatibility: a seekable format
zstd file can be read by a regular zstd reader.

This PR introduces a new package `zstd` to combine and wrap the two
packages, to provide a unified and easy-to-use API.

And a new setting `LOG_COMPRESSION` is added to the config, although I
don't see any reason why not to use compression, I think's it's a good
idea to keep the default with `none` to be consistent with old versions.

`LOG_COMPRESSION` takes effect for only new log files, it adds `.zst` as
an extension to the file name, so Gitea can determine if it needs
decompression according to the file name when reading. Old files will
keep the format since it's not worth converting them, as they will be
cleared after #31735.

<img width="541" alt="image"
src="https://github.com/user-attachments/assets/e9598764-a4e0-4b68-8c2b-f769265183c9">

(cherry picked from commit 33cc5837a655ad544b936d4d040ca36d74092588)

Conflicts:
	assets/go-licenses.json
	go.mod
	go.sum
  resolved with make tidy
2024-08-13 06:51:49 +02:00
Caesar Schinas
65c2595f26
Revert "Prevent allow/reject reviews on merged/closed PRs"
This reverts commit 4ed372af13.
This change from Gitea was not considered by the Forgejo UI team and there is a consensus that it feels like a regression.

The test which was added in that commit is kept and modified to test that reviews can successfully be submitted on closed and merged PRs.

Closes forgejo/design#11
2024-08-12 12:24:52 +01:00
Michael Kriese
2d05e922a2
fix(agit): run full pr checks on force-push 2024-08-12 09:00:41 +02:00
a1012112796
e5f8d144f2
[PORT] Add warning message in merge instructions when AutodetectManualMerge was not enabled (gitea#31805)
---

Conflict resolution: trivial
Things done differently: Improve localization message, use the paragraph
element instead of the div element, fix passing this variable to the
template and add a integration test

(cherry picked from commit 9633f336c87947dc7d2a5e76077a10699ba5e50d)
2024-08-11 19:15:37 +02:00
Earl Warren
44002a6399 Merge pull request 'chore(refactor): split repo_service.ForkRepository in two' (#4879) from earl-warren/forgejo:wip-fork-split into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4879
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-11 15:50:52 +00:00
Earl Warren
cfefe2b6c9
chore(refactor): split repo_service.ForkRepository in two
ForkRepository performs two different functions:

* The fork itself, if it does not already exist
* Updates and notifications after the fork is performed

The function is split to reflect that and otherwise unmodified.

The two function are given different names to:

* clarify which integration tests provides coverage
* distinguish it from the notification method by the same name
2024-08-11 12:40:34 +02:00
Exploding Dragon
87d50eca87 feat: support grouping by any path for arch package (#4903)
Previous arch package grouping was not well-suited for complex or multi-architecture environments. It now supports the following content:

- Support grouping by any path.
- New support for packages in `xz` format.
- Fix clean up rules

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4903): <!--number 4903 --><!--line 0 --><!--description c3VwcG9ydCBncm91cGluZyBieSBhbnkgcGF0aCBmb3IgYXJjaCBwYWNrYWdl-->support grouping by any path for arch package<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4903
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-08-11 10:35:11 +00:00
Earl Warren
f8728ad881 Merge pull request '[BUG] Return blocking errors as JSON errors' (#4914) from gusted/forgejo-block-json into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4914
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-10 05:52:27 +00:00
Earl Warren
40e51e4ca7 Merge pull request 'fix(ui): allow unreacting from comment popover' (#4798) from solomonv/forgejo:issue-reaction-fixes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4798
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-10 05:45:55 +00:00
Gusted
d97cf0e854
[BUG] Return blocking errors as JSON errors
- These endspoints are since b71cb7acdc
JSON-based and should therefore return JSON errors.
- Integration tests adjusted.
2024-08-09 20:34:38 +02:00