* Refactor jwt.StandardClaims to RegisteredClaims
go-jwt/jwt has deprecated the StandardClaims interface to use RegisteredClaims
instead. This PR migrates to use this new format.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Make router logger more friendly, show the related function name/file/line.
[BREAKING]
This PR substantially changes the logging format of the router logger. If you use this logging for monitoring e.g. fail2ban you will need to update this to match the new format.
This PR continues the work in #17125 by progressively ensuring that git
commands run within the request context.
This now means that the if there is a git repo already open in the context it will be used instead of reopening it.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Upgrade alpine to 3.15
* Add executability test to entrypoint for too old dockers
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update docker/rootless/usr/local/bin/docker-entrypoint.sh
Co-authored-by: zeripath <art27@cantab.net>
* Stop trimming preceding and suffixing spaces from editor filenames
In #5702 it was decided to trim preceding and suffixed spaces aswell as / from
editing file filenames. This was because at this point in time the url-safety of
Gitea was much poorer.
We can now drop this requirement and file editing should work correctly.
Fix#18176
Signed-off-by: Andrew Thornton <art27@cantab.net>
Unfortunately #17643 prevented all propagation of ErrDependenciesLeft meaning
that dependency errors that prevent closing of issues get swallowed.
This PR restores propagation of the error but instead swallows the error in the
places where it needs to be swallowed.
Fix#18223
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix commit links on compare page
- Use the correct repo link for each commit(the headrepo). As for
compare pages were baserepo != headrepo, it wouldn't have the correct
link.
Co-authored-by: zeripath <art27@cantab.net>
Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with.
This problem has occurred due to an unrecognised conflict between #17562 and #17315.
Fix as zeripath suggested in #18320Fix#18320
Co-authored-by: zeripath <art27@cantab.net>
When generating the commits list and number of files changed for PRs and
compare we should use "..." always not "..".
Fix#18303
Signed-off-by: Andrew Thornton <art27@cantab.net>
We need to use the cached .gitattributes file for checking if a file
should be stored in the lfs.
Fix#18297
Signed-off-by: Andrew Thornton <art27@cantab.net>
The CheckRepoStats function missed the following counters:
- label num_closed_issues & num_closed_pulls
- milestone num_closed_issues & num_closed_pulls
The update SQL statements for updating the repository
num_closed_issues & num_closed_pulls fields were repeated in three
functions (repo.CheckRepoStats, migrate.insertIssues and
models.Issue.updateClosedNum) and were moved to a single helper.
The UpdateRepoStats is implemented and called in the Finish migration method so that it happens immediately instead of wating for the
CheckRepoStats to run.
Signed-off-by: Loïc Dachary loic@dachary.org
---
[source](https://lab.forgefriends.org/forgefriends/forgefriends/-/merge_requests/34)
if return a error message to cli, it will print it
to stderr which is duplicate with our code (line 82
in same file). so user will see two line same
error message in git output. I think it's not mecessary,
so suggerst not return error message to cli. Thanks.
Signed-off-by: a1012112796 <1012112796@qq.com>
* Remove accidental debugging in blob_excerpt.tmpl
Unfortunately it appears that a small bit of debugging code was left in blob_excerpt.tmpl
This breaks diff expansion causing #18281.
Fix#18281
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
* Return nicer error if trying to pull from non-existent user
Gitea serv will currently return an 500 if we try to pull from a repository where
the owner does not exist.
This PR checks for the UserNotExist Error when checking for the user and will
return a NotFound error instead.
Fix#18225
* Add lockfile-check
This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.
This contains some additional fixes and small nits related to #17957
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
GiteaBot
zeripath
6543
Gusted
wxiaoguang
Jelle Hulter
Grzegorz Alibożek
silverwind
techknowlogick
Peter Gardfjäll
JonRB
a1012112796
Aravinth Manivannan
Ben Niemann
Jan Tojnar