Backport #23884.
There is no fork concept in agit flow, anyone with read permission can
push `refs/for/<target-branch>/<topic-branch>` to the repo. So we should
treat it as a fork pull request because it may be from an untrusted
user.
Backport #23975 by @wxiaoguang
Do not use Rename here, because the old sid and new sid may be in
different redis cluster slot.
Fix#23869
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23955 by @techknowlogick
Fix#23954
This allows for building on platforms that don't have docker hub as the
default container registry.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This time the backport is done by `backport-locales.go` automatically,
no manual fix.
However, there are some new broken translations in 1.20 (main branch),
so we must fix our ini package next time, then the broken could be
resolved fundmentally.
Backport #23913 by @lunny
Previously, deleted release attachments were kept forever on the
external storage.
Note: It may be very slow now if there are many attachments to be
deleted on this release.
Fix#23728
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #23923 by @teauxfu
updated the example config to make the needed backticks around the
password more obvious
Co-authored-by: alex <alexmw777@gmail.com>
Backport #23887 by @6543
User descriptions should be rendered so that links and other markup
appear correct in RSS feeds.
test will be added by #23874
Co-authored-by: 6543 <6543@obermui.de>
Backport #23823 by @wxiaoguang
Thanks to @trwnh
Close#23802
The ActivityPub id is an HTTPS URI that should remain constant, even if
the user changes their name.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23606 by @wxiaoguang
Reference:
https://github.com/go-gitea/gitea/issues/22578#issuecomment-1444180053
Credits to @tdesveaux , thank you very much for catching the problem. If
you'd like to open a PR, feel free to replace this one.
Git reports fatal errors for ambiguous arguments:
```
fatal: ambiguous argument 'refs/a...refs/b': unknown revision or path not in the working tree.
Use '--' to separate paths from revisions, like this:
'git <command> [<revision>...] -- [<file>...]'
```
So the `--` separator is necessary in some cases.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23885 by @wxiaoguang
Regression of #19676 and #21814Fix#23872
`cases.Title` is not thread-safe, it has internal state, so it can't be
used as a global shared variable.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23733 by @wolfogre
I neglected that the `NameKey` of `Unit` is not only for translation,
but also configuration. So it should be `repo.actions` to maintain
consistency.
## ⚠️ BREAKING ⚠️
If users already use `actions.actions` in `DISABLED_REPO_UNITS` or
`DEFAULT_REPO_UNITS`, it will be treated as an invalid unit key.
Co-authored-by: Jason Song <i@wolfogre.com>
Backport #23841 by @Zettat123
Close#23824
Actions cannot fetch LFS objects from private repos because we don't
check if the user is the `ActionUser`.
Co-authored-by: Zettat123 <zettat123@gmail.com>
Backport #23576 by @wxiaoguang
When doing the refactoring:
* #22950
I added some debug mode code (assertShown) to help to catch bugs, it did
catch some bugs like:
* #23074
If it has been proved that there is no more bugs, this assertion could
be removed easily and clearly.
Feel free to decide when to remove it (feel free to convert it from
Draft to Ready for Review).
Backport #23862 by @wxiaoguang
Caught by @justusbunsi
An old bug from #6488
In `pullrequest_targetbranch_change`, the `data` might be empty, because
`UpdatePullRequestTarget` may respond `http.StatusNoContent`.
And the old code's `$branchTarget.text(data.base_branch);` doesn't make
sense, because in the end, the page will be always reloaded.
So, just remove the `$branchTarget.text(data.base_branch);`, everything
should be fine.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23804 by @yp05327
Visibility dropdown list will not work in add/edit user page when error
occurred
Co-authored-by: yp05327 <576951401@qq.com>
Backport #23782 by @sillyguodong
Fix#23707
Cause by #23189
This PR is a quick fix that, when pushing commits to closed PR, webhook
and actions also be triggered.
Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
Follow #21962
After I eat my own dogfood, I would say that
ONLY_SHOW_RELEVANT_REPOS=false is necessary for many private/enterprise
instances, because many private repositories do not have
"description/topic", users just want to search by their names.
This PR also adds `PageIsExploreRepositories` check, to make code more
strict, because the `search` template is shared for different purpose.
And during the test, I found a bug that the "Search" button didn't
respect the "relevant" parameter, so this PR fixes the bug by the way
together.
Backport #23745 by @zeripath
When running listLdapGroupMemberships check if the groupFilter is empty
before using it to list memberships.
Fix#23615
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Backport #23723 by @wxiaoguang
Use `toggleElem` instead of jQuery's `fadeToggle`, which can't be caught
by eslint jquery plugin.
Hopefully this could be the last bug for the jQuery show/hide
refactoring.
Need to backport.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #23747 by @wxiaoguang
Always respect the `setting.UI.ShowUserEmail` and `KeepEmailPrivate`
setting.
* It doesn't make sense to show user's own E-mail to themself.
* Always hide the E-mail if KeepEmailPrivate=true, then the user could
know how their profile page looks like for others.
* Revert the `setting.UI.ShowUserEmail` change from #4981 . This setting
is used to control the E-mail display, not only for the user list page.
ps: the incorrect `<div .../>` tag on the profile page has been fixed by
#23748 together, so this PR becomes simpler.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>