- Use TXT records in order to determine the latest available version.
- This addresses a valid privacy issue, as with HTTP requests the server
can keep track(estimated) of how many instances are using Forgejo, with
DNS that's basically not possible as the server will never receive any
data, as the only ones receiving data are DNS resolvers.
(cherry picked from commit 0baefb546a)
(cherry picked from commit e8ee41880b)
(cherry picked from commit 7eca4f3bf1)
(cherry picked from commit 5c1567836c)
(cherry picked from commit 953afbc67f)
(cherry picked from commit fd9d97ab9f)
(cherry picked from commit 40fbd45eff)
(cherry picked from commit c5c904b04b)
(cherry picked from commit 48659bb3ab)
(cherry picked from commit b1fccd5093)
(cherry picked from commit 5e69573860)
- This is being disabled as it will weekly connect to a domain.
- This only affects existing installations, as new installations will
have a explicit value being written into app.ini due to https://github.com/go-gitea/gitea/pull/21655
(cherry picked from commit cd0b8b6852)
(cherry picked from commit 58d43867ca)
(cherry picked from commit f290b91e50)
(cherry picked from commit 21085ab635)
(cherry picked from commit 3da29b02b3)
(cherry picked from commit 6169fba292)
(cherry picked from commit ab98900ea6)
(cherry picked from commit e406a63289)
(cherry picked from commit 4ebc3e2d61)
(cherry picked from commit ee6df926e7)
(cherry picked from commit b11b7f348e)
(cherry picked from commit 481d813539)
address oliverpool comments
(cherry picked from commit d8f313f9e2)
s/Printf/Print/
(cherry picked from commit 6621b04458)
do not run initDB within integration tests
(cherry picked from commit 5a0428ede3)
(cherry picked from commit e8287b753d)
(cherry picked from commit fc2b49e571)
(cherry picked from commit a291b39b23)
(cherry picked from commit b8d4953405)
(cherry picked from commit 570d6dde7b)
(cherry picked from commit d3c94ac242)
Because v1.19.0-3 has breaking changes.
(cherry picked from commit 0fd4ba0108)
(cherry picked from commit 3df2001eef)
(cherry picked from commit 5e7f7c604a)
(cherry picked from commit 35c580ba03)
(cherry picked from commit e84e43887b)
[DOCS] RELEASE-NOTES: add scoped access tokens
(cherry picked from commit 688f831853)
[DOCS] RELEASE-NOTES: Scoped labels
(cherry picked from commit 747479a07b)
[DOCS] RELEASE-NOTES: OIDC groups
(cherry picked from commit 10c505fe89)
[DOCS] RELEASE-NOTES: Copy Link is broken
On firefox it fails with Uncaught TypeError: navigator.clipboard is
undefined
On chromium it fails with Uncaught TypeError: Cannot read properties of undefined (reading 'writeText')
(cherry picked from commit 148b2ff093)
[DOCS] RELEASE-NOTES: Copy citation
(cherry picked from commit d0f217735f)
[DOCS] RELEASE-NOTES: Support org/user level projects
(cherry picked from commit de845c7bcf)
[DOCS] RELEASE-NOTES: v1.19 has a documentation
(cherry picked from commit 9a5b46da32)
[DOCS] RELEASE-NOTES: do not split webhook section
(cherry picked from commit 00ed020321)
[DOCS] RELEASE-NOTES: Incoming emails
(cherry picked from commit 06c455b33b)
[DOCS] RELEASE-NOTES: secrets are an implementation detail
(cherry picked from commit 8236dc3a57)
[DOCS] RELEASE-NOTES: Prohibit fork if user reached maximum
(cherry picked from commit 0f80b8c696)
[DOCS] RELEASE-NOTES: scoped tokens: do not duplicate the docs
(cherry picked from commit 9bc4793c07)
[DOCS] RELEASE-NOTES: rss feed for tags and releases
(cherry picked from commit 599b36fada)
[DOCS] RELEASE-NOTES: protected branches wildcard
(cherry picked from commit 2b316c4950)
[DOCS] RELEASE-NOTES: disable releases
(cherry picked from commit 9a60773f1d)
[DOCS] RELEASE-NOTES: review box
(cherry picked from commit 09867dd122)
[DOCS] RELEASE-NOTES: asciicast support
(cherry picked from commit ea9658379b)
[DOCS] RELEASE-NOTES: attention blocks
(cherry picked from commit 70b387750b)
[DOCS] RELEASE-NOTES: commit cross reference
(cherry picked from commit fe706dad13)
[DOCS] RELEASE-NOTES: strip user completion border case
(cherry picked from commit 33ca51b4b6)
[DOCS] RELEASE-NOTES: card preview
(cherry picked from commit 626cd78ca6)
[DOCS] RELEASE-NOTES: raw copy button
(cherry picked from commit edfb467d64)
[DOCS] RELEASE-NOTES: allow edits by maintainers by default
(cherry picked from commit 7006405bc6)
[DOCS] RELEASE-NOTES: database auto migration is a little arcane
(cherry picked from commit 78030fa9af)
[DOCS] RELEASE-NOTES: fix typos & minor rewording
(cherry picked from commit ae1d47f656)
(cherry picked from commit ad08ca9955)
[DOCS] RELEASE-NOTES: webhook authorization header
(cherry picked from commit c35e2c4f6f)
[DOCS] RELEASE-NOTES: video element in markdown
(cherry picked from commit bcb0bd51d2)
[DOCS] RELEASE-NOTES: move scoped labels to the documentation
(cherry picked from commit c5eedaf4f3)
[DOCS] RELEASE-NOTES: cosmetic improvements
(cherry picked from commit b93df350d9)
[DOCS] RELEASE-NOTES: 1.19.0-0 is really : 1.19.0-2
(cherry picked from commit 60d770c2c9)
[DOCS] RELEASE-NOTES: relevant repositories
(cherry picked from commit de6ed5b87f)
(cherry picked from commit 71d91fdf22)
[DOCS] RELEASE-NOTES: semantic version
(cherry picked from commit af062d77f0)
[DOCS] RELEASE-NOTES: reflogs
(cherry picked from commit 084713d8aa)
(cherry picked from commit 9f76fe1661)
(cherry picked from commit e97834a439)
(cherry picked from commit 60865f6966)
(cherry picked from commit d4d6046f98)
(cherry picked from commit 2bbe36116e)
(cherry picked from commit 73c4e9baa9)
(cherry picked from commit 20b5669269)
(cherry picked from commit 1574643a6a)
Update semantic version according to specification
(cherry picked from commit 22510f4130)
Mise à jour de 'Makefile'
(cherry picked from commit c3d85d8409)
(cherry picked from commit 5ea2309851)
(cherry picked from commit 4f3970e6c4)
[API] [SEMVER] replace number with version
[API] [SEMVER] [v1.20] less is replaced by css
(cherry picked from commit 43a3a40825)
(cherry picked from commit 669cea25bb)
(cherry picked from commit e25190d2b4)
(cherry picked from commit 5df876e19e)
(cherry picked from commit fc94f6fae2)
(cherry picked from commit 58c50c1fe4)
Although it would be possible to modify these files, it would create
conflicts when rebasing. Instead, this commit removes them entirely
and another commit can start from scratch, borrowing content from the
original files.
The drawback of this approach is that some content updates from Gitea
that also need updating in Forgejo will have to be copy/pasted
instead of being merged.
(cherry picked from commit eb85782115)
(cherry picked from commit 34401f2004)
(cherry picked from commit ef43b1c691)
(cherry picked from commit d17fe25e2f)
(cherry picked from commit c4f688fe54)
(cherry picked from commit 4628d06534)
(cherry picked from commit 4a2a956138)
(cherry picked from commit b8f57065df)
(cherry picked from commit c4a1a695ff)
(cherry picked from commit a6a768de7d)
(cherry picked from commit 5bd9b17952)
Backport #24231 by @sillyguodong
Close#24213
Replace #23830
#### Cause
- Before, in order to making PR can get latest commit after reopening,
the `ref`(${REPO_PATH}/refs/pull/${PR_INDEX}/head) of evrey closed PR
will be updated when pushing commits to the `head branch` of the closed
PR.
#### Changes
- For closed PR , won't perform these behavior: insert`comment`, push
`notification` (UI and email), exectue
[pushToBaseRepo](7422503341/services/pull/pull.go (L409))
function and trigger `action` any more when pushing to the `head branch`
of the closed PR.
- Refresh the reference of the PR when reopening the closed PR (**even
if the head branch has been deleted before**). Make the reference of PR
consistent with the `head branch`.
Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
Backport #24573
Help some users like #16832#1851
There are many users reporting similar problem: if the SECRET_KEY
mismatches, some operations (like 2FA login) only reports unclear 500
error and unclear "base64 decode error" log (some maintainers ever spent
a lot of time on debugging such problem)
The SECRET_KEY was not well-designed and it is also a kind of technical
debt. Since it couldn't be fixed easily, it's good to add clearer error
messages, then at least users could know what the real problem is.
Backport #24536 by @sillyguodong
close#24449
The unit of `Actions` should be contorlled not only by
`repository.DISABLED_REPO_UNITS` but also by `actions.ENABLED`
in the `app.ini`.
Previously, the permission of the team's `Actions` unit was not
controlled by `actions.Enabled`. So, even if the user sets
`actions.Enabled` to false, he can still select the permission of the
`Actions` unit for the team.
This PR makes the permissions of the team's `Actions` unit also
controlled by `actions.Enabled`. Just append`TypeActions` into
`DisabledRepoUnits` slice when initializing if `actions.Enabled` is
false.
### Changes:
If `Actions` is set disbaled in `app.ini`, like below:
```yaml
[actions]
ENABLED = false
```
1. If user try to create/edit a team, will prompt user that `Actions` is
disbaled.
![image](https://user-images.githubusercontent.com/33891828/236370415-961082b2-82d2-4d9e-8025-83872ad08cbb.png)
2. `actions` is not displayed in the sidebar on the team details page
![image](https://user-images.githubusercontent.com/33891828/236371817-f39f9bc9-5926-4b88-b5e6-d93617fcfb07.png)
Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
Backport #23062
Backport #24515Fix#23617
This notably brings support for GOARCH=loong64, among other fixes.
This PR also fix bleve search architecture problem.
---------
Signed-off-by: WANG Xuerui <xen0n@gentoo.org>
Co-authored-by: WÁNG Xuěruì <1175567+xen0n@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Backport #24487 by @fnetX
On the @Forgejo instance of Codeberg, we discovered that forking a repo
which is already forked now returns a 500 Internal Server Error, which
is unexpected. This is an attempt at fixing this.
The error message in the log:
~~~
2023/05/02 08:36:30 .../api/v1/repo/fork.go:147:CreateFork() [E]
[6450cb8e-113] ForkRepository: repository is already forked by user
[uname: ...., repo path: .../..., fork path: .../...]
~~~
The service that is used for forking returns a custom error message
which is not checked against.
About the order of options:
The case that the fork already exists should be more common, followed by
the case that a repo with the same name already exists for other
reasons. The case that the global repo limit is hit is probably not the
likeliest.
---------
Co-authored-by: Otto Richter (fnetX) <git@fralix.ovh>
Backport #24382 by @lunny
Fix https://github.com/go-gitea/gitea/pull/24362/files#r1179095324
`getAuthenticatedMeta` has checked them, these code are duplicated one.
And the first invokation has a wrong permission check. `DownloadHandle`
should require read permission but not write.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #24362 by @jolheiser
> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #24339 by @yardenshoham
I made it render the script even if the repo is archived
- Fixes#24324
Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>