Commit Graph

1089 Commits

Author SHA1 Message Date
LeenHawk b942838bd4
Update localization.zh-cn.md (#23448)
As title.
2023-03-14 11:38:20 +08:00
KN4CK3R c709fa17a7
Add Swift package registry (#22404)
This PR adds a [Swift](https://www.swift.org/) package registry.


![grafik](https://user-images.githubusercontent.com/1666336/211842523-07521cbd-8fb6-400f-820c-ee8048b05ae8.png)
2023-03-13 15:28:39 -05:00
Philip Peterson 757b4c17e9
Support reflogs (#22451)
This PR adds support for reflogs on all repositories. It does this by
adding a global configuration entry.

Implements #14865

---------

Signed-off-by: Philip Peterson <philip.c.peterson@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-13 15:51:07 +08:00
Brecht Van Lommel a8e13e64da
Scoped label display and documentation tweaks (#23430)
* Fix scoped label left and right part breaking across lines.
* Remove slanted divider in scoped label display, make it straight.
After using this for a while, this feels more visually noisy than
helpful.
* Reduce contrast between scope and item to reduce probability of
unreadable text on background.
* Change documentation to remove mention of non-exclusive scoped labels.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-13 08:46:13 +08:00
sillyguodong 5155ec35c5
Parse external request id from request headers, and print it in access log (#22906)
Close: #22890.

---
### Configure in .ini file:
```ini
[log]
REQUEST_ID_HEADERS = X-Request-ID, X-Trace-Id
```

### Params in Request Header
```
X-Trace-ID: trace-id-1q2w3e4r
```

![image](https://user-images.githubusercontent.com/33891828/218665296-8fd19a0f-ada6-4236-8bdb-f99201c703e8.png)



### Log output:

![image](https://user-images.githubusercontent.com/33891828/218665225-cc242a57-4ffc-449a-a1f6-f45ded0ead60.png)
2023-03-10 09:54:32 -06:00
KN4CK3R 2173f14708
Add user webhooks (#21563)
Currently we can add webhooks for organizations but not for users. This
PR adds the latter. You can access it from the current users settings.


![grafik](https://user-images.githubusercontent.com/1666336/197391408-15dfdc23-b476-4d0c-82f7-9bc9b065988f.png)
2023-03-10 08:28:32 -06:00
InsanusMokrassar 92d3e2a6f8
Add gradle samples in maven doc of packages (#23374)
Samples for gitea.io docs to help to use maven packages with
gradle-oriented projects

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-09 22:14:59 -05:00
JonRB 84a299310d
Update documentation for the new YAML label file format (#23020)
update documentation to include an overview of the yaml label template that is part of PR #22976

Signed-off-by: Jon Roadley-Battin <jon.roadleybattin@gmail.com>

---------

Co-authored-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-03-07 00:39:07 +01:00
Lunny Xiao e0800133dc
Update hacking-on-gitea-zh_cn documentation (#23315)
This PR fix outdated hacking-on-gitea-zh_cn documentation.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-03-06 15:14:00 +08:00
wxiaoguang 21a1d76911
Improve the frontend guideline (#23298)
### The CustomEvent prefix

There was already `ce-quick-submit`, the `ce-` prefix seems better than
`us-`. Rename the only `us-` prefixed `us-load-context-popup` to `ce-`
prefixed.

### Styles and Attributes in Go HTML Template

https://github.com/go-gitea/gitea/pull/21855#issuecomment-1429643073

Suggest to stick to `class="c1 {{if $var}}c2{{end}}"`

The readability and maintainability should be applied to the code which
is read by developers, but not for the generated outputs.

The template code is the code for developers, while the generated HTML
are only for browsers.

The `class="c1 {{if $var}}c2{{end}}"` style is clearer for developers
and more intuitive, and the generated HTML also makes browsers happy (a
few spaces do not affect anything)

Think about a more complex case:

* `class="{{if $active}}active{{end}} menu item {{if $show}}show{{end}}
{{if $warn}}warn{{end}}"`
* --vs--
* `class="{{if $active}}active {{end}}menu item{{if $show}}
show{{end}}{{if $warn}} warn{{end}}"`

The first style make it clearer to see each CSS class name with its
`{{if}}` block.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-05 22:23:42 +08:00
Brecht Van Lommel 5d621fe9a7
Add basic documentation for labels, including scoped labels (#23304)
Part of #22974

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-03-05 20:35:12 +08:00
Lunny Xiao 8d6e9bc819
Re-add accidentally removed `hacking-on-gitea.zh-cn.md` (#23297)
#21627 accidentally removed the docs file `hacking-on-gitea.zh-cn.md`.
This re-adds it and merges some changes from #23289
2023-03-04 22:34:02 +01:00
wxiaoguang 0a9a3c2a6d
Improve frontend guideline (#23252)
If an event listener must be `async`, the `e.preventDefault()` should be
before any `await`,
it's recommended to put it at the beginning of the function.
2023-03-02 11:46:47 -05:00
Yarden Shoham 0e7bec1849
Add InsecureSkipVerify to Minio Client for Storage (#23166)
Allows using Minio with untrusted certificates

Closes #23128

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-02-27 16:26:13 +00:00
Yarden Shoham 8540fc45b1
Fix secrets overview page missing from docs sidebar (#23143)
There was a warning while building the docs: `Building sites … WARN
2023/02/25 08:56:37
"/workspace/gitea/docs/content/doc/secrets/overview.en-us.md:1:1":
duplicate menu entry with identifier "overview" in menu "sidebar"`.

### Before

![image](https://user-images.githubusercontent.com/20454870/221348741-55cef254-f2ac-4507-9a66-818b406c668f.png)

### After

![image](https://user-images.githubusercontent.com/20454870/221348757-42066303-e1b7-43fe-9c4f-e05182fbabdd.png)

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-02-25 10:56:02 +01:00
Sven 659cf30b69
Avoid Hugo from adding quote to actions url (#23097) 2023-02-23 12:19:52 -05:00
techknowlogick dd7d6e3ad0
Nest metadata in refactoring docs (#23087)
Whitespace was missing from refactoring docs metadata.

backport label applied so it is included in versioned docs.
2023-02-23 16:25:18 +08:00
Joakim Pettersen 0ce79bb9f6
Improve reverse proxies documentation (#23068)
Add "Traefik with a sub-path" documentation

closes #23047

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-23 15:34:09 +08:00
John Olheiser 4d2d3bd65d
Changelog 1.18.5 (#23045) (#23049)
Frontport #23045
2023-02-21 13:36:19 -06:00
zeripath 43405c35f0
Add Bash and Zsh completion scripts (#22646)
This PR adds contrib scripts for bash and zsh completion.

Simply call:

```bash
source contrib/autocompletion/bash_autocomplete
```

or for Zsh:

```bash
source contrib/autocompletion/zsh_autocomplete
```

Signed-off-by: Andrew Thornton <art27@cantab.net>

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-21 12:32:24 -05:00
wxiaoguang e7be610d57
Improve frontend guidelines (#23007)
Some were out-dated, some are added.
2023-02-21 14:13:37 +08:00
wxiaoguang 6cb76bf1df
Add some guidelines for refactoring (#22880)
Just some brief ideas.

Feel free to complete these guidelines, feel free to edit on this PR
directly.
2023-02-19 21:25:23 +08:00
zeripath 61b89747ed
Provide the ability to set password hash algorithm parameters (#22942)
This PR refactors and improves the password hashing code within gitea
and makes it possible for server administrators to set the password
hashing parameters

In addition it takes the opportunity to adjust the settings for `pbkdf2`
in order to make the hashing a little stronger.

The majority of this work was inspired by PR #14751 and I would like to
thank @boppy for their work on this.

Thanks to @gusted for the suggestion to adjust the `pbkdf2` hashing
parameters.

Close #14751

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-19 15:35:20 +08:00
wxiaoguang d32af84a10
Refactor hiding-methods, remove jQuery show/hide, remove `.hide` class, remove inline style=display:none (#22950)
Close #22847

This PR:

* introduce Gitea's own `showElem` and related functions
* remove jQuery show/hide
* remove .hide class
* remove inline style=display:none 

From now on:

do not use:
* "[hidden]" attribute: it's too weak, can not be applied to an element
with "display: flex"
* ".hidden" class: it has been polluted by Fomantic UI in many cases
* inline style="display: none": it's difficult to tweak
* jQuery's show/hide/toggle: it can not show/hide elements with
"display: xxx !important"

only use:
* this ".gt-hidden" class
* showElem/hideElem/toggleElem functions in "utils/dom.js"

cc: @silverwind , this is the all-in-one PR
2023-02-19 12:06:14 +08:00
Yarden Shoham feed1ff38f
Rename "People" to "Members" in organization page and use a better icon (#22960)
`member` is how it's named in the code

Closes #22931 

Before | After
--- | ---

![image](https://user-images.githubusercontent.com/20454870/219781155-69a8476e-0f04-4b70-bda5-ea6fa8ce676c.png)
|
![image](https://user-images.githubusercontent.com/20454870/219780887-61644c27-36a2-4e1f-8f98-be3911883b49.png)

---------

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: delvh <leon@kske.dev>
2023-02-18 21:41:31 +08:00
zeripath aa1d95300a
Add command to bulk set must-change-password (#22823)
As part of administration sometimes it is appropriate to forcibly tell
users to update their passwords.

This PR creates a new command `gitea admin user must-change-password`
which will set the `MustChangePassword` flag on the provided users.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-02-14 16:12:19 -06:00
Xinyu Zhou b6d77229cf
docs: Update translation from-binary.zh-cn.md (#22820)
Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-13 13:14:51 +08:00
KN4CK3R e8186f1c0f
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555

Test-Instructions:
https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000

This PR implements the mapping of user groups provided by OIDC providers
to orgs teams in Gitea. The main part is a refactoring of the existing
LDAP code to make it usable from different providers.

Refactorings:
- Moved the router auth code from module to service because of import
cycles
- Changed some model methods to take a `Context` parameter
- Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The
JSON mapping format is the same as for LDAP.


![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-08 14:44:42 +08:00
Peyton Duncan 3ae78bc0a9
Grammar fix (#22790)
Noticed a minor grammatical error.
2023-02-06 16:05:59 -06:00
John Olheiser 189d5b7045
Add repo adoption to FAQ (#22778)
This should be a simple set of steps to achieve
repo adoption.
2023-02-06 10:20:20 -06:00
John Olheiser 361d807274
Update gogs upgrade information (#22777)
It seems that migrating from Gogs `0.12.x` and above may require more
work as time goes on and the projects continue to diverge.

This PR updates the docs to make it more clear.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-06 14:37:18 +08:00
Adi c13eb8e6b3
Add CLI option tenant ID for oauth2 source (#22769)
Fixes #22713
2023-02-05 22:12:13 -06:00
KN4CK3R d987ac6bf1
Add Chef package registry (#22554)
This PR implements a [Chef registry](https://chef.io/) to manage
cookbooks. This package type was a bit complicated because Chef uses RSA
signed requests as authentication with the registry.


![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png)


![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 09:49:21 +08:00
KN4CK3R df789d962b
Add Cargo package registry (#21888)
This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/)
to manage Rust packages. This package type was a little bit more
complicated because Cargo needs an additional Git repository to store
its package index.

Screenshots:

![grafik](https://user-images.githubusercontent.com/1666336/203102004-08d812ac-c066-4969-9bda-2fed818554eb.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102141-d9970f14-dca6-4174-b17a-50ba1bd79087.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102244-dc05743b-78b6-4d97-998e-ef76341a978f.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 18:12:31 +08:00
ByLCY 7baeb9c52a
Add new captcha: cloudflare turnstile (#22369)
Added a new captcha(cloudflare turnstile) and its corresponding
document. Cloudflare turnstile official instructions are here:
https://developers.cloudflare.com/turnstile

Signed-off-by: ByLCY <bylcy@bylcy.dev>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-05 15:29:03 +08:00
delvh 4d20a4a1ba
Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
Every user can already disable the filter manually, so the explicit
setting is absolutely useless and only complicates the logic.

Previously, there was also unexpected behavior when multiple query
parameters were present.

---------

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 21:26:38 +08:00
techknowlogick 2741546bed
Repositories: by default disable all units except code and pulls on forks (#22541)
Most of the time forks are used for contributing code only, so not
having
issues, projects, release and packages is a better default for such
cases.
They can still be enabled in the settings.

A new option `DEFAULT_FORK_REPO_UNITS` is added to configure the default
units on forks.

Also add missing `repo.packages` unit to documentation.

code by: @brechtvl

## ⚠️ BREAKING ⚠️ 

When forking a repository, the fork will now have issues, projects,
releases, packages and wiki disabled. These can be enabled in the
repository settings afterwards. To change back to the previous default
behavior, configure `DEFAULT_FORK_REPO_UNITS` to be the same value as
`DEFAULT_REPO_UNITS`.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-02-04 14:48:38 +08:00
techknowlogick cfb1cb1168
update to build with go1.20 (#22732)
as title

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-02-03 11:23:52 -05:00
Lunny Xiao 1410e13dc5
Add missed reverse proxy authentication documentation (#22250)
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-03 18:37:25 +08:00
KN4CK3R 6ba9ff7b48
Add Conda package registry (#22262)
This PR adds a [Conda](https://conda.io/) package registry.
2023-02-01 12:30:39 -06:00
KN4CK3R 5882e179a9
Add user secrets (#22191)
Fixes #22183
Replaces #22187

This PR adds secrets for users. I refactored the files for organizations
and repos to use the same logic and templates. I splitted the secrets
from deploy keys again and reverted the fix from #22187.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-01 20:53:04 +08:00
Ivan Maximov 519939fa8c
Fix typo in command-line.en-us.md (#22681)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-31 21:43:39 +00:00
Ivan Maximov f518b42d4c
Fix typo in linked-references.en-us.md (#22682) 2023-01-31 21:43:27 +00:00
Ivan Maximov 66877aed54
Fix typo in guidelines-backend.en-us.md (#22690) 2023-01-31 21:43:12 +00:00
Ivan Maximov 706f4686b8
Fix typo in storage.en-us.md (#22694) 2023-01-31 22:42:41 +01:00
Jason Song 4011821c94
Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
KN4CK3R 51a92cb821
Use `--index-url` in PyPi description (#22620)
Fixes #22616

Co-authored-by: zeripath <art27@cantab.net>
2023-01-27 15:12:18 +01:00
techknowlogick 6737e1c5d5
gitlab supports ssh key signing (#22564) 2023-01-22 18:17:49 +08:00
Chongyi Zheng de484e86bc
Support scoped access tokens (#20908)
This PR adds the support for scopes of access tokens, mimicking the
design of GitHub OAuth scopes.

The changes of the core logic are in `models/auth` that `AccessToken`
struct will have a `Scope` field. The normalized (no duplication of
scope), comma-separated scope string will be stored in `access_token`
table in the database.
In `services/auth`, the scope will be stored in context, which will be
used by `reqToken` middleware in API calls. Only OAuth2 tokens will have
granular token scopes, while others like BasicAuth will default to scope
`all`.
A large amount of work happens in `routers/api/v1/api.go` and the
corresponding `tests/integration` tests, that is adding necessary scopes
to each of the API calls as they fit.


- [x] Add `Scope` field to `AccessToken`
- [x] Add access control to all API endpoints
- [x] Update frontend & backend for when creating tokens
- [x] Add a database migration for `scope` column (enable 'all' access
to past tokens)

I'm aiming to complete it before Gitea 1.19 release.

Fixes #4300
2023-01-17 15:46:03 -06:00
John Olheiser 60c4725cc2
docs: add swagger.json file location to FAQ (#22489)
This just adds a mention on how to get the `swagger.json` for an
instance.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 14:18:42 -06:00
John Olheiser 0a6b57bcaf
docs: bump Gitea version (#22490)
Forgot to do this with the frontport

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 18:42:12 +00:00
Bradley D. Thornton 1aba53db62
Update overview.en-us.md (#22463)
Fix grammar
2023-01-16 16:24:24 -06:00
zeripath 2cc3a6381c
Add cron method to gc LFS MetaObjects (#22385)
This PR adds a task to the cron service to allow garbage collection of
LFS meta objects. As repositories may have a large number of
LFSMetaObjects, an updated column is added to this table and it is used
to perform a generational GC to attempt to reduce the amount of work.
(There may need to be a bit more work here but this is probably enough
for the moment.)

Fix #7045

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-16 13:50:53 -06:00
KN4CK3R fc037b4b82
Add support for incoming emails (#22056)
closes #13585
fixes #9067
fixes #2386
ref #6226
ref #6219
fixes #745

This PR adds support to process incoming emails to perform actions.
Currently I added handling of replies and unsubscribing from
issues/pulls. In contrast to #13585 the IMAP IDLE command is used
instead of polling which results (in my opinion 😉) in cleaner code.

Procedure:
- When sending an issue/pull reply email, a token is generated which is
present in the Reply-To and References header.
- IMAP IDLE waits until a new email arrives
- The token tells which action should be performed

A possible signature and/or reply gets stripped from the content.

I added a new service to the drone pipeline to test the receiving of
incoming mails. If we keep this in, we may test our outgoing emails too
in future.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-14 23:57:10 +08:00
Sascha Bannier 20e3ffd208
Fix stylesheet HTML snippet for external renderers documentation (#22435)
The documentation is missing the rel attribute. Neither Firefox nor
Chrome did use the linked file as CSS if rel="stylesheet" is not set.

The problem is described in issue #22434.

Co-authored-by: silverwind <me@silverwind.io>
2023-01-13 23:25:15 +00:00
delvh 70043da3dd
Fix typo (#22396)
DEFAUlT -> DEFAULT
2023-01-10 22:00:42 +01:00
ahab 82235fb681
Update index.de-de.md (#22363)
Some minor changes related to the language.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-09 19:25:13 +08:00
Kyle D f0159c3e8a
Add deprecated warning for DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR (#22318) 2023-01-03 07:54:27 +08:00
James Liu e61ce934bc
Update Gmail mailer configuration (#22291)
This PR updates the `[mailer]` configuration snippet for Gmail:

- The `HELO_HOSTNAME` isn't required.
- The `USER` must not include the @gmail domain.
- `HOST` needs to be supplied, and the SMTP port number needs to be
appended to the URL.

I also added a note about the requirement to use App passwords instead
of your Google account password directly.

Co-authored-by: delvh <dev.lh@web.de>
2023-01-02 10:52:36 +08:00
6543 dce8887494
Changelog v1.18.0 (#22215) (#22269)
frontport #22215

& bump numbers in docs
2022-12-31 03:17:54 +01:00
JonRB cf07f247b7
Add Gentoo to the from package providers (#22284)
Signed-off-by: Jonathan Roadley-Battin <jon.roadleybattin@gmail.com>
2022-12-30 11:14:51 -06:00
Xinyu Zhou 7cc7db73b9
Add option to prohibit fork if user reached maximum limit of repositories (#21848)
If user has reached the maximum limit of repositories:

- Before
  - disallow create
  - allow fork without limit
- This patch:
  - disallow create
  - disallow fork
- Add option `ALLOW_FORK_WITHOUT_MAXIMUM_LIMIT` (Default **true**) :
enable this allow user fork repositories without maximum number limit

fixed https://github.com/go-gitea/gitea/issues/21847

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
2022-12-27 15:21:14 -06:00
Christian Ullrich d0c3d0ba26
Add the 'ui.user' section to the cheat sheet (#22249)
The `ui.user` ini section with its single setting is not yet mentioned
in the config cheat sheet.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-27 09:38:15 -06:00
Jason Song 814b44aeaf
Fix typo of Asia/Shanghai (#22242)
As the title.
2022-12-26 16:50:58 +08:00
techknowlogick ea5a752ee6
update docs latest to 1.17.4 2022-12-22 10:47:57 -05:00
silverwind ac5b44b2f4
Upgrade hugo to 0.82 (#22209)
See
https://github.com/go-gitea/gitea/pull/22206#issuecomment-1362523796.
Apparently hugo 0.81.0 is a broken release in regards to checksums.

https://github.com/gohugoio/hugo/releases/tag/v0.82.0

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-12-22 19:29:33 +08:00
silverwind 3affb02df5
Run hugo via `go run` and lock its version (#22206)
- Don't rely on obscure docker images like `plugins/hugo`
- Lock down `hugo` to same version the image had used
- Remove unnecessary verbosity in `trans-copy`
- Rename `trans-copy` to `trans-copy.sh`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john+github@jolheiser.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-12-21 21:09:53 -05:00
Dan Church 70d15e7785
Fix misc whitespace issues in install docs (#22189)
I ran into issues when copy-pasting the docker-compose.yml contents from
https://docs.gitea.io/en-us/install-with-docker/ - specifically the part
about adding PostgreSQL to the YAML file; I tried manually adding the
diffs by removing the `+` at the beginning of lines, and the resulting
YAML was unparsable.

This forces the indentation to be consistent across all places where
YAML is used.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-12-20 17:26:03 -05:00
Jason Song 659055138b
Secrets storage with SecretKey encrypted (#22142)
Fork of #14483, but [gave up
MasterKey](https://github.com/go-gitea/gitea/pull/14483#issuecomment-1350728557),
and fixed some problems.

Close #12065.
Needed by #13539.

Featrues:
- Secrets for repo and org, not user yet.
- Use SecretKey to encrypte/encrypt secrets.
- Trim spaces of secret value.
- Add a new locale ini block, to make it easy to support secrets for
user.

Snapshots:

Repo level secrets:

![image](https://user-images.githubusercontent.com/9418365/207823319-b8a4903f-38ca-4af7-9d05-336a5af906f3.png)

Rrg level secrets

![image](https://user-images.githubusercontent.com/9418365/207823371-8bd02e93-1928-40d1-8c76-f48b255ace36.png)

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-12-20 17:07:13 +08:00
zeripath d6b96627c1
Add setting to disable the git apply step in test patch (#22130)
For a long time Gitea has tested PR patches using a git apply --check
method, and in fact prior to the introduction of a read-tree assisted
three-way merge in #18004, this was the only way of checking patches.

Since #18004, the git apply --check method has been a fallback method,
only used when the read-tree three-way merge method has detected a
conflict. The read-tree assisted three-way merge method is much faster
and less resource intensive method of detecting conflicts. #18004 kept
the git apply method around because it was thought possible that this
fallback might be able to rectify conflicts that the read-tree three-way
merge detected. I am not certain if this could ever be the case.

Given the uncertainty here and the now relative stability of the
read-tree method - this PR makes using this fallback optional and
disables it by default. The hope is that users will not notice any
significant difference in conflict detection and we will be able to
remove the git apply fallback in future, and/or improve the read-tree
three-way merge method to catch any conflicts that git apply method
might have been able to fix.

An additional benefit is that patch checking should be significantly
less resource intensive and much quicker.

(See
https://github.com/go-gitea/gitea/issues/22083\#issuecomment-1347961737)

Ref #22083

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-12-19 19:37:15 +08:00
Yakov5776 5aa854693f
Fix markdown typo of an extra backtick in docs (#22123)
Fixes a visual bug in docs which is caused by a typo of an extra backtick.
2022-12-13 18:20:36 -06:00
Lunny Xiao c9ef03af65
Fix wrong default value for update checker on app.example.ini (#22084) 2022-12-11 16:08:01 -06:00
Jason Song 0a85537c79
Support disabling database auto migration (#22053)
Gitea will migrate the database model version automatically, but it
should be able to be disabled and keep Gitea shutdown if the version is
not matched.
2022-12-07 09:58:31 -06:00
Xinyu Zhou 181f4bfdb1
docs: add `Edit this page` (#21981)
Update theme to support `Edit this page`:
https://gitea.com/gitea/theme/pulls/116

Screenshot:
![Edit this
page](https://user-images.githubusercontent.com/76462613/205257167-d6039d0c-c913-4ebc-98c1-834aece4b5e9.png)

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-03 19:51:53 +08:00
xtexChooser 21bcb92926
Add pnpm to packages/overview (#22008)
[`pnpm`](https://pnpm.io/) is a "fast, disk space efficient" node
package manager.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-02 11:23:47 -05:00
luzpaz fdfd77f478
Fix typos (#21979)
Found via codespell
2022-11-29 18:41:29 -06:00
zeripath f6fd501841
Correct the fallbacks for mailer configuration (#21945)
Unfortunately the fallback configuration code for [mailer] that were
added in #18982 are incorrect. When you read a value from an ini section
that key is added. This leads to a failure of the fallback mechanism.
Further there is also a spelling mistake in the startTLS configuration.

This PR restructures the mailer code to first map the deprecated
settings on to the new ones - and then use ini.MapTo to map those on to
the struct with additional validation as necessary.

Ref #21744

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-11-27 10:08:40 +00:00
KN4CK3R 7a4f7b35e3
Fix typo in sidebar (#21934)
Same as #21922 
I used the npm file as template which was a bad idea to spot these
casing errors...
2022-11-25 17:52:23 +08:00
KN4CK3R b2269dedf2
Fix typo in sidebar (#21922) 2022-11-24 18:31:32 +08:00
Xinyu Zhou a3c09fb36d
Improve docker rootless documentation (#21913)
Emphasize folder creation/permission granting

Signed-off-by: Xinyu Zhou <i@sourcehut.net>

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-11-23 13:01:38 -05:00
Xinyu Zhou 68e934ab5d
Add option to enable CAPTCHA validation for login (#21638)
Enable this to require captcha validation for user login. You also must
enable `ENABLE_CAPTCHA`.

Summary:
- Consolidate CAPTCHA template
- add CAPTCHA handle and context
- add `REQUIRE_CAPTCHA_FOR_LOGIN` config and docs
- Consolidate CAPTCHA set-up and verification code 

Partially resolved #6049 

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-11-22 21:13:18 +00:00
mpeter50 371dd96e3e
Clarify logging documentation (#21665)
My pull request changes the logging documentation that is visible here:
https://docs.gitea.io/en-us/logging-configuration/
The reason behind the changes is that for some time I've found the
logging documentation confusing, and wanted to give a try at making it
more clear.

---

If you find the existing changes to be ok, please don't merge yet, as I
have further ideas which I want to discuss with you before making the
changes.

### Swap the "Log Groups" and "Log outputs" sections.
I want to move the "Log outputs" section before the "Log Groups"
section. The reason is that the "Log Groups" section refers to ini
sections that are only later explained, and to concepts that are general
and should be documented in "Log outputs" or a different section.

This change is essentially a swap of the "Log Groups" and "Log outputs"
sections. That way the doumentation would follow the structure in which
the ini file is built: first explaining the outer sections, and then the
inner ones ([log], [log.name], [log.name.default], ...)

### Explain the workings of ambigous settings below the settings listing
Right now the basics of a setting is shown later than the explanation of
its special workings, for example with `FILE_NAME` at [the file output
mode](https://docs.gitea.io/en-us/logging-configuration/#file-mode)
(well, if the first changes are taken into account).

Currently I have `TODO` witten at 2 settings, which I have to figure out
how do they exactly work before I can document them.

### New section about [log]
New section after "Collecting Logs for Help" about how the top level
[log] itself works and what can go there.
Currently, variables that directly go into [log] are noted throughout
the whole document.

---

Please let me know what you think about the changes.

A counterargument that I myself see is that some of this is already
present in the cheatsheet, but I think it would be better to have [this
document](https://docs.gitea.io/en-us/logging-configuration/) as a
throrough explanation of how logging is configured, and the cheatsheet
would only have a short outline of the possible sections and variables.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-11-22 09:04:29 +08:00
Xinyu Zhou b4802b9b2e
Allow disable RSS/Atom feed (#21622)
This patch provide a mechanism to disable RSS/Atom feed.

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-11-21 13:14:58 +08:00
Andrew Buettner 43aafc5ba1
Improve documentation for PAM and static deployment (#21866)
## Changes proposed in [referenced issue 21845][1]

- Expand PAM configuration description with working examples.
- Clarify `STATIC_URL_PREFIX` use (include "assets" and only works after
database has been initialized)
- Add note for HTTPS proxy support VIA Apache.

[1]: https://github.com/go-gitea/gitea/issues/21845
2022-11-20 20:14:03 +00:00
KN4CK3R 32db62515f
Add package registry cleanup rules (#21658)
Fixes #20514
Fixes #20766
Fixes #20631

This PR adds Cleanup Rules for the package registry. This allows to
delete unneeded packages automatically. Cleanup rules can be set up from
the user or org settings.
Please have a look at the documentation because I'm not a native english
speaker.

Rule Form

![grafik](https://user-images.githubusercontent.com/1666336/199330792-c13918a6-e196-4e71-9f53-18554515edca.png)

Rule List

![grafik](https://user-images.githubusercontent.com/1666336/199331261-5f6878e8-a80c-4985-800d-ebb3524b1a8d.png)

Rule Preview

![grafik](https://user-images.githubusercontent.com/1666336/199330917-c95e4017-cf64-4142-a3e4-af18c4f127c3.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-11-20 16:08:38 +02:00
wxiaoguang 0b993a0d04
Fix "build from source" document to clarify the `bindata` tag is required. (#21853) 2022-11-18 14:34:39 +08:00
delvh 55115dbb73
Improve pull/ push mirror documentation (especially for GitHub) (#21801) 2022-11-14 21:17:39 +00:00
delvh 8ce2dd588a
Add plural definitions for German translations (#21802)
Previously, there were discussions on how to write certain plurals.
So, we explicitly document the special plurals to end the discussion.
2022-11-13 11:58:21 -05:00
Drew Noel 2cbea23d70
Add configuration for CORS allowed headers (#21747)
This PR enhances the CORS middleware usage by allowing for the headers
to be configured in `app.ini`.

Fixes #21746

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-11-11 14:39:27 +08:00
zeripath 99688ef994
Attempt clarify AppWorkPath etc. (#21656)
Attempt clarify the AppWorkPath in the documentation by using different
notation and adding a section to the start of the cheat sheet.

Fix #21523

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-11-09 20:22:31 -05:00
KN4CK3R 20674dd05d
Add package registry quota limits (#21584)
Related #20471

This PR adds global quota limits for the package registry. Settings for
individual users/orgs can be added in a seperate PR using the settings
table.

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-11-09 14:34:27 +08:00
Xinyu Zhou a0367c2bf0
Fix typo (#21695)
Duplicate parentheses written in link.

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-11-07 09:48:46 +08:00
Xinyu Zhou 20da666d6d
Fix docs relref (#21685)
reslove
https://github.com/go-gitea/gitea/issues/21627#issuecomment-1303678781
2022-11-04 17:55:25 -04:00
oliverpool b6e81357bd
Add Webhook authorization header (#20926)
_This is a different approach to #20267, I took the liberty of adapting
some parts, see below_

## Context

In some cases, a weebhook endpoint requires some kind of authentication.
The usual way is by sending a static `Authorization` header, with a
given token. For instance:

- Matrix expects a `Bearer <token>` (already implemented, by storing the
header cleartext in the metadata - which is buggy on retry #19872)
- TeamCity #18667
- Gitea instances #20267
- SourceHut https://man.sr.ht/graphql.md#authentication-strategies (this
is my actual personal need :)

## Proposed solution

Add a dedicated encrypt column to the webhook table (instead of storing
it as meta as proposed in #20267), so that it gets available for all
present and future hook types (especially the custom ones #19307).

This would also solve the buggy matrix retry #19872.

As a first step, I would recommend focusing on the backend logic and
improve the frontend at a later stage. For now the UI is a simple
`Authorization` field (which could be later customized with `Bearer` and
`Basic` switches):


![2022-08-23-142911](https://user-images.githubusercontent.com/3864879/186162483-5b721504-eef5-4932-812e-eb96a68494cc.png)

The header name is hard-coded, since I couldn't fine any usecase
justifying otherwise.

## Questions

- What do you think of this approach? @justusbunsi @Gusted @silverwind 
- ~~How are the migrations generated? Do I have to manually create a new
file, or is there a command for that?~~
- ~~I started adding it to the API: should I complete it or should I
drop it? (I don't know how much the API is actually used)~~

## Done as well:

- add a migration for the existing matrix webhooks and remove the
`Authorization` logic there


_Closes #19872_

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2022-11-03 20:23:20 +02:00
Xinyu Zhou 563945c50c
Refactor docs (#21627)
This patch:
- Rename some files( `.md` to `.en-us.md`), fix missed translation copy
- Update link which shoud be refer to `../hacking-on-gitea/` instead of
`../make/` (outdated)
- Update `_redirects`:
  -  redirect `/{zh-cn|fr-fr}/make/` to `../hacking-on-gitea/`
  - redirect `/zh-cn/third-party-tools/` to `/zh-cn/integrations/`
- Delete duplicated/outdated files.
- Update menu `weight` of developers.zh-cn.md

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
2022-10-31 23:16:19 +00:00
melkor0 8f85a49947
Update "email usage" page to current ver. (1.18) (#21649)
In version 1.18 the naming scheme for smtp has been changed, HOST has
been split in SMTP_ADDR and SMTP_PORT
(https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer).
2022-10-31 22:02:37 +00:00
Xinyu Zhou 100448a007
Allow disable sitemap (#21617)
This patch provide a mechanism to disable
[sitemap](https://github.com/go-gitea/gitea/pull/18407).

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-10-28 11:17:38 -04:00
mpeter50 10b8506023
Improve documentation (#21612)
Fix file reference at the FLAGS line at the Log subsections heading,
improve COLORIZE line wording.

The FLAGS line referenced a file that doesn't exist in the repository as
of now. The COLORIZE line's wording implied that it would
unconditionally colorize the log by default.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-27 16:47:19 +08:00
M Hickford 191a74d622
Record OAuth client type at registration (#21316)
The OAuth spec [defines two types of
client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1),
confidential and public. Previously Gitea assumed all clients to be
confidential.

> OAuth defines two client types, based on their ability to authenticate
securely with the authorization server (i.e., ability to
>   maintain the confidentiality of their client credentials):
>
>   confidential
> Clients capable of maintaining the confidentiality of their
credentials (e.g., client implemented on a secure server with
> restricted access to the client credentials), or capable of secure
client authentication using other means.
>
>   **public
> Clients incapable of maintaining the confidentiality of their
credentials (e.g., clients executing on the device used by the resource
owner, such as an installed native application or a web browser-based
application), and incapable of secure client authentication via any
other means.**
>
> The client type designation is based on the authorization server's
definition of secure authentication and its acceptable exposure levels
of client credentials. The authorization server SHOULD NOT make
assumptions about the client type.

 https://datatracker.ietf.org/doc/html/rfc8252#section-8.4

> Authorization servers MUST record the client type in the client
registration details in order to identify and process requests
accordingly.

Require PKCE for public clients:
https://datatracker.ietf.org/doc/html/rfc8252#section-8.1

> Authorization servers SHOULD reject authorization requests from native
apps that don't use PKCE by returning an error message

Fixes #21299

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-24 15:59:24 +08:00
RainboWu fbcf1ab477
Update macOS install command (#21507)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-19 21:30:21 -04:00