According to the script, it helps Gitea fix Crowdin output to be consistent with what Unknwon's INI library expects.
I'm not aware of it being used in Forgejo. But want to see green CI checks just in case.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7866
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
Ref https://codeberg.org/forgejo/forgejo/issues/7842#issuecomment-4574366
Currently browsers could offer spellcheck on these fields, my browser does.
MDN [recommends](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Global_attributes/spellcheck#security_and_privacy_concerns) that on fields with sensitive information this property is set to `false` in case 3rd party not-fully-trusted spellchecking service is used. I consider these fields as containing sensitive information, and spellcheck is not useful on them anyway.
### Testing
There's currently no integration testing for these TOTP forms. I do plan to add some in my other TOTP-related work.
I tested that this did change the behavior in my browser and don't think we need additional testing right now.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7868
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
Closes#2415
Permissions checks are already done by the callee, which also do more correct permission checks.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7835
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Maxim Slipenko <maks1ms@altlinux.org>
Co-committed-by: Maxim Slipenko <maks1ms@altlinux.org>
This is a follow-up PR to #7212 (unreleased) in which some load balancing policy options were missed.
- `WeightRoundRobin` follows the same logic as `WeightRandomPolicy` WRT to weight assignment.
- `LeastConn` has no options
related docs PR: https://codeberg.org/forgejo/docs/pulls/1109
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7799
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
The Webkit environment in CI for some reason has issues with the ratio, so decrease the ratio a bit for Webkit.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7833
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
When using an oauth provider for login, we can't always make sure that only supported characters are included in the name. Therefore there exist normalization rules for the username. In German some names contain the `ß` letter which usually gets replaces by `ss`. Therefore I added this to the `customCharsReplacement` list.
Without this fix, the user gets an undescriptive internal server error and the log states `CreateUser: name is invalid [<name>]: must be valid alpha or numeric or dash(-_) or dot characters`.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7817
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Daniel Kilimnik <daniel@neodyme.io>
Co-committed-by: Daniel Kilimnik <daniel@neodyme.io>
- It doesn't work in Forgejo and we already have a backport action.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7792
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Fixes#7152
- If a review no longer has any pending comments, remove that review from the database.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7454
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Leni Kadali <lenikadali@noreply.codeberg.org>
Co-committed-by: Leni Kadali <lenikadali@noreply.codeberg.org>
- Remove crystal and caesar from the CODEOWNERS file. They have not reviewed in a long time.
- Add Beowulf to frontend.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7785
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Document that `is_system_webhook` field is accepted for the `POST /admin/hooks` endpoint.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7784
Reviewed-by: Beowulf <beowulf@beocode.eu>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Ensure that the last path is `commit/`, `tree/` or `blob/`.
- Resolvesforgejo/forgejo#7767
- Follow up forgejo/forgejo#6784
- Added unit test
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7775
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
This PR contains the following updates:
| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |
🔧 This Pull Request updates lock files to use the latest dependency versions.
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjEuNCIsInVwZGF0ZWRJblZlciI6IjM5LjI2MS40IiwidGFyZ2V0QnJhbmNoIjoiZm9yZ2VqbyIsImxhYmVscyI6WyJkZXBlbmRlbmN5LXVwZ3JhZGUiLCJ0ZXN0L25vdC1uZWVkZWQiXX0=-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7778
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
- I was not able to find a reasoning in the pull request (https://github.com/go-gitea/gitea/pull/9784) for the existence of this `time.Sleep`. The best I could come up with during manual testing is that there's a brief moment where 'this pull request is missing fork information' is shown, this was caused by an incorrect condition.
- Added integration test.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7773
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
The function unittest.OverrideFixtures was changed with 7e489eed25.
The PR with the util_misc_test was older and merged after the change to
the unittest.OverrideFixtures function. So the test was still using the
old function, which leads to a conflict / error when running tests.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7772
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
This is my take to fix#6078
Should also resolve#6111
As far as I can tell, Forgejo uses only a subset of the relative-time functionality, and as far as I can see, this subset can be implemented using browser built-in date conversion and arithmetic. So I wrote a JavaScript to format the relative-time element accordingly, and a Go binding to generate the translated elements.
This is my first time writing Go code, and my first time coding for a large-scale server application, so please tell me if I'm doing something wrong, or if the whole approach is not acceptable.
---
Screenshot: Localized times in Low German
Screenshot: The same with Forgejo in English
---
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [x] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6154
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Benedikt Straub <benedikt-straub@web.de>
Co-committed-by: Benedikt Straub <benedikt-straub@web.de>
Old activities are shown like before, new commits are displayed like commits in e.g. the commits list. _(Second commit)_
| New signed commits | Old (signed) commits |
|:--:|:--:|
|  |  |
Additionally the sha box was moved in an own component to unify the usage. _(First commit)_
Closes#1824
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- User Interface features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/6933): <!--number 6933 --><!--line 0 --><!--description U2hvdyBpZiBjb21taXQgaXMgdmVyaWZpZWQgaW4gYWN0aXZpdHkgZmVlZCBvZiBhbiB1c2VyIG9yIGFuIG9yZ2FuaXphdGlvbiBmb3IgbmV3IGFjdGl2aXR5-->Show if commit is verified in activity feed of an user or an organization for new activity<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6933
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/42wim/sshsig](https://github.com/42wim/sshsig) | require | digest | `841cf5b` -> `5100632` |
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjEuNCIsInVwZGF0ZWRJblZlciI6IjM5LjI2MS40IiwidGFyZ2V0QnJhbmNoIjoiZm9yZ2VqbyIsImxhYmVscyI6WyJkZXBlbmRlbmN5LXVwZ3JhZGUiLCJ0ZXN0L25vdC1uZWVkZWQiXX0=-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7768
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
This PR changes `newest` and `oldest` sorting under *Explore/User* and *Explore/Organization* to refer to the `created_unix` column rather than `id`.
Fixes: #7595
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7596
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Gabriel Bjørnager Jensen <gabriel@achernar.io>
Co-committed-by: Gabriel Bjørnager Jensen <gabriel@achernar.io>
Followup to https://codeberg.org/forgejo/forgejo/pulls/2364
Replaces https://codeberg.org/forgejo/forgejo/pulls/7666
Fix multiple issues with the original implementation:
* `SyncFork` web handler used `{branch}` as a parameter, so it failed for branches with `/` in names
* Originally I switched it to use `*` like other branch web handlers, but I found that it was easier to move it out from URL to POST request values
* Security: `SyncFork` web handler was using GET method, so just visiting the link was enough to execute the action
* It was switched to POST done via form with CSRF, which also allowed to put branch name in it's values
* Security: in template, branch name was not escaped but rendered with `SafeHTML`, allowing for rendering fun characters like `&` and for script execution. Also the link was not escaped correctly and would be leading to 404
* To avoid having to change all translations, only the branch name+link part was changed and is now escaped with `HTMLFormat` before being passed to TrN
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7740
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
The null means a server side bug prevents the pull request from being
retrieved.
Closes https://codeberg.org/forgejo/forgejo/issues/6571
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7762
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
Extract release notes assistent version to a variable, so renovate can easily update it
fed044d3a3
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7758
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
Test two scenarios:
1. Account linking is set to `auto` and tries to link against a user who
is enrolled into Webauthn should show 2FA screen.
2. User is already linked and logins via OAuth2 and is enrolled into
WebAuthn should show 2FA screen.
- A permission check is done when incoming SSH connections are handled (this is
run before git hooks). If this check is for write access and AGit flow
is supported, then this check is degraded to a read check. The
motivation behind this is that for AGit flow the user does not need
write permissions but only read permissions.
- The `if` condition cannot check if this is for AGit flow, as the Git
protocol has not run yet and thus has to delay this permission check.
This `if` condition failed to consider that this also might be run for
LFS which does not care about AGit flow and would not do a delayed
permission check, so ensure that this degradition only happens when the
`git-receive-pack` command is being run (which roughly equals to `git
push`).
- Clarify code comment.
- Added integration test.
- The way of doing conflict testing via `git apply` stems from Gogs, it was replaced in Gitea 1.18 by `git read-tree -m` which uses 3-way merge [^0]. The option to disable the fallback `git apply` was introduced in Gitea 1.19 and enabled by default [^1].
- Given it was mostly kept just in case `git read-tree -m` was shown to be unreliable and it has been sufficiently battle tested with no known issues (in Forgejo), it's time to remove this way of conflict testing. I am not aware of anyone using this option or having any benefits over a 3-way merge via `git read-tree -m`.
[^0]: https://github.com/go-gitea/gitea/pull/18004
[^1]: https://github.com/go-gitea/gitea/pull/22130
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Breaking features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/7745): <!--number 7745 --><!--line 0 --><!--description cmVtb3ZlIHRoZSBsZWdhY3kgYFRFU1RfQ09ORkxJQ1RJTkdfUEFUQ0hFU19XSVRIX0dJVF9BUFBMWWAgc2V0dGluZw==-->remove the legacy `TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY` setting<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7745
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
Contributors use CI pipeline runs as a frame of reference to figure out
whether their work adhere's to Forgejo's quality assurance standards.
If a test label is missing and the CI does not run, the 'error message'
shown can cause confusion, as it might give the contributor the idea
that some action is expected from their part.
This change explicitly mentions that a reviewer must set the test
label.
Fixesforgejo/forgejo#7686.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7732
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
Co-committed-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
