This PR fixes a state de-synchronization bug with the issue stopwatch,
it resolves the issue by replacing the ambiguous `/toggle` endpoint
with two explicit endpoints: `/start` and `/stop`.
- The "Start timer" button now exclusively calls the `/start` endpoint.
- The "Stop timer" button now exclusively calls the `/stop` endpoint.
This ensures the user's intent is clearly communicated to the server,
eliminating the state inconsistency and fixing the bug.
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
When viewing a file that the user can't edit because they can't write to
the branch, the new, upload, patch, edit and delete functionality is no
longer disabled.
If no user fork of the repository exists, there is now a page to create one.
It will automatically create a fork with a single branch matching the one
being viewed, and a unique repository name will be automatically picked.
When a fork exists, but it's archived, a mirror or the user can't write
code to it, there will instead be a message explaining the situation.
If the usable fork exists, a message will appear at the top of the edit page
explaining that the changes will be applied to a branch in the fork. The
base repository branch will be pushed to a new branch to the fork, and
then the edits will be applied on top.
The suggestion to fork happens when accessing /_edit/, so that for
example online documentation can have an "edit this page" link to
the base repository that does the right thing.
Also includes changes to properly report errors when trying to commit
to a new branch that is protected, and when trying to commit to an
existing branch when choosing the new branch option.
Resolves#9017, #20882
---------
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This PR adds a feature to direct users to appropriate pages after system
installation:
- If no admin credentials were provided during installation, redirect to
the registration page with a prominent notice about creating the first
administrative account
- If admin credentials were already set, redirect directly to the login
page
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The merge-upstream route was so far performing any kind of merge, even
those that would create merge commits and thus make your branch diverge
from upstream, requiring manual intervention via the git cli to undo the
damage.
With the new optional parameter ff_only, we can instruct gitea to error
out, if a non-fast-forward merge would be performed.
Upgrade to
[v0.19.0](https://github.com/golang/tools/releases/tag/gopls%2Fv0.19.0)
and fix issues. Runs with new `warning` serverity setting. This likely
does less checks than before. Additionally, add `make fix` which runs
modernize. This is also verified on CI.
For the record, here are the issues discoverd when running with `info`
severity, in case we want to fix these:
```
tests/integration/repo_test.go:95:5-14: could use tagged switch on i
tests/integration/api_packages_generic_test.go:149:4-64: could use tagged switch on setting.Packages.Storage.Type
services/webhook/msteams_test.go:33:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:59:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:85:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:111:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:138:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:161:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:187:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:213:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:239:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:266:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:407:4-33: could use tagged switch on fact.Name
tests/integration/api_packages_conan_test.go:350:6-33: could use tagged switch on pf.Name
models/issues/tracked_time_test.go:98:3-18: could use tagged switch on user.ID
tests/integration/api_token_test.go:505:5-43: could use tagged switch on minRequiredLevel
services/gitdiff/gitdiff.go:220:33-46: method "getLineLegacy" is unused
```
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
1. Use `OpenXxx` instead of `GetXxx` because the returned readers should
be correctly closed, and clarify the behaviors of the functions: they
increase the download counter
2. Use `packages-content` styles instead of `issue-content`
This adds a new field, "tag_message", that represents the message of the
annotated tag.
Resolves#31835.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
By default, the code extracts 200 package versions. If too many packages
are generated every day or if rule cleaning is enabled later, which
means there are more than 200 versions corresponding to the library
package, it may not be cleaned up completely, resulting in residue
Fix#31961
---------
Co-authored-by: yeyuanjie <yecao100@126.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Currently, Gitea supports title and body query parameters when creating
new issues, allowing pre-filling those fields via URL parameters.
However, similar support for pull requests (PRs) does not exist.
This feature adds support for the title, body, and quick_pull query
parameters in the new pull request creation page. These parameters work
similarly to GitHub’s behavior, allowing users to pre-populate the PR
title and body, and optionally expand the PR creation form
automatically.
By supporting these query parameters, it improves the usability and
automation capabilities when creating pull requests via direct URLs,
aligning Gitea more closely with GitHub’s user experience.
---------
Co-authored-by: root <root@DESKTOP-UPANUTP>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Add some missing (optional) fields for nuget v2, and sort the fields
to make it easier to maintain
2. Add missing "platform" for rubygems: `VERSION-PLATFORM` and
`VERSION_PLATFORM`
Co-authored-by: Giteabot <teabot@gitea.io>
`UpdateAllCols` is dangerous, the columns should be updated when
necessary.
This PR replaces some `updateRepository` invokes to reduce possible
problems and wrongly updated time. Some parts have been fixed in #34388,
but some are hidden in the function `updateRepository`. Alternatively,
using `UpdateRepositoryColsNoAutoTime` to update the changed columns.
Some `UpdateRepoSize` invokes are duplicated, so they will be removed
when extracting from `updateRepository`.
Noticed the SQL will be executed 4 times when visit the file render view
page. For a repository which have many pull requests, it maybe slow.
```SQL
2025/06/08 15:24:44 models/issues/pull_list.go:69:GetUnmergedPullRequestsByHeadInfo() [I] [SQL] SELECT * FROM `pull_request` INNER JOIN `issue` ON issue.id = pull_request.issue_id WHERE (head_repo_id = ? AND head_branch = ? AND has_merged = ? AND issue.is_closed = ? AND flow = ?) [393 main false false 0] - 2.004167ms
2025/06/08 15:24:44 models/issues/pull_list.go:69:GetUnmergedPullRequestsByHeadInfo() [I] [SQL] SELECT * FROM `pull_request` INNER JOIN `issue` ON issue.id = pull_request.issue_id WHERE (head_repo_id = ? AND head_branch = ? AND has_merged = ? AND issue.is_closed = ? AND flow = ?) [393 main false false 0] - 1.03975ms
2025/06/08 15:24:44 models/issues/pull_list.go:69:GetUnmergedPullRequestsByHeadInfo() [I] [SQL] SELECT * FROM `pull_request` INNER JOIN `issue` ON issue.id = pull_request.issue_id WHERE (head_repo_id = ? AND head_branch = ? AND has_merged = ? AND issue.is_closed = ? AND flow = ?) [393 main false false 0] - 881.583µs
2025/06/08 15:24:44 models/issues/pull_list.go:69:GetUnmergedPullRequestsByHeadInfo() [I] [SQL] SELECT * FROM `pull_request` INNER JOIN `issue` ON issue.id = pull_request.issue_id WHERE (head_repo_id = ? AND head_branch = ? AND has_merged = ? AND issue.is_closed = ? AND flow = ?) [393 main false false 0] - 935.084µs
```
This PR did a refactor to query it once only.
* Signed SSH commits can look in the UI like on GitHub, just like gpg keys today in Gitea
* SSH format can be added in gitea config
* SSH Signing worked before with DEFAULT_TRUST_MODEL=committer
`TRUSTED_SSH_KEYS` can be a list of additional ssh public key contents
to trust for every user of this instance
Closes#34329
Related #31392
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Close#34511Close#34590
Add comment ID to the footnote item's id attribute to ensure uniqueness.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Extract from #34531
## Move Commit status state to a standalone package
Move the state from `structs` to `commitstatus` package. It also
introduce `CommitStatusStates` so that the combine function could be
used from UI and API logic.
## Combined commit status Changed
This PR will follow Github's combined commit status. Before this PR,
every commit status could be a combined one.
According to
https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#get-the-combined-status-for-a-specific-reference
> Additionally, a combined state is returned. The state is one of:
> failure if any of the contexts report as error or failure
> pending if there are no statuses or a context is pending
> success if the latest status for all contexts is success
This PR will follow that rule and remove the `NoBetterThan` logic. This
also fixes the inconsistent between UI and API. In the API convert
package, it has implemented this which is different from the UI. It also
fixed the missing `URL` and `CommitURL` in the API.
## `CalcCommitStatus` return nil if there is no commit statuses
The behavior of `CalcCommitStatus` is changed. If the parameter commit
statuses is empty, it will return nil. The reference places should check
the returned value themselves.
If user leaves the page, the context will become cancelled, so that the
update process maybe terminal in an unexpected status. This PR haven't
resolve the problem totally. It uses a background context to not cancel
the update process even if the user leaved the pull request view page.
Fix#31779
`GetIssuesLastCommitStatus` will revoke `GetIssuesAllCommitStatus` but
it has been invoked. The `CommitStatus` template variable has never been
used in notification subscription page so that it could be removed.
Similar to #34544, this PR changes the `opts` argument in
`SearchRepositoryByName()` to be passed by value instead of by pointer,
as its mutations do not escape the function scope and are not used
elsewhere. This simplifies reasoning about the function and avoids
unnecessary pointer usage.
This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.
---------
Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
This PR adds "View workflow file" to Actions list page, and replaces the
redundant link.
Related #34530
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This PR changes the `opts` argument in `SearchUsers()` to be passed by
value instead of by pointer, as its mutations do not escape the function
scope and are not used elsewhere. This simplifies reasoning about the
function and avoids unnecessary pointer usage.
This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.
Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
- Change CreateVariable API response status from 204 No Content to 201
Created
- Update related integration tests to expect 201 Created instead of 204
No Content
## ⚠️ BREAKING ⚠️
Change the response status code of the Create Variable API under both
Org and Repo levels to `201` instead of 204.
API SDK: https://gitea.com/gitea/go-sdk/pulls/713
---------
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
- Add support for filtering commits by date range via new "since" and
"until" parameters
- Update API endpoints and command logic to handle the new parameters
for fetching commits within given dates
- Extend API documentation and Swagger specs to describe the new "since"
and "until" query parameters
- Refactor related function signatures and implementations to accept and
pass "since" and "until" values
---------
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
In the Gitea GUI, the user can see the time that _AccessTokens_ and
_PublicKeys_ were last used. This information is not returned by the
_/users/{username}/tokens_ and _/user/keys_ endpoints in the API. This
PR adds the missing data.
The time of last usage for for _tokens_ & _keys_ seem to be stored in
the _Updated_ field of the structs internally. For consistency, I have
used the name _updated_at_ for the new field returned by the _API_.
However, for the _API_ user, I don't think that name reflects the data
returned, as I believe it is the time of last usage. I propose that we
use the name _last_used_at_ instead. Let's hear reviewers opinion on
that.
* PublicKey
1. _last_used_at_: string($date-time)
* AccessToken
1. _created_at_: string($date-time) (for parity with public keys)
2. _last_used_at_: string($date-time)
Fix#34313
Fix#880
Design:
1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* fixes a fixture status to upload confirmed
* add another fixture as noise to break tests as soon they are exposed
to api
* v4 delete test added check that artifact is no longer visible in
internal api with status pending delete
* removal of http 404 on empty list: actions/upload-artifact@v4 now
backoff on http 404 of ListArtifacts endpoint
* fixes artifacts with pending delete etc. are able to be found and
downloaded if the storage is not freed
`[repository.pull-request] DELAY_CHECK_FOR_INACTIVE_DAYS` is a new
setting to delay the mergeable check for pull requests that have been
inactive for the specified number of days.
This avoids potentially long delays for big repositories with many pull
requests. and reduces system load overall when there are many
repositories or pull requests.
When viewing the PR, checking will start immediately and the PR merge
box will automatically reload when complete. Accessing the PR through
the API will also start checking immediately.
The default value of `7` provides a balance between system load, and
keeping behavior similar to what it was before both for users and API
access. With `0` all conflict checking will be delayed, while `-1`
always checks immediately to restore the previous behavior.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Adds an API POST endpoint under `/repos/{owner}/{repo}/file-contents`
which receives a list of paths and returns a list of the contents of
these files.
This API endpoint will be helpful for applications like headless CMS
(reference: https://github.com/sveltia/sveltia-cms/issues/198) which
need to retrieve a large number of files by reducing the amount of
needed API calls.
Close#33495
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This pull request adds a GitHub-compatible API endpoint to lock and
unlock an issue.
The following routes exist now:
- `PUT /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to lock an issue
- `DELETE /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to unlock an issue
Fixes#33677Fixes#20012
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Implements runner apis based on
https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#list-self-hosted-runners-for-an-organization
- Add Post endpoints for registration-token, google/go-github revealed
this as problem
- We should deprecate Get Endpoints, leaving them for compatibility
- Get endpoint of admin has api path /admin/runners/registration-token
that feels wrong, /admin/actions/runners/registration-token seems more
consistent with user/org/repo api
- Get Runner Api
- List Runner Api
- Delete Runner Api
- Tests admin / user / org / repo level endpoints
Related to #33750 (implements point 1 and 2)
Via needs discovered in #32461, this runner api is needed to allow
cleanup of runners that are deallocated without user interaction.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Using existing "content" variable in `swift.go`
2. Do not report 500 server error in `GetPullDiffStats` middleware,
otherwise a PR missing ref won't be able to view.
3. Fix the abused "label button" when listing commits, there was too
much padding space, see the screenshot below.
This adds a middleware for overload protection that is intended to help protect against malicious scrapers.
It does this via [`codel`](https://github.com/bohde/codel), which will perform the following:
1. Limit the number of in-flight requests to some user-defined max
2. When in-flight requests have reached their begin queuing requests.
Logged-in requests having priority above logged-out requests
3. Once a request has been queued for too long,
it has a probabilistic chance to be rejected based on how overloaded the entire system is.
When a server experiences more traffic than it can handle,
this keeps latency low for logged-in users and rejects just
enough requests from logged-out users to not overload the service.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Fixes#33544
Adds two new api endpoints to list a versions of a package and to get
the latest version of a package by API.
⚠️ BREAKING ⚠️
the `size` field for this endpoint changes from `Size` to `size`.
Fix#34188
The name "FileName" is ambiguous: sometimes it is "base name without
path", sometimes it is "full name with path".
The ambiguous name causes various problems.
This PR clarifies the usage: `FileTreePath`: the full name with path.
Allows admins and org owners to change org member public status.
Before, this would return `Error 403: Cannot publicize another member`
despite the fact that the same user could make the same change through
the GUI.
Fixes#28372
---------
Co-authored-by: Tomáš Ženčák <zencak@ica.cz>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This PR moved git attributes related code to `modules/git/attribute` sub
package and moved language stats related code to
`modules/git/languagestats` sub package to make it easier to maintain.
And it also introduced a performance improvement which use the `git
check-attr --source` which can be run in a bare git repository so that
we don't need to create a git index file. The new parameter need a git
version >= 2.40 . If git version less than 2.40, it will fall back to
previous implementation.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
Fix#2616
This PR adds a new sort option for exclusive labels.
For exclusive labels, a new property is exposed called "order", while in
the UI options are populated automatically in the `Sort` column (see
screenshot below) for each exclusive label scope.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
When list commits, some of the commits authors are the same at many
situations. But current logic will always fetch the same GPG keys from
database. This PR will cache the GPG keys, emails and users for the
context so that reducing the database queries.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This PR uniform all temporary directory usage so that it will be easier
to manage.
Relate to #31792
- [x] Added a new setting to allow users to configure the global
temporary directory.
- [x] Move all temporary files and directories to be placed under
os.Temp()/gitea.
- [x] `setting.Repository.Local.LocalCopyPath` now will be
`setting.TempPath/local-repo` and the customized path is removed.
```diff
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;[repository.local]
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;
-;; Path for local repository copy. Defaults to TEMP_PATH + `local-repo`, this is deprecated and cannot be changed
-;LOCAL_COPY_PATH = local-repo
```
- [x] `setting.Repository.Upload.TempPath` now will be
`settting.TempPath/uploads` and the customized path is removed.
```diff
;[repository.upload]
-;;
-;; Path for uploads. Defaults to TEMP_PATH + `uploads`
-;TEMP_PATH = uploads
```
- [x] `setting.Packages.ChunkedUploadPath` now will be
`settting.TempPath/package-upload` and the customized path is removed.
```diff
;[packages]
-;;
-;; Path for chunked uploads. Defaults it's `package-upload` under `TEMP_PATH` unless it's an absolute path.
-;CHUNKED_UPLOAD_PATH = package-upload
```
- [x] `setting.SSH.KeyTestPath` now will be
`settting.TempPath/ssh_key_test` and the customized path is removed.
```diff
[server]
-;;
-;; Directory to create temporary files in when testing public keys using ssh-keygen,
-;; default is the system temporary directory.
-;SSH_KEY_TEST_PATH =
```
TODO:
- [ ] setting.PprofDataPath haven't been changed because it may need to
be kept until somebody read it but temp path may be clean up any time.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This PR tries to finally fix the bug mentioned in #30011 and #15504,
where the user repo limit is checked when creating a repo in an
organization.
Fix#30011
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Extract from #33934
In the same goroutine, we should reuse the exist cat file sub process
which exist in `git.Repository` to avoid creating a unnecessary
temporary subprocess.
This PR reuse the exist cate file writer and reader in
`getCommitFromBatchReader`.
It also move `prepareLatestCommitInfo` before creating dataRc which will
hold the writer so other git operation will create a temporary cat file
subprocess.
* Fix#33972
* Use consistent path resolving for links and medias.
* No need to make the markup renders to resolve the paths, instead, the
paths are all correctly resolved in the "post process" step.
* Fix#33274
* Since 1.23, all paths starting with "/" are relative to current render
context (for example: the current repo branch)
* Introduce `/:root/path-relative-to-root`, then the path will be
rendered as relative to "ROOT_URL"
Adds the `flat-square` style to action badges. Styles can be selected by
adding `?style=<style>` to the badge endpoint. If no style query is
given, or if the query is invalid, the style defaults to `flat`.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#33966
```
;; User must sign in to view anything.
;; It could be set to "expensive" to block anonymous users accessing some pages which consume a lot of resources,
;; for example: block anonymous AI crawlers from accessing repo code pages.
;; The "expensive" mode is experimental and subject to change.
;REQUIRE_SIGNIN_VIEW = false
```
Follow #33127Fix#8649, fix#639
This is a complete solution. A repo unit could be set to:
* Anonymous read (non-signed-in user)
* Everyone read (signed-in user)
* Everyone write (wiki-only)
When a team have no code unit permission of a repository, the member of
the team should not view activity contributors, recent commits and code
frequrency.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The current action status badge are looking different from most other
badges renders, which is especially noticeable when using them along
with other badges. This PR updates the action badges to match the
commonly used badges from other providers.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Follow #33127
This PR add backend logic and test for "anonymous access", it shares the
same logic as "everyone access", so not too much change.
By the way, split `SettingsPost` into small functions to make it easier
to make frontend-related changes in the future.
Next PR will add frontend support for "anonymous access"
fixes an issue where user is unable to create new repository in
organization via UI if repository limits are in place and user has
exhausted them for their own namespace.
closes: https://github.com/go-gitea/gitea/issues/15504
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The pagination on the user dashboard sounds unnecessary, this will
change it to a prev/next buttons. For instances with around `10 million`
records in the action table, this option affects how the user dashboard
is loaded on first visit.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Two SQLs are very slow when `action` table have over 5M records.
```
database duration=1.8881s db.sql="SELECT created_unix DIV 900 * 900 AS timestamp, count(user_id) as contributions FROM `action` WHERE user_id=? AND act_user_id=? AND (created_unix > ?) GROUP BY timestamp ORDER BY timestamp"
database duration=1.5408s db.sql="SELECT count(*) FROM `action` WHERE (user_id = ?) AND (is_deleted = ?)"
```
This will cache the count for the first loading or when the activities
changed.
Currently the organisation feed only includes items for public
repositories (for non-administrators). This pull requests adds
notifications from private repositories to the organisation-feed (for
accounts that have access to the organisation).
Feed-items only get shown for repositories where the users team(s)
should have access to, this filtering seems to get done by some existing
code.
Needs some tests, but am unsure where/how to add them.
Before:
After:
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Resolve#29328
This pull request introduces a file tree on the left side when reviewing
files of a repository.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#24623
Major changes:
1. Redirect `/owner/repo/blob/*` requests to `/owner/repo/src/commit/*`
(like GitHub)
2. Add a "view file diff" link (see screenshot below)
3. Refactor "AssertHTMLElement" to generic, now we can accurately assert
existence or number.
4. Add more tests
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
Fix#33490
It will only read the changed file on the pushed commits but not all the
files of this PR.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#33358, fix#21970
This adds a step in the `GitDiffForRender` that does syntax highlighting for the
entire file and then only references lines from that syntax highlighted
code. This allows things like multi-line comments to be syntax
highlighted correctly.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The diff stats are no longer part of the diff generation.
Use `GetDiffShortStat` instead to get the total number of changed files,
added lines, and deleted lines.
As such, `gitdiff.GetDiff` can be simplified:
It should not do more than expected.
And do not run "git diff --shortstat" for pull list. Fix#31492
Modify Diff View FileTree to show all files
## Changes
* removes Show Status button on diff
* uses `git diff-tree` to generate the file tree for the diff
* doesn't reload the diff tree each time we load more files in the
preview
* selecting and unloaded file will keep loading until that file is
loaded
* removes `DiffFileList.vue` and "Show Stats" in diff options
## Open Questions
* selecting and unloaded file will keep loading until that file is
loaded. Is this behaviour okay? It matches what github does.
### Demo
In this demo I set `git.MAX_GIT_DIFF_FILES=1` in my `app.ini` to
demonstrate a worst case example. In most cases the behaviour isn't
nearly as jarring as we load a bunch of files at a time.
https://github.com/user-attachments/assets/72f29663-d6fc-472d-94fa-7fb5950c2836
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. GetUserOrgsList should "order by" lower_name
2. GetIssuePostersWithSearch should search in-case-sensitive-ly
3. LoginName should not be used as username
By the way, remove unnecessary "onGiteaRun"
Make legacy package names could be listed and add tests
---------
Co-authored-by: diana.strebkova@t-systems.com <diana.strebkova@t-systems.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Replace all contexts in tests with go1.24 t.Context()
---------
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
See the FIXME comment in code. Otherwise, if a repo's issue unit is
disabled, then the PRs can't be edited anymore.
By the way, make the permission log output look slightly better.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: metiftikci <metiftikci@hotmail.com>
Noticed a SQL in gitea.com has a bigger load. It seems both `is_pull`
and `pin_order` are not indexed columns in the database.
```SQL
SELECT `id`, `repo_id`, `index`, `poster_id`, `original_author`, `original_author_id`, `name`, `content`, `content_version`, `milestone_id`, `priority`, `is_closed`, `is_pull`, `num_comments`, `ref`, `pin_order`, `deadline_unix`, `created_unix`, `updated_unix`, `closed_unix`, `is_locked`, `time_estimate` FROM `issue` WHERE (repo_id =?) AND (is_pull = 0) AND (pin_order > 0) ORDER BY pin_order
```
I came across a comment
https://github.com/go-gitea/gitea/pull/24406#issuecomment-1527747296
from @delvh , which presents a more reasonable approach. Based on this,
this PR will migrate all issue and pull request pin data from the
`issue` table to the `issue_pin` table. This change benefits larger
Gitea instances by improving scalability and performance.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* download endpoint has to use 302 redirect
* fake blob download used if direct download not possible
* downloading v3 artifacts not possible
New repo apis based on GitHub Rest V3
- GET /runs/{run}/artifacts (Cannot use run index of url due to not
being unique)
- GET /artifacts
- GET + DELETE /artifacts/{artifact_id}
- GET /artifacts/{artifact_id}/zip
- (GET /artifacts/{artifact_id}/zip/raw this is a workaround for a http
302 assertion in actions/toolkit)
- api docs removed this is protected by a signed url like the internal
artifacts api and no longer usable with any token or swagger
- returns http 401 if the signature is invalid
- or change the artifact id
- or expired after 1 hour
Closes#33353Closes#32124
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
When listing commits, Gitea attempts to retrieve the actual user based
on the commit email. Querying users one by one from the database is
inefficient. This PR optimizes the process by batch querying users by
email, reducing the number of database queries.
In the old `pickTask`, when getting secrets or variables failed, the
task could get stuck in the `running` status (task status is `running`
but the runner did not fetch the task). To fix this issue, these steps
should be in one transaction.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Some old code use direct type-casting to get context, it causes
problems.
This PR fixes all legacy problems and use correct `ctx.Value` to get
low-level contexts.
Fix#33518
- Find the runner before deleting
- Move the main logic from `routers/web/repo/setting/runners.go` to
`routers/web/shared/actions/runners.go`.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
- Find the variable before updating or deleting
- Move the main logic from `routers/web/repo/setting/variables.go` to
`routers/web/shared/actions/variables.go`.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
This PR fixes#33205.
If stars are disabled:
* The `.../repo/stars` page returns a 403 Forbidden error
* Star-related API endpoints return a 403 Forbidden error saying `Stars are disabled.`
* Same for action endpoints
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Fix incorrect `MentionCount` (actually it seems to be deadcode,
affects nothing)
2. Remove fallback sha1 support for time limit token
3. Use route middleware `reqRepoActionsWriter` for `ArtifactsDeleteView`
4. Use clearer message "Failed to authenticate user" instead of "Verify"
when auth fails
5. `tests/integration/benchmarks_test.go` is not quite right, actually
it is never used, so delete it.
6. Remove or update TODO comments
Dear Gitea team,
first of all, thanks for the great work you're doing with this project.
I'm planning to introduce Gitea at a client site, and noticed that while
there is time recording, there are no project-manager-friendly reports
to actually make use of that data, as were also mentioned by others in
#4870#8684 and #13531.
Since I had a little time last weekend, I had put together something
that I hope to be a useful contribution to this great project (while of
course useful for me too).
This PR adds a new "Worktime" tab to the Organisation level. There is a
date range selector (by default set to the current month), and there are
three possible views:
- by repository,
- by milestone, and
- by team member.
Happy to receive any feedback!
There are several possible future improvements of course (predefined
date ranges, charts, a member time sheet, matrix of repos/members, etc)
but I hope that even in this relatively simple state this would be
useful to lots of people.
<img width="1161" alt="Screen Shot 2022-05-25 at 22 12 58"
src="https://user-images.githubusercontent.com/118010/170366976-af00c7af-c4f3-4117-86d7-00356d6797a5.png">
Keep up the good work!
Kristof
---------
Co-authored-by: user <user@kk-git1>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This adds an endpoint (`/orgs/{org}/rename`) to rename organizations.
I've modeled the endpoint using the rename user endpoint --
`/admin/users/{username}/rename` -- as base.
It is the 1st time I wrote a new API endpoint (I've tried to follow the
rename users endpoint code while writing it). So feel free to ping me if
there is something wrong or missing.
Resolves#32995
---------
Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
