Commit graph

2,684 commits

Author SHA1 Message Date
KN4CK3R
c6c829fe3f
Enhanced auth token / remember me (#27606)
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00
GiteaBot
ee6a390675 [skip ci] Updated translations via Crowdin 2023-10-14 00:22:28 +00:00
GiteaBot
3e9a379d38 [skip ci] Updated translations via Crowdin 2023-10-13 00:23:41 +00:00
GiteaBot
d020343269 [skip ci] Updated translations via Crowdin 2023-10-12 00:21:30 +00:00
GiteaBot
50166d1f7c [skip ci] Updated translations via Crowdin 2023-10-11 00:22:56 +00:00
GiteaBot
4aae15af7a [skip ci] Updated translations via Crowdin 2023-10-09 00:23:39 +00:00
Lunny Xiao
f40538e667
Remove unnecessary desc for openssh key cron task (#27515) 2023-10-08 14:23:39 +00:00
GiteaBot
4bde16e1ba [skip ci] Updated translations via Crowdin 2023-10-08 00:25:56 +00:00
GiteaBot
68b3fe88d5 [skip ci] Updated translations via Crowdin 2023-10-07 00:22:38 +00:00
GiteaBot
6cdeb7798b [skip ci] Updated translations via Crowdin 2023-10-06 00:23:05 +00:00
wxiaoguang
9f8d59858a
Refactor system setting (#27000)
This PR reduces the complexity of the system setting system.

It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.

It is still high-performant (and more performant) because the config
values are cached in the config system.
2023-10-05 09:08:19 +08:00
GiteaBot
976d1760ac [skip ci] Updated translations via Crowdin 2023-10-05 00:23:21 +00:00
GiteaBot
b37f3332f1 [skip ci] Updated translations via Crowdin 2023-10-04 00:23:10 +00:00
delvh
e709bc199f
Differentiate between push and pull mirror sync in progress (#27390)
Previously, if you had both a push and a pull mirror, the message did
not clarify if you've accidentally synchronized the wrong one.
Additionally fixed two typos that were encountered while debugging.

## Screenshots

![grafik](https://github.com/go-gitea/gitea/assets/51889757/164d5d20-728d-4365-9cb5-c37e95857cdf)

![grafik](https://github.com/go-gitea/gitea/assets/51889757/90bfffd2-abd4-4847-b8e2-db4231700a6d)
2023-10-02 14:52:18 +00:00
Denys Konovalov
33de64cb21
link to file from its history (#27354)
Fixes #3852
Fixes https://github.com/go-gitea/gitea/issues/26707

Add a button on file history which directs you to the file at the
selected commit.

Co-authored-by: silverwind <me@silverwind.io>
2023-10-02 04:04:32 +00:00
GiteaBot
c9cc57f130 [skip ci] Updated licenses and gitignores 2023-10-02 00:23:46 +00:00
puni9869
50070550a8
Hide archived labels when filtering by labels on the issue list (#27115)
Followup  https://github.com/go-gitea/gitea/pull/26820
## Archived labels UI for issue filter and issue filter actions for
issues/pull request pages.

Changed:
* Enhanced the Issue filter and Issue filter actions UI page to
seamlessly incorporate a list of archived labels.
* Pagination functionality is same as before. If archived label checkbox
is checked then we are adding a query string`archived=true` in the url
to save the state of page.
* Issue filter actions menu is separated into different template.
* Adding the archived flag in issue url labels.
* Pull Request page is also work the same.

Outsourced:
* Defer the implementation of specialized handling for archived labels
to upcoming pull requests. This step will be undertaken subsequent to
the successful merge of this pull request.

Screenshots
### Issue page
<img width="1360" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/d7efb2ef-5b2b-449d-83f0-d430a32ec432">

### Issue page with label filter on archived label checkbox when not
checked --> No archived label is there in list
<img width="1249" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/ceea68ef-91f2-4693-910f-2e25e236bfc9">

### Issue page with label filter on archived label checkbox when checked
--> Show archived label in the list.
<img width="710" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/2414d26b-2079-4c3c-bd9e-f2f5411bcabf">

### Issue page with label filter on issue action menu on archived label
checkbox when checked --> Show archived label in the list.
<img width="409" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/259cac87-3e21-4778-99a2-a6a0b8c81178">


### Applied the archived=true in Issue labels when archived checkbox is
checked.
<img width="984" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/657ce3db-c0ae-402e-b12d-3b580d3c2ed0">

---




Part of https://github.com/go-gitea/gitea/issues/25237

---------

Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-10-01 09:04:39 -04:00
GiteaBot
4f169e4b47 [skip ci] Updated translations via Crowdin 2023-09-30 00:22:01 +00:00
Lunny Xiao
c3b7231966
Add protected branch name description (#27257)
Co-authored-by: delvh <dev.lh@web.de>
2023-09-29 14:02:35 +00:00
yp05327
3945c26722
Improve tree not found page (#26570)
Before:

![before](https://github.com/go-gitea/gitea/assets/18380374/383822d5-7d77-4ec3-b49b-4ab1e8b167ce)

After:

![after](https://github.com/go-gitea/gitea/assets/18380374/32afa0a3-fa05-4087-b96e-7d067f0ed756)

In Github:
https://github.com/yp05327/test/blob/main/test.drawio

Updated:
UI changed

![image](https://github.com/go-gitea/gitea/assets/18380374/41ed07ff-b815-4b4e-9779-5ab36b5f3980)

![image](https://github.com/go-gitea/gitea/assets/18380374/5d7b28d6-a2fc-4d4c-8d6d-d93f9c9a270b)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-09-29 07:42:39 +00:00
Dmitry Sharshakov
5e02e3b7ee
Add support for forking single branch (#25821)
Fixes #25117

Add UI for choosing branch to fork

Change default branch on single-branch forks


![image](https://github.com/go-gitea/gitea/assets/19504461/28505f69-a9a2-43a8-8b19-a0cdac3ddc5a)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-29 09:48:39 +08:00
GiteaBot
e8840e7e2b [skip ci] Updated translations via Crowdin 2023-09-29 00:23:01 +00:00
GiteaBot
e74a3b18af [skip ci] Updated translations via Crowdin 2023-09-28 00:22:57 +00:00
GiteaBot
3f82ca38af [skip ci] Updated translations via Crowdin 2023-09-26 00:23:08 +00:00
Yarden Shoham
e6d8b14620
Disable Test Delivery and Replay webhook buttons when webhook is inactive (#27211)
These buttons are now disabled when the webhook is not active.

The buttons were always enabled before this change.

- Fixes #26824
- Replaces #26814

# Before


![image](https://github.com/go-gitea/gitea/assets/20454870/e783d0d8-b433-440e-b95f-50d7c42613d3)


![image](https://github.com/go-gitea/gitea/assets/20454870/b4886151-9f32-4e83-8001-dd3f20c23d70)

# After


![image](https://github.com/go-gitea/gitea/assets/20454870/74b76a72-0818-4143-8548-5d42c4119a05)


![image](https://github.com/go-gitea/gitea/assets/20454870/d5ae4e5c-c1ac-4751-a072-e6f7511b1e07)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-09-25 07:33:00 +00:00
GiteaBot
c2eed61329 [skip ci] Updated translations via Crowdin 2023-09-25 00:24:48 +00:00
Denys Konovalov
63b25e816d
fix issues on action runners page (#27226)
- switch from some weird status badge to label
- translate untranslated `Reset registration token` string
- change documentation link from act_runner README to Gitea Docs site
- fix "No runners available" message width
- use `ctx.Locale.Tr` where possible


![grafik](https://github.com/go-gitea/gitea/assets/47871822/65547228-f9ed-4f80-9cfd-df5e55513a44)
2023-09-24 14:12:21 -04:00
GiteaBot
383edf2fd7 [skip ci] Updated translations via Crowdin 2023-09-22 00:22:57 +00:00
GiteaBot
2001ffee3f [skip ci] Updated translations via Crowdin 2023-09-21 00:22:27 +00:00
puni9869
a50d9af876
Display archived labels specially when listing labels (#26820)
Follow up https://github.com/go-gitea/gitea/pull/26741

Changes:
Added archived label for org labels and added into issue filter list.


Part of https://github.com/go-gitea/gitea/issues/25237

---------

Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-09-18 04:54:05 +00:00
GiteaBot
558eea69bd [skip ci] Updated licenses and gitignores 2023-09-18 00:23:39 +00:00
Lunny Xiao
47b878858a
Search branches (#27055)
Resolve #25233 

<img width="1315" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/3ba59b58-471a-4e1b-985c-87edac2268c0">

<img width="1297" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/b6caa12f-323b-4f70-9c44-ef91cb71a26c">
2023-09-17 08:24:40 +00:00
GiteaBot
ea83c0647c [skip ci] Updated translations via Crowdin 2023-09-17 00:24:27 +00:00
KN4CK3R
ed64f1c2b8
Support .git-blame-ignore-revs file (#26395)
Closes #26329

This PR adds the ability to ignore revisions specified in the
`.git-blame-ignore-revs` file in the root of the repository.


![grafik](https://github.com/go-gitea/gitea/assets/1666336/9e91be0c-6e9c-431c-bbe9-5f80154251c8)

The banner is displayed in this case. I intentionally did not add a UI
way to bypass the ignore file (same behaviour as Github) but you can add
`?bypass-blame-ignore=true` to the url manually.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-16 17:42:34 +00:00
GiteaBot
684ab403aa [skip ci] Updated translations via Crowdin 2023-09-16 00:21:59 +00:00
GiteaBot
f8a1094406 [skip ci] Updated translations via Crowdin 2023-09-15 00:22:32 +00:00
Lunny Xiao
198a9ca635
Display all user types and org types on admin management UI (#27050)
Follow #24026 

<img width="1049" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/d3fc5159-b5e7-411a-b6f8-4a111a027e6b">

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-09-14 06:53:36 +00:00
GiteaBot
d0318c4ae0 [skip ci] Updated translations via Crowdin 2023-09-14 00:22:27 +00:00
GiteaBot
7d56459c6c [skip ci] Updated translations via Crowdin 2023-09-13 00:22:36 +00:00
GiteaBot
f599814001 [skip ci] Updated translations via Crowdin 2023-09-12 00:21:32 +00:00
GiteaBot
148c9c4b05 [skip ci] Updated translations via Crowdin 2023-09-11 00:22:57 +00:00
GiteaBot
a20e0affba [skip ci] Updated translations via Crowdin 2023-09-10 00:23:48 +00:00
GiteaBot
049b9f3718 [skip ci] Updated translations via Crowdin 2023-09-09 00:21:42 +00:00
Lunny Xiao
9c0a3532a4
Add a new column schedule_id for action_run to track (#26975)
Fix #26971 

And the UI now will display it's scheduled but not triggered by a push.

<img width="954" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/d211845c-457e-4c3e-af1f-a0d654d3f365">
2023-09-08 23:01:19 +08:00
GiteaBot
6cbbd51ad4 [skip ci] Updated translations via Crowdin 2023-09-08 00:21:56 +00:00
Lunny Xiao
f20e317d6d
Improve hint when uploading a too large avatar (#26935)
Fix #26390

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-09-07 13:35:45 +00:00
GiteaBot
9860dba566 [skip ci] Updated translations via Crowdin 2023-09-07 00:22:15 +00:00
FuXiaoHei
460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
Lunny Xiao
31c92d9695
Add missing translation (#26926)
Fix #26923
2023-09-05 22:13:08 -04:00
wxiaoguang
c17fd68be7
Show queue's active worker number (#26896) 2023-09-04 21:07:32 +08:00