Skip to content

Commit 36e6818

Browse files
Merge branch 'master' into master
2 parents 1489f99 + 024ef39 commit 36e6818

File tree

186 files changed

+2360
-1477
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

186 files changed

+2360
-1477
lines changed

.editorconfig

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,15 @@ insert_final_newline = true
1212
[*.{go,tmpl,html}]
1313
indent_style = tab
1414

15+
[templates/custom/*.tmpl]
16+
insert_final_newline = false
17+
18+
[templates/swagger/v1_json.tmpl]
19+
indent_style = space
20+
21+
[templates/user/auth/oidc_wellknown.tmpl]
22+
indent_style = space
23+
1524
[Makefile]
1625
indent_style = tab
1726

CHANGELOG.md

Lines changed: 22 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,26 +4,17 @@ This changelog goes through all the changes that have been made in each release
44
without substantial changes to our git log; to see the highlights of what has
55
been added to each release, please refer to the [blog](https://blog.gitea.io).
66

7-
## [1.14.0-RC2](https://github.com/go-gitea/gitea/releases/tag/v1.14.0-rc2) - 2021-03-22
8-
9-
* SECURITY
10-
* Fix bug on avatar middleware (#15124) (#15125)
11-
* Fix another clusterfuzz identified issue (#15096) (#15113)
12-
* Update to goldmark 1.3.3 (#15059) (#15060)
13-
* BUGFIXES
14-
* Fix the v176 migration (#15110) (#15111)
15-
* Fix double 'push tag' action feed (#15078) (#15083)
16-
* Remove possible resource leak (#15067) (#15082)
17-
* Handle unauthorized user events gracefully (#15071) (#15074)
18-
19-
## [1.14.0-RC1](https://github.com/go-gitea/gitea/releases/tag/v1.14.0-rc1) - 2021-03-19
7+
## [1.14.0](https://github.com/go-gitea/gitea/releases/tag/v1.14.0) - 2021-04-11
208

219
* SECURITY
2210
* Respect approved email domain list for externally validated user registration (#15014)
2311
* Add reverse proxy configuration support for remote IP address detection (#14959)
2412
* Ensure validation occurs on clone addresses too (#14994)
2513
* Fix several render issues highlighted during fuzzing (#14986)
2614
* BREAKING
15+
* Fix double 'push tag' action feed (#15078) (#15083)
16+
* Remove possible resource leak (#15067) (#15082)
17+
* Handle unauthorized user events gracefully (#15071) (#15074)
2718
* Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475)
2819
* Migrate from Macaron to Chi framework (#14293)
2920
* Deprecate building for mips (#14174)
@@ -54,6 +45,7 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
5445
* Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
5546
* Create Rootless Docker image (#10154)
5647
* API
48+
* Speedup issue search (#15179) (#15192)
5749
* Get pull, return head branch sha, even if deleted (#14931)
5850
* Export LFS & TimeTracking function status (#14753)
5951
* Show Gitea version in swagger (#14654)
@@ -78,6 +70,20 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
7870
* Add more filters to issues search (#13514)
7971
* Add review request api (#11355)
8072
* BUGFIXES
73+
* Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396)
74+
* Always set the merge base used to merge the commit (#15352) (#15385)
75+
* Upgrade to bluemonday 1.0.7 (#15379) (#15380)
76+
* Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377)
77+
* Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361)
78+
* Show diff on rename with diff changes (#15338) (#15339)
79+
* Fix handling of logout event (#15323) (#15337)
80+
* Fix CanCreateRepo check (#15311) (#15321)
81+
* Fix xorm log stack level (#15285) (#15316)
82+
* Fix bug in Wrap (#15302) (#15309)
83+
* Drop the event source if we are unauthorized (#15275) (#15280)
84+
* Backport Fix graph pagination (#15225) (#15249)
85+
* Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200)
86+
* should run RetrieveRepoMetas() for empty pr (#15187) (#15190)
8187
* Move setting to enable closing issue via commit in non default branch to repo settings (#14965)
8288
* Show correct issues for team dashboard (#14952)
8389
* Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932)
@@ -134,6 +140,9 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
134140
* Use GO variable in go-check target (#13146) (#13147)
135141
* ENHANCEMENTS
136142
* UI style improvements
143+
* Dropzone styling improvements (#15291) (#15374)
144+
* Add size to Save function (#15264) (#15270)
145+
* Monaco improvements (#15333) (#15345)
137146
* Support .mailmap in code activity stats (#15009)
138147
* Sort release attachments by name (#15008)
139148
* Add ui.explore settings to control view of explore pages (#14094)

MAINTAINERS

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,3 +41,4 @@ Karl Heinz Marbaise <[email protected]> (@khmarbaise)
4141
Norwin Roosen <[email protected]> (@noerw)
4242
Kyle Dumont <[email protected]> (@kdumontnu)
4343
Patrick Schratz <[email protected]> (@pat-s)
44+
Janis Estelmann <[email protected]> (@KN4CK3R)

Makefile

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -325,6 +325,7 @@ lint: lint-frontend lint-backend
325325
lint-frontend: node_modules
326326
npx eslint --color --max-warnings=0 web_src/js build templates *.config.js
327327
npx stylelint --color --max-warnings=0 web_src/less
328+
npx editorconfig-checker templates
328329

329330
.PHONY: lint-backend
330331
lint-backend: golangci-lint revive vet
@@ -612,6 +613,9 @@ release-windows: | $(DIST_DIRS)
612613
$(GO) install src.techknowlogick.com/xgo@latest; \
613614
fi
614615
CGO_CFLAGS="$(CGO_CFLAGS)" xgo -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
616+
ifeq (,$(findstring gogit,$(TAGS)))
617+
CGO_CFLAGS="$(CGO_CFLAGS)" xgo -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'netgo osusergo gogit $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION)-gogit .
618+
endif
615619
ifeq ($(CI),drone)
616620
cp /build/* $(DIST)/binaries
617621
endif
@@ -732,8 +736,8 @@ generate-gitignore:
732736
GO111MODULE=on $(GO) run build/generate-gitignores.go
733737

734738
.PHONY: generate-images
735-
generate-images:
736-
npm install --no-save --no-package-lock fabric imagemin-zopfli
739+
generate-images: | node_modules
740+
npm install --no-save --no-package-lock fabric@4 imagemin-zopfli@7
737741
node build/generate-images.js $(TAGS)
738742

739743
.PHONY: generate-manpage

build/generate-images.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,11 @@
11
import imageminZopfli from 'imagemin-zopfli';
22
import {optimize, extendDefaultPlugins} from 'svgo';
33
import {fabric} from 'fabric';
4-
import {readFile, writeFile} from 'fs/promises';
4+
import fs from 'fs';
55
import {resolve, dirname} from 'path';
66
import {fileURLToPath} from 'url';
77

8+
const {readFile, writeFile} = fs.promises;
89
const __dirname = dirname(fileURLToPath(import.meta.url));
910
const logoFile = resolve(__dirname, '../assets/logo.svg');
1011

build/generate-svg.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
11
import fastGlob from 'fast-glob';
22
import {optimize, extendDefaultPlugins} from 'svgo';
33
import {resolve, parse, dirname} from 'path';
4-
import {readFile, writeFile, mkdir} from 'fs/promises';
4+
import fs from 'fs';
55
import {fileURLToPath} from 'url';
66

7+
const {readFile, writeFile, mkdir} = fs.promises;
78
const __dirname = dirname(fileURLToPath(import.meta.url));
89
const glob = (pattern) => fastGlob.sync(pattern, {cwd: resolve(__dirname), absolute: true});
910
const outputDir = resolve(__dirname, '../public/img/svg');

cmd/dump.go

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,14 @@ It can be used for backup and capture Gitea server image to send to maintainer`,
129129
Name: "skip-custom-dir",
130130
Usage: "Skip custom directory",
131131
},
132+
cli.BoolFlag{
133+
Name: "skip-lfs-data",
134+
Usage: "Skip LFS data",
135+
},
136+
cli.BoolFlag{
137+
Name: "skip-attachment-data",
138+
Usage: "Skip attachment data",
139+
},
132140
cli.GenericFlag{
133141
Name: "type",
134142
Value: outputTypeEnum,
@@ -214,7 +222,9 @@ func runDump(ctx *cli.Context) error {
214222
fatal("Failed to include repositories: %v", err)
215223
}
216224

217-
if err := storage.LFS.IterateObjects(func(objPath string, object storage.Object) error {
225+
if ctx.IsSet("skip-lfs-data") && ctx.Bool("skip-lfs-data") {
226+
log.Info("Skip dumping LFS data")
227+
} else if err := storage.LFS.IterateObjects(func(objPath string, object storage.Object) error {
218228
info, err := object.Stat()
219229
if err != nil {
220230
return err
@@ -313,7 +323,9 @@ func runDump(ctx *cli.Context) error {
313323
}
314324
}
315325

316-
if err := storage.Attachments.IterateObjects(func(objPath string, object storage.Object) error {
326+
if ctx.IsSet("skip-attachment-data") && ctx.Bool("skip-attachment-data") {
327+
log.Info("Skip dumping attachment data")
328+
} else if err := storage.Attachments.IterateObjects(func(objPath string, object storage.Object) error {
317329
info, err := object.Stat()
318330
if err != nil {
319331
return err

custom/conf/app.example.ini

Lines changed: 34 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ PROJECT_BOARD_BASIC_KANBAN_TYPE = To Do, In Progress, Done
1919
PROJECT_BOARD_BUG_TRIAGE_TYPE = Needs Triage, High Priority, Low Priority, Closed
2020

2121
[repository]
22-
; Root path for storing all repository data. It must be an absolute path. By default it is stored in a sub-directory of `APP_DATA_PATH`.
22+
; Root path for storing all repository data. It must be an absolute path. By default, it is stored in a sub-directory of `APP_DATA_PATH`.
2323
ROOT =
2424
; The script type this server supports. Usually this is `bash`, but some users report that only `sh` is available.
2525
SCRIPT_TYPE = bash
@@ -48,7 +48,7 @@ PREFERRED_LICENSES = Apache License 2.0,MIT License
4848
; Disable the ability to interact with repositories using the HTTP protocol
4949
DISABLE_HTTP_GIT = false
5050
; Value for Access-Control-Allow-Origin header, default is not to present
51-
; WARNING: This maybe harmful to you website if you do not give it a right value.
51+
; WARNING: This may be harmful to your website if you do not give it a right value.
5252
ACCESS_CONTROL_ALLOW_ORIGIN =
5353
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
5454
USE_COMPAT_SSH_URI = false
@@ -70,6 +70,8 @@ PREFIX_ARCHIVE_FILES = true
7070
DISABLE_MIRRORS = false
7171
; Disable migrating feature.
7272
DISABLE_MIGRATIONS = false
73+
; Disable stars feature.
74+
DISABLE_STARS = false
7375
; The default branch name of new repositories
7476
DEFAULT_BRANCH = master
7577
; Allow adoption of unadopted repositories
@@ -134,7 +136,7 @@ ALLOWED_TYPES =
134136
SIGNING_KEY = default
135137
; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer.
136138
; These should match a publicized name and email address for the key. (When SIGNING_KEY is default these are set to
137-
; the results of git config --get user.name and git config --get user.email respectively and can only be overrided
139+
; the results of git config --get user.name and git config --get user.email respectively and can only be overridden
138140
; by setting the SIGNING_KEY ID to the correct ID.)
139141
SIGNING_NAME =
140142
SIGNING_EMAIL =
@@ -447,7 +449,7 @@ LOG_SQL = true
447449
DB_RETRIES = 10
448450
; Backoff time per DB retry (time.Duration)
449451
DB_RETRY_BACKOFF = 3s
450-
; Max idle database connections on connnection pool, default is 2
452+
; Max idle database connections on connection pool, default is 2
451453
MAX_IDLE_CONNS = 2
452454
; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning)
453455
CONN_MAX_LIFETIME = 3s
@@ -466,7 +468,7 @@ ISSUE_INDEXER_PATH = indexers/issues.bleve
466468
; Issue indexer queue, currently support: channel, levelqueue or redis, default is levelqueue
467469
ISSUE_INDEXER_QUEUE_TYPE = levelqueue
468470
; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the path where the queue will be saved.
469-
; This can be overriden by `ISSUE_INDEXER_QUEUE_CONN_STR`.
471+
; This can be overridden by `ISSUE_INDEXER_QUEUE_CONN_STR`.
470472
; default is indexers/issues.queue
471473
ISSUE_INDEXER_QUEUE_DIR = indexers/issues.queue
472474
; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
@@ -514,9 +516,9 @@ BATCH_LENGTH = 20
514516
; When `TYPE` is `persistable-channel`, this provides a directory for the underlying leveldb
515517
; or additional options of the form `leveldb://path/to/db?option=value&....`, and will override `DATADIR`.
516518
CONN_STR = "addrs=127.0.0.1:6379 db=0"
517-
; Provides the suffix of the default redis/disk queue name - specific queues can be overriden within in their [queue.name] sections.
519+
; Provides the suffix of the default redis/disk queue name - specific queues can be overridden within in their [queue.name] sections.
518520
QUEUE_NAME = "_queue"
519-
; Provides the suffix of the default redis/disk unique queue set name - specific queues can be overriden within in their [queue.name] sections.
521+
; Provides the suffix of the default redis/disk unique queue set name - specific queues can be overridden within in their [queue.name] sections.
520522
SET_NAME = "_unique"
521523
; If the queue cannot be created at startup - level queues may need a timeout at startup - wrap the queue:
522524
WRAP_IF_NECESSARY = true
@@ -617,6 +619,30 @@ WHITELISTED_URIS =
617619
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
618620
BLACKLISTED_URIS =
619621

622+
[oauth2_client]
623+
; Whether a new auto registered oauth2 user needs to confirm their email.
624+
; Do not include to use the REGISTER_EMAIL_CONFIRM setting from the `[service]` section.
625+
REGISTER_EMAIL_CONFIRM =
626+
; Scopes for the openid connect oauth2 provider (separated by space, the openid scope is implicitly added).
627+
; Typical values are profile and email.
628+
; For more information about the possible values see https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims
629+
OPENID_CONNECT_SCOPES =
630+
; Automatically create user accounts for new oauth2 users.
631+
ENABLE_AUTO_REGISTRATION = false
632+
; The source of the username for new oauth2 accounts:
633+
; userid = use the userid / sub attribute
634+
; nickname = use the nickname attribute
635+
; email = use the username part of the email attribute
636+
USERNAME = nickname
637+
; Update avatar if available from oauth2 provider.
638+
; Update will be performed on each login.
639+
UPDATE_AVATAR = false
640+
; How to handle if an account / email already exists:
641+
; disabled = show an error
642+
; login = show an account linking login
643+
; auto = link directly with the account
644+
ACCOUNT_LINKING = disabled
645+
620646
[service]
621647
; Time limit to confirm account/email registration
622648
ACTIVE_CODE_LIVE_MINUTES = 180
@@ -822,7 +848,7 @@ REPOSITORY_AVATAR_FALLBACK_IMAGE = /img/repo_default.png
822848
; This is to limit the amount of RAM used when resizing the image.
823849
AVATAR_MAX_WIDTH = 4096
824850
AVATAR_MAX_HEIGHT = 3072
825-
; Maximum alloved file size for uploaded avatars.
851+
; Maximum allowed file size for uploaded avatars.
826852
; This is to limit the amount of RAM used when resizing the image.
827853
AVATAR_MAX_FILE_SIZE = 1048576
828854
; Chinese users can choose "duoshuo"

docs/config.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ params:
1818
description: Git with a cup of tea
1919
author: The Gitea Authors
2020
website: https://docs.gitea.io
21-
version: 1.13.7
21+
version: 1.14.0
2222
minGoVersion: 1.14
2323
goVersion: 1.16
2424
minNodeVersion: 12.17

docs/content/doc/advanced/config-cheat-sheet.en-us.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
7575
- `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository.
7676
- `DISABLE_MIRRORS`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
7777
- `DISABLE_MIGRATIONS`: **false**: Disable migrating feature.
78+
- `DISABLE_STARS`: **false**: Disable stars feature.
7879
- `DEFAULT_BRANCH`: **master**: Default branch name of all repositories.
7980
- `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories
8081
- `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories
@@ -429,6 +430,21 @@ relation to port exhaustion.
429430
- `BLACKLISTED_URIS`: **\<empty\>**: If non-empty, list of POSIX regex patterns matching
430431
OpenID URI's to block.
431432

433+
## OAuth2 Client (`oauth2_client`)
434+
435+
- `REGISTER_EMAIL_CONFIRM`: *[service]* **REGISTER\_EMAIL\_CONFIRM**: Set this to enable or disable email confirmation of OAuth2 auto-registration. (Overwrites the REGISTER\_EMAIL\_CONFIRM setting of the `[service]` section)
436+
- `OPENID_CONNECT_SCOPES`: **\<empty\>**: List of additional openid connect scopes. (`openid` is implicitly added)
437+
- `ENABLE_AUTO_REGISTRATION`: **false**: Automatically create user accounts for new oauth2 users.
438+
- `USERNAME`: **nickname**: The source of the username for new oauth2 accounts:
439+
- userid - use the userid / sub attribute
440+
- nickname - use the nickname attribute
441+
- email - use the username part of the email attribute
442+
- `UPDATE_AVATAR`: **false**: Update avatar if available from oauth2 provider. Update will be performed on each login.
443+
- `ACCOUNT_LINKING`: **disabled**: How to handle if an account / email already exists:
444+
- disabled - show an error
445+
- login - show an account linking login
446+
- auto - automatically link with the account (Please be aware that this will grant access to an existing account just because the same username or email is provided. You must make sure that this does not cause issues with your authentication providers.)
447+
432448
## Service (`service`)
433449

434450
- `ACTIVE_CODE_LIVE_MINUTES`: **180**: Time limit (min) to confirm account/email registration.
@@ -831,12 +847,14 @@ Gitea can support Markup using external tools. The example below will add a mark
831847
```ini
832848
[markup.asciidoc]
833849
ENABLED = true
850+
NEED_POSTPROCESS = true
834851
FILE_EXTENSIONS = .adoc,.asciidoc
835852
RENDER_COMMAND = "asciidoc --out-file=- -"
836853
IS_INPUT_FILE = false
837854
```
838855

839856
- ENABLED: **false** Enable markup support; set to **true** to enable this renderer.
857+
- NEED\_POSTPROCESS: **true** set to **true** to replace links / sha1 and etc.
840858
- FILE\_EXTENSIONS: **\<empty\>** List of file extensions that should be rendered by an external
841859
command. Multiple extentions needs a comma as splitter.
842860
- RENDER\_COMMAND: External command to render all matching extensions.

docs/content/doc/advanced/config-cheat-sheet.zh-cn.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -297,12 +297,14 @@ test01.xls: application/vnd.ms-excel; charset=binary
297297
```ini
298298
[markup.asciidoc]
299299
ENABLED = false
300+
NEED_POSTPROCESS = true
300301
FILE_EXTENSIONS = .adoc,.asciidoc
301302
RENDER_COMMAND = "asciidoc --out-file=- -"
302303
IS_INPUT_FILE = false
303304
```
304305

305306
- ENABLED: 是否启用,默认为false。
307+
- NEED\_POSTPROCESS: **true** 设置为 true 则会替换渲染文件中的内部链接和Commit ID 等。
306308
- FILE_EXTENSIONS: 关联的文档的扩展名,多个扩展名用都好分隔。
307309
- RENDER_COMMAND: 工具的命令行命令及参数。
308310
- IS_INPUT_FILE: 输入方式是最后一个参数为文件路径还是从标准输入读取。

docs/content/doc/advanced/signing.en-us.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ when creating a repository. The possible values are:
109109
- `always`: Always sign
110110

111111
Options other than `never` and `always` can be combined as a comma
112-
separated list.
112+
separated list. The commit will be signed if all selected options are true.
113113

114114
### `WIKI`
115115

@@ -123,7 +123,7 @@ The possible values are:
123123
- `always`: Always sign
124124

125125
Options other than `never` and `always` can be combined as a comma
126-
separated list.
126+
separated list. The commit will be signed if all selected options are true.
127127

128128
### `CRUD_ACTIONS`
129129

@@ -137,7 +137,7 @@ editor or API CRUD actions. The possible values are:
137137
- `always`: Always sign
138138

139139
Options other than `never` and `always` can be combined as a comma
140-
separated list.
140+
separated list. The change will be signed if all selected options are true.
141141

142142
### `MERGES`
143143

@@ -154,7 +154,7 @@ The possible options are:
154154
- `always`: Always sign
155155

156156
Options other than `never` and `always` can be combined as a comma
157-
separated list.
157+
separated list. The merge will be signed if all selected options are true.
158158

159159
## Obtaining the Public Key of the Signing Key
160160

0 commit comments

Comments
 (0)