* Explicitly disable Git credential helper
If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.
There are two problems with credential helpers when combined with Gitea:
1. Credentials entered by a user when doing a migration or setting up a
mirror will end up in the credential store. In the worst case, this
is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
mirrors by all users. For example, if user A sets up a mirror, their
credentials will be stored. If user B later sets up a mirror from the
same host and does not enter any credentials, user A's credentials
will be used.
This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
https://github.com/git/git/commit/24321375cda79f141be72d1a842e930df6f41725
* Update git module
* Create manifest and serviceworker
* Create templates and add AppSubUrl
* Add JSRenderer
* fix ctx type
* Add JSRenderer to static.go
* Complete adding {{AppSubUrl}}
* Add more fonts to urlsToCache
* Add 512px and 192px icons
* Hardcode font MD5
* Default theme doesn't have a specific CSS file
* Add raw blob endpoint
This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.
* fix: Make it work
* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132
Signed-off-by: Berengar W. Lehr <[email protected]>
* Update Gopkg.lock
Can't update all vendors due to errors
Signed-off-by: Berengar W. Lehr <[email protected]>
* style: Add Gitea copyright header
* feat: Added integration test for /repo/u/r/raw/blob
* fix: correct year in copyright header
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation
Fixes#5226, #5249
* /api/v1/admin/users routes should have reqToken middleware
* Pass environment variables for URL prefixes to external markup parser
Signed-off-by: Nicolas Lenz <[email protected]>
* Document external markup link prefix environment variables
Signed-off-by: Nicolas Lenz <[email protected]>
* Run format on link prefix changes
Signed-off-by: Nicolas Lenz <[email protected]>
* Added basic heatmap data
* Added extra case for sqlite
* Built basic heatmap into user profile
* Get contribution data from api & styling
* Fixed lint & added extra group by statements for all database types
* generated swagger spec
* generated swagger spec
* generated swagger spec
* fixed swagger spec
* fmt
* Added tests
* Added setting to enable/disable user heatmap
* Added locale for loading text
* Removed UseTiDB
* Updated librejs & moment.js
* Fixed import order
* Fixed heatmap in postgresql
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-Authored-By: kolaente <[email protected]>
* Added copyright header
* Fixed a bug to show the heatmap for the actual user instead of the currently logged in
* Added integration test for heatmaps
* Added a heatmap on the dashboard
* Fixed timestamp parsing
* Hide heatmap on mobile
* optimized postgresql group by query
* Improved sqlite group by statement
* add notification interface and refactor UI notifications
* add missing methods on notification interface and notifiy only issue status really changed
* implement NotifyPullRequestReview for ui notification
* Detect charset and convert non UTF-8 files for display
* Refactor and move function to correct module
* Revert unrelated changes
* More unrelated changes
* Duplicate content for small text to have better encoding detection
* Check if original content is valid before duplicating it
* redirect to login page after successfully activating account
* force users to change password if account was created by an admin
* force users to change password if account was created by an admin
* fixed build
* fixed build
* fix pending issues with translation and wrong routes
* make sure path check is safe
* remove unneccessary newline
* make sure users that don't have to view the form get redirected
* move route to use /settings prefix so as to make sure unauthenticated users can't view the page
* update as per @lafriks review
* add necessary comment
* remove unrelated changes
* support redirecting to location the user actually want to go to before being forced to change his/her password
* run make fmt
* added tests
* improve assertions
* add assertion
* fix copyright year
Signed-off-by: Lanre Adelowo <[email protected]>
ENABLE_LETSENCRYPT and LETSENCRYPT_ACCEPTTOS were not being properly loaded from the config file, always resulting in the default settings being in place.
* prevent pull request to be merged when PR is a WIP
* add tests
* add helper to prepend WIP: in PR title
* move default wip prefixes into settings
* use configurable WIP prefixes in javascript and default to first one in templates
* add documentation
* add unit test on pull model
Signed-off-by: Julien Tant <[email protected]>
* Initial ui components for pull request review
* Add Review
Add IssueComment types
Signed-off-by: Jonas Franz <[email protected]>
(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <[email protected]>
* Replace ReviewComment with Content
Signed-off-by: Jonas Franz <[email protected]>
* Add load functions
Add ReviewID to findComments
Signed-off-by: Jonas Franz <[email protected]>
* Add create review comment implementation
Add migration for review
Other small changes
Signed-off-by: Jonas Franz <[email protected]>
* Simplified create and find functions for review
Signed-off-by: Jonas Franz <[email protected]>
* Moved "Pending" to first position
Signed-off-by: Jonas Franz <[email protected]>
* Add GetCurrentReview to simplify fetching current review
Signed-off-by: Jonas Franz <[email protected]>
* Preview for listing comments
Signed-off-by: Jonas Franz <[email protected]>
* Move new comment form to its own file
Signed-off-by: Jonas Franz <[email protected]>
* Implement Review form
Show Review comments on comment stream
Signed-off-by: Jonas Franz <[email protected]>
* Add support for single comments
Showing buttons in context
Signed-off-by: Jonas Franz <[email protected]>
* Add pending tag to pending review comments
Signed-off-by: Jonas Franz <[email protected]>
* Add unit tests for Review
Signed-off-by: Jonas Franz <[email protected]>
* Fetch all review ids at once
Add unit tests
Signed-off-by: Jonas Franz <[email protected]>
* gofmt
Signed-off-by: Jonas Franz <[email protected]>
* Improved comment rendering in "Files" view by adding Comments to DiffLine
Signed-off-by: Jonas Franz <[email protected]>
* Add support for invalidating comments
Signed-off-by: Jonas Franz <[email protected]>
* Switched back to code.gitea.io/git
Signed-off-by: Jonas Franz <[email protected]>
* Moved review migration from v64 to v65
Signed-off-by: Jonas Franz <[email protected]>
* Rebuild css
Signed-off-by: Jonas Franz <[email protected]>
* gofmt
Signed-off-by: Jonas Franz <[email protected]>
* Improve translations
Signed-off-by: Jonas Franz <[email protected]>
* Fix unit tests by updating fixtures and updating outdated test
Signed-off-by: Jonas Franz <[email protected]>
* Comments will be shown at the right place now
Signed-off-by: Jonas Franz <[email protected]>
* Add support for deleting CodeComments
Signed-off-by: Jonas Franz <[email protected]>
* Fix problems caused by files in subdirectories
Signed-off-by: Jonas Franz <[email protected]>
* Add support for showing code comments of reviews in conversation
Signed-off-by: Jonas Franz <[email protected]>
* Add support for "Show/Hide outdated"
Signed-off-by: Jonas Franz <[email protected]>
* Update code.gitea.io/git
Signed-off-by: Jonas Franz <[email protected]>
* Add support for new webhooks
Signed-off-by: Jonas Franz <[email protected]>
* Update comparison
Signed-off-by: Jonas Franz <[email protected]>
* Resolve conflicts
Signed-off-by: Jonas Franz <[email protected]>
* Minor UI improvements
* update code.gitea.io/git
* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments
Signed-off-by: Jonas Franz <[email protected]>
* Prepare solving conflicts
Signed-off-by: Jonas Franz <[email protected]>
* Show add button only if no comments already exist for the line
Signed-off-by: Jonas Franz <[email protected]>
* Add missing vendor files
Signed-off-by: Jonas Franz <[email protected]>
* Check if reviewer is nil
Signed-off-by: Jonas Franz <[email protected]>
* Show forms only to users who are logged in
Signed-off-by: Jonas Franz <[email protected]>
* Revert "Show forms only to users who are logged in"
This reverts commit c083682
Signed-off-by: Jonas Franz <[email protected]>
* Save patch in comment
Render patch for code comments
Signed-off-by: Jonas Franz <[email protected]>
* Add link to comment in code
Signed-off-by: Jonas Franz <[email protected]>
* Add reply form to comment list
Show forms only to signed in users
Signed-off-by: Jonas Franz <[email protected]>
* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting
Signed-off-by: Jonas Franz <[email protected]>
* gofmt
Signed-off-by: Jonas Franz <[email protected]>
* Fix problems introduced by checking for singed in user
Signed-off-by: Jonas Franz <[email protected]>
* Add v70
Signed-off-by: Jonas Franz <[email protected]>
* Update generated stylesheet
Signed-off-by: Jonas Franz <[email protected]>
* Fix preview
Beginn with new review comment patch system
Signed-off-by: Jonas Franz <[email protected]>
* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)
* Add documentation and example for CutDiffAroundLine
* Fix example of CutDiffAroundLine
* Fix some comment UI rendering bugs
* Add code comment edit mode
* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag
* Fix vet errors
* Send notifications also for single comments
* Fix some notification bugs, fix link
* Fix: add comment icon is only shown on code lines
* Add lint comment
* Add unit tests for git diff
* Add more error messages
* Regenerated css
Signed-off-by: Jonas Franz <[email protected]>
* fmt
Signed-off-by: Jonas Franz <[email protected]>
* Regenerated CSS with latest less version
Signed-off-by: Jonas Franz <[email protected]>
* Fix test by updating comment type to new ID
Signed-off-by: Jonas Franz <[email protected]>
* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements
Signed-off-by: Jonas Franz <[email protected]>
* Fix data-tab issues
Signed-off-by: Jonas Franz <[email protected]>
* Remove unnecessary change
Signed-off-by: Jonas Franz <[email protected]>
* refactored checkForInvalidation
Signed-off-by: Jonas Franz <[email protected]>
* Append comments instead of setting
Signed-off-by: Jonas Franz <[email protected]>
* Use HeadRepo instead of BaseRepo
Signed-off-by: Jonas Franz <[email protected]>
* Update migration
Signed-off-by: Jonas Franz <[email protected]>
* Regenerated CSS
Signed-off-by: Jonas Franz <[email protected]>
* Add copyright
Signed-off-by: Jonas Franz <[email protected]>
* Update index.css
Signed-off-by: Jonas Franz <[email protected]>
This makes it easier for user who want to theme but
don't have the ability to know how to customize templates
all that is required is a change in a config option
The reason why I chose the DEFAULT_THEME as variable,
as perhaps in the future we will allow users to chose their
theme whon logged in just like we do with languages
