* Show Signer in commit lists and add basic trust
Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.
Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure orange text and background is available
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update gpg_key.go
* Update models/gpg_key.go
* Apply suggestions from code review
* Require team collaborators to have access to UnitTypeCode
* as per @6543
* fix position of sha as per @silverwind
* as per @guillep2k
This provides Firefox (and possible other browsers) with a
high-resolution rich icon, in place of the previously removed
apple-touch-icon without having to use that one as it lacks an
alpha channel. This is the same method GH uses.
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/UI_considerations#Rich_icons
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
- Ensure bar does not overflow parent
- Remove unneccessary borders/background
- Fix shaky animation caused by JS animation miscalculation by setting
fixed height on the summary box. Box itself is still shaky during
animation, but better it then the whole page.
Fixes: https://github.com/go-gitea/gitea/issues/10474
* Change action GETs to POST
* submite = submit + smite
* No more # href
* Fix test
* Match other tests
* Explicit csrf
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
- unvendor vue and vue-calendar-heatmap
- remove unused moment.js leftover from previous heatmap version
- ensure webpack loads the full version of vue
- fix vue devmode warning related to 'searchLimit' type
I wanted to name the chunk heatmap.js but adblockers don't like that
filename [1].
[1] 3899d5dff3/easyprivacy/easyprivacy_general.txt (L2095)
* Prevent Firefox from using apple-touch-icon
The opaque background does not work well in Firefox which uses the icon
as a "rich icon". Prevent this by not specifying it in HTML. Real Apple
devices will still request the icon on the static path.
Fixes: https://github.com/go-gitea/gitea/issues/10394
Also adjust gitignore so app.ini.sample becomes searchable and fixed a
variable name in app.ini.sample.
* fix gitignore
Move langauge detection to separate module to be more reusable
Add option to disable vendored file exclusion from file search
Allways show all language stats for search
* Truncate long commit message header
* Fix overflow in view commit table
* Use @media less
* Further improvements
* Fix the commit message on small screens
* adjust width of minimal table
* add API branch protection endpoint
* lint
* Change to use team names instead of ids.
* Status codes.
* fix
* Fix
* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)
* Do xorm query directly
* fix xorm GetUserNamesByIDs
* Add some tests
* Improved GetTeamNamesByID
* http status created for CreateBranchProtection
* Correct status code in integration test
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Implementation for calculating language statistics
Impement saving code language statistics to database
Implement rendering langauge stats
Add primary laguage to show in repository list
Implement repository stats indexer queue
Add indexer test
Refactor to use queue module
* Do not timeout for queues
* Only show conflicted files if not merged
* try again
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
- created lazy-loaded webpack chunk for clipboard.js
- upgraded clipboard.js from 1.5.9 to 2.0.4
- parallelize initialization of all lazy-loaded features
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Make WorkerPools and Queues flushable
Adds Flush methods to Queues and the WorkerPool
Further abstracts the WorkerPool
Adds a final step to Flush the queues in the defer from PrintCurrentTest
Fixes an issue with Settings inheritance in queues
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Change to for loop
* Add IsEmpty and begin just making the queues composed WorkerPools
* subsume workerpool into the queues and create a flushable interface
* Add manager command
* Move flushall to queue.Manager and add to testlogger
* As per @guillep2k
* as per @guillep2k
* Just make queues all implement flushable and clean up the wrapped queue flushes
* cope with no timeout
Co-authored-by: Lauris BH <lauris@nix.lv>
because the CSS was lazy-loaded the rules in arc-green did not win.
included the css file in the main bundle to fix. the black dots can not
be fixed via CSS because they are drawn in a `<canvas>` element
unfortunately.
- introduced window.config to help with js-based lazy-loading
- adjusted webpack chunk naming to avoid 'vendors~name.js' that webpack
defaults to for vendor chunks.
- added theme class to html and prefixed all selectors. this is
neccesary so that the theme styles win over the lazy-loaded ones.
Co-authored-by: zeripath <art27@cantab.net>
* add explicit dimensions to navbar avatar
this prevents a temporary layout change when navigating between
pages with cache disabled.
* also add dimensions on frontpage
Co-authored-by: Lauris BH <lauris@nix.lv>
* fix commit view JS features, reimplement folding
File content folding was not working so I reimplemented it in a saner
way. Then I noticed the issue was actually because of missing JS
libraries (seen on the console of every commit with error
'SimpleMDE is not defined').
Fixed the libraries. I think the reimplementation is worth to keep.
* add .closest polyfill
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
loadCSS was used as a polyfill for rel=preload but it seems we only used
it on a single CSS file which did not help much. Changed the icon CSS to
a blocking load and preload the woff2 variants which does work in modern
browsers (Firefox currently needs the network.preload about:config
setting but should gain proper support soon).
Co-authored-by: zeripath <art27@cantab.net>
This changes the CSS output of webpack to output to the public/css
directory instead of inling CSS in JS. This enables CSS minification and
autoprefixer based on browserslist which would otherwise not be
possible.
The result of this change is two new output files currently:
- public/css/swagger.css
- public/css/gitgraph.css
Co-authored-by: techknowlogick <matti@mdranta.net>
* fix typo
* Migrate reviews when migrating repository from github
* fix lint
* Added test and migration when external user login
* fix test
* fix commented state
* Some improvements
* fix bug when get pull request and ref original author on code comments
* Fix migrated line; Added comment for review
* Don't load all pull requests attributes
* Fix typo
* wrong change copy head
* fix tests
* fix reactions
* Fix test
* fix fmt
* fix review comment reactions
* Fix wrong hint when status checking is running on pull request view
* fix lint
* fix test
* fix test
* fix wrong tmpl
* fix import
* rename function name
Currently, this needs to be its own chunk because fomantic depends
on jQuery being present. The next step is to move fomantic to webpack
too after which we can combine the index,fomantic and jquery files into
one.
jquery-migrate is still neccessary because our ancient version of Dropzone
seems to break without it. I imagine it can be removed after a Dropzone
upgrade.
* fixed link to issue in issue comments after adding/removing a dependency, before links assumed the issue was in the same repository. also changed the format of the displayed issue since the issue will not necessarily be in the same repo
* based on pr comments, changed to use HTMLURL instead of piecing together the issue url, and added an if statement around the issue link display as a nil protection
* only showing repo name in dependency comment if the issue is from another repo
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Use npm to manage fomantic
* Only build needed semantic components
* Fix make
* Don't import fonts from google sites since we have loaded
* [misc] devendor fomantic-ui and rebuild upon src or config changes only
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* Change sort alphabetically of semantic components
* Fix trailing slash
* fix makefile
* Remove dependency to gulp from package.json
* Fix something
* Simplife the makefile
* add missed fomantic compnent
Co-authored-by: Jakob Ackermann <das7pad@outlook.com>
* Add support for database schema
* Require setting search_path for the db user
* Add schema setting to admin/config.tmpl
* Use a schema different from default for psql tests
* Update postgres scripts to use custom schema
* Update to xorm/core 0.7.3 and xorm/xorm c37aff9b3a
* Fix migration test
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix wrong permissions check when issues/prs shared operations
* move redirect to the last of the function
* fix swagger
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Change won't sign information text to black.
* icon and text same color
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Add possibility to global disable repo units.
* Add Default Repo Unit app.ini setting.
* Hide units
* Hide disabled repo units
* Minor fixes
* Indicate disabled units in team settings.
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Admin shall be able to bypass merge checks.
* Repository admin should not bypass if merge whitelist is set.
* Add code comment about checks that PR are ready
* notAllOverrideableChecksOk->notAllOverridableChecksOk
* Fix merge, require signed currently not overridable.
* fix
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Add require signed commit for protected branch
* Fix fmt
* Make editor show if they will be signed
* bugfix
* Add basic merge check and better information for CRUD
* linting comment
* Add descriptors to merge signing
* Slight refactor
* Slight improvement to appearances
* Handle Merge API
* manage CRUD API
* Move error to error.go
* Remove fix to delete.go
* prep for merge
* need to tolerate \r\n in message
* check protected branch before trying to load it
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* fix commit-reader
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Created a second webpack output file for swagger-ui which is loaded on
the /api/swagger route. One notable difference is the absence of the
swagger favicon that was previously used which is now the gitea icon. I
see no easy way to restore that favicon, so I decided to not keep it.
* introduce GET /notifications/new
* add TEST
* use Sprintf instead of path.Join
* Error more verbose
* return number of notifications if unreaded exist
* 200 http status for available notifications
* Restricted users (#4334): initial implementation
* Add User.IsRestricted & UI to edit it
* Pass user object instead of user id to places where IsRestricted flag matters
* Restricted users: maintain access rows for all referenced repos (incl public)
* Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses
* Add basic repo access tests for restricted users
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Mention restricted users in the faq
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg`
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Remove unnecessary `org.IsOrganization()` call
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Revert to an `int64` keyed `accessMap`
* Add type `userAccess`
* Add convenience func updateUserAccess()
* Turn accessMap into a `map[int64]userAccess`
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* or even better: `map[int64]*userAccess`
* updateUserAccess(): use tighter syntax as suggested by lafriks
* even tighter
* Avoid extra loop
* Don't disclose limited orgs to unauthenticated users
* Don't assume block only applies to orgs
* Use an array of `VisibleType` for filtering
* fix yet another thinko
* Ok - no need for u
* Revert "Ok - no need for u"
This reverts commit 5c3e886aab.
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* add "before" query to ListIssueComments and ListRepoIssueComments
* Add TEST
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* introduce `GET /orgs`
* add TEST
* show also other VisibleType's
* update description
* refactor a lot
* SearchUserOptions by default return only public
* deprecate /api/v1/org/{org}/repos in favour of /api/v1/orgs/{org}/repos + cleanup api repository routes a bit
* remove redundant code
* use upstream function for api cal
* make generate-swagger
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Fix #5997.
If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale.
New branch protection option to dismiss stale approvals are added.
To show that a review is not based on the latest PR changes, an hourglass is shown
Once a branch has been merged if the commit ID no longer equals that of
the pulls ref commit id don't offer to delete the branch on the pull screen
and don't list it as merged on branches.
Fix #9201
When looking at the pull page we should also get the commits from the refs/pulls/x/head
Fix #9158