The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move jquery-minicolors to npm/webpack
- Unvendor and add as npm dependency
- Removed unneeded backend variable
- Fixed existing bug where picker would previously initizalize to the
same green color when editing a label.
There was probably a version bump because the previous version was
over 3 years old but it seems to be compatible.
* use file-loader
* trailing comma and comment update
* misc tweaks
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add mermaid JS renderer
For feature parity with GitLab. Tested in files, issues, wiki, editor.
arc-green only does an inversion because the renderer seems to like to
render white backgrounds on boxes.
Ref: https://github.com/go-gitea/gitea/issues/3340
Fixes: https://github.com/go-gitea/gitea/issues/12307
* add feature entry, switch to neutral theme, remove border
* add bindFunctions support
* remove unnecessary border-radius
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Auto-init repo on license, .gitignore select
When a .gitignore or LICENSE file is added, the user is expecting the
repository to be auto-initialized. However, nothing sets the auto_init
value, so it remains at its default. We should set it to checked when
a .gitignore or LICENSE file is added, matching user expectations. If
the user clears .gitignore or LICENSE, it will leave repository creation
enabled. If the user changes the value again, it will re-check the box
if the user has since de-checked it. This behavior is at least
consistent.
Resolves: #11071
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Update Octicons to v10
Besides a few renames, these icons are no longer present in v10 that we've
used, so had to change:
file-symlink-directory -> file-submodule
internal-repo -> repo
repo-force-push -> repo-push
repo-template-private -> repo-template
Fixes: https://github.com/go-gitea/gitea/issues/11889
Ref: https://github.com/primer/octicons/releases/tag/v10.0.0
* add custom sliders svg for removed octicon-settings
* apply suggestion
* fix triangles and use play on admin dashboard
* add custom mirror svg
* add missing build files
* unify custom svgs
* move to octicon-repo-clone to gitea-mirror
* use octicon-x on conflicts
* tweak timeline icons
* tweak comment buttons
* update settings icon to octicons v1
* switch to octicon-mirror and octicon-tools
* replace two wiki buttons with octicons
* remove whitespace in svg sources
* Fix filepath basename on Windows for SVG bindata (#12241)
* move octicons to devDependencies
* move back to dependencies
* move svgo to devDependencies again
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
- replace font-awesome icons with octicons
- clean up js and css surrounding the code expansion and file folding
- fix hover color on arc-green
- tweak diff line number colors
Co-authored-by: zeripath <art27@cantab.net>
Introduce 'make svg' which calls a node script that compiles svg files
to `public/img/svg`. These files are vendored to not create a dependency
on Node for the backend build.
On the frontend side, configure webpack using `raw-loader` so SVGs can
be imported as string.
Also moved our existing SVGs to web_src/svg for consistency.
Fixes: https://github.com/go-gitea/gitea/issues/11618
The current vendored gitgraph.js is no longer maintained and is
difficult to understand, fix and maintain.
This PR completely rewrites its logic - hopefully in a clearer fashion
and easier to maintain.
It also includes @silverwind's improvements of coloring the commit dots
and preventing the flash of incorrect content.
Further changes to contemplate in future will be abstracting out of the
flows to an object, storing the involved commit references on the flows
etc. However, this is probably a required step for this.
Replaces #12131
Fixes #11981 (part 3)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Unfortunately some of the suggested changes to #12095 introduced
bugs which due to caching behaviour of sharedworkers were not caught
on simple tests.
These are as follows:
* Changing from simple for loop to use includes here:
```js
register(port) {
if (!this.clients.includes(port)) return;
this.clients.push(port);
port.postMessage({
type: 'status',
message: `registered to ${this.url}`,
});
}
```
The additional `!` prevents any clients from being added and should
read:
```js
if (this.clients.includes(port)) return;
```
* Dropping the use of jQuery `$(...)` selection and using DOM
`querySelector` here:
```js
async function receiveUpdateCount(event) {
try {
const data = JSON.parse(event.data);
const notificationCount = document.querySelector('.notification_count');
if (data.Count > 0) {
notificationCount.classList.remove('hidden');
} else {
notificationCount.classList.add('hidden');
}
notificationCount.text() = `${data.Count}`;
await updateNotificationTable();
} catch (error) {
console.error(error, event);
}
}
```
Requires that `notificationCount.text()` be changed to use `textContent`
instead.
Signed-off-by: Andrew Thornton <art27@cantab.net>
For some reason our eslint configuration is not working correctly
and a bug has become apparent when trying to backport this to 1.12.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Move EventSource to use a SharedWorker. This prevents issues with HTTP/1.1
open browser connections from preventing gitea from opening multiple tabs.
Also allow setting EVENT_SOURCE_UPDATE_TIME to disable EventSource updating
Fix #11978
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Server-side syntax hilighting for all code
This PR does a few things:
* Remove all traces of highlight.js
* Use chroma library to provide fast syntax hilighting directly on the server
* Provide syntax hilighting for diffs
* Re-style both unified and split diffs views
* Add custom syntax hilighting styling for both regular and arc-green
Fixes #7729
Fixes #10157
Fixes #11825
Fixes #7728
Fixes #3872
Fixes #3682
And perhaps gets closer to #9553
* fix line marker
* fix repo search
* Fix single line select
* properly load settings
* npm uninstall highlight.js
* review suggestion
* code review
* forgot to call function
* fix test
* Apply suggestions from code review
suggestions from @silverwind thanks
Co-authored-by: silverwind <me@silverwind.io>
* code review
* copy/paste error
* Use const for highlight size limit
* Update web_src/less/_repository.less
Co-authored-by: Lauris BH <lauris@nix.lv>
* update size limit to 1MB and other styling tweaks
* fix highlighting for certain diff sections
* fix test
* add worker back as suggested
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
This changes the links on headings like '# Usage' in markdown from
`https://host/user/repo#user-content-usage`
to just
`https://host/user/repo#usage`
matching GitHub and GitLab. The linked id elements still have the prefix
and this behaviour matches GitHub and GitLab too, so JS is needed to
scroll to the active anchor. I suspect it's like that to avoid namespace
collission between user-generated content and other page content.
Compatibilty for old links is included so they will continue to work.
Also included are some enhancements to make the clickable area for the
link icon larger and fix its color on arc-green.
Fixes: https://github.com/go-gitea/gitea/issues/11896
Fixes: https://github.com/go-gitea/gitea/issues/12062
* Fix gitgraph branch continues after merge
After fixing the initial problem in #11981 another
problem has come to light...
Fix #11981 (part 2)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update web_src/js/vendor/gitgraph.js
* Apply suggestions from code review
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix sticky diff stats container
* Use pure CSS sticky instead of Fomantic's JS
* add border color to arc-green
* add slight padding on sides
* make linter happy
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Handle multiple merges in gitgraph.js
There is a bug in web_src/js/vendor/gitgraph.js whereby it fails to
handle multiple merges in a single commit correctly. This PR adds
changes to make this work.
Fix #11981
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update web_src/js/vendor/gitgraph.js
* Don't add same line code comment box twice
Clicking the same '+' button multiple times adds multiple comment boxes
to the same line. Prevent this by assigning a unique key to each comment
box and checking if it already exists in the DOM.
Also cleaned up the code around this a bit.
* Update web_src/js/index.js
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This removes the jQuery plugin as well as the associated config options.
Native input[type=date] does not require a language attribute as it is
localized by default, except for the placeholder attribute for which I
currently piggy-back the repo.issues.due_date_form localization option.
Implementation should pretty much match GH. Of note is that Safari does
not provide a UI for this input type, but I don't think providing one is
neccessary and GH did not bother either.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Show multiple octicons on repo list
* fix mixed spaces/tabs
* Internal repo octicon
* show internal icon in dashboard repolist
* swagger
* fix icon for normal repo on repo page
* don't expose owner visibility directly; provide internal in repo api
* fix icons for forks and mirrors
Co-authored-by: Lauris BH <lauris@nix.lv>
* Properly truncate system notices
As noted in #11658 the system notifications list will always suffix
system notices with ... even when the notice is longer than 120
characters.
Instead we should use .text.truncate to auto truncate and make the
notices clickable to view their details.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* As per @CirnoT make table cell clickable
* ensure that pre wraps
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Make sure wiki editor sets wiki to true so gitea renders it as a wiki page.
Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless.
Fixes #11540
GH has different HardBreaks behaviour for markdown comments and documents.
Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting.
Here we split the setting in to two - one for documents and one for comments and other things.
Signed-off-by: Andrew Thornton art27@cantab.net
Changes to index.js as per @silverwind
Co-authored-by: silverwind <me@silverwind.io>
Changes to docs as per @guillep2k
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix serviceworker output file and misc improvements
- Fix output file location for production build
- Cache more asset types: fonts and worker variants
- Parallelize a few tasks during initalization
- Only invalidate caches starting with our prefix
- Remove public/serviceworker.js before building
- Remove font preloads, they cause strange cors issues
- Misc eslint config adjustments
* remove webpack output files on watch-frontend
* Fix Enter not working in SimpleMDE
This condition was wrongly inverted, leading to all enter keys being
blocked.
Fixes: https://github.com/go-gitea/gitea/issues/11559
* fix it for absent tribute too
* Move serviceworker to workbox and fix SSE interference
Instead of statically hardcoding every frontend asset, this uses a
type-based approach to cache all js,css and manifest.json requests.
This also fixes the issue that the service worker was interfering with
EventSource because it was unconditionally handling all requests which
this new implementation doesn't.
Fixes: https://github.com/go-gitea/gitea/issues/11092
Fixes: https://github.com/go-gitea/gitea/issues/7372
* rethrow error instead of logging
* await .register
* Revert "rethrow error instead of logging"
This reverts commit 043162ba1f.
* improve comment
* remove JSRenderer
* add version-based cache invalidation
* refactor
* more refactor
* remove comment
* rename item to fit cache name
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Move tributejs to npm/webpack
- Move vendored bundle to npm and webpack
- Rewrote initialization to single function
- Restyled it (made it a bit smaller)
- Fixed it for arc-green
* fix mention
* also include emoji on #content
* Update web_src/less/_tribute.less
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
* rewrite to only use one instance of Tribute
* refactor
* fix copy/paste error
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix repo-list private and total count bugs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure limited and private org public repos are displayed on "private"
Signed-off-by: Andrew Thornton <art27@cantab.net>
* switch from onlyPrivate to is_private
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Generate swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Previously, we had only set __webpack_public_path__ to a path which
caused webpack chunks to be loaded from the current origin which is
incorrect when STATIC_URL_PREFIX points to another origin.
This should fix the issue curretnly seen on gitea.com.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Remove IE11 support
With master now on 1.13, it's time to drop IE11 for good. The woff
variants are also in use by Opera Mini but it has even less market share
and I can only imagine how broken the UI is in it.
Fixes: https://github.com/go-gitea/gitea/issues/6147
* update docs
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* ui: remove the divider between heatmap and feeds in the dashboard view
* this commit reverses 6ccd19ef86
Signed-off-by: surtur <a_mirre@utb.cz>
* add a divider to the default user dashboard view
* another one-line change, this time as a direct complement of
2bfc71614c to implement a divider of
sorts (as per 6ccd19ef86 originally)
Signed-off-by: surtur <a_mirre@utb.cz>
* removed the divider in heatmap.tmpl
* the separator is added by partial templates as needed
Signed-off-by: surtur <a_mirre@utb.cz>
* load proper dashboard template code in profile.tmpl
* as discussed in Discord
* includes a divider of its own
Signed-off-by: surtur <a_mirre@utb.cz>
* ui: Add dividing line between heatmap and feeds in dashboard view
I think it's necessary to add dividing line between heatmap
and feeds in dashboard view, or the first items in feed is too
near with heatmap which is not a good view.
Signed-off-by: a1012112796 <1012112796@qq.com>
* Change the implementation method
* change style
* restart ci
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make localstorage read ssh or https correctly
* Update index.js
If not login there is only a "https" button, This commit fix the "https" button hasn't blue border.
* Keep user selected whether or not to log in
* Update index.js
* Add archived options to SearchRepository
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add only-private search
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add filter options and paging to dashboard repository page
Signed-off-by: Andrew Thornton <art27@cantab.net>
* swagger generate
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix-swagger-again
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @mrsdizzie also remember state
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Properly generate ref URLs
Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of
src/tags/1.0.0).
Also cleans up some code around it with the created helper functions.
* Fix formatting and create migration
* Add copyright head to utils_test
* Use a raw query for the ref migration
* Remove semicolon
* Quote column and table names in migration SQL
* Change || to CONCAT, since MSSQL does not support ||
* Make migration engine aware
* Add missing import
* Move ref EndName and URL to the issue service
* Fix tests
* Add test for commit refs
* Update issue.go
* Use the right command for building JavaScript bundles
* Prepare for merge
* Check for refs/* before prepending in migration
* Update services/issue/issue_test.go
* Update modules/git/utils_test.go
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
* Switch code editor to Monaco
This switches out CodeMirror for Monaco which is based on the same code
base as VS code and should work pretty similar to it.
It does add a few async chunks, totalling around 10MB to our build. It
currently supports around 65 languages and in the default configuration,
each language would emit one ugly [number].js chunk, so I opted to
combine them all into a single file for now.
CodeMirror is still being used under the hood by SimpleMDE so it can not
be removed yet.
* inline editorconfig, fix diff, use for markdown, remove more dead code
* refactors, remove jquery usage
* use tab_width
* fix intellisense
* rename function for clarity
* misc tweaks, enable webpack progress display
* only use --progress on dev build
* remove useless borders in arc-green
* fix typo
* remove obsolete comment
* small refactor
* fix file creation and various refactors
* unset useTabStops too when no editorconfig
* small refactor
* disable webpack's [big] warnings
* remove useless await
* fix dark theme check
* rename chunk to 'monaco'
* add to .gitignore and delete webpack dest before build
* increase editor height
* support more editorconfig properties
* remove empty element filter
* rename
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Introduced by b57a735 via removal of jQuery-Migrate.
This PR changes usage of .success on jqXHR to .done.
Fixes #11228 and few other places, such as removal of code comments.