* specify user in rootless container numerically
With kubernetes' PodSecurityPolicy set to runAsNonRoot it will not allow starting the container. The error message is
```
Error: container has runAsNonRoot and image has non-numeric user (git), cannot verify user is non-root
```
The `USER` directive has to be numerical for that to work.
* mention the name of the uid/gid
Co-authored-by: 6543 <6543@obermui.de>
The current CSRF handler is a bit harsh with bad CSRF tokens on webpages
I think we can be a little kinder and redirect to base page with a flash error
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix: not able to update local created non-urlencoded wiki pages
* tidy code
* as per suggestion
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Don't replace space to dash for unescaped wiki filename
Co-authored-by: zeripath <art27@cantab.net>
* Remove incorrect comment
* Remove NameToUnescapedFilename()
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
If a pre-post-processed file contains relative img tags these need to be updated
and joined correctly with the prefix. Finally, the node attributes need to be updated.
Fix #16308
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
This strict equality check in `u2fError` was causing the error
description to hide immediately after showing. `Object.keys`
always returns strings, but `errorType` argument is usually a
number type.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
* Fix modified files list in webhooks when there is a space
There is an unfortunate bug with GetCommitFileStatus where files with
spaces are misparsed and split at the space.
There is a second bug because modern gits detect renames meaning that
this function no longer works correctly.
There is a third bug in that merge commits don't have their modified
files detected correctly.
Fix #15865
Signed-off-by: Andrew Thornton <art27@cantab.net>
Fixes #16317
Wrap around from last to first comment when clicking "Next" on last comment.
Wrap around from first to last comment when clicking "Previous" on first comment.
* Support custom mime type mapping for text files
* Apply suggested change to routers/common/repo.go
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Following the merging of https://github.com/go-git/go-git/pull/330 we
can now add a setting to avoid go-git reading and caching large objects.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Unfortunately go doesn't always ensure that execd processes are completely
waited for. On linux this means that zombie processes can occur.
This PR ensures that these are waited for by using signal notifier in serv and
passing a context elsewhere.
Signed-off-by: Andrew Thornton <art27@cantab.net>
This PR adds a button to delete failed repositories if there has been a
failure during migration and for whatever reason the repository doesn't
get deleted automatically.
Fix #16154
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix default push instructions on empty repos
Use script block like in `repo/clone_buttons.tmpl` to set default instructions
for pushing to empty repos.
Fix #16295
Signed-off-by: Andrew Thornton <art27@cantab.net>
Use `..` instead of `...` with `rev-list`. In combination with #16282 the receiver can get the correct commit. The behaviour is now like Github.
fixes #11802
* Make the github migration less rate limit waiting to get comment per page from repository but not per issue
* Fix lint
* adjust Downloader interface
* Fix missed reviews
* Fix test
* Remove unused struct
There is a bug with last commit cache recursive cache where the last
commit information that refers to the current tree itself will cause a
panic due to its path ("") not being included in the expected tree entry
paths.
This PR fixes this by skipping the missing entry.
Fix #16290
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Following the merge of #16278 we need to update the fail2ban
documentation to take account of the availability of the new
sshConnectionFailed failed authentication attempt log message.
Also add a deprecation notice regarding the previous publicKeyHandler
messages, as these may be a source of false positives.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback
Following the merging of https://github.com/gliderlabs/ssh/pull/143 we
can now report connections to the ssh server that have failed before
public key exchange has completed using the standard fail2ban message.
This PR updates Gliderlabs SSH and adds a callback that will provide this
logging.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* move the callback to its own function to make the logging appear little nicer
Signed-off-by: Andrew Thornton <art27@cantab.net>