Fixes https://github.com/go-gitea/gitea/issues/30082.
Adds a new linter that searches for non-existant SVG images in
templates. Output before the fix was:
```
$ make lint-templates
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-markup" not found, used in templates/repo/diff/comment_form.tmpl
make: *** [Makefile:438: lint-templates] Error 1
```
<img width="306" alt="Screenshot 2024-03-25 at 23 31 05"
src="https://github.com/go-gitea/gitea/assets/115237/1052d1a9-bfec-4d5a-9cae-f895f78f7c93">
(cherry picked from commit 2ab5f05f40d93224f73e211e84de50a88a6ecf03)
Conflicts:
.github/workflows/files-changed.yml
.github/workflows/pull-compliance.yml
do not exist in Forgejo and the Forgejo workflows
already contain the changes
Instead of failing or do things that could be damaging, this script
prints a deprecation notice. It fixes the unnecessary breaking
change introduced in `[I18n] tooling and process`.
https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/version-management/forgejo/default.nix#L80
$ make merge-locales
NOT NEEDED: THIS IS A NOOP AS OF Forgejo 7.0 BUT KEPT FOR BACKWARD COMPATIBILITY
$ go run build/merge-forgejo-locales.go
NOT NEEDED: THIS IS A NOOP AS OF Forgejo 7.0 BUT KEPT FOR BACKWARD COMPATIBILITY
Also remove the build/crowdin-to-weblate.sh script that was never
needed.
Existing Forgejo packages may rely on setting GITEA_VERSION to specify
the version to build if:
* they do not build from the git repository with the proper tag
* they build from a source tarbal that does not have a VERSION file
With 7.0 the logic of setting the version was modified in the
`[RELEASE] Gitea version is for interoperability only` commit and
ignores this variable which creates an unecessary breaking change.
If GITEA_VERSION is set, the versions will be set on 7.0 exactly as
they would have with version before and included 1.21.
* If GITEA_VERSION is not set, all versions are the same
* If GITEA_VERSION is set, there is a distinction between the version
set in the binary are returned by the Gitea API and the
version returned by the Forgejo API which includes metadata.
Before:
$ make GITEA_VERSION=7.0.0 show-version-full
7.0.0-dev-1809-cd6fa771ab+gitea-1.22.0
$ make GITEA_VERSION=7.0.0 show-version-api
7.0.0-dev-1809-cd6fa771ab+gitea-1.22.0
After:
$ make GITEA_VERSION=7.0.0 show-version-full
7.0.0
$ make GITEA_VERSION=7.0.0 show-version-api
7.0.0+gitea-1.22.0
We don't need these modifications anymore since all tool
dependencies run via `go run`.
(cherry picked from commit ef33dcf946cc9754b51c955975d67f871702b958)
- Move some scripts from `build` to new `tools` dir. Eventually i would
like to move all but let's do it step-by-step.
- Add dir to eslint and move the files into vars.
- Update docs accordingly.
- While updating docs I noticed we were incorrectly having `public/img`
path still in a few places. Replace those with the current
`public/assets/img`.
---------
Co-authored-by: Nanguan Lin <nanguanlin6@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 095fdd691dd1a7d7748372cc73e7708278c80933)
1. Make fomantic build use [our
browserslist](e3524c63d6/package.json (L99)).
I found no other way than to sed-replace into it's js, the normal
browserlist config files do not work. The effect of this change is the
removal of some uneeded CSS vendor prefixes.
2. Regenerate `web_src/fomantic/package-lock.json`, this might shut up
some security scanners.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit da3b7f5039158faae4b617ca878061f8a4f3e489)
Now that Forgejo has its own release number, use the Makefile as a
reference.
Also document and improve support for debugging this
pull_request_target workflow by using a branch in the repository.
Gitea versions are
* A.B.C
* A.B.C+rc-0
* A.B.C+dev-5-g4fb9056
If Forgejo versions are:
* X.Y.Z+A.B.C
* X.Y.Z-rc0+A.B.C
* X.Y.Z-dev-1232-g4fb905687+A.B.C
It is non trivial for a client trying to sort out if the server
responding to `/api/v1/version` is Forgejo or Gitea. The Forgejo
version changes to be:
* X.Y.Z+gitea-A.B.C
* X.Y.Z-rc0+gitea-A.B.C
* X.Y.Z-dev-1232-g4fb905687+gitea-A.B.C
and a client can now:
* Split the version with +
* If the second part (the metadata) exists and contains "gitea", the
answer server is Forgejo
* Otherwise it is Gitea
1. `playwright/test` is already installed as part of `deps-frontend` on
CI which runs before, so it's better to not install it again (on a
potentially different version), and just use the version from
package.json and add the `deps-frontend` dependency.
2. `PLAYWRIGHT_DIR` is a undefined variable, so I removed it
```bash
$ git show c8ded77680 | grep PLAYWRIGHT_DIR
+playwright: $(PLAYWRIGHT_DIR)
```
(cherry picked from commit c236e64aca42b9ab0743431bc505033a0cb78b93)
The release number displayed by the API and the CLI becomes:
7.0.0+1.22.0
instead of
1.22.0
It would otherwise be inconsistent to have different version number depending on the interface. With the current implementation `/api/forgejo/v1/version` would return `7.0.0+1.22.0` while `/api/v1/version` would return `1.22.0`. The release would be announced as `7.0.0+1.22.0` but the web API would display `1.22.0`.
It may cause some tools that are Gitea specific to not behave as they should in the future if they expect a Gitea version number and activate some features depending on what it is. They would need to be patched to strip the leading Forgejo version number before asserting the Gitea version.
Refs: https://codeberg.org/forgejo/forgejo/issues/2425
Also ignore the *-test tags when figuring out the Forgejo version,
they exist in the integration repository and experimental repository
for daily releases.
This adds the ability to run `make test-e2e-debugserver` to start a
forgejo server pupulated with the test data from `models/fixtures`. This
is particularly useful for debugging the e2e tests with a external tool,
such as the Playwright extension for VSCode [1].
[1] https://open-vsx.org/extension/ms-playwright/playwright
Follow #29165.
* Introduce JSONTemplate to help to render JSON templates
* Introduce JSEscapeSafe for templates. Now only use `{{ ... |
JSEscape}}` instead of `{{ ... | JSEscape | Safe}}`
* Simplify "UserLocationMapURL" useage
(cherry picked from commit 31bb9f3247388b993c61a10190cfd512408ce57e)
Ref:
https://www.gnu.org/software/make/manual/html_node/Parallel-Disable.html
> If the .NOTPARALLEL special target with no prerequisites is specified
anywhere then the entire instance of make will be run serially,
regardless of the parallel setting
(cherry picked from commit 69ed1a4afbc9604cabe83041de31752dd5d101ee)
Conflicts:
README.md
The release name, as provided by FORGEJO_RELEASE, is used to build OCI
images and binary files. Although it can be the same as the Forgejo
version, it is not a requirement.
When the FORGEJO_RELEASE environment variable is set, use it as a
default for naming the binary file instead of FORGEJO_VERSION. For
instance, when building from the forgejo branch here is what is desired:
FORGEJO_VERSION=7.0.0-g2343
GITEA_VERSION=1.22.0
VERSION=vforgejo-test
The name of the release is also displayed with forgejo --version
for sanity check purposes.
Before:
FORGEJO_VERSION is the computed version
GITEA_VERSION is set manually
VERSION defaults to FORGEJO_VERSION
forgejo --help does not display VERSION
After:
FORGEJO_VERSION is the computed version
GITEA_VERSION is set manually
RELEASE_VERSION defaults to FORGEJO_VERSION
VERSION defaults to RELEASE_VERSION
forgejo --help displays VERSION
Forgejo now has its own lifecycle and its version is derived from the
tag. The Gitea tags are no longer found in the Forgejo codebase and
can no longer be used for that purpose.
When a Forgejo release is published, for interoperability with the
existing tools in the ecosystem, it advertises the supported Gitea
version via /api/v1/version. It is set in the Makefile manually and
cannot be automatically set.
https://codeberg.org/forgejo-contrib/delightful-forgejo#packaging
Existing Forgejo packages rely on the Makefile to build and the change
must be done in a way that tries to not break their assumptions. From
the point of view of a Forgejo package build, the following will
happen on the next major release:
- The package version will bump from v1.21.x to v7.0.0
- /api/v1/version will bump from v1.21.x to v1.22.0
- /api/forgejo/v1/version will bump from v6.x to v7.0.0
The Makefile uses the following variables:
GITEA_VERSION is returned by /api/v1/version
FORGEJO_VERSION is returned by /api/forgejo/v1/version
VERSION is used in the name the binary file and the source archive
Before:
GITEA_VERSION is the computed version
FORGEJO_VERSION is set manually
VERSION defaults to GITEA_VERSION
After:
FORGEJO_VERSION is the computed version
GITEA_VERSION is set manually
VERSION defaults to FORGEJO_VERSION
When the version is computed, it comes from:
- The content of the VERSION file if it exists. It is inserted in
the source archive because it does not contain a git repository
- Otherwise the output of `git describe`
- Use maintained fork https://github.com/golangci/misspell
- Rename `mispell-check` to `lint-spell`, add `lint-spell-fix`
- Run `lint-spell` in separate actions step
- Lint more files, fix discovered issues
- Remove inaccurate and outdated info in docs (we do not need GOPATH for
tools anymore)
Maybe later we can add more spellchecking tools, but I have not found
any good ones yet.
(cherry picked from commit 9c39f8515fa88d644736c6773d7a05d070a02e82)
Conflicts:
.github/workflows/pull-compliance.yml
Makefile
The gitea target is kept as is, for the sake of compatibility with
build systems that rely on it. The forgejo target creates a hard link
with forgejo.
(cherry picked from commit ce156c7cb4)
(cherry picked from commit b2cb232825)
(cherry picked from commit 85543c22bd)
(cherry picked from commit 302955a20d)
(cherry picked from commit 4b1be0858e)
(cherry picked from commit afed1a6e20)
(cherry picked from commit e81304bcd1)
(cherry picked from commit 479cd51a03)
(cherry picked from commit 8baab7c0c1)
(cherry picked from commit 5d25ad9f09)
(cherry picked from commit f36942789f)
(cherry picked from commit 9abfbae8a0)
(cherry picked from commit 079e0efb01)
(cherry picked from commit 0f1b83005a)
(cherry picked from commit 3cc227aaff)
(cherry picked from commit 245310c682)
(cherry picked from commit 3f83e30c93)
(cherry picked from commit e2bdd6af3d)
(cherry picked from commit fb3ac3a20b)
(cherry picked from commit 0ffbd46032)
(cherry picked from commit 1ba9e954e2)
(cherry picked from commit d4bc10d1e7)
(cherry picked from commit e54dc7293e)
(cherry picked from commit f50e5132d4)
(cherry picked from commit 335abddaa0)
(cherry picked from commit 61e80ffb1f)
(cherry picked from commit 4832167235)
(cherry picked from commit 1bbe7816b2)
- Add the experimental
[deacode](https://pkg.go.dev/golang.org/x/tools/internal/cmd/deadcode)
linter to Forgejo.
- To deal with false positives that can happen due to build tags or with code
that's currently only referenced by test code, the output of the tool is
compared against a known-good output.
- This commit doesn't make any attempt to remove any deadcode.
(cherry picked from commit ac462279e9)
(cherry picked from commit b5ea6e85ac)
(cherry picked from commit 5915f3643c)
[CLEANUP] Remove deadcode
- This is deadcode since https://codeberg.org/forgejo/forgejo/pulls/1802
removed the usage of it.
(cherry picked from commit d840b9923e)
(cherry picked from commit 9442bab626)
(cherry picked from commit 0de9d18863)
(cherry picked from commit 26abf78374)
(cherry picked from commit 05d3a143c3)
(cherry picked from commit 4b3d38d5e1)
(cherry picked from commit a726e71986)
(cherry picked from commit cb62ae5b98)
(cherry picked from commit 8195ba06d5)
(cherry picked from commit 4570fb591a)
(cherry picked from commit 1f4d33de2b)
- Implements https://codeberg.org/forgejo/discussions/issues/32#issuecomment-918737
- Allows to add Forgejo-specific migrations that don't interfere with Gitea's migration logic. Please do note that we cannot liberally add migrations for Gitea tables, as they might do their own migrations in a future version on that table, and that could undo our migrations. Luckily, we don't have a scenario where that's needed and thus not taken into account.
Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/795
(cherry picked from commit 8ee32978c0)
(cherry picked from commit c240b34f59)
(cherry picked from commit 03936c6492)
(cherry picked from commit a20ed852f8)
(cherry picked from commit 1dfa82676f)
(cherry picked from commit c39ae0bf8a)
(cherry picked from commit cfaff08996)
(cherry picked from commit 94a458835a)
(cherry picked from commit 61a3cf77df)
(cherry picked from commit abb350fde8)
(cherry picked from commit 5194829d6b)
(cherry picked from commit 89239a60f2)
(cherry picked from commit 683cfd86ef)
(cherry picked from commit f4546cfed9)
(cherry picked from commit 86614d5826)
(cherry picked from commit e4b9c32187)
(cherry picked from commit 8c253719af)
(cherry picked from commit 857365d6c1)
(cherry picked from commit a488b3952f)
(cherry picked from commit 98313c4910)
(cherry picked from commit 430d95e824)
(cherry picked from commit 08bf9d918f)
(cherry picked from commit f8a170e2d0)
(cherry picked from commit d20e325378)
(cherry picked from commit 6c0aa7dd4f)
(cherry picked from commit 46c08c26c7)
(cherry picked from commit 9ee22153c4)
[DB] Ensure forgejo migration up to date (squash)
- Hook Forgejo's `EnsureUpToDate` to Gitea's `EnsureUpToDate`, such that
the Forgejo migrations are also being checked to be up to date.
- I'm not sure how I missed this and if this has caused any problems,
but due to the lack of any open issue about it it seems to not be a big
problem.
(cherry picked from commit 6c65b6dcf6)
(cherry picked from commit 6d45c37d84)
[DB] Add test for TestEnsureUpToDate (squash)
- Add a test for the behavior of `EnsureUpToDate`, to ensure it will
error when needed and succeed when the forgejo version is up to date.
- Add forgejo_migrations package to GO_TEST_PACKAGES, to avoid running
it with `test-unit` and instead test it with `test-*-migration`.
(cherry picked from commit b172a50691)
(cherry picked from commit d8af308820)
(cherry picked from commit e69e64a32c)
(cherry picked from commit 4e8363fad4)
(cherry picked from commit fc9ecd6c53)
(cherry picked from commit e5c446e3dc)
(cherry picked from commit 7066a15655)
(cherry picked from commit 9183cdc835)
(cherry picked from commit 5f93039e0d)
Conflicts:
Makefile
https://codeberg.org/forgejo/forgejo/pulls/2245
(cherry picked from commit a039b3b0c9)
(cherry picked from commit 20b5669269)
(cherry picked from commit 1574643a6a)
Update semantic version according to specification
(cherry picked from commit 22510f4130)
Mise à jour de 'Makefile'
(cherry picked from commit c3d85d8409)
(cherry picked from commit 5ea2309851)
(cherry picked from commit ec5217b9d1)
(cherry picked from commit 14f08e364b)
(cherry picked from commit b4465c67b8)
[API] [SEMVER] replace number with version
(cherry picked from commit fba48e6497)
(cherry picked from commit 532ec5d878)
[API] [SEMVER] [v1.20] less is replaced by css
(cherry picked from commit 01ca3a4f42)
(cherry picked from commit 1d928c3ab2)
(cherry picked from commit a39dc804cd)
Conflicts:
webpack.config.js
(cherry picked from commit adc68578b3)
(cherry picked from commit 9b8d98475f)
(cherry picked from commit 2516103974)
(cherry picked from commit 18e6287963)
(cherry picked from commit e9694e67ab)
(cherry picked from commit a9763edaf0)
(cherry picked from commit e2b550f4fb)
(cherry picked from commit 2edac36701)
[API] Forgejo API /api/forgejo/v1 (squash)
Update semver as v1.20 is entering release candidate mode
(cherry picked from commit 4995098ec3)
(cherry picked from commit 578ccfdd27)
(cherry picked from commit 1bf6ac0952)
(cherry picked from commit 2fe16b2bfe)
(cherry picked from commit 7cd9d027ee)
(cherry picked from commit eaed4be2ae)
(cherry picked from commit cc94f3115f)
(cherry picked from commit d7a77e35cc)
(cherry picked from commit cd8eb68ab7)
(cherry picked from commit 68487ac95f)
(cherry picked from commit 616dceb565)
(cherry picked from commit 545fe5975b)
(cherry picked from commit c042cf8eda)
(cherry picked from commit ae5e5a7468)
(cherry picked from commit 8034ef5fa2)
(cherry picked from commit aaf0293034)
(cherry picked from commit daafa8ce58)
(cherry picked from commit 7ca3681d3e)
(cherry picked from commit 39f72cba71)
(cherry picked from commit 60a5917130)
(cherry picked from commit 4853bd9e16)
[API] Move forgejo api file (squash)
- Move the file to accommodate faa28b5a44
(cherry picked from commit bce89351d2)
(cherry picked from commit 11ae7f6e85)
(cherry picked from commit 25e96cfcb2)
(cherry picked from commit 6d8d19b391)
(cherry picked from commit 5afc5c454b)
(cherry picked from commit 86d07b4c24)
(cherry picked from commit e54d869fda)
(cherry picked from commit ab31ef1bba)
(cherry picked from commit 511cbca2f3)
(cherry picked from commit 333916fea8)
(cherry picked from commit 3802bcd7c9)
(cherry picked from commit 5d0fa034f7)
(cherry picked from commit d15627aa0d)
(cherry picked from commit ba0b21b930)
(cherry picked from commit 39ade66aac)
It is for instance useful with:
GOLANGCI_LINT_ARGS="--concurrency $(expr $(nproc) / 2)" make lint-backend
on a laptop where overcommitting the CPU degrades the UI performances.
(cherry picked from commit 76023319c4)
(cherry picked from commit 55eb05b03d)
(cherry picked from commit 49c84de3df)
(cherry picked from commit e8e26f08a6)
(cherry picked from commit 401aa12cac)
(cherry picked from commit 4ae8f663ad)
(cherry picked from commit 2d87e4953b)
(cherry picked from commit e79be7d80e)
(cherry picked from commit 65e3673998)
(cherry picked from commit 54e5a5dca2)
(cherry picked from commit 99e8725e68)
(cherry picked from commit c2048b352f)
(cherry picked from commit ad142d18a8)
(cherry picked from commit 489d42770e)
(cherry picked from commit 2de9069ed4)
(cherry picked from commit 782d8ef6df)
(cherry picked from commit 2068b26cd9)
(cherry picked from commit 1857f062dd)
(cherry picked from commit beced6a2cc)
(cherry picked from commit 538ca28ee8)
(cherry picked from commit cc25e3f35f)
- This also means that if one of the test fails, it will actually
propagate to make and subsequently fail the test.
- Remove the 'delete duplicates issue users' code, I checked this
against my local development database (which contains quite bizarre
cases, even some that Forgejo does not like), my local instance database
and against Codeberg production and they all yielded no results to this
query, so I'm removing it thus resolving the error that the delete code
was not compatible with Mysql.
- Sync all tables that are requires by the migration in the test.
- Resolves #2206
(cherry picked from commit 8e02be7e89)
(cherry picked from commit 006f064416)
Refs: https://codeberg.org/forgejo/website/pulls/230
(cherry picked from commit 87d56bf6c7)
[CI] Forgejo Actions based release process (squash)
base64 -w0 to avoid wrapping when the doer name is long as it creates
a broken config.json
(cherry picked from commit 9efdc27e49)
[CI] Forgejo Actions based release process (squash) generate .xz files and sources
Generate .xz files
Check .sha256
Generate the source tarbal
(cherry picked from commit 7afec520c4)
[CI] Forgejo Actions based release process (squash) release notes
(cherry picked from commit d8f4f4807b)
[CI] Forgejo Actions based release process (squash) publish and sign release
(cherry picked from commit a52778c747)
(cherry picked from commit cf2ec62740)
[CI] Forgejo Actions based release process (squash) version
use Actions environment variables in Makefile (#25319) (#25318)
uses Actions variable to determine the version. But Forgejo builds
happen in a container where they are not available. Do not use them.
Also verify the version of the binary is as expected for sanity check.
(cherry picked from commit 6decf111a1)
(cherry picked from commit 206d0b3886)
[CI] read STORED_VERSION_FILE if available
(cherry picked from commit af74085ebf)
[CI] backward compatible executable compilation
Add a new static-executable target to use in Dockerfiles and restore
the $(EXECUTABLE) target to what it was before to for backward
compatibility.
The release process now builds static executables instead of
dynamically linked ones which makes them more portable. It changes the
requirements at compile time and is not backward compatible. In
particular it may break packaging that rely on the target that
currently creates a dynamically linked executable.
(cherry picked from commit 84d02a174a)
(cherry picked from commit 854be47328)
[CI] Forgejo Actions based release process (squash) doc / ca / verbosity
- Document workflow
- Increase verbosity if VERBOSE=true
- Download the Certificate Authority if behind the VPN
(cherry picked from commit 168d5d5869)
(cherry picked from commit 8756c9a72a)
(cherry picked from commit 2dad7ef20f)
[CI] Forgejo Actions based release process (squash) add assets sources-tarbal
Refs: https://codeberg.org/forgejo/forgejo/issues/1115
(cherry picked from commit 5531d01f19)
[CI] Forgejo Actions based release process (squash) add assets sources-tarbal
bindata.go is a file, not a directory
Refs: https://codeberg.org/forgejo/forgejo/issues/1115
(cherry picked from commit bd88a44778)
(cherry picked from commit b408085138)
[CI] Forgejo Actions based release process (squash) public/assets moved
(cherry picked from commit d8c921d5a6)
(cherry picked from commit f29e50b1a09b1a22fc2dbdb77e9a1def1196175b)
[CI] Fix release notes link
- Use substitution to replace all dots with dashes.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1163
(cherry picked from commit 96783728f53a072915cace392aa269adfe9a5c73)
(cherry picked from commit c8d8bf8996)
[CI] pin go v1.20 for testing
Refs: https://codeberg.org/forgejo/forgejo/issues/1228
(cherry picked from commit fd4b5a013e)
(cherry picked from commit 00bb15f57f)
Conflicts:
Dockerfile
Dockerfile.rootless
see https://codeberg.org/forgejo/forgejo/pulls/1303
(cherry picked from commit 6e2be54a6d)
(cherry picked from commit 346c418b4a)
(cherry picked from commit 49061f8422)
(cherry picked from commit 8229d59b7e)
(cherry picked from commit 70d45d9193)
[CI] Forgejo Actions based release process (squash) need node 18
(cherry picked from commit 722b1f4590)
(cherry picked from commit a91d786169)
[CI] Forgejo Actions based release process (squash) fix indentation
(cherry picked from commit fbdf9d6abb)
(cherry picked from commit 2deff90a13)
(cherry picked from commit 5710a27fda)
[CI] Forgejo Actions based release process (squash) FQIN for docker
Refs: https://codeberg.org/forgejo/forgejo/issues/1600
(cherry picked from commit f63d38deb6)
[CI] Forgejo Actions based release process (squash) use forgejo-curl.sh
(cherry picked from commit c0c3ef506f)
(cherry picked from commit 933ca7ec5d)
Conflicts:
Dockerfile
Dockerfile.rootless
https://codeberg.org/forgejo/forgejo/pulls/1691
(cherry picked from commit 1068e48805)
[CI] Forgejo Actions based release process (squash) size optimization
(cherry picked from commit 3c653ff742)
(cherry picked from commit 398567fc0c)
(cherry picked from commit e585db9a97)
(cherry picked from commit 17e91c96e3)
[CI] Forgejo Actions based release process (squash) gitea to forgejo
(cherry picked from commit 9c06a318b8)
(cherry picked from commit 95859da3b4)
(cherry picked from commit e3a5f6c1ed)
(cherry picked from commit 7b9b259c75)
(cherry picked from commit c4a152c8dc)
(cherry picked from commit b00bf599ef)
(cherry picked from commit a7836ee2ee)
(cherry picked from commit 3ea7dcbd5b)
(cherry picked from commit 454d705e83)
(cherry picked from commit 35e06c3009)
(cherry picked from commit 904468a38f)
(cherry picked from commit 890e86815a)
(cherry picked from commit bf9f94c63d)
(cherry picked from commit d025d061d1)
(cherry picked from commit 32f209a8e1)
(cherry picked from commit 38ef6802fc)
(cherry picked from commit 8a19bbd2a8)
(cherry picked from commit f352dee786)
(cherry picked from commit b53d9fc090)
(cherry picked from commit 3dae21f4c8)
(cherry picked from commit 8b59e016c7)
(cherry picked from commit 6f54ea6a0e)
(cherry picked from commit ed8d90de6b)
(cherry picked from commit 26ffd3fcac)
(cherry picked from commit 287b3bbfb5)
(cherry picked from commit ab81378d0c)
(cherry picked from commit f6bbe7e875)
(cherry picked from commit 8968f34edf)
(cherry picked from commit d3d914bba2)
(cherry picked from commit 4e4006a990)
(cherry picked from commit edb333569b)
(cherry picked from commit 6c1a4baa15)
(cherry picked from commit 51bda3bfc7)
(cherry picked from commit 6f5f318b8f)
(cherry picked from commit e128da2362)
(cherry picked from commit 3e6735ff23)
(cherry picked from commit 938c444125)
(cherry picked from commit 67f92dc9ab)
(cherry picked from commit ee31df71fb)
(cherry picked from commit 386f232191)
(cherry picked from commit 745785cd7f)
(cherry picked from commit efa8564e76)
Conflicts:
Dockerfile
Dockerfile.rootless
https://codeberg.org/forgejo/forgejo/pulls/2029
(cherry picked from commit f3dfb14321)
(cherry picked from commit 5a0346ee95)
(cherry picked from commit 7a2a6517f2)
(cherry picked from commit 87dcc87da9)
(cherry picked from commit df4099247f)
(cherry picked from commit df23f83545)
(cherry picked from commit 6d910daafb)
(cherry picked from commit d447861cc9)
(cherry picked from commit dc6e9d8799)
(cherry picked from commit ef232fa20c)
(cherry picked from commit 290c55517a)
(cherry picked from commit db48af1784)
(cherry picked from commit 85f33237a2)
(cherry picked from commit 76899ee33e)
(cherry picked from commit 148b3ee9cb)
(cherry picked from commit 1f6ad8f465)
(cherry picked from commit c330afdba3)
(cherry picked from commit b1f87075a7)
(cherry picked from commit 7da40992cc)
(cherry picked from commit 7ab19ff5e5)
(cherry picked from commit e61e44921b)
(cherry picked from commit 83646119fb)
(cherry picked from commit 20cf748e61)
(cherry picked from commit 0a99919cec)
(cherry picked from commit 21215222a6)
(cherry picked from commit 0f6c5658d7)
(cherry picked from commit 1752e43d3c)
(cherry picked from commit 2332080929)
(cherry picked from commit 590aabf2a2)
(cherry picked from commit 87d8b7b315c3e25bd3fcf9dc9c1d359bcd107281)
(cherry picked from commit ff37de38be)
(cherry picked from commit cee32c9e7a)
(cherry picked from commit 39faade524)
(cherry picked from commit 0e5ca477b6)
(cherry picked from commit 70e2730f7b)
(cherry picked from commit 2ad4003944)
(cherry picked from commit 2429de9e87)
(cherry picked from commit c133915fc1)
(cherry picked from commit c607dcaf9f)
(cherry picked from commit 00f006637f)
(cherry picked from commit 0de6646475)
(cherry picked from commit b05e83bb1e)
(cherry picked from commit cb71f139f0)
(cherry picked from commit 2a8b08ee4f)
(cherry picked from commit 3ebab73c4e)
(cherry picked from commit 07626c088c)
(cherry picked from commit 844e9bc999)
(cherry picked from commit c315e24751)
(cherry picked from commit f5f2b41f3c)
(cherry picked from commit 09134424a8)
(cherry picked from commit 6fc63d48c4)
(cherry picked from commit a0be5c783e)
(cherry picked from commit 124bad8230)
(cherry picked from commit 57069811d1)
(cherry picked from commit 8871d1aac7)
When compiling GItea for Linux on Windows, you get a `gitea.exe` file as
output, but because it's a Linux executable, the `.exe` extension is
unnecessary.
This PR adds a check for `GOOS` environment variable in addition to
`OS`.
- MySQL 5.7 support and testing is dropped
- MySQL tests now execute against 8.1, up from 5.7 and 8.0
- PostgreSQL 10 and 11 support ist dropped
- PostgreSQL tests now execute against 16, up from 15
- MSSQL 2008 support is dropped
- MSSQL tests now run against locked 2022 version
Fixes: https://github.com/go-gitea/gitea/issues/25657
Ref: https://endoflife.date/mysql
Ref: https://endoflife.date/postgresql
Ref: https://endoflife.date/mssqlserver
## ⚠️ BREAKING ⚠️
Support for MySQL 5.7, PostgreSQL 10 and 11, and MSSQL 2008 is dropped.
You are encouraged to upgrade to supported versions.
---------
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
- Update all JS and Poetry dependencies
- Remove deprecated `eslint-plugin-custom-elements` and replace it with
rules from `eslint-plugin-wc`
- Add a convenience `make update` to update both js and py dependencies
- Tested markdown toolbar, swagger and citation
This PR cleans up the docs in a way to make them simpler to ingest by
our [docs repo](https://gitea.com/gitea/gitea-docusaurus).
1. It includes all of the sed invocations our ingestion did, removing
the need to do it at build time.
2. It replaces the shortcode variable replacement method with
`@variable@` style, simply for easier sed invocations when required.
3. It removes unused files and moves the docs up a level as cleanup.
---------
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Move `public/*` to `public/assets/*`
Some old PRs (like #15219) introduced inconsistent directory system.
For example: why the local directory "public" is accessed by
`http://site/assets`? How to serve the ".well-known" files properly in
the public directory?
For convention rules, the "public" directory is widely used for the
website's root directory. It shouldn't be an exception for Gitea.
So, this PR makes the things consistent:
* `http://site/assets/foo` means `{CustomPath}/public/assets/foo`.
* `{CustomPath}/public/.well-known` and `{CustomPath}/public/robots.txt`
can be used in the future.
This PR is also a prerequisite for a clear solution for:
* #21942
* #25892
* discourse.gitea.io: [.well-known path serving custom files behind
proxy?](https://discourse.gitea.io/t/well-known-path-serving-custom-files-behind-proxy/5445/1)
This PR is breaking for users who have custom "public" files (CSS/JS).
After getting approvals, I will update the documents.
----
## ⚠️ BREAKING ⚠️
If you have files in your "custom/public/" folder, please move them to
"custom/public/assets/".
---------
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Giteabot <teabot@gitea.io>
- Update all JS dependencies
- Enable `declaration-property-unit-disallowed-list` to forbid `em` on
`line-height`
- Rename dependency update targets to `update-js` and `update-py` and
document them
- Remove margin on Asciicast viewer
- Tested Swagger, Katex, Asciicast
<img width="1243" alt="Screenshot 2023-06-27 at 19 51 05"
src="https://github.com/go-gitea/gitea/assets/115237/2d2722a0-2aa7-4f4c-b8bd-17e1f3637b78">
[updates](https://github.com/silverwind/updates) now supports poetry as
well so we can use it for a new `make poetry-update` to update all
poetry dependencies.
As title, this is how it was inferred before
e24f651c86/Makefile (L83-L84)
We moved to actions, however `GITEA_VERSION` should still work to use
`VERSION`
Signed-off-by: jolheiser <john.olheiser@gmail.com>
The [docker/build-push-action@v2
action](https://github.com/docker/build-push-action) by default ignores
the checkout created using the actions/checkout@v2 action. When you pass
a git build context to docker build, it wouldn't include the .git
directory.
By passing `context: .` to the build step then it'll use the Actions git
context which includes the git fetch from the earlier step.
So I found this [linter](https://github.com/Riverside-Healthcare/djlint)
which features a mode for go templates, so I gave it a try and it did
find a number of valid issue, like unbalanced tags etc. It also has a
number of bugs, I had to disable/workaround many issues.
Given that this linter is written in python, this does add a dependency
on `python` >= 3.8 and `poetry` to the development environment to be
able to run this linter locally.
- `e.g.` prefixes on placeholders are removed because the linter had a
false-positive on `placeholder="e.g. cn=Search"` for the `attr=value`
syntax and it's not ideal anyways to write `e.g.` into a placeholder
because a placeholder is meant to hold a sample value.
- In `templates/repo/settings/options.tmpl` I simplified the logic to
not conditionally create opening tags without closing tags because this
stuff confuses the linter (and possibly the reader as well).
It's been disabled by default since 1.17
(https://github.com/go-gitea/gitea/pull/18914), and it never really
delivered any benefit except being another cache layer that has its own
unsolved invalidation issues. HTTP cache works, we don't need two cache
layers at the browser for assets.
## ⚠️ BREAKING
You can remove the config `[ui].USE_SERVICE_WORKER` from your `app.ini`
now.
Inspired by
https://github.com/go-gitea/gitea/pull/24530#issuecomment-1558815301
This PR use a file filter action to do different CI jobs according
changed files types. All types are defined in
`.github/file-filters.yml`. Now there are 4 types, `docs`, `backend`,
`frontend` and `build`. Then if a PR only changed docs files, those CI
jobs which passed the conditions will run, and other types are also like
this.
---------
Co-authored-by: silverwind <me@silverwind.io>
- Remove actions name where command is descriptive enough
- Use kebab-case instead of snake-case for step names
- Use shorter job names because to make PR checks more readable
- Remove duplicate `checks-backend`
---------
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
Proposal found here: https://github.com/go-gitea/gitea/issues/23654
TODO: make non-breaking (can we publish docker image using dev and
nightly prefix? at same time). if anyone has advice please comment :)
If this PR is merged, then I can add redirects to the downloads site.
- Update all tool dependencies to latest tag
- Remove unused errcheck, it is part of golangci-lint
- Include main.go in air
- Enable wastedassign again now that it's
[generics-compatible](https://github.com/golangci/golangci-lint/pull/3689)
- Restructured lint targets to new `lint-*` namespace
- Add new Make target `lint-md`
- Add new Drone pipeline `compliance-docs`
- Add `*.md` to docs exclusion/inclusion
- Consistently quote `path.include` and `path.exclude` statements in
YAML
* Clean the "tools" directory. The "tools" directory contains only two
files, move them.
* The "external_renderer.go" works like "cat" command to echo Stdin to
Stdout , to help testing.
* The `// gobuild: external_renderer` is incorrect, there should be no
space: `//gobuild: external_renderer`
* The `fmt.Print(os.Args[1])` is not a well-defined behavior, and it's
never used.
* The "watch.sh" is for "make watch", it's somewhat related to "build"
* After this PR, there is no "tools" directory, the project root
directory looks slightly simpler than before.
* Remove the legacy "contrib/autoboot.sh", there is no
"gogs_supervisord.sh"
* Remove the legacy "contrib/mysql.sql", it's never mentioned anywhere.
* Remove the legacy "contrib/pr/checkout.go", it has been broken for
long time, and it introduces unnecessary dependencies of the main code
base.
Refactored `deps-docs` out of `docs` because #23629 broke Gitpod's docs
setup (which grepped to get the hugo install command).
Now `make deps` really installs everything to develop (includes `docs`).
- **Installation**: includes how to install Gitea and related other
tools, also includes upgrade Gitea
- **Administration**: includes how to configure Gitea, customize Gitea
and manage Gitea instance out of Gitea admin UI
- **Usage**: includes how to use Gitea's functionalities. A sub
documentation is about packages, in future we could also include CI/CD
and others.
- **Development**: includes how to integrate with Gitea's API, how to
develop new features within Gitea
- **Contributing**: includes how to contribute code to Gitea
repositories.
After this is merged, I think we can have a sub-documentation of `Usage`
part named `Actions` to describe how to use Gitea actions
---------
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Ran most of the Less files through the Less compiler and Prettier and
then followed up with a round of manual fixes.
The Less compiler had unfortunately stripped all `//` style comments
that I had to restore (It did preserve `/* */` comments). Other fixes
include duplicate selector removal which were revealed after the
transpilation and which weren't caught by stylelint before but now are.
Fixes: https://github.com/go-gitea/gitea/issues/15565
hardcode the version of test_env we use in docker, so that we can use
different major versions of golang between versions of Gitea
---------
Co-authored-by: Lauris BH <lauris@nix.lv>
- This PR attempts to split our various DB tests into separate
pipelines.
- It splits up some of the extra feature-related tests rather than
having most of them in the MySQL test.
- It disables the race detector for some of the pipelines as well, as it
can cause slower runs and is mostly redundant when the pipelines just
swap DBs.
- It builds without SQLite support for any of the non-SQLite pipelines.
- It moves the e2e test to using SQLite rather than PG (partially
because I moved the minio tests to PG and that mucked up the test
config, and partially because it avoids another running service)
- It splits up the `go mod download` task in the Makefile from the tool
installation, as the tools are only needed in the compliance pipeline.
(Arguably even some of the tools aren't needed there, but that could be
a follow-up PR)
- SQLite is now the only arm64 pipeline, moving PG back to amd64 which
can leverage autoscaler
Should resolve #22010 - one thing that wasn't changed here but is
mentioned in that issue, unit tests are needed in the same pipeline as
an integration test in order to form a complete coverage report (at
least as far as I could tell), so for now it remains in a pipeline with
a DB integration test.
Please let me know if I've inadvertently changed something that was how
it was on purpose.
---
I will say sometimes it's hard to pin down the average time, as a
pipeline could be waiting for a runner for X minutes and that brings the
total up by X minutes as well, but overall this does seem to be faster
on average.
---------
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Using `touchstart` for `click` events is a black magic for mobile
browsers (Google: `fastclick`).
However, it causes many UX problems if the fastclick is used without
careful design.
Fomantic UI uses this fastclick for its `dimmer` and `dropdown`, it
makes mobile users feel strange when they "touch" the dropdown menu.
This PR uses a simple patch to fix that behavior. Then the Fomantic
dropdown only uses `click` for click events.
This PR is simple enough and won't cause hidden bugs even if the patch
doesn't work. In the future, if there are more patches for Fomantic UI,
the patches could be placed in a directory like
`web_src/fomantic/patches/001-fix-click-touchstart`, etc.
![image](https://user-images.githubusercontent.com/2114189/220551915-bd28e8cc-507f-43c7-bb4a-b24f7ff3934d.png)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This PR does a bulk update of a lot of our go deps.
I have not included nektos/act and xorm for the following reasons:
* Xorm updates can sometimes be complex and I'd rather do that in a
separate PR
* I think people more update with the actions code should double check
that the latest nektos/act library works correctly.
---------
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Fix #22370 and more.
Before Go 1.19, the `netgo` tag for Windows does nothing.
But Go 1.19 rewrite the net package code for Windows DNS, and there is a
bug:
* https://github.com/golang/go/issues/57757
This PR just removes the `netgo` tag for Windows build, then the Gitea
for Windows can have the old DNS behavior.
Since #20218 introduced internal watching template, template watching
should be removed from `air`. This will prevent restart the whole server
once the template files changed to speed up developing when using `make
watch`.
To ensure `make watch` will reuse template watching, this PR introduced
a new ENV `GITEA_RUN_MODE` to make sure `make watch` will always run in
a dev mode of Gitea so that template watching will open.
This PR also added more exclude testdata directories.
`fmt-check` now simply does `fmt` before and relies on `git diff` like
other checks like 'tidy-check' already do, so we can remove the argument
in the tool that handles printing changed files.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Even if we are not bundling with `vite` yet, we can use `vitest` in
place of Jest which brings a few benefits like not requiring to use
`NODE_OPTIONS` to run and having sane module resolution.
It's possible to also use `jest-extended` with vitest, but I opted to
not do so for now because it brings heavyweight dependencies and it was
trivial to just rewrite the affected matchers to be compatible.
This PR also removes 153 JS dependencies, which is certainly nice.
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Running it as part of the build is really unnecessary because we have a
valid output file in the repo and assuming go dependencies do not change
unless go.mod also changes, tidy really is the best target to run the
license generation after.
Also, regenerate the file as I missed to do so during the chroma update,
and mark all json files in assets as generated.
- Update all JS dependencies and playwright image
- Add new eslint rules, enable a few more, fix issues
- Regenerate SVGs
- Tested Vue and Swagger
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
We can not have the `frontend` target depend on golang because of they
way drone is set up. Move the `go-licenses` generation back into `tidy`
where it will now also be checked for consistency during `tidy-check`.
(I assume all `main` branch builds should currently fail [like
this](https://drone.gitea.io/go-gitea/gitea/60244/1/11)).
The reasony why it shouldn't be treated the same as for example `go
generate` is because output files are checked in. tidy is imho the
optimal target to run this after.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This removes the JS dependency in the checks pipeline. JSON output is
different because the previous JS did indent the license data
differently and a JSON key was changed, but the end result is the same
as it gets re-indented by wepack.
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
The `go-licenses` make task introduced in #21034 is being run on make vendor
and occasionally causes an empty go-licenses file if the vendors need to
change. This should be moved to the generate task as it is a generated file.
Now because of this change we also need to split generation into two separate
steps:
1. `generate-backend`
2. `generate-frontend`
In the future it would probably be useful to make `generate-swagger` part of `generate-frontend` but it's not tolerated with our .drone.yml
Ref #21034
Signed-off-by: Andrew Thornton <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
`make go-licenses` will generate `assets/go-licenses.json` which is then included in the webpack build.
This step depends on both go and node being present, so unfortunately, I could not automate the generation by hooking it up to `tidy` as that target is triggered on CI where we do not have a docker image with both go an node.
It should be ran from time to time, ideally after each go mod update.
* Remove debug output when coverage fails
When coverage fails, it logs megabytes of debug to stdout, which seems
to break the drone ui as well as the log output download in drone,
presumably because of the size. I think with removal of this print, we
should still see any errors created by gocovmerge.go, but a few CI runs
may be necessary to get it to fail again.
* Update Makefile
* restart ci
* restart ci
* restart ci
* restart ci
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This should fix some recently seen linter performance issues. There is some log spam, but it's definitely faster.
Ref: https://github.com/golangci/golangci-lint/issues/2997
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Introduce a separate .eslintrc in the Vue components folder to
selectively enable vue-eslint-parser there, so that the rest of the
files can use eslint's core parser which can deal with hashbangs.
The fact that the eslint-disable comments worked in HTML was a
unintended side-effect of the files being parsed via vue-eslint-parser,
so I had to disable the parsing of these files in .eslintrc.yaml to make
it work, and finally decided to remove eslint-plugin-html as it causes
more issues than it solves.
`printf` in busybox emits a ugly 'invalid number' error when formatting
string variables are present. Avoid that by reducing the go version
check to just two digits, which ought to be enough as patch-level go
versions are meant to be compatible. Avoid error on node-check as well.
[spectral](https://github.com/stoplightio/spectral) lints
openapi/swagger files for mistakes of which it has identified a few and
which I've fixed.
I had to put it into `lint-frontend` because it depends on node_modules
so can not run on Drone during the backend target. I plan to refactor
these targets later to `lint-js` and `lint-go` so that they are
categorized based on the tool dependencies.
- Given we use go1.18 for this and don't rely on the Go 1.11 modules
behavior(we use the modern `go run` & `go get` which has the correct
behavior by-default).
Ensures consistent line endings to avoid useless diffs because there is
somthing platform-dependant in that build.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
- Remove __dirname, use file URLs instead
- Upgrade fabric dependency
- Use fs/promises syntax, this breaks node 12 but we require 14 already
The change in public/img/favicon.svg is not caused by the fabric
upgrade, but it seems it was not properly generated when introduced.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Remove customized (unmaintained) dropdown, improve aria a11y for dropdown
* fix repo permission
* use action instead of onChange
* re-order the CSS selector
* fix dropdown behavior for repo permissions, make elements inside menu item non-focusable
* use menu/menuitem instead of combobox/option. use tooltip(data-content) for aria-label, prevent from repeated attaching
* click menu item when pressing Enter
* code format
* fix repo permission
* repo setting: prevent from misleading users when error occurs
* fine tune the repo collaboration access mode dropdown (in case the access mode is undefined in the template)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Convenience command to run 'go mod tidy'. The compat flag is set to the
minimum supported go version instead of min version minus one which is
go's default, which eliminated some checksums in go.sum as a result.
* Update go tool dependencies
Updated all tool dependencies to latest tags, hoping CI will like it.
* fix new lint errors
* handle more strings.Title cases
* remove lint skip
* use go1.18 to build gitea& update min go version to 1.17
* bump in a few more places
* add a few simple tests for isipprivate
* update go.mod
* update URL to https://go.dev/dl/
* golangci-lint
* attempt golangci-lint workaround
* change version
* bump fumpt version
* skip strings.title test
* go mod tidy
* update tests as some aren't private??
* update tests
This ensures the tools only run in the versions we've tested and it also
does not polute PATH with those tools so they are truly isolated. This
syntax of `go run` requires go 1.17, so the minimum version is set
accordingly.
Fixes: https://github.com/go-gitea/gitea/issues/18867
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
We can't depend on `latest` version of gofumpt because the output will
not be stable across versions. Lock it down to the latest version
released yesterday and run it again.
* Move editorconfig-checker to lint-backend
It makes more sense there as templates are considered backend code.
* User golang version of the tool
* remove dependency
Unfortunately credentialIDs in u2f are 255 bytes long which with base32 encoding
becomes 408 bytes. The default size of a xorm string field is only a VARCHAR(255)
This problem is not apparent on SQLite because strings get mapped to TEXT there.
Fix #18727
Signed-off-by: Andrew Thornton <art27@cantab.net>
The CI currently downloads all go modules in each pipeline step because
go modules reside outside the project directory. Fix this by introducing
a volume for the `/go` directory [1] so modules are only downloaded once per
pipeline using a new `deps-backend` make target.
For completeness, I also included new `deps` and `deps-frontend` targets
and the frontend one is also triggered explicitly on CI where needed.
[1] https://docs.drone.io/pipeline/kubernetes/examples/language/golang/#dependencies
* Run 'make fmt'
'make fmt' currently produces this change, I'm not sure how CI did not
fail on it, I made sure I have `mvdan.cc/gofumpt@latest`.
* Fix 'make fmt-check'
`make fmt-check` did not run all commands that `make fmt` did, resulting
in missed diffs. Fix that by just depending on the `fmt` target.
Includes: https://github.com/go-gitea/gitea/pull/18633
* Make gitea-fmt work with -l and -d and integrate gofumpt
This implements -l, -w and -d with gitea-fmt and merges gofumpt.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per silverwind
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
* use -l instead of -d for fmt-check
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Pretty minor change to prevent error when `$(MAKE)` path is expanded with a space in the path.
```bash
$ TAGS="bindata sqlite sqlite_unlock_notify" make build
/usr/bin/sh: -c: line 0: syntax error near unexpected token `('
/usr/bin/sh: -c: line 0: `C:/Program Files (x86)/GnuWin32/bin/make -v | head -n 1'
```
I believe Program Files (x86) is the default path for GNU make on windows
* Add lockfile-check
This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.