This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
Also reworked the header to remove the filename (which is redundant with
the file path above) and made the header a flexbox with a monospace
font.
Fixes: https://github.com/go-gitea/gitea/issues/8170
fixes #8299, a regression from 867f46f.
unlike it's name suggests, the .markdown class is needed for most markup types.
a future refactor should rename this class to something more generic
* Add teams to repo on collaboration page.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add option for repository admins to change teams access to repo.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add comment for functions
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make proper language strings and fix error redirection.
* Add unit tests for adding and deleting team from repository.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add database migration
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix redirect
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix locale string mismatch.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Move team access mode text logic to template.
* Move collaborator access mode text logic to template.
* Adds side-by-side diff for images
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Explain blank imports
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Use complete word for width and height labels on image compare
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Update index.css from master
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Moves ImageInfo to git commit file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Assign ImageInfo function for template and sets correct target for BeforeSourcePath
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adds missing comment
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Return error if ImageInfo failed
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Avoid template panic when ImageInfo failed for some reason
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show file size on image diff
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Removes unused helper function
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Reverts copyright year change
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Close file reader
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Update commit.go
Sets correct data key
* Moves reader.Close() up a few lines
* Updates index.css
* Updates CSS file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Transfers adjustments for image compare to compare.go file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adjusts variable name
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Apply lesshint recommendations
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Do not show old image on image compare if it is not in index of base commit
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Change file size text
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Make link last commit massages in repository home page and commit tables
* Use RenderCommitMessageLink instead surround with a
* deleted __debug_bin file
* Exclude email to link from latest commit title
* Exclude email processor from commit table
Co-Authored-By: mrsdizzie <info@mrsdizzie.com>
* Add class parameter to a html element creator functions.
Make links underline dashed that are not commit
* fix tests
* Show dashed underline when also not hovered
* Fixes deformed emoji in pull request comments or reviews
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Generate css via command
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Add Backend Logic for Toggling Email Notification
This commit adds the backend logic for
allowing users to enable or disable email
notifications. The implementation ensures
that only issue notification emails get disabled
and important emails are still sent regardless
of the setting.
The UI to toggle this setting has not yet been
implemented.
* Add UI and complete user email notification enable
This commit completes the functionality to allow
users to disable their own email notifications.
Signed-off-by: Gary Kim <gary@garykim.dev>
* Add Third Option for Only Email on Mention
Signed-off-by: Gary Kim <gary@garykim.dev>
* Readd NOT NULL to new preference string
Signed-off-by: Gary Kim <gary@garykim.dev>
* Add Tests and Rewrite Comment
Signed-off-by: Gary Kim <gary@garykim.dev>
* Allow admin to set default email frequency
Signed-off-by: Gary Kim <gary@garykim.dev>
* Add new config option to docs
Signed-off-by: Gary Kim <gary@garykim.dev>
* Fix a few mistakes
Signed-off-by: Gary Kim <gary@garykim.dev>
* Only update required columns
Signed-off-by: Gary Kim <gary@garykim.dev>
* Simplify an error check
Signed-off-by: Gary Kim <gary@garykim.dev>
* Make email_notification_preference column in DB be VARCHAR(20)
Signed-off-by: Gary Kim <gary@garykim.dev>
* Handle errors
Signed-off-by: Gary Kim <gary@garykim.dev>
* Update models/migrations/v93.go
Co-Authored-By: Lauris BH <lauris@nix.lv>
* detect csv delimiter in csv rendering
fixes #7868
* make linter happy
* fix failing testcase & use ints where possible
* expose markup type to template
previously all markup had the .markdown class, which is incorrect,
as it applies markdown CSS & JS logic to CSV rendering
* fix build (missing `make css`)
* ignore quoted csv content for delimiter scoring
also fix html generation
* Prevent Commit Status From Overflowing On Branch Page
It is possible for the commit ci status
on the branches page for a repository to
become an ellipsis due to overflowing.
This commit will fix that issue by
using flex.
Signed-off-by: Gary Kim <gary@garykim.dev>
* Fix multiple overflowing issues in commits table
It was possible that the commit message would
overflow hiding the expand commits button
and commit status. This change ensures that
the correct elements overflow without hiding
anything else.
This change also reverts using flex in the
commits list because it was causing issues
in Blink based browsers.
Signed-off-by: Gary Kim <gary@garykim.dev>
* Remove unnecessary html element and fix indentation issues
- Fixes double line-numbers and padding in Explore > Code > Search
- Moved code-view specific CSS out of their parents to share those
styles better.
- Fix misc issues discovered in code,diff and blame view, especially for
the dark theme.
* add download-button info message
* add overflow-visible css for table colum class
* right colum is always there
* add download button for default branch
* add download button for all other branchs
* resize table colum so two buttons fit in
* code indent avter rebase
* show commit divergence corect
https://github.com/go-gitea/gitea/issues/7625
* changes because of merge master into ...
* optimize if statement for protected branches
* dont downloat a deleted branch - fix error 404
* Add branch protection information to branches page
This change will add a tag on the ui that indicates
whether a branch is protected on the repository
branches page.
Signed-off-by: Gary Kim <gary@garykim.dev>
* Add last commit information to repo branches page
This change adds the ID and commit message of the last
commit on a branch to the branches page for repositories.
Signed-off-by: Gary Kim <gary@garykim.dev>
* Make branch page commit message truncate in css rather then template
The truncating of commit messages shown under branches
in the repository branches page has been moved to using
css rather then the Go template as the template was causing
some issues when the commit messaged had a link when rendered.
This commit also makes the commit message paragraph itself
use flex in order to make managing its elements easier.
Signed-off-by: Gary Kim <gary@garykim.dev>
* add history comments to detect page delete
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix too much history entries
- caused by --follow flag
- if files with same contents exists
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* style imprevements wiki
- history - wrap long author names
Signed-off-by: Michael Gnehr <michael@gnehr.de>
fix #7
* add wiki page revision list
* mobile improvements
* css improvements for long usernames
* split renderWikiPage into 3 functions
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* Store original author info for migrated issues and comments
Keep original author name for displaying in Gitea interface and also
store original author user ID for potential future use in linking
accounts from old location.
* Add original_url for repo
Store the original URL for a migrated repo
Clean up migrations/tests
* fix migration
* fix golangci-lint
* make 'make revive' happy also
* Modify templates to use OriginalAuthor if set
Use the original author name in templates if it is set rather than the
user who migrated/currently owns the issues
* formatting fixes
* make generate-swagger
* Use default avatar for imported comments
* Remove no longer used IgnoreIssueAuthor option
* Add OriginalAuthorID to swagger also
* issue view - fix icon position
- move style from template to css
- add bullets to: key, circle-slash, comment
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* add border to symbols
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix circle slash position
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix top margin
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* changed mixed space/tab indent to tabindent only
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* cut timeline length with last element on issue view
fix #7304
- lightly enlight dark theme issue timeline color
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* remove new container
Signed-off-by: Michael Gnehr <michael@gnehr.de>
- ran `make npm-update`
- ran `make js`, fixed new lint issue
- ran `make css`, this added back some vendor prefixes
- added `engines` property to package.json to specify minimum required
Node.js version
- added `private` property to package.json to prevent accidential
publishing to npm
New CSS linter which is much more powerfull than the previous one.
Configuration is default but I had to remove a few rules that were
throwing too many or weird errors.
More importantly, the linter will exit with code 1 on errors so now our
build will fail if the CSS linter fails which should eliminate linter
errors being introduced without notice.
* fix extra newlines when copying from diff
See https://bugzilla.mozilla.org/show_bug.cgi?id=1273836
Basically, the <pre><code> seems to add a forced newline that is not
possible to get rid of via CSS, so I replaced it with just a <code>.
Secondly, .lines-type-marker also forced a newline in the copied text,
but that was possible to get rid of via user-select.
Safari still has a extraneous newline in the copied text of unknown
origin, but this should not block stop this PR.
* simplify .line-type-marker
* fix selector
* remove erronous ^^^
* Fix empty split diff
* Fix arc-theme-green
* fix add comment
* ensure line-num is copied too
* Update templates/repo/diff/box.tmpl
Co-Authored-By: zeripath <art27@cantab.net>
* attempt to fix safari via removing <code>
* remove useless whitespace at the end of 'class'
* remove inter-tag whitespace for code <td>s
* more inter-tag removal
* final inter-tag removal
* attempt to fix empty line copy
* move and comment getLineContent
* fix golint
* make background grey for missing added code
* Make diff line-marker non-selectable
* Move to use data-* as per @mrsdizzie
* fix missing line nums
* Add a minimum-width to force right-align of the line num
* Move line-type-marker into separate column
- Fix layout overflow in repo file list.
- Fix invisible status icon in file view and commit list. In file view,
the icon was moved to the left because I could not figure out a proper
fix because of HTML tables.
- Added title attribute to commit messages.
- Fixed two CSS linter warnings in existing CSS.
- Fixed CI variable check in 'make css'.
Fixes: https://github.com/go-gitea/gitea/issues/7180
* Supports tags when comparing commits or branches
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Hide headline when only comparing and don't load unused data
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Merges compare logics to allow comparing branches, commits and tags with eachother
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Display branch or tag instead of commit when used for comparing
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show pull request form after click on button
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Transfers relevant pull.go changes from master to compare.go
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes error when comparing forks against a commit or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Removes console.log from JavaScript file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show icon next to commit reference when comparing branch or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Updates css file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes import order
* Renames template variable
* Update routers/repo/compare.go
Co-Authored-By: zeripath <art27@cantab.net>
* Update from master
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Allow short-shas in compare
* Renames prInfo to compareInfo
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Check PR permissions only if compare is pull request
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adjusts comment
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Use compareInfo instead of prInfo
* Repository avatars
- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less
* Add changed index.css, remove unused template name
* Update en-us doc about configuration options
* Add comments to new functions, add new option to docker app.ini
* Add comment for lint
* Remove variable, not needed
* Fix formatting
* Update swagger api template
* Check if avatar exists
* Fix avatar link/path checks
* Typo
* TEXT column can't have a default value
* Fixes:
- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests
* Fix fmt check
* Generate PNG instead of "static" GIF
* More informative comment
* Fix error message
* Update avatar upload checks:
- add file size check
- add new option
- update config docs
- add new string to en-us locale
* Fixes:
- use FileHEader field for check file size
- add new test - upload big image
* Fix formatting
* Update comments
* Update log message
* Removed wrong style - not needed
* Use Sync2 to migrate
* Update repos list view
- bigger avatar
- fix html blocks alignment
* A little adjust avatar size
* Use small icons for explore/repo list
* Use new cool avatar preparation func by @lafriks
* Missing changes for new function
* Remove unused import, move imports
* Missed new option definition in app.ini
Add file size check in user/profile avatar upload
* Use smaller field length for Avatar
* Use session to update repo DB data, update DeleteAvatar - use session too
* Fix err variable definition
* As suggested @lafriks - return as soon as possible, code readability
* Bugfix: Align comment label and actions to the right
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Restores relative position
* CSS autofixer
* Show git-notes
* Make git-notes heading text localizable
* Refactor git-notes data fetching to a separate function
* Display the author and time of git notes
* Move note bubble inside the commit bubble
* Revert "Move note bubble inside the commit bubble"
This reverts commit c0951fe0e3.
* Add test for git-notes
* testing ui
* Polish CSS
* Apply suggestions from code review
Co-Authored-By: Lauris BH <lauris@nix.lv>