mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-03-09 16:02:06 +01:00
22195 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
|
ad949404b7 |
fix: correct logging if caller has generics
- If the caller function has generics then
`runtime.FuncForPC(...).Name()` will not show the generic types and
instead collapse it to `[...]`. Remove this suffix from the function
name.
- This fixes an issue where the logging of functions that use generics
such as `db.Find` to be logged as `]()` instead of `Find()`, as the last
dot in `[...]` was being used as a cutoff point.
- Unit test added.
(cherry picked from commit
|
||
|
6e0f449fb9 |
Update module golang.org/x/crypto to v0.35.0 (v10.0/forgejo) (#7072)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7072 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org> Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org> |
||
|
a830b4de6b |
[v10.0/forgejo] chore(ci): ensure the manually cached Go can be run (#7079)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/7078 ``` go version go1.24.0 linux/amd64 go env drwx------ 1 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/../../../../.. drwxr-xr-x 4 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/../../../.. drwxr-xr-x 4 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/../../.. drwxr-xr-x 4 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/../.. drwxr-xr-x 3 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/.. dr-xr-xr-x 6 root root 4096 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64 -r-xr-xr-x 1 root root 14314681 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/bin/go -r-xr-xr-x 1 root root 14314681 Feb 28 15:52 /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/bin/go bash: line 1: /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/bin/go: Permission denied bash: line 1: /root/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.0.linux-amd64/bin/go: Permission denied mkdir: cannot create directory ‘’: No such file or directory mkdir: cannot create directory ‘’: No such file or directory ``` Refs: https://codeberg.org/forgejo/forgejo/actions/runs/61591#jobstep-3-22 Co-authored-by: Earl Warren <contact@earl-warren.org> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7079 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
6fcb8f646f |
[v10.0/forgejo] chore(ci): Get Go binary from GOROOT instead of hardcoded path (#7073)
Backport: https://codeberg.org/forgejo/forgejo/pulls/6590 Co-authored-by: fnetX <otto@codeberg.org> Co-authored-by: Michael Kriese <michael.kriese@visualon.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7073 Reviewed-by: Otto <otto@codeberg.org> |
||
|
c7bd6f4a3d |
[v10.0/forgejo] i18n: update of translations from multiple sources (#7067)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Translation updates that are applicable to v10 strings were picked from these commits: * |
||
|
2e76237e26 |
Update https://data.forgejo.org/forgejo/forgejo-build-publish action to v5.3.4 (v10.0/forgejo) (#7052)
Some checks failed
Integration tests for the release process / release-simulation (push) Has been cancelled
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [https://data.forgejo.org/forgejo/forgejo-build-publish](https://data.forgejo.org/forgejo/forgejo-build-publish) | action | patch | `v5.3.1` -> `v5.3.4` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>forgejo/forgejo-build-publish (https://data.forgejo.org/forgejo/forgejo-build-publish)</summary> ### [`v5.3.4`](https://code.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.3...v5.3.4) [Compare Source](https://data.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.3...v5.3.4) ### [`v5.3.3`](https://code.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.2...v5.3.3) [Compare Source](https://data.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.2...v5.3.3) ### [`v5.3.2`](https://code.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.1...v5.3.2) [Compare Source](https://data.forgejo.org/forgejo/forgejo-build-publish/compare/v5.3.1...v5.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - "* 0-3 * * *" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNzguMSIsInVwZGF0ZWRJblZlciI6IjM5LjE3OC4xIiwidGFyZ2V0QnJhbmNoIjoidjEwLjAvZm9yZ2VqbyIsImxhYmVscyI6WyJkZXBlbmRlbmN5LXVwZ3JhZGUiLCJ0ZXN0L25vdC1uZWVkZWQiXX0=--> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7052 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org> Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org> |
||
|
a6a1b11670 |
[v10.0/forgejo] fix(release): the rootless image version label is not set (#7046)
Backport: https://codeberg.org/forgejo/forgejo/pulls/7038
There is a test for that but it was a false positive.
Refs: https://code.forgejo.org/forgejo/forgejo-build-publish/pulls/27
(cherry picked from commit
|
||
|
b2c3f99901 |
Update dependency go to v1.23.6 (v10.0/forgejo) (#6812)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [go](https://go.dev/) ([source](https://github.com/golang/go)) | toolchain | patch | `1.23.5` -> `1.23.6` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - "* 0-3 * * *" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNTguMiIsInVwZGF0ZWRJblZlciI6IjM5LjE1OC4yIiwidGFyZ2V0QnJhbmNoIjoidjEwLjAvZm9yZ2VqbyIsImxhYmVscyI6WyJkZXBlbmRlbmN5LXVwZ3JhZGUiLCJ0ZXN0L25vdC1uZWVkZWQiXX0=--> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6812 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org> Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org> |
||
|
52fb476fb1 |
[v10.0/forgejo] fix: do not allow SSH url for migration (#7018)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/7004 - Add a new function `IsPushMirrorURLAllowed` that will allow `ssh://` url and make the existing `IsMigrateURLAllowed` not allow such URLs anymore. - Resolves forgejo/forgejo#6960 - Existing integration tests make sure that SSH urls are still allowed for the push mirror feature and added unit test to ensure that `IsMigrateURLAllowed` no longer allows SSH urls. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7018 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
3eacbfead9 |
[v10.0/forgejo] fix: return 404 for empty repositories (#7014)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/7003 Some endpoints (`/api/v1/repos/*/*/raw`, `/api/v1/repos/*/*/media`, ...; anything that uses both `context.ReferencesGitRepo()` and `context.RepoRefForAPI` really) returned a 500 when the repository was completely empty. This resulted in some confusion in https://github.com/datalad/datalad-usage-dashboard/issues/47 because the same request for a non-existent file in a repository could sometimes generate a 404 and sometimes a 500, depending on if the git repository is initialized at all or not. Returning a 404 seems more appropriate here, since this isn't an unexpected internal error, but just another way of not finding the requested data. Co-authored-by: Matthias Riße <m.risse@fz-juelich.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7014 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
932afb2036 |
[v10.0/forgejo] fix: delay deleting authorization token (#6976)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6937
-
|
||
|
cc8a05f693 |
[v10.0/forgejo] fix: native parsing of ssh certificate key (#6954)
Some checks failed
testing / frontend-checks (push) Has been cancelled
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6953 - In the case of parsing an public SSH certificate key, use the underlying key type instead of the certificate type. This means `ed25519-cert-v01` would be seen as `ed25519` type and thus correctly parsed. Certificates do not change the keysize or otherwise parsing of the key. - Add unit test. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6954 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
0fe56e6059 |
[v10.0/forgejo] fix: disable forgotten password for external signin only (#6930)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6680 - Make it such that `[service].ENABLE_INTERNAL_SIGNIN = false` disables the forgotten password prompt on the login page. Co-authored-by: davrot <davrot@noreply.codeberg.org> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6930 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
4802c33acb |
[v10.0/forgejo] fix: show internal login prompt for account linking (#6929)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6920 Fixes #6878. Co-authored-by: Matthias Riße <m.risse@fz-juelich.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6929 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
c56bbddf62 |
[v10.0/forgejo] enable ssh mirrors in rootless images (#6915)
Some checks failed
Integration tests for the release process / release-simulation (push) Has been cancelled
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6896 This mini-PR fixes mirror feature on docker rootless images, as discussed in #6894. Thank you, regards ## Testing - 24h After the PR is merged - Visit https://v11.next.forgejo.org and create a ssh based mirror Co-authored-by: Alessandro Ogier <alessandro.ogier@gmail.com> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6915 Reviewed-by: Otto <otto@codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
a7ae98ff93 |
[v10.0/forgejo] fix(ui): hide extra PR property labels on title edit (#6905)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6898 * hide labels [AGit](https://codeberg.org/forgejo/forgejo/pulls/2444) and [Editable](https://codeberg.org/forgejo/forgejo/pulls/6863) on title edit mode: they make layout broken and are not really needed at edit state * make the code slightly less boring Co-authored-by: 0ko <0ko@noreply.codeberg.org> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6905 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
0aa872c4e3 |
[v10.0/forgejo] fix: always set stripped slashes on http request (#6884)
Some checks failed
testing / frontend-checks (push) Has been cancelled
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6866
- The middleware that takes care of normalizing `//user2/////repo1` to `/user2/repo1` would only set the normalized value to the Chi (Forgejo's http router) `RoutePath` field, so Chi would correctly do the routing. However not all components in Forgejo (like Forgejo's `context` module) rely on Chi to get this updated path and some still rely on the value of `(http.Request).URL.Path`, so always set the normalized value to the http request.
- Adjusted unit test.
- Resolves forgejo/forgejo#6822
- The related issue was caused by
|
||
|
ee49a62bed |
[v10.0/forgejo] fix(ui): hide 'New migration' button on org pages with migrations disabled (#6850) (#6860)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6851 When migrations are disabled via `[repository].DISABLE_MIGRATIONS = true`, on organisation pages next to the 'New repository' button, the 'New migration' button is still shown. This is caused by a logic error in the templates: instead of checking for disabled migrations, it checks for disabled pull mirrors. This patch fixes that to use `DisableMigrations` instead of `DisableNewPullMirrors`. Signed-off-by: Daniel Baumann <daniel@debian.org> Co-authored-by: Daniel Baumann <daniel@debian.org> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6860 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
89c4c9c477 |
[v10.0/forgejo] fix: render link in heading correctly in TOC (#6859)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6853
- When you use a link in a heading such as `# [Text](link)` (instead of the conventional `# Text`) the TOC should only show `Text` and not `[Text](link)`.
- Use the `mdutil.Text` to only get the text from actual text nodes and not the text that was provided in the markdown input.
- Regression of
|
||
|
bdb78d42b6 |
[v10.0/forgejo] ui: update language stats layout and click behavior (#6854)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6700
Fix regression of https://codeberg.org/forgejo/forgejo/pulls/6344. It was reported by @Beowulf.
JS toggle [used](
|
||
|
6ef900899e |
fix(sec): Forgejo Actions web routes (#6839)
Some checks are pending
/ release (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6839 |
||
|
a9f0bb9f68 |
fix(sec): permission check for project issue (#6838)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6838 |
||
|
3b4f1b3469
|
fix(sec): add tests for private issues on projects
- Add integration and unit tests to ensure that private issues on projects are not shown in any way, shape or form when the doer has no access to it. (cherry picked from commit 55dcc1d06cb12ddb750a0289fbb6e212f93957a8) |
||
|
77fc232e5b
|
fix(sec): permission check for project issue
- Do an access check when loading issues for a project column, currently this is not done and exposes the title, labels and existence of a private issue that the viewer of the project board may not have access to. - The number of issues cannot be calculated in a efficient manner and stored in the database because their number may vary depending on the visibility of the repositories participating in the project. The previous implementation used the pre-calculated numbers stored in each project, which did not reflect that potential variation. - The code is derived from https://github.com/go-gitea/gitea/pull/22865 (cherry picked from commit 2193afaeb9954a5778f5a47aafd0e6fbbf48d000) |
||
|
5a7d70658d
|
fix(sec): web route test edit and delete variable
Exhaustively test each combination of deleting and updating a action action variable via the web route. |
||
|
5046a10aec
|
fix(sec): add tests for web route delete runner
Exhaustively test each combination of deleting and updating a action runner via the web route. Although updating an action runner was not impacted, its good to have a test nonetheless. |
||
|
77db7655e0
|
fix(sec): web route update and delete runner variables
The web route to update and delete variables of runners did not check if the ID that was given belonged to the context it was requested in, this made it possible to update and delete every existing runner variable of a instance for any authenticated user. The code has been reworked to always take into account the context of the request (owner and repository ID). |
||
|
c324910c31
|
fix(sec): web route delete runner
The web route to delete action runners did not check if the ID that was given belonged to the context it was requested in, this made it possible to delete every existing runner of a instance by a authenticated user. The code was reworked to ensure that the caller of the delete runner function retrieved the runner by ID and then checks if it belongs to the context it was requested in, although this is not an optimal solution it is consistent with the context checking of other code for runners. |
||
|
57ad0b868d |
[v10.0/forgejo] i18n: update of translations from Codeberg Translate (#6834)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Backport: https://codeberg.org/forgejo/forgejo/pulls/6745 Feel free to leave merge to me. My strategy is to use squash-merge, but copy the description of the actual commit into squash description, so attribution is preserved. https://codeberg.org/forgejo/forgejo/pulls/6745 was quite large, so I decided it will be ok to backport just one PR before a new release. <!--start release-notes-assistant--> ## Release notes <!--URL:https://codeberg.org/forgejo/forgejo--> - Localization - [PR](https://codeberg.org/forgejo/forgejo/pulls/6834): <!--number 6834 --><!--line 0 --><!--description aTE4bjogdXBkYXRlIG9mIHRyYW5zbGF0aW9ucyBmcm9tIENvZGViZXJnIFRyYW5zbGF0ZQ==-->i18n: update of translations from Codeberg Translate<!--description--> <!--end release-notes-assistant--> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6834 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: 0ko <0ko@noreply.codeberg.org> Co-committed-by: 0ko <0ko@noreply.codeberg.org> |
||
|
34d2a8531c |
[v10.0/forgejo] fix(ui): display verified icon for default gpg key (#6833)
Some checks are pending
/ release (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6803 ## Description Thank you for this amazing project! I recently noticed that the icon next to the GPG key reference appears to be incorrect for commits signed by the default GPG key: | Default GPG Key | User GPG Key | |---------|---------| |  |  | Looking into the commit history of the template file, I noticed that Forgejo-signed commits originally had a distinct icon: [gitea-unlock-cog]( |
||
|
d260013a51 |
[v10.0/forgejo] fix: avoid y-axis clipping for branch name (#6832)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6817 - `gt-ellipsis` is set on elements to avoid overflowing its text contents and in the case of overflowing it would show an ellipsis. To force it to not overflow `overflow: hidden` is set, however this also hides the overflow on the y-axis, `overflow-x: hidden` has the same behavior. - To avoid avoid the branch name from being clipped, add a very small amount of padding on the y-axis. This is a workaround and not a proper solution. There does not seem a good cross-platform solution available to fix this in a proper way. - Resolves forgejo/forgejo#6811 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6832 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
3168330425 |
[v10.0/forgejo] chore(i18n): lint errors (#6809)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6808 settings.hidden_comment_types_description: Rodzaje komentarzy zaznaczone tutaj nie będą wyświetlały się na stronach zgłoszeń. Zaznaczenie "Etykieta" na przykład usunie wszystkie komentarze "<użytkownik> dodał/usunął <etykieta>". repo.settings.add_web_hook_desc: Zintegruj <a target="_black" rel="noreferrer" href="https://TO-BE-REPLACED.COM">%s</a> ze swoim repozytorium. Add user & label in Polish. Co-authored-by: Earl Warren <contact@earl-warren.org> Co-authored-by: Michael Kriese <michael.kriese@gmx.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6809 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
2491bbfa69 |
[v10.0/forgejo] ci: fix go version check (#6810)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6646 Allow ci go version to be higher than the tool chain. This will fix the current build issues on forgejo branch Co-authored-by: Michael Kriese <michael.kriese@visualon.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6810 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
ac01c7a384 |
[v10.0/forgejo] fix: make author search case insenstive (#6783)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6782 - Make the author search in the issues and pull request list case insenstive. - Background: Forgejo mandates that all columns are case senstive and only SQLite ignores this for ASCII characters with the `LIKE` operator any other database will indeed do case senstive searching. Codeberg recently made all columns case senstive, hence why this issue now surfaces. - Added integration test. - Resolves forgejo/forgejo#6744 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6783 Reviewed-by: Beowulf <beowulf@beocode.eu> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
b615d41457 |
[v10.0/forgejo] fix(ui): add triangle down octicon to code search options dropdown (#6770)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6620 This adds the triangle down oction to the code search options dropdown to match the other search option dropdowns (issue, pull). Co-authored-by: Beowulf <beowulf@beocode.eu> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6770 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Otto <otto@codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
184bdef340 |
[v10.0/forgejo] i18n: backport of translation updates 6565 and 6665 (#6764)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Translation updates that are applicable to v10 strings were picked from these commits: * |
||
|
27276ff26e |
[v10.0/forgejo] fix: set explore pages to configurable default sort (#6749)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6708 - Currently, the explore/organizations page always defaults to using "newest" as its sort. Instead, use the pre-existing config option (`setting.UI.ExploreDefaultSort`) so server administrators can change the default sort order. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests (Sorry, not sure how to add a test for this change) - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server. ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes I don't mind either way. - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Co-authored-by: John Moon <john.moon@vts-i.com> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6749 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
1b00bf2d26 |
[v10.0/forgejo] fix: Remove autofocus on the dashboard repository search box (#6748)
- No longer autofocus on the searchbox for the repository list that is on the dashboard. There is no justification for doing so. - Fixes #6653 Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
69bc17ea35 |
[v10.0/forgejo] fix inline file preview for files with encoded URL, fix #5069 (#6739)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6525 ### Screenshot #### Before See #5069. #### After  ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). - Manual testing: see https://codeberg.org/forgejo/forgejo/pulls/6525#issuecomment-2578814. Thanks @earl-warren. ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [ ] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Co-authored-by: Robert Wolff <mahlzahn@posteo.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6739 Reviewed-by: Robert Wolff <mahlzahn@posteo.de> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
0db9a24a4b |
[v10.0/forgejo] fix: check for webauthn in 2fa user search (#6730)
Some checks are pending
/ release (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6726 - Check for webauthn credentials in the user search when the two factor filter is enabled. - Resolves forgejo/forgejo#6524 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6730 Reviewed-by: Otto <otto@codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
4016f2890d |
[v10.0/forgejo] fix: disallow blame on directories (#6720)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6716 - Don't allow the blame operation on directories. - Added integration test. - Resolves forgejo/forgejo#6533 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6720 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
c198cb6e65 |
[v10.0/forgejo] fix(i18n): add forgotten translatable string (#6718)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6701
- Regression of
|
||
|
114d8975b5 |
[v10.0/forgejo] fix: render issue titles consistently (#6717)
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6715 - Render the issue titles in dashboard feed in consistent manner, by using the existing `RenderIssueTitle`. - Added integration tests (not exhaustive for all comment types, but exhaustive enough for the current code where some comment types are grouped together). - Resolves forgejo/forgejo#6705 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6717 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
7ee19b4c6c |
chore: consistent docker image and action references (#6704)
Some checks failed
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Integration tests for the release process / release-simulation (push) Has been cancelled
backport of #6703 - replace `code.forgejo.org` ->`data.forgejo.org` on docker images - add `https://data.forgejo.org/` to actions where missing Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6704 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Michael Kriese <michael.kriese@visualon.de> Co-committed-by: Michael Kriese <michael.kriese@visualon.de> |
||
|
faa263d54a |
Update dependency katex to v0.16.21 [SECURITY] (v10.0/forgejo) (#6694)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [katex](https://katex.org) ([source](https://github.com/KaTeX/KaTeX)) | dependencies | patch | [`0.16.18` -> `0.16.21`](https://renovatebot.com/diffs/npm/katex/0.16.18/0.16.21) | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### KaTeX \htmlData does not validate attribute names [CVE-2025-23207](https://nvd.nist.gov/vuln/detail/CVE-2025-23207) / [GHSA-cg87-wmx4-v546](https://github.com/advisories/GHSA-cg87-wmx4-v546) <details> <summary>More information</summary> #### Details ##### Impact KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. ##### Patches Upgrade to KaTeX v0.16.21 to remove this vulnerability. ##### Workarounds - Avoid use of or turn off the `trust` option, or set it to forbid `\htmlData` commands. - Forbid inputs containing the substring `"\\htmlData"`. - Sanitize HTML output from KaTeX. ##### Details `\htmlData` did not validate its attribute name argument, allowing it to generate invalid or malicious HTML that runs scripts. ##### For more information If you have any questions or comments about this advisory: - Open an issue or security advisory in the [KaTeX repository](https://github.com/KaTeX/KaTeX/) - Email us at [katex-security@mit.edu](mailto:katex-security@mit.edu) #### Severity - CVSS Score: 6.3 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L` #### References - [https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546](https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546) - [https://nvd.nist.gov/vuln/detail/CVE-2025-23207](https://nvd.nist.gov/vuln/detail/CVE-2025-23207) - [ |
||
|
0ecf28f37f |
[v10.0/forgejo] Fix inline file preview for rendered files (#6685)
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-e2e (push) Has been cancelled
testing / test-remote-cacher (redis) (push) Has been cancelled
testing / test-remote-cacher (valkey) (push) Has been cancelled
testing / test-remote-cacher (garnet) (push) Has been cancelled
testing / test-remote-cacher (redict) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6572 ### What? This fixes the inline file preview for rendered files (e.g., markdown). [Here, a live issue in v11](https://v11.next.forgejo.org/mahlzahn/test-inline-file-preview/issues/1) and [the same in v7 (with even more bugs)](https://v7.next.forgejo.org/mahlzahn/test-inline-file-preview/issues/1). It fixes 1. the inline preview for possibly rendered files, when the link is specified with `?display=source`. This happens, e.g., if you are watching a (e.g., markdown) file in source and then want to link some of its lines. 2. the link to the source file inside the inline preview for possible rendered files (currently it links to the rendered version and then the `#L…` cannot point to the correct lines). This is done by always adding `?display=source` to the link. ### Screenshots <details><summary> #### Before </summary>  </details> <details><summary> #### After </summary>  </details> ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). I think that this minor edit does not need special tests. Some backend tests have been updated to reflect the addition of URL parameters. #### Manual testing - create a repository with a file that can be rendered with couple of lines inside, e.g., a markdown README.md - go to the source of this file (e.g., `…/src/branch/main/README.md`) - click on the `<> View Source` button (or add `?display=source` to the URL) - click on one of the lines, then on the three dots, then on ”Reference in a new issue“ - continue creating the issue ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [ ] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Co-authored-by: Robert Wolff <mahlzahn@posteo.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6685 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
d10034f4d8 |
[v10.0/forgejo] fix: add non allowed domain translation (#6684)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6677 - Was added in |
||
|
553fc3cc42 |
[v10.0/forgejo] fix: load settings for valid user and email check (#6678)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6674 - The doctor commands to check the validity of existing usernames and email addresses depend on functionality that have configurable behavior depending on the values of the `[service]` settings, so load them when running the doctor command. - Resolves #6664 - No unit test due to the architecture of doctor commands. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6678 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> |
||
|
6d7bf7369d |
[v10.0/forgejo] chore(security): update security.txt with new expiration date (#6668)
Some checks are pending
/ release (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6668 |
||
|
eb83b05430 |
chore(security): update security.txt with new expiration date
Same as https://forgejo.org/.well-known/security.txt
(cherry picked from commit
|