* Only update merge_base if not already merged
Fix#10766
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent race in transfer pull request
* Update services/pull/pull.go
* Fix milestones too many SQL variables bug
* Fix test
* Don't display repositories with no milestone and fix tests
* Remove unused code and add some comments
* Protect against NPEs in notifications list (#10879)
Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.
This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.
References #10815 - and prevents the panic but does not completely fix
this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add log import
* Update models/notification.go
Co-Authored-By: Lauris BH <lauris@nix.lv>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix panic in API pulls when headbranch does not exist (#10676)
Backport #10676
* Fix panic in API pulls when headbranch does not exist
* refix other reference to plumbing.ErrReferenceNotFound
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Changelog for v1.10.6
* Add warnning
* Apply suggestions from code review
Co-Authored-By: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Add changelog for v1.11.3
* Apply suggestions from code review
Co-Authored-By: John Olheiser <john.olheiser@gmail.com>
* Update CHANGELOG.md
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Unfortunately the fix in #10511 was slightly incorrect and placed the
detail box at one level too far out.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #10425
Backport #10511
* Show Signer in commit lists and add basic trust (#10425)
Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.
Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Fix the signing icon in the view_list.tmpl page (#10511)
Co-Authored-By: silverwind <me@silverwind.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Change admin dashboard to POST (#10465)
* Add form and convert to POST
* Redirect for flash
* Convert octicons back to fa for 1.11
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Change action GETs to POST
* submite = submit + smite
* No more # href
* Fix test
* Match other tests
* Explicit csrf
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Update markbates/goth to v1.61.2
- Fixes a JWT decoding issue in the OpenID provider
- Updates the GitHub provider to use the authorization header for authentication
- Updates the Twitch provider for Twitch's v5 API changes
- Adds the email and is_private_email fields to the Apple provider's GetUser implementation
- Modifies gothic to export a non-collidable context key for setting the Provider in a context.Context
- Adds new scopes to the Spotify provider
- Adds the IDToken from OpenID providers on the user struct
- Make Apple provider's SecretParams public
- Adds support for sign in with Apple, and drops support for Go versions 1.7 and 1.8
- Fixes the Slack provider's FetchURL logic to use the appropriate scope for the info it needs
Signed-off-by: Oscar LÃfwenhamn <oscar.lofwenhamn@cgi.com>
* Add frontend/backend make targets, fix source release
- Add 'make backend' and 'make frontend' make targets which are used to
build go and js/css/svg files respectively.
- The 'backend' target can be invoked without requiring Node.js to be
present on the system if pre-built frontend assets are present like
in the release source tarballs.
- Fix source releases missing 'dist' folders inside 'node_modules' which
were erronously excluded from tar.
- Store VERSION in file VERSION for the release tarballs and prefer that
file over git-derived version.
* fix release task
* fix typo
* fix another typo
Fixes: https://github.com/go-gitea/gitea/issues/10253
If you attempt to merge to a branch which on a PR there will be a nil pointer error in the pull request checker.
This panic is uncaught and will bring down the gitea server.
This PR adds protection to prevent this.
Co-authored-by: zeripath <art27@cantab.net>