Commit graph

8398 commits

Author SHA1 Message Date
zeripath
fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
zeripath
1b72690cb8 Ensure that GitRepo is set on Empty repositories (#8539)
Both issues/new and settings/hooks/git expect `ctx.Repo.GitRepo` to be set.
This PR changes the context code to open the GitRepo.

Fixes #8538
2019-10-16 16:08:01 +03:00
8ctopus
8f0e63c80a Doc added how to setup email (#8520) 2019-10-16 12:34:20 +01:00
GiteaBot
50b66b66e7 [skip ci] Updated translations via Crowdin 2019-10-16 10:17:24 +00:00
Lunny Xiao
8edf3d5804 Move sync mirror actions to mirror service package (#8518)
* move sync mirror actions to mirror service

* fix go.mod

* fix lint

* fix lint
2019-10-16 10:56:59 +01:00
Lunny Xiao
1d9a1a0d45 Fix migrate mirror 500 bug (#8526) 2019-10-16 09:59:02 +01:00
zeripath
0b44f0c465
Update the provided gitea.service to mention socket activation (#8531)
* Update the provided gitea.service since we have graceful restarting again

* Update contrib/systemd/gitea.service

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2019-10-16 08:29:50 +01:00
zeripath
e1505d6250
Add missed close in ServeBlobLFS (#8527) 2019-10-16 06:55:31 +01:00
guillep2k
31655aabfc Fix password complexity regex for special characters (on master) (#8525)
* Fix extra space

* Fix regular expression

* Fix error template name

* Simplify check code, fix default values, add test

* Fix router tests

* Fix fmt

* Fix setting and lint

* Move cleaning up code to test, improve comments

* Tidy up variable declaration
2019-10-16 11:09:58 +08:00
Colin Arnott
66e99d722a upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
editorconfig-core-go made breaking api changes and has recently released
v2.1.1. This change consumes the new api and fixes up any breaking
references.
2019-10-15 22:24:16 +01:00
Colin Arnott
80655026d2 upgrade gopkg.in/ini.v1 (#8500)
ini released v1.48.0 and deprecated the ini.AllCapsUnderscore symbol, as
such, during the upgrade we migrated to using ini.SnackCase.
2019-10-15 16:45:39 +01:00
GiteaBot
9b9b67cd31 [skip ci] Updated translations via Crowdin 2019-10-15 13:42:26 +00:00
zeripath
167e8f18da
Restore Graceful Restarting & Socket Activation (#7274)
* Prevent deadlock in indexer initialisation during graceful restart

* Move from gracehttp to our own service to add graceful ssh

* Add timeout for start of indexers and make hammer time configurable

* Fix issue with re-initialization in indexer during tests

* move the code to detect use of closed to graceful

* Handle logs gracefully - add a pid suffix just before restart

* Move to using a cond and a holder for indexers

* use time.Since

* Add some comments and attribution

* update modules.txt

* Use zero to disable timeout

* Move RestartProcess to its own file

* Add cleanup routine
2019-10-15 14:39:51 +01:00
GiteaBot
4a290bd64c [skip ci] Updated translations via Crowdin 2019-10-15 12:21:14 +00:00
blueworrybear
8c909820a9 Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426) 2019-10-15 13:19:32 +01:00
6543
d7d348ea86 [UI] Pull Request Download diff Button (#8470)
* Add Diff Download to Compare List

* Add&Change Text for Diff Options

* move button to seperate template

* add drop down menue with options

* Update: Compare

update Gogs, BitBucket, RhodeCode and remove gitea issue link

Co-Authored-By: Lauris BH <lauris@nix.lv>

* remove last things from TESTing
2019-10-15 13:44:36 +03:00
oscar.lofwenhamn
1e9b330525 Update CodeMirror to version 5.49.0 (#8381)
* Update CodeMirror to version 5.49.0

* Update CodeMirror versions in librejs and VERSIONS
2019-10-15 11:40:42 +03:00
Benson Muite
6fa14ac3c8 Update app.ini.sample (#8498)
* Update app.ini.sample

Give further information on hyperlink rendering in Markdown

* Update app.ini.sample

Follow feedback from @guillep2k for CUSTOM_URL in markdown to indicate http and https are always rendered as links.

* Update custom/conf/app.ini.sample

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update custom/conf/app.ini.sample

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
2019-10-15 08:14:58 +01:00
Lunny Xiao
20477a69ea
Move clearlabels from models to issue service (#8326)
* move clearlabels from models to issue service

* improve code

* Apply suggestions from code review

Co-Authored-By: zeripath <art27@cantab.net>
2019-10-15 13:03:05 +08:00
Lunny Xiao
34fb9d68a5 Move AddTestPullRequestTask to pull service package from models (#8324)
* move AddTestPullRequestTask to pull service package from models

* fix fmt
2019-10-15 04:28:40 +01:00
Benson Muite
ebe8ff782f Update config-cheat-sheet.en-us.md (#8497)
* Update config-cheat-sheet.en-us.md

Add more information on configuring URI hyperlink rendering for Markdown.

* Update config-cheat-sheet.en-us.md

Update description as suggested by @guillep2k

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2019-10-15 03:39:55 +01:00
guillep2k
cea8ea5ae6 Support inline rendering of CUSTOM_URL_SCHEMES (#8496)
* Support inline rendering of CUSTOM_URL_SCHEMES

* Fix lint

* Add tests

* Fix lint
2019-10-15 02:31:09 +01:00
David Svantesson
8ad2697611 Recalculate repository access only for specific user (#8481)
* Recalculate repository access only for specific user

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Handle user repositories as well, and only add access if minimum mode

* Need to get repo owner to check if organization
2019-10-15 01:55:21 +01:00
6543
733c898a90 [Branch View] Add Included TAG (#8449)
* included message

* add property IsIncluded

* Add Orange Lable
2019-10-14 23:40:17 +01:00
Lunny Xiao
0be992a1e2 Make static resouces web browser cache time customized on app.ini (#8442)
* make static resouces web browser cache time customized on app.ini

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: zeripath <art27@cantab.net>

* Update custom/conf/app.ini.sample

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* fix docs
2019-10-14 23:05:57 +01:00
GiteaBot
b6ef539ef4 [skip ci] Updated translations via Crowdin 2019-10-14 21:39:15 +00:00
jaqra
086bfb8b4b Add pagination to commit graph page (#8360)
Fixes #8308
2019-10-14 22:38:35 +01:00
Lauris BH
3083522620 Starting v1.11.0 development 2019-10-15 00:02:16 +03:00
6543
db0d4ffdc7 Changelog for 1.10.0-RC1 (#8510)
* Changelog for 1.10.0
* clean up | remove TESTING and DOCS sction | short BUILD section

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>
Co-Authored-By: zeripath <art27@cantab.net>
2019-10-14 20:34:21 +01:00
David Svantesson
366806db32 Fix errors in create org UI regarding team access permission. (#8506) 2019-10-14 19:20:42 +01:00
GiteaBot
54c137b373 [skip ci] Updated translations via Crowdin 2019-10-14 17:46:01 +00:00
guillep2k
eb8975dcce Add nofollow to sign in links (#8509) 2019-10-14 18:43:48 +01:00
GiteaBot
8c8a93c025 [skip ci] Updated translations via Crowdin 2019-10-14 15:45:33 +00:00
Maxim Tkachenko
db657192d0 Password Complexity Checks (#6230)
Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords.

Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com>
Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com>
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-10-14 16:24:26 +01:00
Lunny Xiao
f9aba9ba0f fix bug on FindExternalUsersByProvider (#8504) 2019-10-14 08:22:46 +01:00
Lunny Xiao
e3e44a59d0 Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
* update migrated issues/comments when login as github

* add get userid when migrating or login with github oauth2

* fix lint

* add migrations for repository service type

* fix build

* remove unnecessary dependencies on migrations

* add cron task to update migrations poster ids and fix posterid when migrating

* fix lint

* fix lint

* improve code

* fix lint

* improve code

* replace releases publish id to actual author id

* fix import

* fix bug

* fix lint

* fix rawdata definition

* fix some bugs

* fix error message
2019-10-14 09:10:42 +03:00
Antoine GIRARD
ba201aaa44 vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495) 2019-10-14 08:38:15 +08:00
guillep2k
15809d81f7 Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
* Add a markdown stripper for mentions and xrefs

* Improve comments

* Small code simplification

* Move reference code to modules/references

* Fix typo

* Make MarkdownStripper return [][]byte

* Implement preliminary keywords parsing

* Add FIXME comment

* Fix comment

* make fmt

* Fix permissions check

* Fix text assumptions

* Fix imports

* Fix lint, fmt

* Fix unused import

* Add missing export comment

* Bypass revive on implemented interface

* Move mdstripper into its own package

* Support alphanumeric patterns

* Refactor FindAllMentions

* Move mentions test to references

* Parse mentions from reference package

* Refactor code to implement renderizable references

* Fix typo

* Move patterns and tests to the references package

* Fix nil reference

* Preliminary rendering attempt of closing keywords

* Normalize names, comments, general tidy-up

* Add CSS style for action keywords

* Fix permission for admin and owner

* Fix golangci-lint

* Fix golangci-lint
2019-10-13 23:29:10 +01:00
Benson Muite
6e3f51098b Update seek-help.zh-cn.md (#8488)
Update link to Mandarin help forum
2019-10-13 22:36:09 +01:00
GiteaBot
0c680f337d [skip ci] Updated translations via Crowdin 2019-10-13 20:23:11 +00:00
Benson Muite
ba716705b5 Update seek-help.en-us.md (#8487)
Update link to Mandarin help
2019-10-13 21:07:30 +01:00
GiteaBot
c23cf4c97c [skip ci] Updated translations via Crowdin 2019-10-13 16:31:19 +00:00
zeripath
c888ebfba7 IsBranchExist: return false if provided name is empty (#8485)
* IsBranchExist: return false if provided name is empty

* Ensure that the reference returned is actually of a valid type
2019-10-13 19:29:08 +03:00
GiteaBot
f858b89b13 [skip ci] Updated translations via Crowdin 2019-10-13 14:37:37 +00:00
zeripath
300d9a1c70 Fixes #8369: Create .ssh dir as necessary (#8486)
* Ensure .ssh dir exists before rewriting public keys

* Ensure .ssh dir exists before appending to authorized_keys

* Log the error because it would be useful to know where it is trying to MkdirAll

* Only try to create RootPath if it's not empty
2019-10-13 17:35:19 +03:00
Lunny Xiao
f2a3abc683
Move migrating repository from frontend to backend (#6200)
* move migrating to backend

* add loading image when migrating and fix tests

* fix format

* fix lint

* add redis task queue support and improve docs

* add redis vendor

* fix vet

* add database migrations and fix app.ini sample

* add comments for task section on app.ini.sample

* Update models/migrations/v84.go

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* Update models/repo.go

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* move migrating to backend

* add loading image when migrating and fix tests

* fix fmt

* add redis task queue support and improve docs

* fix fixtures

* fix fixtures

* fix duplicate function on index.js

* fix tests

* rename repository statuses

* check if repository is being create when SSH request

* fix lint

* fix template

* some improvements

* fix template

* unified migrate options

* fix lint

* fix loading page

* refactor

* When gitea restart, don't restart the running tasks because we may have servel gitea instances, that may break the migration

* fix js

* Update models/repo.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* fix tests

* rename ErrTaskIsNotExist to ErrTaskDoesNotExist

* delete release after add one on tests to make it run happy

* fix tests

* fix tests

* improve codes

* fix lint

* fix lint

* fix migrations
2019-10-13 21:23:14 +08:00
zeripath
0a96e59884 Fix #8453 by making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477) 2019-10-12 23:45:00 +08:00
guillep2k
f1fdd782d5 Add check for empty set when dropping indexes during migration (#8471)
* Add check for empty set when dropping indexes during migration
2019-10-12 05:55:07 +01:00
zeripath
5e759b60cc Restore functionality for early gits (#7775)
* Change tests to make it possible to run TestGit with 1.7.2

* Make merge run on 1.7.2

* Fix tracking and staging branch name problem

* Ensure that git 1.7.2 works on tests

* ensure that there is no chance for conflicts

* Fix-up missing merge issues

* Final rm

* Ensure LFS filters run on the tests

* Do not sign commits from temp repo

* Restore tracking fetch change

* Apply suggestions from code review

* Update modules/repofiles/temp_repo.go
2019-10-12 08:13:27 +08:00
GiteaBot
ac3613b791 [skip ci] Updated translations via Crowdin 2019-10-11 21:34:17 +00:00