1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-04 14:46:57 -05:00
Commit Graph

18642 Commits

Author SHA1 Message Date
Kerwin Bryant
bc7d599030
Fix issues with inconsistent spacing in areas (#32607)
Fix issues with inconsistent spacing in areas where the branch_dropdown
component is used.
before:

![1732238359257](https://github.com/user-attachments/assets/38edda1f-ec4e-419e-9264-68009375d177)

![1732238334410](https://github.com/user-attachments/assets/c4770aea-bc83-477c-9b6a-632f984c0d7d)

after:

![1732238273317](https://github.com/user-attachments/assets/4d05068e-db97-45af-86c4-29442dff1bdf)

![1732238723881](https://github.com/user-attachments/assets/69acd286-f79b-44fe-ad73-2d5fc6dfc98c)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 06:12:50 +00:00
wxiaoguang
c4e27cb27b
Refactor markup render system (#32589)
This PR mainly moves some code and introduces `RenderContext.WithXxx`
functions
2024-11-22 05:48:09 +00:00
Kerwin Bryant
81ac8d914c
Style unification for the issue_management area (#32605)
Style unification for the issue_management area (consistent across the
layout

before:

![1732237277916](https://github.com/user-attachments/assets/52a20b2d-d6a4-4118-9cdf-9b377115b7f7)

![1732237288802](https://github.com/user-attachments/assets/05592fe8-cab2-412b-99bc-f0a201c08413)

![1732237299849](https://github.com/user-attachments/assets/8be4a891-c514-4983-bad4-fcc5a7a9d838)

after:

![1732237471086](https://github.com/user-attachments/assets/0bd19ef6-79c1-490a-8ffa-6a42208befd9)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 04:33:31 +00:00
Marcell Mars
a3881ffa3d
Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access (#32573)
Resolve #31609

This PR was initiated following my personal research to find the
lightest possible Single Sign-On solution for self-hosted setups. The
existing solutions often seemed too enterprise-oriented, involving many
moving parts and services, demanding significant resources while
promising planetary-scale capabilities. Others were adequate in
supporting basic OAuth2 flows but lacked proper user management
features, such as a change password UI.

Gitea hits the sweet spot for me, provided it supports more granular
access permissions for resources under users who accept the OAuth2
application.

This PR aims to introduce granularity in handling user resources as
nonintrusively and simply as possible. It allows third parties to inform
users about their intent to not ask for the full access and instead
request a specific, reduced scope. If the provided scopes are **only**
the typical ones for OIDC/OAuth2—`openid`, `profile`, `email`, and
`groups`—everything remains unchanged (currently full access to user's
resources). Additionally, this PR supports processing scopes already
introduced with [personal
tokens](https://docs.gitea.com/development/oauth2-provider#scopes) (e.g.
`read:user`, `write:issue`, `read:group`, `write:repository`...)

Personal tokens define scopes around specific resources: user info,
repositories, issues, packages, organizations, notifications,
miscellaneous, admin, and activitypub, with access delineated by read
and/or write permissions.

The initial case I wanted to address was to have Gitea act as an OAuth2
Identity Provider. To achieve that, with this PR, I would only add
`openid public-only` to provide access token to the third party to
authenticate the Gitea's user but no further access to the API and users
resources.

Another example: if a third party wanted to interact solely with Issues,
it would need to add `read:user` (for authorization) and
`read:issue`/`write:issue` to manage Issues.

My approach is based on my understanding of how scopes can be utilized,
supported by examples like [Sample Use Cases: Scopes and
Claims](https://auth0.com/docs/get-started/apis/scopes/sample-use-cases-scopes-and-claims)
on auth0.com.

I renamed `CheckOAuthAccessToken` to `GetOAuthAccessTokenScopeAndUserID`
so now it returns AccessTokenScope and user's ID. In the case of
additional scopes in `userIDFromToken` the default `all` would be
reduced to whatever was asked via those scopes. The main difference is
the opportunity to reduce the permissions from `all`, as is currently
the case, to what is provided by the additional scopes described above.

Screenshots:

![Screenshot_20241121_121405](https://github.com/user-attachments/assets/29deaed7-4333-4b02-8898-b822e6f2463e)

![Screenshot_20241121_120211](https://github.com/user-attachments/assets/7a4a4ef7-409c-4116-9d5f-2fe00eb37167)

![Screenshot_20241121_120119](https://github.com/user-attachments/assets/aa52c1a2-212d-4e64-bcdf-7122cee49eb6)

![Screenshot_20241121_120018](https://github.com/user-attachments/assets/9eac318c-e381-4ea9-9e2c-3a3f60319e47)
---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 12:06:41 +08:00
Lunny Xiao
a175f9805c
Add line-through for deleted branch on pull request view page (#32500)
Base branch deleted

![图片](https://github.com/user-attachments/assets/bc45aa33-d514-47c8-885a-de9732f2f3d5)

branch deleted comment

![图片](https://github.com/user-attachments/assets/83729bbb-2ee8-4bd3-b6f1-780d2daad3d4)

Head branch deleted

![图片](https://github.com/user-attachments/assets/90120b22-34a9-4387-aae9-5c882e8d421a)
2024-11-21 17:04:18 +00:00
wxiaoguang
a32cfb2a8d
Fix issue sidebar regression (#32598) 2024-11-22 00:38:34 +08:00
wxiaoguang
e90753a712
Fix PR diff review form submit (#32596)
Fix #31622, there is a longstanding bug in #19612, 
it doesn't handle submit event, correctly.
2024-11-21 14:09:16 +00:00
silverwind
675c288811
Fix some typescript issues (#32586)
Fixes around 30 or so typescript errors. No runtime changes.
2024-11-21 13:57:42 +00:00
Lunny Xiao
9bf821ae6c
Fix GetInactiveUsers (#32540)
Fix #31480
2024-11-21 04:55:32 +00:00
Rowan Bohde
9ac74a1a40
disable gravatar in test (#32529)
When running e2e tests on flaky networks, gravatar can cause a timeout
and test failures. Turn off, and populate avatars on e2e test suite run
to make them reliable.
2024-11-21 04:30:48 +00:00
silverwind
d11f8d24b0
Add 'Copy path' button to file view (#32584)
Also adds a tooltip which is replicated to the same button in the diff
box. Fixes: https://github.com/go-gitea/gitea/issues/32583
2024-11-21 04:03:17 +00:00
wxiaoguang
07373f1d5d
Improve issue sidebar UI (#32587)
1. remove duplicate dividers
2. align reviewer items
3. merge & remove unused CSS styles


Before:

<details>


![image](https://github.com/user-attachments/assets/1b3121ee-b5fa-4fe9-b0f2-344d96dc5fbc)


![image](https://github.com/user-attachments/assets/ba8b97e6-114d-488c-adee-48f6c7a3b580)

</details>

After:

<details>


![image](https://github.com/user-attachments/assets/978eab3e-a5d7-4b68-90ce-079b61994d25)


![image](https://github.com/user-attachments/assets/a8b58a27-dd05-4c8d-be60-816439ce77c6)


![image](https://github.com/user-attachments/assets/b7e6a16c-bf98-4465-a805-9f4a642d366e)

</details>
2024-11-21 03:31:54 +00:00
Kerwin Bryant
efb55cd8ef
Supplement and Improvement for #32558 (#32585)
Thank you for @wxiaoguang's reminders and suggestions:
https://github.com/go-gitea/gitea/pull/32558#discussion_r1849972913
2024-11-21 02:42:37 +00:00
a1012112796
23d0f9083e
make search box in issue sidebar dropdown list always show when scrolling (#32576)
as title, replace #31597 after #32460 

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
2024-11-21 09:23:50 +08:00
Lunny Xiao
33850a83fe
Fix submodule parsing (#32571)
Fix #32568, parse `.gitmodules` correctly

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-20 19:26:12 +00:00
Rowan Bohde
407b6e6dfc
allow the actions user to login via the jwt token (#32527)
We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used,
attempting to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.
2024-11-20 15:24:09 +00:00
Marcell Mars
56bff7ae23
Support HTTP POST requests to /userinfo, aligning to OpenID Core specification (#32578)
This PR adds support for the HTTP POST requests to `/userinfo` endpoint.
While the OpenID Core specification says both are supported and
recommends using HTTP GET.

ref: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
2024-11-20 14:22:48 +00:00
Kemal Zebari
355889dbc2
Remove duplicate empty repo check in delete branch API (#32569)
Found while working on #32433.

This branch will never be executed because we have would have already
made the same check a couple lines above.
2024-11-20 01:05:06 +00:00
Kerwin Bryant
69268ee19f
Optimize installation-page experience (#32558)
![3000-gogitea-gitea-kiagpwhqbx1 ws-us116 gitpod io_
(1)](https://github.com/user-attachments/assets/7f9ff835-7122-420e-83a9-218a1b9c7030)
Highlight the path of the configuration file with a label-style emphasis
and provide a quick copy button.
2024-11-20 00:39:57 +00:00
Lunny Xiao
0d5abd9b3e
Remove unnecessary code (#32560)
PushMirrors only be used in the repository setting page. So it should
not be loaded on every repository page.
2024-11-19 16:21:13 +00:00
Kerwin Bryant
32456b6f31
Fix a compilation error in the Gitpod environment (#32559)
When opening the latest code in **Gitpod** and running `make
lint-backend`, the following error occurs:
```bash
gitpod /workspace/gitea (main) $ make lint-backend
go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.60.3 run
# internal/profilerecord
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goarch
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf8
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/coverage/rtcov
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/byteorder
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# cmp
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/itoa
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/race
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goos
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/unsafeheader
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/godebugs
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/asan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# math/bits
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goexperiment
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/msan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# sync/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/syscall
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# encoding
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# log/internal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/cryptobyte/asn1
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/golangci/golangci-lint/pkg/exitcodes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/cpu
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf16
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# container/list
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/subtle
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goversion
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/maps
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/ccojocar/zxcvbn-go/match
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/constraints
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/tools/internal/packagesinternal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/go-ruleguard/dsl/types
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/nettrace
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/google/go-cmp/cmp/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/gobwas/glob/util/runes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/platform
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/boring/sig
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/gogrep/internal/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/daixiang0/gci/pkg/utils
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/Antonboom/testifylint/internal/testify
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# hash/maphash
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/nunnatsa/ginkgolinter/version
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# google.golang.org/protobuf/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
make: *** [Makefile:413: lint-go] Error 1
```
2024-11-19 14:57:55 +08:00
Baltazár Radics
5eb0ee49a1
Use user.FullName in Oauth2 id_token response (#32542)
This makes `/login/oauth/authorize` behave the same way as the
`/login/oauth/userinfo` endpoint.
2024-11-18 19:24:17 +08:00
Lunny Xiao
896314c7a2
Fix some places which doesn't repsect org full name setting (#32243)
Partially fix #31345
2024-11-18 06:24:49 +00:00
Lunny Xiao
696fbe6036
Refactor push mirror find and add check for updating push mirror (#32539)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 05:59:04 +00:00
wxiaoguang
8a20fba8eb
Refactor markup render system (#32533)
Remove unmaintainable sanitizer rules. No need to add special "class"
regexp rules anymore, use RenderInternal.SafeAttr instead, more details
(and examples) are in the tests
2024-11-18 13:25:42 +08:00
Lunny Xiao
4f879a00df
Refactor find forks and fix possible bugs that weak permissions check (#32528)
- Move models/GetForks to services/FindForks
- Add doer as a parameter of FindForks to check permissions
- Slight performance optimization for get forks API with batch loading
of repository units
- Add tests for forking repository to organizations

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 03:06:25 +00:00
Lunny Xiao
f122aaf9ff
Use better name for userinfo structure (#32544) 2024-11-18 10:41:59 +08:00
Lunny Xiao
c3dedcffa7
Fix basic auth with webauthn (#32531) 2024-11-16 17:52:16 +00:00
wxiaoguang
5eebe1dc5f
Fix and refactor markdown rendering (#32522) 2024-11-16 08:41:44 +00:00
charles
e546480d0a
Fix large image overflow in comment page (#31740)
Close #31709 

52px is calculate by avatar size in
templates\repo\issue\view_content\comments.tmpl
```html
<img src="{{.Poster.AvatarLink $.Context}}" width="40" height="40">
```
+
```css
.ui.comments .comment > .avatar ~ .content {
  margin-left: 12px;
}
```


![圖片](https://github.com/user-attachments/assets/bf15f4d4-1574-46f6-9f5e-1fbdbf1a98b0)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-15 18:34:54 +00:00
wxiaoguang
ecbb03dc6d
Improve testing and try to fix MySQL hanging (#32515)
By some CI fine tunes (`run tests`), SQLite & MSSQL could complete
in about 12~13 minutes (before > 14), MySQL could complete in 18 minutes
(before: about 23 or even > 30)

Major changes:

1. use tmpfs for MySQL storage
1. run `make test-mysql` instead of `make integration-test-coverage`
because the code coverage is not really used at the moment.
1. refactor testlogger to make it more reliable and be able to report
stuck stacktrace
1. do not requeue failed items when a queue is being flushed (failed
items would keep failing and make flush uncompleted)
1. reduce the file sizes for testing
1. use math ChaCha20 random data instead of crypot/rand (for testing
purpose only)
1. no need to `DeleteRepository` in `TestLinguist`
1. other related refactoring to make code easier to maintain
2024-11-15 23:45:07 +08:00
Zettat123
a0c0cb3a2c
Fix recentupdate sorting bugs (#32505)
Fix #32499

- Add the missing `recentupdate` to `OrderByFlatMap`
- Assign default value(`recentupdate`) to `EXPLORE_PAGING_DEFAULT_SORT`
2024-11-15 04:36:22 +00:00
Lunny Xiao
e1b269e956
Remove transaction for archive download (#32186)
Since there is a status column in the database, the transaction is
unnecessary when downloading an archive. The transaction is blocking
database operations, especially with SQLite.

Replace #27563
2024-11-15 12:04:20 +08:00
Lunny Xiao
4121f952d1
Fix oauth2 error handle not return immediately (#32514) 2024-11-15 02:13:01 +00:00
wxiaoguang
21f7db2124
Fix incorrect project page CSS class (#32510)
Otherwise milestone JS would run on this page and cause errors
2024-11-15 01:30:26 +00:00
wxiaoguang
6f1de0a9e5
Add avif image file support (#32508)
Most modern browsers support it now

` Update ALLOWED_TYPES #96 ` https://gitea.com/gitea/docs/pulls/96

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-11-15 00:55:50 +00:00
Rowan Bohde
68731c07c5
Reduce integration test overhead (#32475)
In profiling integration tests, I found a couple places where per-test
overhead could be reduced:

* Avoiding disk IO by synchronizing instead of deleting & copying test
Git repository data. This saves ~100ms per test on my machine
* When flushing queues in `PrintCurrentTest`, invoke `FlushWithContext`
in a parallel.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-14 19:28:46 +00:00
wxiaoguang
249e67672a
Remove jQuery import from some files (#32512)
Many files do not directly depend on jQuery now.

To clarify the usage: use `fomanticQuery` to operate Fomantic
components.

Then developers could focus on removing the remaining jQuery usages by
searching `import $` globally.

21 files now:

```
./components/RepoBranchTagSelector.vue:3:import $ from 'jquery';
./features/admin/common.ts:1:import $ from 'jquery';
./features/admin/emails.ts:1:import $ from 'jquery';
./features/common-button.ts:1:import $ from 'jquery';
./features/comp/ComboMarkdownEditor.ts:3:import $ from 'jquery'; (I am working on it, there will be a new PR)
./features/comp/LabelEdit.ts:1:import $ from 'jquery';
./features/notification.ts:1:import $ from 'jquery';
./features/org-team.ts:1:import $ from 'jquery';
./features/repo-code.ts:1:import $ from 'jquery';
./features/repo-common.ts:1:import $ from 'jquery';
./features/repo-diff.ts:1:import $ from 'jquery';
./features/repo-editor.ts:1:import $ from 'jquery';
./features/repo-issue-content.ts:1:import $ from 'jquery';
./features/repo-issue-list.ts:1:import $ from 'jquery';
./features/repo-issue-sidebar.ts:1:import $ from 'jquery';
./features/repo-issue.ts:1:import $ from 'jquery';
./features/repo-legacy.ts:1:import $ from 'jquery';
./features/repo-new.ts:1:import $ from 'jquery';
./features/repo-projects.ts:1:import $ from 'jquery';
./features/repo-settings.ts:1:import $ from 'jquery';
./features/repo-template.ts:1:import $ from 'jquery';
```
2024-11-15 02:48:41 +08:00
Lunny Xiao
98d9a71ffe
Trim title before insert/update to database to match the size requirements of database (#32498)
Fix #32489
2024-11-14 07:19:14 +00:00
Lunny Xiao
b4abb6deff
Reimplement GetUserOrgsList to make it simple and clear (#32486)
Reimplement GetUserOrgsList and also move some functions and test to
org_list file.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-11-14 05:31:47 +00:00
wxiaoguang
3f9c3e7bc3
Refactor render system (#32492)
There were too many patches to the Render system, it's really difficult
to make further improvements.

This PR clears the legacy problems and fix TODOs.

1. Rename `RenderContext.Type` to `RenderContext.MarkupType` to clarify
its usage.
2. Use `ContentMode` to replace `meta["mode"]` and `IsWiki`, to clarify
the rendering behaviors.
3. Use "wiki" mode instead of "mode=gfm + wiki=true"
4. Merge `renderByType` and `renderByFile`
5. Add more comments

----

The problem of "mode=document": in many cases it is not set, so many
non-comment places use comment's hard line break incorrectly
2024-11-14 05:02:11 +00:00
wxiaoguang
985e2a8af3
Fix nil panic if repo doesn't exist (#32501)
fix  #32496
2024-11-14 12:17:58 +08:00
silverwind
9880c1372e
Bump CI,Flake and Snap to Node 22 (#32487)
Node 22 is LTS since 2024-10-29. Updated it everywhere.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2024-11-13 21:39:55 +00:00
BoYanZh
ad223000d4
Perf: add extra index to notification table (#32395)
Index SQL: `CREATE INDEX u_s_uu ON notification(user_id, status,
updated_unix);`

The naming follows `action.go` in the same dir.

I am unsure which version I should add SQL to the migration folder, so I
have not modified it.

Fix #32390
2024-11-13 18:17:54 +00:00
wxiaoguang
0aedb03996
Fix LFS route mock, realm, middleware names (#32488)
1. move "internal-lfs" route mock to "common-lfs"
2. fine tune tests
3. fix "realm" strings, according to RFC:
https://datatracker.ietf.org/doc/html/rfc2617:
    * realm       = "realm" "=" realm-value
    * realm-value = quoted-string
4. clarify some names of the middlewares, rename `ignXxx` to `optXxx` to
match `reqXxx`, and rename ambiguous `requireSignIn` to `reqGitSignIn`
2024-11-13 16:58:09 +08:00
Lunny Xiao
840ad7eefe
Disable Oauth check if oauth disabled (#32368)
Fix #32367

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 21:33:35 +00:00
silverwind
5bed7b9ec0
Update JS and PY dependencies (#32482)
Result of `make update-js update-py`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/80
Fixes: https://github.com/go-gitea/gitea/security/dependabot/81

Tested build and swagger ui.
2024-11-12 21:03:22 +00:00
silverwind
cad313e64f
Update github.com/meilisearch/meilisearch-go (#32484)
Result of `go get -u github.com/meilisearch/meilisearch-go && make
tidy`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/78
2024-11-12 15:55:01 -05:00
wxiaoguang
160ccb5ee2
Fix test fixtures for user2/lfs.git (#32477) 2024-11-12 05:41:22 +00:00
6543
4c924bf43c
Limit org member view of restricted users (#32211)
currently restricted users can only see the repos of teams in orgs they
are part at.
they also should only see the users that are also part at the same team.


---
*Sponsored by Kithara Software GmbH*
2024-11-12 03:44:24 +00:00