Fork 0
Commit Graph

1328 Commits

Author SHA1 Message Date
6543 4ba642d07d
Revert "Support SAML authentication (#25165)" (#29358)
This reverts #25165 (5bb8d1924d), as there
was a chance some important reviews got missed.

so after reverting this patch it will be resubmitted for reviewing again


temporary Open #5512 again
2024-02-24 12:18:49 +08:00
Lunny Xiao 3ef6252e06
Allow options to disable user deletion from the interface on app.ini (#29275)
Extract from #20549

This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to
allow the site administrator to disable users visiting deletion user
interface or allow.
This options are also potentially allowed to define more features in
future PRs.


Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-23 07:24:04 +00:00
Earl Warren b748d62b46
Add slow SQL query warning (#27545)
- Databases are one of the most important parts of Forgejo, every
interaction uses the database in one way or another. Therefore, it is
important to maintain the database and recognize when the server is not
doing well with the database. There already is the option to log *every*
SQL query along with its execution time, but monitoring becomes
impractical for larger instances and takes up unnecessary storage in the
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of
Codeberg, monitoring SQL logs is not very fruitful and most of them are
uninteresting. Recently, in the context of persistent deadlock issues
(https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that
certain queries hold locks on tables like comment and issue for several
seconds. This patch helps to identify which queries these are and when
they happen.
- Added unit test.

(cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186)


Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2024-02-23 00:57:24 +00:00
techknowlogick 5bb8d1924d
Support SAML authentication (#25165)
Closes https://github.com/go-gitea/gitea/issues/5512

This PR adds basic SAML support
- Adds SAML 2.0 as an auth source
- Adds SAML configuration documentation
- Adds integration test:
- Use bare-bones SAML IdP to test protocol flow and test account is
linked successfully (only runs on Postgres by default)
- Adds documentation for configuring and running SAML integration test

Future PRs:
- Support group mapping
- Support auto-registration (account linking)

Co-Authored-By: @jackHay22


Co-authored-by: jackHay22 <jack@allspice.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2024-02-23 00:08:17 +00:00
6543 3f73eabb66
Explained where create issue/PR template (#29035) (#29266)
For some user (as me), documentation lack of precision about where to
store issue/pr template.

I propose an enhancement about this point. With bold exergue and
precision about server itself.

I've found some user with same interrogation as :


Co-authored-by: Km <cam.lafit@azerttyu.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-02-20 14:12:47 -06:00
zhangnew 7430eb9e7f
Update docs for actions variables (#29239)
the variables is supported, see
2024-02-18 18:04:58 +08:00
silverwind b96fbb567c
Enable markdownlint `no-trailing-punctuation` and `no-blanks-blockquote` (#29214)
Enable these two and fix issues.
2024-02-17 13:18:05 +00:00
xkcdstickfigure cb85ebc3ef
fix typo (#29212) 2024-02-17 12:01:54 +01:00
wienans f2d5c6edde
Docker Tag Information in Docs (#29047)
Add more details for the docker tag when using container registry.


Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-16 21:22:00 +08:00
Scott Yeager 4635e6d2a6
Runner tokens are multi use (#29153)
Fixes https://github.com/go-gitea/gitea/issues/28911.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-14 00:24:35 +01:00
Chris Copeland 47b5965862
Add merge style `fast-forward-only` (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-12 23:37:23 +01:00
me2seeks 470a3e3f89
Update some translations and fix markdown formatting (#29099)
Update `docs/content/administration/backup-and-restore.zh-cn.md` 
`docs/content/usage/profile-readme.zh-cn.md` to be consistent with the
English document
2024-02-11 19:03:49 +02:00
silverwind 9c39f8515f
Rework spellchecking, add `lint-spell` (#29106)
- Use maintained fork https://github.com/golangci/misspell
- Rename `mispell-check` to `lint-spell`, add `lint-spell-fix`
- Run `lint-spell` in separate actions step
- Lint more files, fix discovered issues
- Remove inaccurate and outdated info in docs (we do not need GOPATH for
tools anymore)

Maybe later we can add more spellchecking tools, but I have not found
any good ones yet.
2024-02-09 03:59:39 +00:00
CEnnis91 eb5ddc0a78
Fix incorrect link to swift doc and swift package-registry login command (#29096)
Fixes a few mistakes in the Swift package registry documentation.

Syntax for the `package-registry login` command can be found
I was not sure the best way to compress all of that information, so I
just focused on making sure the incorrect `package-registry set` command
was fixed.
2024-02-08 08:53:44 +00:00
Wang 4bb1fcd2e7
Fix typos in the documentation (#29048)
Corrected two typos.
2024-02-05 16:19:05 +08:00
KN4CK3R 9bea276055
Add `must-change-password` cli parameter (#27626)
This PR adds a new `must-change-password` parameter to the
`change-password` cli command.
We already have the `must-change-password` command but it feels natural
to have this integrated into the `change-password` cli command.


Co-authored-by: 6543 <6543@obermui.de>
2024-02-03 19:53:27 +02:00
silverwind a062725758
Update JS and PY dependencies, build for `es2020` browsers (#28977)
- Update all JS dependencies minus @mcaptcha/vanilla-glue
- Fix new lint errors
- Regenerate SVGs
- Switch to maintained stylelint stylistic plugin
- Tested Mermaid, Citation, Swagger, sorting
- Raise ESBuild target to `es2020` as dictated by `pretty-ms`
2024-02-02 09:36:32 +00:00
Yarden Shoham 4989ad0a9f
Add htmx guidelines (#28993)
To make sure we don't abuse it.


Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-31 23:36:23 +01:00
yp05327 0b1a42ce0f
Fix doc img path in profile readme (#28994)
2024-01-31 21:32:17 +08:00
Mike Cifelli 8ef53c871b
Update golang links to use https (#28980)
Many of the golang links point to the old site and don't use https. This
pull request updates these outdated links to https://go.dev .

2024-01-30 03:11:11 +02:00
wackbyte d9b3849454
Fix inconsistent naming of OAuth 2.0 `ENABLE` setting (#28951)
Renames it to `ENABLED` to be consistent with other settings and
deprecates it.

I believe this change is necessary because other setting groups such as
`attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but
`oauth2` is the only one with an `ENABLE` setting, which could cause
confusion for users.

This is no longer a breaking change because `ENABLE` has been set as
deprecated and as an alias to `ENABLED`.
2024-01-28 12:36:44 +00:00
6543 61f8ca4906
Add screenshot for "Profile Readmes" to docs (#28964)
introduced in #23260 ... the docs still looks to empty:

this changes it :)
2024-01-28 00:20:17 +01:00
Mechiel Lukkien b9d91694af
In administration documentation about environment variables, point to those for the Go runtime instead of Go compiler (#28859)
The previous variables are used by the compiler and aren't too useful
for non-developers. The newly listed variables are more likely to be of

Apologies for this drive-by PR, I probably missed instructions from the
contributors guide. The patch can be regarded as a simple way to explain
the problem and solution. Feel free to close and possibly create a new
PR that does adhere to the contributors guide.
2024-01-20 10:12:20 +08:00
KN4CK3R 461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

2024-01-19 11:37:10 +00:00
Viktor Kuzmin 49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408


Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
crapStone 5374d29aa9
Add gist to comparison (#28809)
This PR adds a section to the documentation that links to the project
[Opengist](https://github.com/thomiceli/opengist) on GitHub.

The feature was proposed in #16670 but didn't resonate well with the
2024-01-15 23:37:32 +01:00
Exploding Dragon ba4d0b8ffb
Support for grouping RPMs using paths (#26984)
The current rpm repository places all packages in the same repository,
and different systems (el7,f34) may hit packages that do not belong to
this distribution ( #25304 ) , which now supports grouping of rpm.


Fixes #25304 .
Fixes #27056 .

Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
2024-01-12 03:16:05 +00:00
wxiaoguang 2df7563f31
Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)
Mainly for MySQL/MSSQL.

It is important for Gitea to use case-sensitive database charset
collation. If the database is using a case-insensitive collation, Gitea
will show startup error/warning messages, and show the errors/warnings
on the admin panel's Self-Check page.

Make `gitea doctor convert` work for MySQL to convert the collations of
database & tables & columns.

* Fix #28131

## ⚠️ BREAKING ⚠️

It is not quite breaking, but it's highly recommended to convert the
database&table&column to a consistent and case-sensitive collation.
2024-01-10 11:03:23 +00:00
wxiaoguang 7215224112
Improve frontend guideline (#28711)
It has been a consensus for long time during reviewing: "avoiding inline
styles as much as possible".
2024-01-07 01:14:10 +08:00
Kyle D 54acf7b0d4
Normalize oauth email username (#28561) 2024-01-03 18:48:20 -06:00
Yarden Shoham cdc33b29a0
Add global setting how timestamps should be rendered (#28657)
- Resolves https://github.com/go-gitea/gitea/issues/22493
- Related to https://github.com/go-gitea/gitea/issues/4520

Some admins prefer all timestamps to display the full date instead of
relative time. They can do that now by setting


This setting is set to `mixed` by default, allowing dates to render as
"5 hours ago". Here are some screenshots of the UI with this setting set
to `absolute`:





Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-02 09:25:30 +08:00
silverwind ce55a74374
Update JS dependencies (#28537)
- Update all JS dependencies excluding mcaptcha (breaking changes) and
stylelint (plugin not compatible with v16)
- Regenerate SVGs
- Update markdownlint rule names
- Fix one issue of heading in markdown discovered during lint
- Update for monaco options renames
- Fix stylelint rule length-zero-no-unit for custom properties
- Tested editor, swagger, sorting, vue, lint
2023-12-30 05:29:03 +00:00
wxiaoguang 19b1b698c9
Improve document for ARTIFACT_RETENTION_DAYS (#28646)
Follow #28626
2023-12-29 06:44:58 +00:00
wxiaoguang 19c45dd479
Improve 1.22 document for Database Preparation (#28643)
Fix #28247
2023-12-29 05:42:22 +00:00
Denys Konovalov 6c133b9fe0
switch destination directory for apt signing keys (#28639)
According to [Debian

> The certificate MUST NOT be placed in /etc/apt/trusted.gpg.d or loaded
by apt-key add.
> ...
> If future updates to the certificate will be managed by an apt/dpkg
package as recommended below, then it SHOULD be downloaded into
/usr/share/keyrings using the same filename that will be provided by the
package. If it will be managed locally , it SHOULD be downloaded into
/etc/apt/keyrings instead.
> ...
> A sources.list entry SHOULD have the signed-by option set.
2023-12-28 22:08:59 +01:00
Gerd Katzenbeisser 4d1277c0cb
Extend description for ARTIFACT_RETENTION_DAYS (#28626)
Make it clear that this value is just a default value and that every
artifact can have it's own value.
2023-12-28 10:11:44 +00:00
Volodymyr Stelmashchuk 0e9c988373
Update repo-mirror.en-us.md (#28612)
Add small changes to the doc. The workflow scope require for push code
to github mirror in case the project use the github action compatibility
2023-12-27 00:36:11 +08:00
wxiaoguang b41925cee3
Refactor CORS handler (#28587)
The CORS code has been unmaintained for long time, and the behavior is
not correct.

This PR tries to improve it. The key point is written as comment in
code. And add more tests.

Fix #28515
Fix #27642
Fix #17098
2023-12-25 20:13:18 +08:00
Lunny Xiao 177cea7c70
Make offline mode as default to no connect external avatar service by default (#28548)
To keep user's privacy, make offline mode as true by default.

Users can still change it from installation ui and app.ini
2023-12-21 07:42:16 +00:00
Rui Chen caceb43313
feat: bump `dessant/lock-threads` and `actions/setup-go` to use nodejs20 runtime (#28565)
Update more actions to use nodejs20 runtime and also update the docs for
checkout action usage.

similar to:
- #27836
- #27096


Signed-off-by: Rui Chen <rui@chenrui.dev>
2023-12-21 13:31:04 +08:00
Lunny Xiao 3d98d99e27
Update actions document about comparsion as Github Actions (#28560) 2023-12-20 20:12:25 +00:00
Lunny Xiao e7cb8da2a8
Always enable caches (#28527)
Nowadays, cache will be used on almost everywhere of Gitea and it cannot
be disabled, otherwise some features will become unaviable.

Then I think we can just remove the option for cache enable. That means
cache cannot be disabled.
But of course, we can still use cache configuration to set how should
Gitea use the cache.
2023-12-19 09:29:05 +00:00
wxiaoguang 20929edc99
Add option to disable ambiguous unicode characters detection (#28454)
* Close #24483
* Close #28123
* Close #23682
* Close #23149

(maybe more)
2023-12-17 14:38:54 +00:00
Kyle D b8490d59de
Update docs for DISABLE_QUERY_AUTH_TOKEN (#28485)
As described
2023-12-15 21:54:35 -05:00
wxiaoguang 047c69bd85
Improve CLI code and descriptions (#28482)
* Close #28444 
* Actually, it doesn't need to use that trick because it looks like it
is not necessary, no user really needs it
* Remove the hidden (legacy) "doctor" subcommand and update documents
* Fix "actions" usage

2023-12-15 15:49:01 +00:00
CaiCandong 8c91e31540
Fix Chinese translation of config cheat sheet[API] (#28472) 2023-12-15 00:00:04 +08:00
wxiaoguang e85db6c8c3
Fix documents for "custom/public/assets/" (#28465)
Fix #28463
2023-12-14 08:52:16 +00:00
David Hulick 73047854c0
docs: Update group membership fields to match application. (#28175)
Several fields in the "Verify group membership in LDAP" docs were
confusingly titled when compared to the actual fields in the
application, this change rectifies that by matching the docs to the
fields already present in gitea.

Signed-off-by: David Hulick <dave.hulick@gmail.com>
2023-12-13 07:14:37 +00:00
yp05327 1ae33e0bad
Fix links in docs (#28302)
Close #28287

## How to test it in local
convert Makefile L34 into:
cd .tmp/upstream-docs && git clean -f && git reset --hard && git fetch origin pull/28302/head:pr28302 && git switch pr28302
2023-12-01 19:42:42 +08:00
yp05327 0a0e8200ec
Fix links in docs (#28234)
Follow #28191

- `(doc/administration/config-cheat-sheet.md` is incorrect:

- remove `../../`
2023-11-27 00:34:40 -05:00