- When specifying push options, tooling like [git-repo-go](https://github.com/alibaba/git-repo-go) encodes pushoption values if they contain newlines or non-ASCII characters as they cannot be easily specified via the CLI otherwise.
- Recognize such base64 encoded values in the pushoptions (those that have the `{base64}` prefix), if the base64 decoding fails we return the original value.
- Resolves forgejo/forgejo#8161
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/8479): <!--number 8479 --><!--line 0 --><!--description QUdpdCBwdXNoIG9wdGlvbnMgc3RhcnRpbmcgd2l0aCBge2Jhc2U2NH1gIGFyZSBkZWNvZGVk-->AGit push options starting with `{base64}` are decoded<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8479
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
closes #7946
- The `rpmsRepoPattern` regex has been fixed to handle releases with dots correctly. For example, the version `0.9.0-alt1.git.17.g2ba905d` is valid, just like `0.1.0-1.n1` mentioned in the issue (https://codeberg.org/forgejo/forgejo/issues/7946#issue-1628991)
- getEntries now returns entry names. In the integration tests, there were lines like:
```go
assert.Equal(t, []string{"", ""}, result.ProvideNames)
```
and it’s unclear how such test logic could have ever worked correctly (fixes problems with deps https://codeberg.org/forgejo/forgejo/issues/7946#issuecomment-5109795)
- ALT is an acronym for ALT Linux Team, so `Alt` was replaced with `ALT`. Strictly speaking, it should probably be `ALT Linux`, but since we use `Arch` instead of `Arch Linux`, this seems fine. Also, Distrowatch shows `Arch`/`ALT` in its dropdown, so it’s consistent.
- The strings `"Alt Linux Team"` and `"Sisyphus"` in the `Origin` and `Suite` fields have been replaced with `setting.AppName` and `"Unknown"`. `Unknown` is a valid value and is set by default, so this won’t cause any issues.
- The documentation link has been fixed: (404 docs.gitea.com/usage/packages/alt/ -> 200 forgejo.org/docs/latest/user/packages/alt/)
---
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8475
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Maxim Slipenko <maks1ms@altlinux.org>
Co-committed-by: Maxim Slipenko <maks1ms@altlinux.org>
- Older code (154 places to be exact) that want to do transactions uses `TxContext`. If the context is not already in a transaction then it uses `DefaultContext` for the new transaction.
- Not reusing the context it was given leads to two problems: for tracing (forgejo/forgejo#6470) any SQL code that is executed inside this transaction is not shown in the trace. If the context is cancelled then the transaction is not cancelled and will always complete (given there's no SQL error).
- When this function was introduced it didn't take a parent context, hence the usage of `DefaultContext`. When `parentCtx` was introduced it was only used to avoid nested transactions and use the parent's transaction. I do not see any reasons why the parent context cannot be reused, it is reused in the newer transaction function `WithTx` without any known problems.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8464
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
This PR contains the following updates:
| Package | Change | Age | Confidence |
|---|---|---|---|
| [webpack](https://github.com/webpack/webpack) | [`5.99.9` -> `5.100.0`](https://renovatebot.com/diffs/npm/webpack/5.99.9/5.100.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) |
---
### Release Notes
<details>
<summary>webpack/webpack (webpack)</summary>
### [`v5.100.0`](https://github.com/webpack/webpack/releases/tag/v5.100.0)
[Compare Source](https://github.com/webpack/webpack/compare/v5.99.9...v5.100.0)
##### Fixes
- Fixed the case where an ES modules entry chunk depends on the runtime chunk hash
- Handle function exports in webpack module wrapper
- Ensure dependent chunks are imported before startup & fix duplicate export of 'default'
- Generate lose closing brace when exports are unprovided
- CleanPlugin doesn't unlink same file twice
- Fixed unexpected error codes from fs.unlink on Windows
- Typescript types
##### Features
- HMR support for ES modules output
- ES module output mode now fully supports `splitChunks` when external variables and runtimeChunk are not set.
- Added support `using` keyword
- Implemented tc39 [Defer Module Evaluation](https://github.com/tc39/proposal-defer-import-eval) (experiment)
- Support dynamic template literals expressions for `new URL(...)`
- Enable ES modules worker chunk loading for Node.js targets
- Improved support for destructing in DefinePlugin
- Added [VirtualUrlPlugin](https://github.com/webpack/webpack/tree/main/examples/virtual-modules) to support `virtual:` scheme
##### Performance Improvements
- Remove useless startup entrypoint runtime for ES modules output
- Cache `new URL(...)` evaluate expression
</details>
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6ImZvcmdlam8iLCJsYWJlbHMiOlsiZGVwZW5kZW5jeS11cGdyYWRlIiwidGVzdC9ub3QtbmVlZGVkIl19-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8467
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
- I cannot give a good rationale why Mobile Safari and webkit is failing this test quite consistently and also succeed quite often. We add a script to ensure that we get a mismatched URL - but these two browsers either ignore this script sometime or delays the execution until after the root URL check is done.
- Because it is very hard to run webkit and mobile safari without running a heavily containerized environment (without a graphical interface) it is near impossible to debug this issue properly; save ourselves a headache and disable it instead. I find it more likely to be a problem with my playwright test than it to be a problem with the mismatched root URL code.
- Ref forgejo/forgejo#8359
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8460
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@beocode.eu>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- In `test.beforeEach` the browser is navigated to `/user2/repo1/pulls/5` and the test environment is prepared by making sure the pull request is not WIP. At the start of `simple toggle` the browser is navigated to the same URL (and the browser is already on this URL) which the Mobile Chrome browser does not handle gracefully and reliably errors with `net::ERR_ABORTED`.
- Because we are already at that URL, do not try to navigate to it again.
- I cannot offer a rationale why the Mobile Chrome browser does give a error when this happens in subsequent tests of 'Pull: Toggle WIP'.
- Ref forgejo/forgejo#8359
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8461
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
When a user is assigning an issue or PR to another user, an entry is posted in the issue comment list. This PR adds a link to the one assigning the issue. Additionally, tests for preventing XSS vulnerabilities in label rendering were added.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8264
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
For the mailer and incoming_mailer config, allow passwords to be read from a file.
Add `_URI` config values and use the existing `loadSecret` function to do this.
Resolves https://codeberg.org/forgejo/forgejo/issues/8113
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8116
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Co-authored-by: fruzitent <fruzit@gmail.com>
Co-committed-by: fruzitent <fruzit@gmail.com>
The download, edit, and trash icon buttons had an extraneous `<span>` that was inconsistent with the copy and RSS button which caused spacing issues when wrapping.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8415
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gnarwhal <git.aspect893@passmail.net>
Co-committed-by: Gnarwhal <git.aspect893@passmail.net>
This PR is adds almost all tests in `cmd/admin_auth_oauth_test.go` with a bit of refactoring beforehand to make the tests easier to write. These should be legitimate refactors where the implementation changes but the public API/behavior does not change. All of the changes in this PR are done to align with how tests are written in `cmd/admin_auth_ldap_test.go`. Since `cmd/admin_auth_ldap.go` is a sibling file to `cmd/admin_auth_oauth.go`, it seems like their test files should also be aligned.
There are some tests added that show the current behavior as not ideal. E.g. not being able to update certain fields, or being able to set fields that are ultimately ignored. These are added so that the behavior is at least shown a bit more visibly. There should likely be a follow-up to fix some of these issues. But that will almost certainly be a breaking change that I'd rather avoid in this PR.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8433
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: joneshf <jones3.hardy@gmail.com>
Co-committed-by: joneshf <jones3.hardy@gmail.com>
When a mail notification is sent because of a failed pull request run,
the body will show:
Branch: #661 (f57df45)
where #661 is the number of the pull request and not the branch. This
is because run.PrettyRef() is used and has a misleading special case
returning a PR number instead of a ref.
Remove the textual description as it can easily be discovered from the
run web page linked in the mail.
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8448
Reviewed-by: Christopher Besch <mail@chris-besch.com>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
The argument order for `ValidatePullRequest` is to first give the new commitID and then the old commit ID.
This results in reviews not being marked as stale when they are not stale and reviews as not stale when they are stale. The test will fail if the fix is not present.
Add testing for the following three scenarios:
1. A review is made, the PR is updated and as a consequence the PR's diff is changed. The review is now marked as stale.
2. A review is made but in the meantime the PR is updated and the review is submitted on a older commit ID. If the diff changed the review is marked as stale.
3. A review that was made against a older commit ID is no longer marked as stale if the PR is force-pushed to that older commit ID.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8450
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [go](https://go.dev/) ([source](https://github.com/golang/go)) | toolchain | patch | `1.24.4` -> `1.24.5` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6ImZvcmdlam8iLCJsYWJlbHMiOlsiZGVwZW5kZW5jeS11cGdyYWRlIiwidGVzdC9ub3QtbmVlZGVkIl19-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8449
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Closes #8119, follow-up of #8234#8234 "only" fixed the case when a new wiki setting was applied.
However it lacked 2 aspects:
- fixing the already corrupted unit permission in the database (required a migration)
- fixing the API route
Both aspects should now be covered.
Additionally, I commented out the unused `UnitAccessMode` and indicated that they are only used for the wiki-unit (hopefully saving some time to future code-readers).
### Testing
- go to a commit before #8234 (e.g. 285f66b782)
- create 3 repositories
- save the wiki settings of the second, without any change
- set the wiki of the third to be globally writable
- verify the `default_permissions` column in the database, of the unit `5`: 0, 2, 3
- stop Forgejo, switch to this PR and start Forgejo
- verify that the logs writes `Migration[35]: Fix wiki unit default permission`
- verify the `default_permissions` column in the database, of the unit `5`: 0, 0, 3
Before:
After:
- [x] I did not document these changes and I do not expect someone else to do it.
- [x] I do not want this change to show in the release notes.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8258
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
As discussed in forgejo/forgejo#8274
A workaround till analysis of test timeouts helped us to fix the root cause.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8395
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
This PR contains the following updates:
| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |
🔧 This Pull Request updates lock files to use the latest dependency versions.
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMTcuMiIsInRhcmdldEJyYW5jaCI6ImZvcmdlam8iLCJsYWJlbHMiOlsiZGVwZW5kZW5jeS11cGdyYWRlIiwidGVzdC9ub3QtbmVlZGVkIl19-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8436
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
- When math equation support was added into Gitea it allowed for math equations to be typed over multiple lines via `\[ ... \]` and `$$ ... $$`. Specifically the former delimiters caused problems with legitimate markdown input to be seen as a math equation and therefore was disabled in e1a82a15d3.
- Enable this multi-line parsing for wiki as it's less likely to cause issues in the context of the wiki.
- It is hard to fix this issue in a proper way without investing a good amount of time in Goldmark as explained in https://codeberg.org/forgejo/forgejo/issues/6902#issuecomment-2845317
- Added unit test.
- Resolves forgejo/forgejo#6902
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8424
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
## Checklist
### Tests
I don't think this deserves a test.
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
### What does it fix
In the dashboard, when someone deletes a branch, the message
that is displayed doesn't distinguish the branch name from the rest
of the message visually. Because that's user-provided content, I find
it odd, as it blends in with the system-generated message.
For consistency with other messages (such as the one obtained when
renaming a repository), I propose to show the branch name in monospaced
font via the `<code></code>` markup.
I didn't update the other languages by fear of interfering with Weblate but
I would be happy to update the other languages accordingly if you wish so.
I didn't add any tests because I don't think it's necessary for such a small change.
#### Before
#### After
#### Renaming a repository (unchanged, just for reference)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8418
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>
Co-committed-by: Antonin Delpeuch <antonin@delpeuch.eu>
- Regression of forgejo/forgejo#8425 (I was fooled by the github flow being `headGitRepo`).
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8431
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- If a Forgejo has disabled being a OAuth2 provider via `[oauth2].ENABLED = false` then return 'Not found' when clients requests `.well-known/openid-configuration` to reflect that OAuth2 is not supported.
- This allows clients to query if Forgejo has OAuth2 enabled.
- Resolves forgejo/forgejo#6978
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8426
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Instead of invoking a new git command to check if a reference exists, use the already opened git repository that uses a batch check to check if the reference exists.
- Instead of invoking a new git command to check if a branch exists, use the already opened git repository that uses a batch check to check if the branch exists.
- Do not depend on `IsReferenceExist` as its no longer used by any other function.
- Specify `--quiet` to not waste Git's time on printing something we do not use.
- Run it via `Run` so no buffers are created for stdout and stderr.
- Add a test that verifies `IsBranchExist` works and does not work for other types of references.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8425
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Refactor arguments of the function to make more sense.
- `path` can be inferred from `repo` receiver.
- `line` can be `uint64`.
- The two calls to this function check for specific errors, do this error checking in the function.
- The ID of a object format is not 40 in the case of SHA256, get the object format and use the correct length.
- Add test coverage for `LineBlame`, notably it checks for the errors that can legitimately happen.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8419
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
As explained in https://codeberg.org/forgejo/forgejo/issues/8072, the CLI was missing a way to set the `AttributeSSHPublicKey` field that was added in https://codeberg.org/forgejo/forgejo/pulls/6232. We add a flag to do that, and thread it through where necessary.
The checklist mentions adding tests, but the code in `cmd/admin_auth_oauth.go` seems to not have a `cmd/admin_auth_oauth_test.go`, and I'm not sure if there's something else that's testing this behavior. I can try to add tests if there's already a good spot to slot them in. If not, it seems like adding a `cmd/cmd/admin_auth_oauth_test.go` that worked similar to the current `cmd/admin_auth_ldap_test.go` might be a bit big of a change.
As far as documentation, I might be wrong about this, but it seems like the CLI docs are only updated once there's a new release. I can't do that yet, so I don't think that either of the checkboxes apply to this PR.
## Manual testing
There are two CLI commands that can be validated: `forgejo admin auth add-oauth` and `forgejo admin auth update-oauth`.
1. `forgejo admin auth add-oauth` requires an actual auto-discovery URL that responds appropriately.
- If there is not already an OIDC provider set up that has an auto-discovery URL, the sample OIDC provider at https://openidconnect.net/ can be used with it's auto-discovery URL of https://samples.auth0.com/.well-known/openid-configuration.
1. Run the following command to create a new OAuth2 authentication source:
```Console
forgejo admin auth add-oauth --attribute-ssh-public-key=ssh_public_key_field --auto-discover-url=https://samples.auth0.com/.well-known/openid-configuration --name='Delete this later' --provider=openidConnect
```
- This should create a new OAuth2 authentication source named "Delete this later" with the "Public SSH key attribute" field set to `ssh_public_key_field`.
<details>
<summary>Screenshot of newly created OAuth2 authentication source</summary>
</details>
1. `forgejo admin auth update-oauth` requires the id of the newly created OAuth2 authentication source.
- This id can be found on either the "Authentication sources" page (`/admin/auths`) or as the URL of the newly created OAuth2 authentication source (`/admins/auths/{id}`).
1. Run the following command to update the OAuth2 authentication source:
```Console
forgejo admin auth update-oauth --attribute-ssh-public-key=ssh_public_key_field_new_name --id=<id-of-new-oauth2-authentication-source>
```
- This should change the "Public SSH key attribute" to `ssh_public_key_field_new_name`.
<details>
<summary>Screenshot of updated OAuth2 authentication source</summary>
</details>
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/8383): <!--number 8383 --><!--line 0 --><!--description YWRkIGAtLWF0dHJpYnV0ZS1zc2gtcHViaWMta2V5YCB0byBmb3JnZWpvIGFkbWluIGF1dGggYWRkLW9hdXRoIGFuZCB1cGRhdGUtb2F1dGggQ0xJ-->add `--attribute-ssh-pubic-key` to forgejo admin auth add-oauth and update-oauth CLI<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8383
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: joneshf <jones3.hardy@gmail.com>
Co-committed-by: joneshf <jones3.hardy@gmail.com>
This feature is intended to help reduce noisy logs generated by routine Kubernetes probes and Prometheus scraping. While logs are essential, these specific requests (e.g., to /metrics and /api/healthz) generally don't provide useful information and tend to clutter the output.
The goal is to introduce functionality that effectively acts as the inverse of the existing EXPRESSION mode—allowing logging to be excluded based on a condition, rather than included.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8212
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: zokki <zokki.softwareschmiede@gmail.com>
Co-committed-by: zokki <zokki.softwareschmiede@gmail.com>
From the point of view of a notification, the only status which must be considered a fail is `StatusFailure`. All others are either success `StatusSuccess` or undetermined `StatusCancelled` and `StatusSkipped`.
Those are the only four status in which a run can be when it reaches the `ActionRunNowDone` function because it is filtered on `IsDone` which is only true for those.
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
### Documentation
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] I do not want this change to show in the release notes.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8366
Reviewed-by: Antonin Delpeuch <wetneb@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
- This test is the source of many transient errors https://codeberg.org/forgejo/forgejo/issues/8359#issuecomment-5655557 and is semi-reproducible locally. Any debugging code that is added will result in the error no longer being reproducible, making it hard to say why this is failing.
- It no longer seems necessary to add this `waitForURL` call as Playwright now seems to gracefully handle the case where we want to go to a specific page while playwright might still be navigating to another URL that was initiated by clicking on a button - thus removing the source of the transient error altogether.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8400
Reviewed-by: Beowulf <beowulf@beocode.eu>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
Query string tokenizer could return a list containing empty tokens when the query string was `\` or `"` (probably in other scenarios as well).
This seems undesirable and is what triggered #8260, but I'm posting this separately from that fix in case I'm wrong. Feel free to reject if so.
The actual change in behavior is that now searching for `\` or `"` behaves the same as if the query were empty (the bleve/elastic code checks that the tokenizer actually returned, anything rather than just query being non-empty).
### Tests
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8261
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
- Make the migration to add an index a noop - do not remove it as it would break v12.next & v13.next
- Keep the logic that relies on finding the last run, only always fail to find which is the same as assuming each run is one of a kind
Refs forgejo/forgejo#8373
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8374
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
- Right before the call to user email activation, the user is updated [^1]. This causes the email to be lowered, which in turn makes the call to activate the user activation fail (on database where collation is case sensitive, which is the recommend collation by Forgejo).
- The code in `BeforeUpdate` is quite confusing, the comment has become slightly out of date and was reworded to reflect reality and its purpose. The code is also slightly reworked to only lower the email for the `AvatarEmail` field to avoid causing side-effect.
- Added unit test.
- Resolves forgejo/forgejo#8354
[^1]: 4927d4ee3d/routers/web/auth/auth.go (L785)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8367
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
This PR detects Interlisp files (files that include "(DEFINE-FILE-INFO" somewhere near the start, and do not have an .LCOM extension) as text files and displays them as such in the web UI.
To check for extensions, I had to extend the `typesniffer.DetectContentType` function to accept an extra filename parameter—which could be useful for future filetype detection features. It is possible that a few of the places I modified pass a full file path instead of just passing a file name.
Implements #8184
## Checklist
### Tests
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes... - NA
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/8377): <!--number 8377 --><!--line 0 --><!--description ZGV0ZWN0IEludGVybGlzcCBzb3VyY2VzIGFzIHRleHQ=-->detect Interlisp sources as text<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8377
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Bojidar Marinov <bojidar.marinov.bg@gmail.com>
Co-committed-by: Bojidar Marinov <bojidar.marinov.bg@gmail.com>
This PR is part of https://codeberg.org/forgejo/forgejo/pulls/4767
It improves the signature handling:
1. move logic to a service (might be used from other services as well)
2. make a clear difference between ` ReqHTTPUserSignature` and `ReqHTTPUserOrInstanceSignature`
3. improve test ability (activitypub/client & distant_federation_server_mock
Adjust instance actor
1. name &
2. webfinger
## Strategy for next PRs is
Integration tests are in the driving seat.
I will step by step add integration tests form original PR and add code required by the integration test changes.
## Meta
Proposal howto process large PRs can be discussed here: https://codeberg.org/forgejo-contrib/federation/pulls/37
Current state with rendered diagrams can be found here: https://codeberg.org/meissa/federation/src/branch/merge-large-pr/doc/merge-large-pr.md
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8275
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
