forgejo-aneksajo

mirror of https://codeberg.org/forgejo-aneksajo/forgejo-aneksajo.git synced 2025-04-22 06:06:45 +02:00

Author	SHA1	Message	Date
Loïc Dachary	92450913a8	fix POST /{username}/{reponame}/{type:issues\|pulls}/move_pin (cherry picked from commit d97efb777fde0725e634ee5f1de0ca4ffed3b541)	2023-11-26 06:50:26 +01:00
Loïc Dachary	9ea9ba8e7e	fix POST /{username}/{reponame}/{type:issues\|pulls}/{index}/content-history/soft-delete (cherry picked from commit a82cb96480cbbcdf8f45453ca605af835a48de48)	2023-11-26 06:48:49 +01:00
Lunny Xiao	db0d71ec0f	Fix comment permissions (#28213 ) (#28217 ) backport #28213 This PR will fix some missed checks for private repositories' data on web routes and API routes. (cherry picked from commit dfd511faf35fef68557e53763f9b06e5a139565d)	2023-11-26 06:35:50 +01:00
Loïc Dachary	a7a9876dd4	Revert "enforce reqRepoReader(unit.TypeIssues) GET /repos/{owner}/{repo}/issues/pinned" This reverts commit `c70eb32280`.	2023-11-26 06:34:40 +01:00
Loïc Dachary	140dbb3918	Revert "enforce reqRepoReader(unit.TypeIssues) POST /repos/{owner}/{repo}/issues" This reverts commit `6b4cb070cc`.	2023-11-26 06:34:40 +01:00
Loïc Dachary	d2de912c95	Revert "fix API usage of a PR index in place of issue index and vice versa" This reverts commit `3ddfca10ac`.	2023-11-26 06:34:40 +01:00
Loïc Dachary	4ece6a4b19	Revert "fix PATCH /api/v1/repos/{owner}/{repo}/issues/comments/{id}" This reverts commit `e291ea5e33`.	2023-11-26 06:34:39 +01:00
Loïc Dachary	ba352ef4b1	Revert "fix {DELETE,POST} /repos/{owner}/{repo}/issues/comments/{id}/reactions" This reverts commit `685ebdba63`.	2023-11-26 06:34:39 +01:00
Loïc Dachary	3869f80b52	Revert "fix GET /repos/{owner}/{repo}/issues/comments/{id}/reactions" This reverts commit `585f74c2ca`.	2023-11-26 06:34:39 +01:00
Loïc Dachary	fc3825f6b2	Revert "fix DELETE /api/v1/repos/{owner}/{repo}/issues/comments/{id}" This reverts commit `0b0b506b74`.	2023-11-26 06:34:38 +01:00
Loïc Dachary	c21cc34116	Revert "fix POST /{owner}/{repo}/comments/{id}/delete" This reverts commit `44f2592028`.	2023-11-26 06:34:38 +01:00
Loïc Dachary	db1bd78d71	Revert "fix POST /{owner}/{repo}/comments/{id}" This reverts commit `5cc6361e31`.	2023-11-26 06:34:38 +01:00
Loïc Dachary	5fc5d186e0	Revert "fix POST /{owner}/{repo}/comments/{id}/reactions/{action}" This reverts commit `6f87e71f0c`.	2023-11-26 06:34:38 +01:00
Loïc Dachary	710eee48a1	Revert "fix GET /{owner}/{repo}/comments/{id}/attachments" This reverts commit `48bcb1937e`.	2023-11-26 06:34:38 +01:00
Loïc Dachary	e587faae57	Revert "fix POST /{username}/{reponame}/{type:issues\|pulls}/{index}/content-history/soft-delete" This reverts commit `75730a6ded`.	2023-11-26 06:34:37 +01:00
Loïc Dachary	d7f5ff0782	Revert "fix GET /{username}/{reponame}/{type:issues\|pulls}/{index}/content-history/detail" This reverts commit `5ef4992fd7`.	2023-11-26 06:34:37 +01:00
Loïc Dachary	53115c7c17	Revert "fix POST /{username}/{reponame}/{tags,release}/delete" This reverts commit `a2b1082dda`.	2023-11-26 06:34:37 +01:00
Loïc Dachary	8a9676f881	Revert "fix GET /api/v1/repos/{owner}/{repo}/keys/{id}" This reverts commit `5322136af8`.	2023-11-26 06:34:37 +01:00
Loïc Dachary	4927e73551	Revert "fix POST /{username}/{reponame}/{type:issues\|pulls}/move_pin" This reverts commit `e9aa373db5`.	2023-11-26 06:34:37 +01:00
Loïc Dachary	e9aa373db5	fix POST /{username}/{reponame}/{type:issues\|pulls}/move_pin (cherry picked from commit 7eda733ed6a22c08a85fdc90deec0c440427cef7)	2023-11-25 08:08:37 +01:00
Loïc Dachary	5322136af8	fix GET /api/v1/repos/{owner}/{repo}/keys/{id} (cherry picked from commit 768238d9f9982e99ad4cbf3942d2d2db5126a150) Conflicts: routers/api/v1/repo/key.go trivial context conflict	2023-11-25 08:08:37 +01:00
Loïc Dachary	a2b1082dda	fix POST /{username}/{reponame}/{tags,release}/delete (cherry picked from commit a6d2ad6310f754952998fd73118da9f91c563145)	2023-11-25 08:08:37 +01:00
Loïc Dachary	5ef4992fd7	fix GET /{username}/{reponame}/{type:issues\|pulls}/{index}/content-history/detail (cherry picked from commit 0853dec293dd632a03948f66af69e75dd582a92d)	2023-11-25 08:08:36 +01:00
Loïc Dachary	75730a6ded	fix POST /{username}/{reponame}/{type:issues\|pulls}/{index}/content-history/soft-delete (cherry picked from commit a11d82a42729eba02032310f7778a9197f4f8ead)	2023-11-25 08:08:36 +01:00
Loïc Dachary	48bcb1937e	fix GET /{owner}/{repo}/comments/{id}/attachments (cherry picked from commit aed193ef9f5d59aed12cfd7518765d5598c7999f)	2023-11-25 07:23:34 +01:00
Loïc Dachary	6f87e71f0c	fix POST /{owner}/{repo}/comments/{id}/reactions/{action} (cherry picked from commit 21d4556cbeb9d0f825398114ba3a4816f331315b)	2023-11-25 07:23:34 +01:00
Loïc Dachary	5cc6361e31	fix POST /{owner}/{repo}/comments/{id} (cherry picked from commit 385a1f337462bec34ccc389d4efe21e3b2be8465)	2023-11-25 07:23:34 +01:00
Loïc Dachary	44f2592028	fix POST /{owner}/{repo}/comments/{id}/delete (cherry picked from commit 1b57d8493882d9d659164acd3b4a5a99c769d8ed)	2023-11-25 07:23:34 +01:00
Loïc Dachary	0b0b506b74	fix DELETE /api/v1/repos/{owner}/{repo}/issues/comments/{id} (cherry picked from commit 521eed2312f45bef7de28c9c03c04257862a453c)	2023-11-25 07:23:34 +01:00
Loïc Dachary	585f74c2ca	fix GET /repos/{owner}/{repo}/issues/comments/{id}/reactions (cherry picked from commit a146e3d0f9ff8ac1aee4be8a3632c76b35fc3482)	2023-11-25 07:23:33 +01:00
Loïc Dachary	685ebdba63	fix {DELETE,POST} /repos/{owner}/{repo}/issues/comments/{id}/reactions (cherry picked from commit f499075c53752f983c6e4f8af17c449926ba94d9)	2023-11-25 07:23:33 +01:00
Loïc Dachary	e291ea5e33	fix PATCH /api/v1/repos/{owner}/{repo}/issues/comments/{id} (cherry picked from commit 51c280e877765efe721e607aa95bcbb5aef364e0)	2023-11-25 07:23:33 +01:00
Loïc Dachary	3ddfca10ac	fix API usage of a PR index in place of issue index and vice versa (cherry picked from commit 7b95266de083c8de0ff224530a9b69e82c52c344)	2023-11-25 07:23:32 +01:00
Loïc Dachary	6b4cb070cc	enforce reqRepoReader(unit.TypeIssues) POST /repos/{owner}/{repo}/issues (cherry picked from commit d3db2fa8bc85e9d67f30854bba0a4c1e8b57b015)	2023-11-25 07:23:32 +01:00
Loïc Dachary	c70eb32280	enforce reqRepoReader(unit.TypeIssues) GET /repos/{owner}/{repo}/issues/pinned (cherry picked from commit 00fad97fc1b27db40a002c9ab3f709d04dc2cdd1)	2023-11-25 07:23:32 +01:00
Loïc Dachary	5d18f4b19f	[BRANDING] X-Forgejo-OTP can be used instead of X-Gitea-OTP (cherry picked from commit 7b0549cd70aa7cafec853e15b25270847c59850b) (cherry picked from commit 13e10a65d974c7b594681bfa36402a6144862116) (cherry picked from commit 65bdd73cf27895a9fb8db2a95ef4f5b08951481d) (cherry picked from commit 64eba8bb923176b4c286b1d0c83792f3c3005ca8) (cherry picked from commit 4c49b1a759abe3604afc1121e83c9a942016ad6a) (cherry picked from commit 93b4d0640683ea986657453b1fce49a00c861764) (cherry picked from commit e2bc5f36d958f4349160ec145719c302d4023cd0) (cherry picked from commit 2bee76f9dfa998c83ea4fe648997fad0b6224fa9) (cherry picked from commit 3d8a1b4a9fb9dc55bbd62fd8855ea85e58dc263f) (cherry picked from commit 99dd092cd02d7af8374acf454833ce1c05fd4fd9) (cherry picked from commit 0fdbd02204d533f907cd22c83c73bf0156ec4a88) (cherry picked from commit 70b277a183c0d85966fa84e9b054f164ae2d2a44) (cherry picked from commit 3eece7fbb4e67d970d8979d0d60a58ee2a195ea5) (cherry picked from commit 4838fc9e1145a74c56926de68854234604b5e38f) (cherry picked from commit b76ed541cf4d73702a83d6b96f8618b6f8c44393) (cherry picked from commit dcdfb5b65c6fbf50798a0c49d0f879dd1285ee41) (cherry picked from commit 377dc48cdc3b1c2bcc95f86a7bf3602468ac5c39) (cherry picked from commit acc862f411c79f7832c8ba2c182af738f25f4f8b) (cherry picked from commit ac75ef101f89d58442760cec21a3f3f9199d4710) (cherry picked from commit 08f2d9f7c5b0d51358b009b0b38b626b231ec32b) (cherry picked from commit e4096f0b6441ba68719146e5a48ef44233e27a86) (cherry picked from commit bf5876f06224ac90e931f2f47b66a5b9c38b2a87) (cherry picked from commit 7dc60637e5e097b5dbc38e068ee7ba553385b496) (cherry picked from commit ef3101774ba5083e259d84db9997ff0aaddab14c) (cherry picked from commit ecb9e8867c3503387cbaf97df27d8c60a840f4a4) (cherry picked from commit 64f0ae72fec30ea443d73f8566c140682e7b9838) (cherry picked from commit 8dd6ec786294741361f79c08b0c051d2258bda02) (cherry picked from commit b36723e52b975d2e57af363db1d9118f48feade1) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/1466 (cherry picked from commit 5c378e0cb823f2bad52224859ca326afb33bfd4b) (cherry picked from commit 1d87602819be9f87bf9d06203c37160568c18e78) (cherry picked from commit 0f72002d667224a75a4924ebb5557eca8bddbe70) (cherry picked from commit da2556eb13a2c976d1630315dbee8c3bc5444a11) (cherry picked from commit c01688cd900369b8cbed961f6a841ea536b07207) (cherry picked from commit af4bba832962ce4db3327c140283ce5b8d2cf6a5) (cherry picked from commit 33ca322c2ea7b05fcab084e06f8b3a6d65125808) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/1739 (cherry picked from commit c18e374d4481592681ae127b723f11076c37bb91) (cherry picked from commit 27c4797c9fb3c42be252223ac0add0605f18acba)	2023-11-14 13:17:12 +01:00
Giteabot	d7408d8b0b	Dont leak private users via extensions (#28023 ) (#28028 ) Backport #28023 by @6543 there was no check in place if a user could see a other user, if you append e.g. `.rss` (cherry picked from commit 69ea554e2362e5c4943c2463c2ec547bf631f18b)	2023-11-14 13:17:12 +01:00
KN4CK3R	44df78edd4	Unify two factor check (#27915 ) (#27939 ) Backport of #27915 Fixes #27819 We have support for two factor logins with the normal web login and with basic auth. For basic auth the two factor check was implemented at three different places and you need to know that this check is necessary. This PR moves the check into the basic auth itself. (cherry picked from commit 00705da102be929dfa41519b030be3bdd8c68472)	2023-11-14 13:17:12 +01:00
Lunny Xiao	f2c3491b61	Fix http protocol auth (#27875 ) (#27878 ) backport #27875 (cherry picked from commit 1dedf9bba0bf909f9e275565604ec8f2adb5a86e)	2023-11-14 13:17:12 +01:00
Giteabot	64373004b5	Fix org team endpoint (#27721 ) (#27729 ) Backport #27721 by @lng2020 Fix #27711 Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com> (cherry picked from commit 71803d33e395829e4b7cee2bd4ae078527106a48)	2023-11-14 13:17:11 +01:00
Giteabot	62c33f92a9	Fix 404 when deleting Docker package with an internal version (#27615 ) (#27629 ) Backport #27615 by @lng2020 close #27601 The Docker registry has an internal version, which leads to 404 Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com> (cherry picked from commit 171950a0d45745743d519aeb547b2a93cfb6410d)	2023-11-14 13:17:11 +01:00
Giteabot	e0fe8a8ab4	Fix panic in storageHandler (#27446 ) (#27478 ) Backport #27446 by @sryze storageHandler() is written as a middleware but is used as an endpoint handler, and thus `next` is actually `nil`, which causes a null pointer dereference when a request URL does not match the pattern (where it calls `next.ServerHTTP()`). Example CURL command to trigger the panic: ``` curl -I "http://yourhost/gitea//avatars/a" ``` Fixes #27409 --- Note: the diff looks big but it's actually a small change - all I did was to remove the outer closure (and one level of indentation) ~and removed the HTTP method and pattern checks as they seem redundant because go-chi already does those checks~. You might want to check "Hide whitespace" when reviewing it. Alternative solution (a bit simpler): append `, misc.DummyOK` to the route declarations that utilize `storageHandler()` - this makes it return an empty response when the URL is invalid. I've tested this one and it works too. Or maybe it would be better to return a 400 error in that case (?) Co-authored-by: Sergey Zolotarev <sryze@outlook.com> (cherry picked from commit 4ffa683820188175570ea3a0faf9d93046042b91)	2023-11-14 13:17:11 +01:00
Giteabot	c50af699ea	When comparing with an non-exist repository, return 404 but 500 (#27437 ) (#27441 ) Backport #27437 by @lunny Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> (cherry picked from commit 973b7f62989d16960fa918f5758ff2998317c352)	2023-11-14 13:17:11 +01:00
Earl Warren	a1e6944bd7	Revert "[BRANDING] X-Forgejo-OTP can be used instead of X-Gitea-OTP" This reverts commit `9413fd0274`.	2023-11-14 13:17:11 +01:00
Gusted	51988ef52b	[GITEA] rework long-term authentication - The current architecture is inherently insecure, because you can construct the 'secret' cookie value with values that are available in the database. Thus provides zero protection when a database is dumped/leaked. - This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies). - Integration testing is added to ensure the new mechanism works. - Removes a setting, because it's not used anymore. (cherry-pick from eff097448b1ebd2a280fcdd55d10b1f6081e9ccd) Conflicts: modules/context/context_cookie.go trivial context conflicts routers/web/web.go ctx.GetSiteCookie(setting.CookieRememberName) moved from services/auth/middleware.go	2023-10-05 08:50:54 +02:00
Giteabot	3e8c3b7c09	Allow get release download files and lfs files with oauth2 token format (#26430 ) (#27378 ) Backport #26430 by @lunny Fix #26165 Fix #25257 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> (cherry picked from commit 23139aa27bbed804ca68b04b39f965a0ca69d277)	2023-10-03 14:48:40 +02:00
Giteabot	f8bf284794	Fix organization field being null in POST /orgs/{orgid}/teams (#27150 ) (#27162 ) Backport #27150 by @memphis88 Similarly to the fix in https://github.com/go-gitea/gitea/pull/24694, this addresses the team creation not returning the organization information in the response. This fix is connected to the [issue](https://gitea.com/gitea/terraform-provider-gitea/issues/27) discovered in the terraform provider. Moreover, the [documentation](https://docs.gitea.com/api/1.20/#tag/organization/operation/orgCreateTeam) suggests that the response body should include the `organization` field (currently being `null`). Co-authored-by: Dionysios Kakouris <1369451+memphis88@users.noreply.github.com> (cherry picked from commit fbe1f3511220f282bb47e5ceb2f5dd98a7623cea)	2023-10-03 14:48:08 +02:00
Giteabot	c041114a20	fix pagination for followers and following (#27127 ) (#27138 ) Backport #27127 by @earl-warren - Use the correct total amount for pagination. Thereby correctly show the pagination bare when there's more than one page of followers/followings. Refs: https://codeberg.org/forgejo/forgejo/pulls/1477 (cherry picked from commit c1a136318be3bf72511bed108f2d67f2cf34e1b8) Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com> Co-authored-by: Gusted <postmaster@gusted.xyz> (cherry picked from commit 1d6e5c8e5862e634081c943f346003c36e47415f)	2023-09-20 12:50:46 +02:00
Giteabot	64a418dfc7	Fix issue templates when blank isses are disabled (#27061 ) (#27082 ) Backport #27061 by @JakobDev Fixes #27060 Co-authored-by: JakobDev <jakobdev@gmx.de> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: delvh <dev.lh@web.de> (cherry picked from commit b139234fa8d7b9d52f134117bbac7dce53e4914b)	2023-09-20 12:50:46 +02:00
Giteabot	1689b3da55	Redirect from `{repo}/issues/new` to `{repo}/issues/new/choose` when blank issues are disabled (#26813 ) (#26847 ) Backport #26813 by @JakobDev You can currently visit `{repo}/issues/new` and create a blank issue, even if it's disabled. This PR fixes this, Fixes https://codeberg.org/forgejo/forgejo/issues/1356 Co-authored-by: JakobDev <jakobdev@gmx.de> (cherry picked from commit 2cfabb68ffb4fe188cdbb323be46b300c85f0134)	2023-09-08 08:09:18 +02:00

1 2 3 4 5 ...

4093 commits