Commit graph

1437 commits

Author SHA1 Message Date
chavacava
e1753c413b chore(cleanup): replaces unnecessary calls to formatting functions by non-formatting equivalents (#7994)
This PR replaces unnecessary calls to formatting functions (`fmt.Printf`, `fmt.Errorf`, ...) by non-formatting equivalents.
Resolves #7967

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7994
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: chavacava <chavacava@noreply.codeberg.org>
Co-committed-by: chavacava <chavacava@noreply.codeberg.org>
2025-06-02 14:13:27 +02:00
Earl Warren
7093b1a5c0 chore(cleanup): fix and simplify API comparison helper (#7978)
headIsTag := headGitRepo.IsCommitExist(baseBranch)

is wrong on two counts:

- it must be assigned to commitIsTag
- it must check headBranch and not baseBranch

this is not a bug but it certainly is confusing.

Also, the logic below

 	headBranchRef := headBranch
	if headIsBranch {
		headBranchRef = headBranch
	} else if headIsTag {
		headBranchRef = headBranch
	}

can be simplified as:

 	headBranchRef := headBranch

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7978
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-06-02 14:13:27 +02:00
Antonin Delpeuch
23ce1dd4d8 fix: url validation in webhook add/edit API (#7932)
Cherry-pick from 972381097c (see #7909).

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7932
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>
Co-committed-by: Antonin Delpeuch <antonin@delpeuch.eu>
2025-06-02 14:13:26 +02:00
Gusted
fb0f2ef32b feat: remove API authentication methods that uses the URL query (#7924)
- They have been marked as deprecated since 2023 and adequate warnings have been given about this method being deprecated, remove it for Forgejo v12.
- For clarity: the reason they are deprecated is that these methods allow authentication material to be given via a URL query. This results in the authentication material being logged, which is undesired behavior.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7924
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:26 +02:00
famfo
36d17fd0f7 feat: relax email requirements (#7829)
The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829
Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
2025-06-02 14:13:25 +02:00
Earl Warren
6318b1223b fix: document that /repos/{owner}/{repo}/pulls may contain nulls (#7762)
The null means a server side bug prevents the pull request from being
retrieved.

Closes https://codeberg.org/forgejo/forgejo/issues/6571

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7762
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-06-02 14:13:21 +02:00
Squel
f6cdf6cdd4 feat: allow access to /api/v1/packages/{username} without token (#7716)
- Only require tokens on package endpoints that modify packages, this being deletion of a package and (un)link of a package.
- Allows reading data via the API of otherwise public data
- Integration test added.

Some references to related past commits:
- de484e86bc Started requiring tokens for reading packages "mimicking the design of GitHub OAuth scopes".
- 18de83b2a3 Adjusted the scope further, but kept the GitHub design.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7716
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Squel <squeljur+git@gmail.com>
Co-committed-by: Squel <squeljur+git@gmail.com>
2025-06-02 14:13:20 +02:00
Gusted
6c1dc2ca0f chore: simplify GetDiff (#7682)
- Split `GetDiff` into two functions, `GetDiffSimple` and `GetDiffFull`. The former will do the bare minimum and really only get a Git diff while the latter does some extra stuff that's relevant for the frontend to show extra relevant.
- Use `GetDiffSimple` for API related calls, as they do not benefit nor are returning the extra information that `GetDiffFull` provides, this should show a measurable performance increase for API calls that returns commits and `/repos/{owner}/{repo}/pulls/{index}/files`.
- `GetDiffSimple` contains extra code comments about its interesting way to determine the before commit.
- Add unit tests to demonstrates that the logic for determining the before commit didn't change and the function still yields correct information.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7682
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:19 +02:00
David Davies-Payne
b870781715 fix: grammar in a release API error message (#7565)
This is small bug fix to correct the API's response description.

Currently returns "Release is has no Tag"
I think would read better as "Release has no Tag"

I have not added a test as it's a trivial change, however it's possible that consumers might be looking for that particular string.

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7565
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: David Davies-Payne <d2p@me.com>
Co-committed-by: David Davies-Payne <d2p@me.com>
2025-06-02 14:13:17 +02:00
zam
0bb6090a5b add port and schema to federation host (#7203)
## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [x] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7203
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: zam <mirco.zachmann@meissa.de>
Co-committed-by: zam <mirco.zachmann@meissa.de>
2025-06-02 14:13:16 +02:00
Gusted
0df64736fe feat(sec): Add SSH signing support for instances (#6897)
- Add support to set `gpg.format` in the Git config, via the new `[repository.signing].FORMAT` option. This is to tell Git that the instance would like to use SSH instead of OpenPGP to sign its commits. This is guarded behind a Git version check for v2.34.0 and a check that a `ssh-keygen` binary is present.
- Add support to recognize the public SSH key that is given to `[repository.signing].SIGNING_KEY` as the signing key by the instance.
- Thus this allows the instance to use SSH commit signing for commits that the instance creates (e.g. initial and squash commits) instead of using PGP.
- Technically (although I have no clue how as this is not documented) you can have a different PGP signing key for different repositories; this is not implemented for SSH signing.
- Add unit and integration testing.
  - `TestInstanceSigning` was reworked from `TestGPGGit`, now also includes testing for SHA256 repositories. Is the main integration test that actually signs commits and checks that they are marked as verified by Forgejo.
  - `TestParseCommitWithSSHSignature` is a unit test that makes sure that if a SSH instnace signing key is set, that it is used to possibly verify instance SSH signed commits.
  - `TestSyncConfigGPGFormat` is a unit test that makes sure the correct git config is set according to the signing format setting. Also checks that the guarded git version check and ssh-keygen binary presence check is done correctly.
  - `TestSSHInstanceKey` is a unit test that makes sure the parsing of a SSH signing key is done correctly.
  - `TestAPISSHSigningKey` is a integration test that makes sure the newly added API route `/api/v1/signing-key.ssh` responds correctly.

Documentation PR: forgejo/docs#1122

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6897
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:15 +02:00
christopher-besch
7819d9120f feat: move StopTask, CancelPreviousJobs and CleanRepoScheduleTasks to services/actions
This enables all action run state changes (from a not done to a done
state) to also send a notification.

Moved these:

- models/actions/task.go|423 col 6| func StopTask(ctx context.Context, taskID int64, status Status) error {
- models/actions/run.go|190 col 6| func CancelPreviousJobs(ctx context.Context, repoID int64, ref, workflowID string, event webhook_module.HookEventType) error {
- models/actions/schedule.go|122 col 6| func CleanRepoScheduleTasks(ctx context.Context, repo *repo_model.Repository, cancelPreviousJobs bool) error {
2025-06-02 14:13:15 +02:00
JakobDev
61ad6d5bc0 feat: sync forks (#2364)
This allows syncing a branch of a fork with a branch of the base repo. It looks like this:
![grafik](/attachments/4508920c-7d0b-4330-9083-e3048733e38d)
This is only possible, if the fork don't have commits that are not in the main repo.

The feature is already working, but it is missing Finetuning, a better API, translations and tests, so this is currently WIP. It is also not tested with go-git.

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/2364): <!--number 2364 --><!--line 0 --><!--description c3luYyBmb3Jrcw==-->sync forks<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2364
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2025-06-02 14:13:14 +02:00
famfo
4c18778bbf feat(activitiypub): enable HTTP signatures on all ActivityPub endpoints (#7035)
- Set the right keyID and use the right signing keys for outgoing requests.
- Verify the HTTP signature of all incoming requests, except for the server actor.
- Caches keys of incoming requests for users and servers actors.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7035
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
2025-06-02 14:13:13 +02:00
Renovate Bot
7ba6d1698e Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367)
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
2025-06-02 14:13:09 +02:00
Gusted
4e5e6f0553 chore: branding import path (#7337)
- Massive replacement of changing `code.gitea.io/gitea` to `forgejo.org`.
- Resolves forgejo/discussions#258

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7337
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:08 +02:00
klausfyhn
a01ad65924 feat(api): return run_number in workflow dispatch (#7286)
- This is a follow up on #7193 and resolves #6312.
- The ID by itself is not very useful, so also return the index of the workflow run.

Co-authored-by: Klaus Fyhn <klausfyhn@gmail.com>
Co-authored-by: Klaus Fyhn <klfj@mir-robots.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7286
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: klausfyhn <klausfyhn@noreply.codeberg.org>
Co-committed-by: klausfyhn <klausfyhn@noreply.codeberg.org>
2025-06-02 14:13:05 +02:00
Gusted
a13ab84998 feat(api): add more sorting to own repository list (#7256)
- Add more sorting options, by leveraging the existing `repo_model.OrderByFlatMap` map, to the `/api/v1/user/repos` endpoint.
- Swagger has been updated.
- Add (non-exhaustive) integration testing.
- Ref: gitnex/GitNex#1266

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7256
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:04 +02:00
Gusted
9961138e13 feat(api): add sort parameter to list issues API (#7211)
- Add the `sort` parameter to the `/api/v1/{repo}/{owner}/issues` API endpoint. Default behavior is preserved.
- Resolves forgejo/forgejo#4173
- Add (non-exhaustive) integration testing.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7211
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:13:03 +02:00
0ko
64d28da1ed branding: update API descriptions (#7244)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7244
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
2025-06-02 14:13:03 +02:00
markturney
5ce5fbeeee feat(api): return run info for dispatched workflows (#7193)
- When the API endpoint `/repos/{owner}/{repo}/actions/workflows/{workflowname}/dispatches` is used to launch a workflow, it currently returns no data; `/repos/{owner}/{repo}/actions/tasks` can be used to track the progress of a workflow, but you need at least that workflow's run_id and the quantity of its child jobs. Tracking workflow progress is especially important if you want to chain together multiple workflows that exist within different repositories, which is desired for https://codeberg.org/forgejo/forgejo/issues/6312.
- Make it possible to track the progress of manually triggered workflows by modifying the `/repos/{owner}/{repo}/actions/workflows/{workflowname}/dispatches` to return a JSON object containing the triggered workflow's id and a list of its child job names.

Co-authored-by: Andrii Chyrva <achyrva@amcbridge.com>
Co-authored-by: Andrii Chyrva <andrii.s.chyrva@hotmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7193
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: markturney <markturney@gmail.com>
Co-committed-by: markturney <markturney@gmail.com>
2025-06-02 14:13:02 +02:00
luxzi
259205d42c fix(api): typo in API description for repoSearch (#7199)
Corrected miss-spelled description for the `is_private` field on `repoSearch`, in which 'public' was spelled as 'pubic'.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7199
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: luxzi <lesson085@gmail.com>
Co-committed-by: luxzi <lesson085@gmail.com>
2025-06-02 14:13:01 +02:00
Lunny Xiao
d0fcb3d614 Add API to support link package to repository and unlink it (#33481)
Fix #21062

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit 5df9fd3e9c6ae7f848da65dbe9b9d321f29c003a)
2025-06-02 14:12:57 +02:00
Jaime merino
5e10e022d9 fix: job list response to avoid wrapped body. (#7050)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7050
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Jaime merino <cobak78@gmail.com>
Co-committed-by: Jaime merino <cobak78@gmail.com>
2025-06-02 14:12:56 +02:00
Robert Wolff
8099fe36de linting: fix typos, add toml validation (#7007)
- adds the `toml` plugin to the `eslint` linting → expect to have `options/setting/config.toml` by #6862
- fixes `make lint-codespell` commands
- related concerning `codespell`: #3270
- info: codespell check is and was not activated in the workflows (could maybe, runs only few seconds on my system)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7007
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Robert Wolff <mahlzahn@posteo.de>
Co-committed-by: Robert Wolff <mahlzahn@posteo.de>
2025-06-02 14:12:55 +02:00
Gusted
c3068a1fdf fix: do not allow SSH url for migration (#7004)
- Add a new function `IsPushMirrorURLAllowed` that will allow `ssh://` url and make the existing `IsMigrateURLAllowed` not allow such URLs anymore.
- Resolves forgejo/forgejo#6960
- Existing integration tests make sure that SSH urls are still allowed for the push mirror feature and added unit test to ensure that `IsMigrateURLAllowed` no longer allows SSH urls.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7004
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:12:54 +02:00
Panagiotis "Ivory" Vasilopoulos
c2e3313db4 feat: add pronoun privacy option (#6773)
This commit contains UI changes, tests and migrations for a feature
that lets users optionally hide their pronouns from the general
public. This is useful if a person wants to disclose that
information to a smaller set of people on a local instance
belonging to a local community/association.

Co-authored-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6773
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
Co-committed-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
2025-06-02 14:12:53 +02:00
ThomasBoom89
1446866316 fix(api): use not found status code when appropriate (#6885)
- Use a 404 error when the issue not found instead of returning an internal server error.
- Resolves #4005
- Added integration test.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6885
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: ThomasBoom89 <thomasboom89@noreply.codeberg.org>
Co-committed-by: ThomasBoom89 <thomasboom89@noreply.codeberg.org>
2025-06-02 14:12:53 +02:00
Mirco
db2876c258 Transient model for federated unstar (#6740)
This is the first step to https://codeberg.org/forgejo-contrib/federation/src/branch/main/FederationRoadmap.md#federated-unstar-wip

Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-authored-by: ansgarz <ansgar.zwick@meissa.de>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6740
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Mirco <mirco.zachmann@meissa.de>
Co-committed-by: Mirco <mirco.zachmann@meissa.de>
2025-06-02 14:12:52 +02:00
Gusted
4d7d5aa38e fix(api): allow collaborators to read their own permissions (#6856)
- Instead of checking the login name (which is not set in most cases and really the wrong thing to do here just like it is case sensitive) simply check that the requested user has the same ID as the doer.
- Resolves forgejo/forgejo#6837
- Add integration test.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6856
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:12:52 +02:00
Gusted
e790e4ab70 chore(api): Improve description for repoCheckCollaborator (#6858)
- Make it clear how the API responds with if the user is a collaborator or not.
- Yes, not ideal. Should've been a JSON response instead - but backwards compatibility.
- Resolves forgejo/forgejo#6837

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6858
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:12:52 +02:00
Gusted
a3d20f641c fix(sec): modify api route for variables 2025-06-02 14:12:51 +02:00
Bruno Sofiato
f1a893487d Inclusion of rename organization api (#33303)
This adds an endpoint (`/orgs/{org}/rename`) to rename organizations.

I've modeled the endpoint using the rename user endpoint --
`/admin/users/{username}/rename` -- as base.

It is the 1st time I wrote a new API endpoint (I've tried to follow the
rename users endpoint code while writing it). So feel free to ping me if
there is something wrong or missing.

Resolves #32995

---------

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 040c830dec5c727a56d16df62b1673bce6fca645)

Conflicts:
	routers/api/v1/admin/user.go
  ignore this unrelated change
	templates/swagger/v1_json.tmpl
  regenerate
	tests/integration/api_org_test.go
  port as a standalone test instead of refactoring the tests
2025-06-02 14:12:49 +02:00
Antonin Del Fabbro
5bd45540ca Added alt's to <img> 2025-06-02 14:12:47 +02:00
Gusted
7ab795d805 chore: Remove ChangeMilestoneStatus (#6741)
- Introduced in 5ed5aa5228 and removed in
4027c5dd7c.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6741
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-02 14:12:47 +02:00
Gusted
a9c97110f9 feat: add configurable cooldown to claim usernames (#6422)
Add a new option that allows instances to set a cooldown period to claim
old usernames. In the context of public instances this can be used to
prevent old usernames to be claimed after they are free and allow
graceful migration (by making use of the redirect feature) to a new
username. The granularity of this cooldown is a day. By default this
feature is disabled and thus no cooldown period.

The `CreatedUnix` column is added the `user_redirect` table, for
existing redirects the timestamp is simply zero as we simply do not know
when they were created and are likely already over the cooldown period
if the instance configures one.

Users can always reclaim their 'old' user name again within the cooldown
period. Users can also always reclaim 'old' names of organization they
currently own within the cooldown period.

Creating and renaming users as an admin user are not affected by the
cooldown period for moderation and user support reasons.

To avoid abuse of the cooldown feature, such that a user holds a lot of
usernames, a new option is added `MAX_USER_REDIRECTS` which sets a limit
to the amount of user redirects a user may have, by default this is
disabled. If a cooldown period is set then the default is 5. This
feature operates independently of the cooldown period feature.

Added integration and unit testing.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6422
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-01-24 04:16:56 +00:00
Earl Warren
8a9da6ab1b fix: listing tokens must not require basic auth (#6633)
When the change is reverted, the test fails as follows:

```sh
=== TestAPIGetTokens (tests/integration/api_token_test.go:34)
--- FAIL: TestAPIGetTokens (0.17s)
    testlogger.go:405: 2025/01/20 14:05:22 ...les/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /home/earl-warren/software/forgejo/tests/gitea-lfs-meta
    testlogger.go:405: 2025/01/20 14:05:22 ...eb/routing/logger.go:102:func1() [I] router: completed GET /api/v1/users/user2/tokens for test-mock:12345, 200 OK in 2.5ms @ user/app.go:24(user.ListAccessTokens)
    testlogger.go:405: 2025/01/20 14:05:22 ...eb/routing/logger.go:102:func1() [I] router: completed POST /api/v1/users/user1/tokens for test-mock:12345, 201 Created in 4.7ms @ user/app.go:75(user.CreateAccessToken)
    testlogger.go:405: 2025/01/20 14:05:22 ...eb/routing/logger.go:102:func1() [I] router: completed GET /api/v1/users/user2/tokens for test-mock:12345, 401 Unauthorized in 4.9ms @ v1/api.go:413(v1.Routes.func2.5.1.reqBasicOrRevProxyAuth.6)
    api_token_test.go:46:
        	Error Trace:	/home/earl-warren/software/forgejo/tests/integration/integration_test.go:556
        	            				/home/earl-warren/software/forgejo/tests/integration/api_token_test.go:46
        	Error:      	Not equal:
        	            	expected: 200
        	            	actual  : 401
        	Test:       	TestAPIGetTokens
        	Messages:   	Request: GET /api/v1/users/user2/tokens
    api_token_test.go:46: Response:  {"message":"auth required","url":"http://localhost:3003/api/swagger"}

    testlogger.go:405: 2025/01/20 14:05:22 ...eb/routing/logger.go:102:func1() [I] router: completed DELETE /api/v1/users/user1/tokens/94 for test-mock:12345, 204 No Content in 1.4ms @ user/app.go:145(user.DeleteAccessToken)
```

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6633): <!--number 6633 --><!--line 0 --><!--description bGlzdGluZyB0b2tlbnMgbXVzdCBub3QgcmVxdWlyZSBiYXNpYyBhdXRo-->listing tokens must not require basic auth<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6633
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-21 07:58:16 +00:00
Gusted
b2a3a0411c [PORT] Remove SHA1 for support for ssh rsa signing (#31857) (#5303)
https://github.com/go-fed/httpsig seems to be unmaintained.

Switch to github.com/42wim/httpsig which has removed deprecated crypto
and default sha256 signing for ssh rsa.

No impact for those that use ed25519 ssh certificates.

This is a breaking change for:
- gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too
- activitypub using deprecated crypto (is this actually used?)

(cherry picked from commit 01dec7577a051d9bb30e91f6cf6653dc51a37d06)

---
Conflict resolution: trivial

Co-authored-by: Wim <wim@42.be>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5303
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2025-01-17 03:17:10 +00:00
Jaime merino
9f842f0dec Add search action jobs for API routes, repo, org and global level (#6300)
This PR wants to improve information of the tasks waiting to be executed on a global, organization, user and repository leve.
The main motivation is explained here https://codeberg.org/forgejo/discussions/issues/241

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [x] in their respective `*_test.go` for unit tests.
  - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6300): <!--number 6300 --><!--line 0 --><!--description QWRkIHNlYXJjaCBhY3Rpb24gam9icyBmb3IgQVBJIHJvdXRlcywgcmVwbywgb3JnIGFuZCBnbG9iYWwgbGV2ZWw=-->Add search action jobs for API routes, repo, org and global level<!--description-->
<!--end release-notes-assistant-->

Co-authored-by: jaime merino <jaime.merino_mora@mail.schwarzª>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6300
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Jaime merino <cobak78@gmail.com>
Co-committed-by: Jaime merino <cobak78@gmail.com>
2025-01-14 11:17:42 +00:00
Thilina Jayanath
ed96852fdb fix: enable releases and/or wiki if user set the options in repo migration (#6051)
## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6051
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Thilina Jayanath <thilina91@gmail.com>
Co-committed-by: Thilina Jayanath <thilina91@gmail.com>
2025-01-12 09:16:45 +00:00
Lunny Xiao
bc64b6f004
Use gitrepo.GetTreePathLatestCommit to get file lastest commit instead from latest commit cache (#32987)
The latest commit cache is currently used only for listing tree files.
However, a cold start may take longer than directly invoking the Git
command. This PR addresses the issue of slow response times when
accessing raw files, improving performance in such scenarios.

```log
gitea.log:105521:2024/12/23 08:22:18 ...eb/routing/logger.go:68:func1() [W] router: slow      GET /xxxx/xxxxxx/raw/commit/xxxxxxxxxxxxxxxxxxxxxxxxxxx/.editorconfig for 172.18.0.5:53252, elapsed 3526.8ms @ repo/download.go:117(repo.SingleDownload)
```

(cherry picked from commit f4ccbd38dca77b1515a08ddf927f4f20cf644d30)
2025-01-05 12:13:48 +00:00
Angel Nunez Mencias
a2eb249766 feat: add files to compare (#6461)
Add the changed files between two commits to the response of the compare API, part of forgejo/forgejo#6460

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6461
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Angel Nunez Mencias <git@angelnu.com>
Co-committed-by: Angel Nunez Mencias <git@angelnu.com>
2025-01-05 02:32:46 +00:00
Zettat123
92ac337263
Support org labels when adding labels by label names (#32988)
Fix #32891

(cherry picked from commit 44b4fb21a4e99f327303f66cc7e48f7ca7ba09e1)
2024-12-28 19:32:09 +00:00
George Bartolomey
13ca6c14f1
feat: allow changing default branch update style
This commit allows chaning default branch update style through global
and repository settings. The setting affects "Update branch" button
in PR view (button shows when some commits are ahead of master branch).
When default update style is set to "rebase", dropdown button updates branch
by rebase by default. When update style is set to other value, dropdown button
updates branch by merge. Any of these actions may be selected using dropdown
in any case.

Signed-off-by: George Bartolomey <george@bh4.ru>
2024-12-23 18:55:25 +03:00
Earl Warren
380e266440 Merge pull request '[gitea] week 2024-51 cherry pick (gitea/main -> forgejo)' (#6271) from earl-warren/wcp/2024-51 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6271
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-12-19 07:08:01 +00:00
Awiteb
dbbd359984
Add sorting functionality to user search endpoint
Signed-off-by: Awiteb <a@4rs.nl>
2024-12-16 23:27:29 +03:00
Kemal Zebari
b0d6a7f07b
Implement update branch API (#32433)
Resolves #22526.

Builds upon #23061.

---------

Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 01b1896bf5eacfd7f4f64d9ebb0ad165e3e60a5c)

Conflicts:
	routers/api/v1/api.go
  context conflict + s/PathParam/Params/
	templates/swagger/v1_json.tmpl
  make generate-swagger
2024-12-15 09:24:31 +01:00
Awiteb
70348e159f Ensure source_id parameter is not skipped when set to 0 and correctly filter users in /api/v1/admin/users endpoint (#6240)
Signed-off-by: Awiteb <a@4rs.nl>
Fixes: #6239

## Checklist

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [X] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [X] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [X] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6240
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Awiteb <a@4rs.nl>
Co-committed-by: Awiteb <a@4rs.nl>
2024-12-13 05:42:01 +00:00
Lunny Xiao
3973f1022d
Add github compatible tarball download API endpoints (#32572)
Fix #29654
Fix #32481

(cherry picked from commit 703be6bf307ed19ce8dc8cd311d24aeb6e5b9861)

Conflicts:
	routers/api/v1/repo/file.go
	routers/web/repo/repo.go
	services/repository/archiver/archiver.go
	services/repository/archiver/archiver_test.go
  trivial context conflicts
  add missing function PathParam skipped in a very large refactor
2024-12-03 10:19:22 +01:00
Otto
48b91fa31a Merge pull request 'Improve Swagger documentation for user endpoints' (#6050) from JakobDev/forgejo:userswagger into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6050
Reviewed-by: Otto <otto@codeberg.org>
2024-11-28 20:42:19 +00:00