From 27e853454da6b9f2dc510a22a890924dbb7045ac Mon Sep 17 00:00:00 2001 From: Gusted Date: Thu, 17 Jul 2025 20:40:09 +0200 Subject: [PATCH 01/20] fix: use correct ACME default (#8550) - The `ACME_URL` setting is documented to default to Let's encrypt production server if left empty, so do precisely that. - Use a HTTP proxy to communicate with ACME if Forgejo is configured to use that. - Regression of forgejo/forgejo#7409 (previously certmagic took care of setting these defaults). - Resolves forgejo/forgejo#8548 ## Testing 1. Configure Forgejo's root URL to a public facing domain (that can pass a ACME challenge) 2. Configure Forgejo to use ACME by setting `[server].ENABLE_ACME = true` and `[server].ACME_ACCEPTTOS = true`. 3. Start Forgejo. 4. Observe that it's available via https. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8550 Reviewed-by: Earl Warren Co-authored-by: Gusted Co-committed-by: Gusted --- cmd/web_acme.go | 7 +++++++ modules/setting/server.go | 4 +++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cmd/web_acme.go b/cmd/web_acme.go index 03b3b9f0da..be6314addb 100644 --- a/cmd/web_acme.go +++ b/cmd/web_acme.go @@ -15,6 +15,7 @@ import ( "forgejo.org/modules/graceful" "forgejo.org/modules/log" "forgejo.org/modules/process" + "forgejo.org/modules/proxy" "forgejo.org/modules/setting" "github.com/caddyserver/certmagic" @@ -76,6 +77,12 @@ func runACME(listenAddr string, m http.Handler) error { ListenHost: setting.HTTPAddr, AltTLSALPNPort: altTLSALPNPort, AltHTTPPort: altHTTPPort, + HTTPProxy: proxy.Proxy(), + } + + // Preserve behavior to use Let's encrypt test CA when Let's encrypt is CA. + if certmagic.DefaultACME.CA == certmagic.LetsEncryptProductionCA { + certmagic.DefaultACME.TestCA = certmagic.LetsEncryptStagingCA } magic := certmagic.NewDefault() diff --git a/modules/setting/server.go b/modules/setting/server.go index bff51f787d..3ff91d2cde 100644 --- a/modules/setting/server.go +++ b/modules/setting/server.go @@ -16,6 +16,8 @@ import ( "forgejo.org/modules/json" "forgejo.org/modules/log" "forgejo.org/modules/util" + + "github.com/caddyserver/certmagic" ) // Scheme describes protocol types @@ -206,7 +208,7 @@ func loadServerFrom(rootCfg ConfigProvider) { EnableAcme = sec.Key("ENABLE_LETSENCRYPT").MustBool(false) } if EnableAcme { - AcmeURL = sec.Key("ACME_URL").MustString("") + AcmeURL = sec.Key("ACME_URL").MustString(certmagic.LetsEncryptProductionCA) AcmeCARoot = sec.Key("ACME_CA_ROOT").MustString("") if sec.HasKey("ACME_ACCEPTTOS") { From c9949fbc6408907c426a3e8db5fd1e5460cf18fd Mon Sep 17 00:00:00 2001 From: Kumi Date: Fri, 18 Jul 2025 07:19:15 +0200 Subject: [PATCH 02/20] chore: improve the wording of the "not worth a release note" category (#8542) Hi all, I believe that open source projects in general are under-appreciated. And no matter how big or small, every contribution matters, whether it's the implementation of a shiny new feature or just taking the time to make sure that a dependency is updated to its latest patch release. I don't usually contribute to Forgejo, but we run an instance, and highly appreciate all of the work everyone involved is doing. As such, it kinda pains me to see the "Included for completeness but __not worth__ a release note" line (emphasis mine) in the release notes every time. More often than not, when clicking on one of those PRs, you'll see that people actually do put some thought into the changes hidden down there, there may even be more or less heated discussions about them, and even though these changes may not directly influence the user experience, they are an important part of running a project like this. As such, I propose changing that line to "Included for completeness but not user facing (chores, etc.)" (courtesy of @earl-warren on Matrix). It's a really really small change, but I think it matters. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests Not applicable since there are no Go or JavaScript changes. - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation Since this is only a change to the wording of the release notes, no user documentation is required for this. - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes This PR is certainly not worthy. - [x] I do not want this change to show in the release notes. - [ ] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/.md` to be be used for the release notes instead of the title. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8542 Reviewed-by: Earl Warren Co-authored-by: Kumi Co-committed-by: Kumi --- release-notes-assistant.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/release-notes-assistant.sh b/release-notes-assistant.sh index 89fd0833f5..4963edf286 100755 --- a/release-notes-assistant.sh +++ b/release-notes-assistant.sh @@ -64,7 +64,7 @@ function test_main() { test "$(categorize)" = 'ZE Other changes without a feature or bug label' test_payload_labels - test "$(categorize)" = 'ZF Included for completeness but not worth a release note' + test "$(categorize)" = 'ZF Included for completeness but not user-facing (chores, etc.)' test_payload_draft "fix(security)!: breaking security bug fix" test "$(categorize)" = 'AA Breaking security bug fixes' @@ -117,11 +117,12 @@ function categorize() { # # If there was no release-notes/N.md file and it is not - # worth a release note, just forget about it. + # directly user-facing, we include it in a separate section + # for completeness. # if test -z "$(jq --raw-output .Draft <$payload)"; then if ! $worth; then - echo -n ZF Included for completeness but not worth a release note + echo -n ZF Included for completeness but not user-facing \(chores, etc.\) exit 0 fi fi From 6e9b97e3776dc8fc73ffdeca879b95c46ed8be85 Mon Sep 17 00:00:00 2001 From: 0ko <0ko@noreply.codeberg.org> Date: Fri, 18 Jul 2025 13:13:45 +0200 Subject: [PATCH 03/20] fix(ui): prevent render failure on faulty org settings post (#8553) Fix regression of https://codeberg.org/forgejo/forgejo/pulls/7998 Same as https://codeberg.org/forgejo/forgejo/pulls/8236 but for orgs Amended existing tests to verify which error messages show up and not show up. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8553 Reviewed-by: Earl Warren Co-authored-by: 0ko <0ko@noreply.codeberg.org> Co-committed-by: 0ko <0ko@noreply.codeberg.org> --- routers/web/org/setting.go | 3 +++ tests/integration/org_settings_test.go | 14 +++++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/routers/web/org/setting.go b/routers/web/org/setting.go index c83242754b..9b4e01597b 100644 --- a/routers/web/org/setting.go +++ b/routers/web/org/setting.go @@ -71,6 +71,9 @@ func SettingsPost(ctx *context.Context) { ctx.Data["PageIsSettingsOptions"] = true ctx.Data["CurrentVisibility"] = ctx.Org.Organization.Visibility ctx.Data["CooldownPeriod"] = setting.Service.UsernameCooldownPeriod + ctx.Data["MaxAvatarFileSize"] = setting.Avatar.MaxFileSize + ctx.Data["MaxAvatarWidth"] = setting.Avatar.MaxWidth + ctx.Data["MaxAvatarHeight"] = setting.Avatar.MaxHeight if ctx.HasError() { ctx.HTML(http.StatusOK, tplSettingsOptions) diff --git a/tests/integration/org_settings_test.go b/tests/integration/org_settings_test.go index fde57e2e26..3ea6f10bf6 100644 --- a/tests/integration/org_settings_test.go +++ b/tests/integration/org_settings_test.go @@ -57,7 +57,9 @@ func TestOrgSettingsChangeEmail(t *testing.T) { settings := getOrgSettingsFormData(t, session, orgName) settings["email"] = "invalid" - session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusOK) + doc := NewHTMLParser(t, session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusOK).Body) + doc.AssertElement(t, ".status-page-500", false) + doc.AssertElement(t, ".flash-error", true) org := getOrgSettings(t, token, orgName) assert.Equal(t, "org3@example.com", org.Email) @@ -69,7 +71,10 @@ func TestOrgSettingsChangeEmail(t *testing.T) { settings := getOrgSettingsFormData(t, session, orgName) settings["email"] = "example@example.com" - session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusSeeOther) + doc := NewHTMLParser(t, session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusSeeOther).Body) + doc.AssertElement(t, "body", true) + doc.AssertElement(t, ".status-page-500", false) + doc.AssertElement(t, ".flash-error", false) org := getOrgSettings(t, token, orgName) assert.Equal(t, "example@example.com", org.Email) @@ -81,7 +86,10 @@ func TestOrgSettingsChangeEmail(t *testing.T) { settings := getOrgSettingsFormData(t, session, orgName) settings["email"] = "" - session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusSeeOther) + doc := NewHTMLParser(t, session.MakeRequest(t, NewRequestWithValues(t, "POST", settingsURL, settings), http.StatusSeeOther).Body) + doc.AssertElement(t, "body", true) + doc.AssertElement(t, ".status-page-500", false) + doc.AssertElement(t, ".flash-error", false) org := getOrgSettings(t, token, orgName) assert.Empty(t, org.Email) From 88c3b6deada7debbb7557f66fa83dd826161ec83 Mon Sep 17 00:00:00 2001 From: 0ko <0ko@noreply.codeberg.org> Date: Fri, 18 Jul 2025 14:11:14 +0200 Subject: [PATCH 04/20] chore(release notes): squash repeating localization updates (#8547) Followup to https://codeberg.org/forgejo/forgejo/pulls/8540 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8547 Reviewed-by: Beowulf Reviewed-by: Gusted --- release-notes-published/12.0.0.md | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/release-notes-published/12.0.0.md b/release-notes-published/12.0.0.md index 6d83eef3c5..f52480cc88 100644 --- a/release-notes-published/12.0.0.md +++ b/release-notes-published/12.0.0.md @@ -53,19 +53,7 @@ - [PR](https://codeberg.org/forgejo/forgejo/pulls/7245): allow user with actions write permission to run a workflow from the web UI. - [PR](https://codeberg.org/forgejo/forgejo/pulls/6799): ensure usercards in grid have the same width. - Localization - - [PR](https://codeberg.org/forgejo/forgejo/pulls/8238) ([backported](https://codeberg.org/forgejo/forgejo/pulls/8294)): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/8178): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/8077): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7969): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7895): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7819): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7742): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7637): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7572): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7507): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7438): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7363): i18n: update of translations from Codeberg Translate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/7275): i18n: update of translations from Codeberg Translate + - Updates from Codeberg Translate: [#7275](https://codeberg.org/forgejo/forgejo/pulls/7275), [#7363](https://codeberg.org/forgejo/forgejo/pulls/7363), [#7438](https://codeberg.org/forgejo/forgejo/pulls/7438), [#7507](https://codeberg.org/forgejo/forgejo/pulls/7507), [#7572](https://codeberg.org/forgejo/forgejo/pulls/7572), [#7637](https://codeberg.org/forgejo/forgejo/pulls/7637), [#7742](https://codeberg.org/forgejo/forgejo/pulls/7742), [#7819](https://codeberg.org/forgejo/forgejo/pulls/7819), [#7895](https://codeberg.org/forgejo/forgejo/pulls/7895), [#7969](https://codeberg.org/forgejo/forgejo/pulls/7969), [#8077](https://codeberg.org/forgejo/forgejo/pulls/8077), [#8178](https://codeberg.org/forgejo/forgejo/pulls/8178), [#8294](https://codeberg.org/forgejo/forgejo/pulls/8294) (backport of [#8238](https://codeberg.org/forgejo/forgejo/pulls/8238)), [#8534](https://codeberg.org/forgejo/forgejo/pulls/8534) (backport of [#8295](https://codeberg.org/forgejo/forgejo/issues/8295), [#8410](https://codeberg.org/forgejo/forgejo/issues/8410), [#8490](https://codeberg.org/forgejo/forgejo/issues/8490)) - Features - [PR](https://codeberg.org/forgejo/forgejo/pulls/8179): new `GET /repos/{owner}/{repo}/git/blobs` API endpoint to retrieve multiple blobs at once. - [PR](https://codeberg.org/forgejo/forgejo/pulls/8177): always publish the link to the commit status. From eaea89b7f04f433b0c631d30f45cfe0277d7eeff Mon Sep 17 00:00:00 2001 From: Earl Warren Date: Fri, 18 Jul 2025 16:09:25 +0200 Subject: [PATCH 05/20] chore(ci): cache release-notes-assistant working directory [skip ci] (#8556) to reduce the number of requests to the API to obtain each pull request to the minimum. - cache the working directory - upgrade to [v1.3.0](https://code.forgejo.org/forgejo/release-notes-assistant/releases/tag/v1.3.0) to get optimizations - use the oci:1 image to reduce the network load re-installing every time ## Testing - Pushed to https://codeberg.org/forgejo/forgejo/src/branch/wip-rna so that it gets access to the secrets - Manually triggered [to populate the cache](https://codeberg.org/forgejo/forgejo/actions/runs/89735) cutting the run time from ~2h to ~45min - Manually triggered [to verify the cache is reused](https://codeberg.org/forgejo/forgejo/actions/runs/89759) cutting the run time from ~45min to ~15min ![image](/attachments/3ae48d6d-0d38-4559-8544-f0bc71eb2040) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8556 Reviewed-by: Gusted Co-authored-by: Earl Warren Co-committed-by: Earl Warren --- .../release-notes-assistant-milestones.yml | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/.forgejo/workflows/release-notes-assistant-milestones.yml b/.forgejo/workflows/release-notes-assistant-milestones.yml index 7f77098357..0b8a416a02 100644 --- a/.forgejo/workflows/release-notes-assistant-milestones.yml +++ b/.forgejo/workflows/release-notes-assistant-milestones.yml @@ -5,32 +5,34 @@ on: - cron: '@daily' env: - RNA_VERSION: v1.2.5 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org + RNA_WORKDIR: /srv/rna + RNA_VERSION: v1.3.0 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org jobs: release-notes: if: vars.ROLE == 'forgejo-coding' runs-on: docker container: - image: 'data.forgejo.org/oci/node:22-bookworm' + image: 'data.forgejo.org/oci/ci:1' steps: - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: https://data.forgejo.org/actions/setup-go@v5 + - uses: https://data.forgejo.org/actions/cache@v4 with: - go-version-file: "go.mod" - cache: false + key: rna-${{ env.RNA_VERSION }} + path: ${{ env.RNA_WORKDIR }} - - name: apt install jq + - name: install release-notes-assistant run: | - export DEBIAN_FRONTEND=noninteractive - apt-get update -qq - apt-get -q install -y -qq jq + set -x + wget -O /usr/local/bin/rna https://code.forgejo.org/forgejo/release-notes-assistant/releases/download/${{ env.RNA_VERSION}}/release-notes-assistant + chmod +x /usr/local/bin/rna - name: update open milestones run: | set -x - curl -sS $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/milestones?state=open | jq -r '.[] | .title' | while read forgejo version ; do + mkdir -p ${{ env.RNA_WORKDIR }} + curl -sS $FORGEJO_SERVER_URL/api/v1/repos/$FORGEJO_REPOSITORY/milestones?state=open | jq -r '.[] | .title' | while read forgejo version ; do milestone="$forgejo $version" - go run code.forgejo.org/forgejo/release-notes-assistant@$RNA_VERSION --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone" --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version + rna --workdir ${{ env.RNA_WORKDIR }} --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone" --forgejo-url $FORGEJO_SERVER_URL --repository $FORGEJO_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version done From f27b46436cad293c7d03f64c71fdc88bd3a51ba3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 17:25:58 +0200 Subject: [PATCH 06/20] Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.2.2 (forgejo) (#8557) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 1db44e6f26..df23ec6fd2 100644 --- a/Makefile +++ b/Makefile @@ -39,7 +39,7 @@ XGO_VERSION := go-1.21.x AIR_PACKAGE ?= github.com/air-verse/air@v1 # renovate: datasource=go EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3.3.0 # renovate: datasource=go GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.8.0 # renovate: datasource=go -GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.2.1 # renovate: datasource=go +GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.2.2 # renovate: datasource=go GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11 # renovate: datasource=go SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0 # renovate: datasource=go XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest From fe6ba0c7c9da7ae295d3c87b38b4363084e9a928 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 17:28:16 +0200 Subject: [PATCH 07/20] Update dependency vite-string-plugin to v1.4.6 (forgejo) (#8559) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index c41b1f6b7e..b379db27c7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -99,7 +99,7 @@ "svgo": "4.0.0", "typescript": "5.8.3", "typescript-eslint": "8.35.1", - "vite-string-plugin": "1.3.4", + "vite-string-plugin": "1.4.6", "vitest": "3.2.4" }, "engines": { @@ -15255,9 +15255,9 @@ } }, "node_modules/vite-string-plugin": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/vite-string-plugin/-/vite-string-plugin-1.3.4.tgz", - "integrity": "sha512-mHvcooHgZ0nVbHtj9o+c5dzD2/nclr/SOG023EFYF/zRnO8bxB63bV9WUA9X+njlgLpOwCJ3LI2IdihKoi0gZQ==", + "version": "1.4.6", + "resolved": "https://registry.npmjs.org/vite-string-plugin/-/vite-string-plugin-1.4.6.tgz", + "integrity": "sha512-Csjtny8/uVIynzlaRRj4RpHrPAakNwlH9jw6kgQ8tQhc2f0zzA6bCbAgWD0y84EgB8aLNrz7pZFUqSt3LOtk+w==", "dev": true, "license": "BSD-2-Clause" }, diff --git a/package.json b/package.json index f6e998a570..0b65f75026 100644 --- a/package.json +++ b/package.json @@ -98,7 +98,7 @@ "svgo": "4.0.0", "typescript": "5.8.3", "typescript-eslint": "8.35.1", - "vite-string-plugin": "1.3.4", + "vite-string-plugin": "1.4.6", "vitest": "3.2.4" }, "browserslist": [ From bc4c1d64cbb31611752cc855cb9905d324287c7f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 17:41:12 +0200 Subject: [PATCH 08/20] Update x/tools to v0.35.0 (forgejo) (#8561) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Makefile | 2 +- go.mod | 4 ++-- go.sum | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index df23ec6fd2..213d7f4b0b 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,7 @@ SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0 # renova XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0 # renovate: datasource=go GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1 # renovate: datasource=go -DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.34.0 # renovate: datasource=go +DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.35.0 # renovate: datasource=go GOMOCK_PACKAGE ?= go.uber.org/mock/mockgen@v0.5.2 # renovate: datasource=go RENOVATE_NPM_PACKAGE ?= renovate@41.32.1 # renovate: datasource=docker packageName=data.forgejo.org/renovate/renovate diff --git a/go.mod b/go.mod index 1421f503fe..9e0f47f968 100644 --- a/go.mod +++ b/go.mod @@ -235,9 +235,9 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect go.uber.org/zap/exp v0.3.0 // indirect - golang.org/x/mod v0.25.0 // indirect + golang.org/x/mod v0.26.0 // indirect golang.org/x/time v0.11.0 // indirect - golang.org/x/tools v0.34.0 // indirect + golang.org/x/tools v0.35.0 // indirect gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect gopkg.in/warnings.v0 v0.1.2 // indirect ) diff --git a/go.sum b/go.sum index cf10843262..db2a186d2c 100644 --- a/go.sum +++ b/go.sum @@ -597,8 +597,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w= -golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww= +golang.org/x/mod v0.26.0 h1:EGMPT//Ezu+ylkCijjPc+f4Aih7sZvaAr+O3EHBxvZg= +golang.org/x/mod v0.26.0/go.mod h1:/j6NAhSk8iQ723BGAUyoAcn7SlD7s15Dp9Nd/SfeaFQ= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -688,8 +688,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo= -golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg= +golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0= +golang.org/x/tools v0.35.0/go.mod h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From fce430c6ba02f241a9b63b9fe4c91ab9ed921b03 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 23:20:15 +0200 Subject: [PATCH 09/20] Update dependency @playwright/test to v1.54.1 (forgejo) (#8558) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8558 Reviewed-by: Otto Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- package-lock.json | 24 ++++++++++++------------ package.json | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index b379db27c7..fdcc21c71a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -63,7 +63,7 @@ "devDependencies": { "@axe-core/playwright": "4.10.2", "@eslint-community/eslint-plugin-eslint-comments": "4.5.0", - "@playwright/test": "1.53.2", + "@playwright/test": "1.54.1", "@stoplight/spectral-cli": "6.15.0", "@stylistic/eslint-plugin": "5.1.0", "@stylistic/stylelint-plugin": "3.1.3", @@ -2213,13 +2213,13 @@ } }, "node_modules/@playwright/test": { - "version": "1.53.2", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.53.2.tgz", - "integrity": "sha512-tEB2U5z74ebBeyfGNZ3Jfg29AnW+5HlWhvHtb/Mqco9pFdZU1ZLNdVb2UtB5CvmiilNr2ZfVH/qMmAROG/XTzw==", + "version": "1.54.1", + "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.54.1.tgz", + "integrity": "sha512-FS8hQ12acieG2dYSksmLOF7BNxnVf2afRJdCuM1eMSxj6QTSE6G4InGF7oApGgDb65MX7AwMVlIkpru0yZA4Xw==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright": "1.53.2" + "playwright": "1.54.1" }, "bin": { "playwright": "cli.js" @@ -12002,13 +12002,13 @@ } }, "node_modules/playwright": { - "version": "1.53.2", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.53.2.tgz", - "integrity": "sha512-6K/qQxVFuVQhRQhFsVZ9fGeatxirtrpPgxzBYWyZLEXJzqYwuL4fuNmfOfD5et1tJE4GScKyPNeLhZeRwuTU3A==", + "version": "1.54.1", + "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.54.1.tgz", + "integrity": "sha512-peWpSwIBmSLi6aW2auvrUtf2DqY16YYcCMO8rTVx486jKmDTJg7UAhyrraP98GB8BoPURZP8+nxO7TSd4cPr5g==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright-core": "1.53.2" + "playwright-core": "1.54.1" }, "bin": { "playwright": "cli.js" @@ -12021,9 +12021,9 @@ } }, "node_modules/playwright-core": { - "version": "1.53.2", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.53.2.tgz", - "integrity": "sha512-ox/OytMy+2w1jcYEYlOo1Hhp8hZkLCximMTUTMBXjGUA1KoFfiSZ+DU+3a739jsPY0yoKH2TFy9S2fsJas8yAw==", + "version": "1.54.1", + "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.54.1.tgz", + "integrity": "sha512-Nbjs2zjj0htNhzgiy5wu+3w09YetDx5pkrpI/kZotDlDUaYk0HVA5xrBVPdow4SAUIlhgKcJeJg4GRKW6xHusA==", "dev": true, "license": "Apache-2.0", "bin": { diff --git a/package.json b/package.json index 0b65f75026..b0ce447b2b 100644 --- a/package.json +++ b/package.json @@ -62,7 +62,7 @@ "devDependencies": { "@axe-core/playwright": "4.10.2", "@eslint-community/eslint-plugin-eslint-comments": "4.5.0", - "@playwright/test": "1.53.2", + "@playwright/test": "1.54.1", "@stoplight/spectral-cli": "6.15.0", "@stylistic/eslint-plugin": "5.1.0", "@stylistic/stylelint-plugin": "3.1.3", From b705cfcdd8041e2d38c6b4a2d95043029ec3c97d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 19 Jul 2025 02:03:07 +0200 Subject: [PATCH 10/20] Update linters (forgejo) (#8560) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- package-lock.json | 185 ++++++++++++++++++++++------------------------ package.json | 8 +- 2 files changed, 91 insertions(+), 102 deletions(-) diff --git a/package-lock.json b/package-lock.json index fdcc21c71a..dbf23af045 100644 --- a/package-lock.json +++ b/package-lock.json @@ -65,13 +65,13 @@ "@eslint-community/eslint-plugin-eslint-comments": "4.5.0", "@playwright/test": "1.54.1", "@stoplight/spectral-cli": "6.15.0", - "@stylistic/eslint-plugin": "5.1.0", + "@stylistic/eslint-plugin": "5.2.0", "@stylistic/stylelint-plugin": "3.1.3", "@vitejs/plugin-vue": "6.0.0", "@vitest/coverage-v8": "3.2.4", "@vitest/eslint-plugin": "1.3.4", "@vue/test-utils": "2.4.6", - "eslint": "9.30.1", + "eslint": "9.31.0", "eslint-import-resolver-typescript": "4.4.4", "eslint-plugin-array-func": "5.0.2", "eslint-plugin-import-x": "4.16.1", @@ -92,13 +92,13 @@ "markdownlint-cli": "0.45.0", "postcss-html": "1.8.0", "sharp": "0.34.3", - "stylelint": "16.21.1", + "stylelint": "16.22.0", "stylelint-declaration-block-no-ignored-properties": "2.8.0", "stylelint-declaration-strict-value": "1.10.11", "stylelint-value-no-unknown-custom-properties": "6.0.1", "svgo": "4.0.0", "typescript": "5.8.3", - "typescript-eslint": "8.35.1", + "typescript-eslint": "8.37.0", "vite-string-plugin": "1.4.6", "vitest": "3.2.4" }, @@ -1075,9 +1075,9 @@ } }, "node_modules/@eslint/core": { - "version": "0.14.0", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.14.0.tgz", - "integrity": "sha512-qIbV0/JZr7iSDjqAc60IqbLdsj9GDt16xQtWD+B78d/HAlvysGdZZ6rpJHGAc2T0FQx1X6thsSPdnoiGKdNtdg==", + "version": "0.15.1", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.1.tgz", + "integrity": "sha512-bkOp+iumZCCbt1K1CmWf0R9pM5yKpDv+ZXtvSyQpudrI9kuFLp+bM2WOPXImuD/ceQuaa8f5pj93Y7zyECIGNA==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -1162,9 +1162,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.30.1", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.30.1.tgz", - "integrity": "sha512-zXhuECFlyep42KZUhWjfvsmXGX39W8K8LFb8AWXM9gSV9dQB+MrJGLKvW6Zw0Ggnbpw0VHTtrhFXYe3Gym18jg==", + "version": "9.31.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.31.0.tgz", + "integrity": "sha512-LOm5OVt7D4qiKCqoiPbA7LWmI+tbw1VbTUowBcUMgQSuM6poJufkFkYDcQpo5KfgD39TnNySV26QjOh7VFpSyw==", "dev": true, "license": "MIT", "engines": { @@ -1198,19 +1198,6 @@ "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, - "node_modules/@eslint/plugin-kit/node_modules/@eslint/core": { - "version": "0.15.1", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.1.tgz", - "integrity": "sha512-bkOp+iumZCCbt1K1CmWf0R9pM5yKpDv+ZXtvSyQpudrI9kuFLp+bM2WOPXImuD/ceQuaa8f5pj93Y7zyECIGNA==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "@types/json-schema": "^7.0.15" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - } - }, "node_modules/@github/combobox-nav": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/@github/combobox-nav/-/combobox-nav-2.3.1.tgz", @@ -3089,18 +3076,18 @@ } }, "node_modules/@stylistic/eslint-plugin": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/@stylistic/eslint-plugin/-/eslint-plugin-5.1.0.tgz", - "integrity": "sha512-TJRJul4u/lmry5N/kyCU+7RWWOk0wyXN+BncRlDYBqpLFnzXkd7QGVfN7KewarFIXv0IX0jSF/Ksu7aHWEDeuw==", + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@stylistic/eslint-plugin/-/eslint-plugin-5.2.0.tgz", + "integrity": "sha512-RCEdbREv9EBiToUBQTlRhVYKG093I6ZnnQ990j08eJ6uRZh71DXkOnoxtTLfDQ6utVCVQzrhZFHZP0zfrfOIjA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/types": "^8.34.1", + "@typescript-eslint/types": "^8.37.0", "eslint-visitor-keys": "^4.2.1", "espree": "^10.4.0", "estraverse": "^5.3.0", - "picomatch": "^4.0.2" + "picomatch": "^4.0.3" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3110,9 +3097,9 @@ } }, "node_modules/@stylistic/eslint-plugin/node_modules/picomatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", - "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "dev": true, "license": "MIT", "engines": { @@ -3585,17 +3572,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.35.1.tgz", - "integrity": "sha512-9XNTlo7P7RJxbVeICaIIIEipqxLKguyh+3UbXuT2XQuFp6d8VOeDEGuz5IiX0dgZo8CiI6aOFLg4e8cF71SFVg==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.37.0.tgz", + "integrity": "sha512-jsuVWeIkb6ggzB+wPCsR4e6loj+rM72ohW6IBn2C+5NCvfUVY8s33iFPySSVXqtm5Hu29Ne/9bnA0JmyLmgenA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.35.1", - "@typescript-eslint/type-utils": "8.35.1", - "@typescript-eslint/utils": "8.35.1", - "@typescript-eslint/visitor-keys": "8.35.1", + "@typescript-eslint/scope-manager": "8.37.0", + "@typescript-eslint/type-utils": "8.37.0", + "@typescript-eslint/utils": "8.37.0", + "@typescript-eslint/visitor-keys": "8.37.0", "graphemer": "^1.4.0", "ignore": "^7.0.0", "natural-compare": "^1.4.0", @@ -3609,7 +3596,7 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.35.1", + "@typescript-eslint/parser": "^8.37.0", "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <5.9.0" } @@ -3625,16 +3612,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.35.1.tgz", - "integrity": "sha512-3MyiDfrfLeK06bi/g9DqJxP5pV74LNv4rFTyvGDmT3x2p1yp1lOd+qYZfiRPIOf/oON+WRZR5wxxuF85qOar+w==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.37.0.tgz", + "integrity": "sha512-kVIaQE9vrN9RLCQMQ3iyRlVJpTiDUY6woHGb30JDkfJErqrQEmtdWH3gV0PBAfGZgQXoqzXOO0T3K6ioApbbAA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.35.1", - "@typescript-eslint/types": "8.35.1", - "@typescript-eslint/typescript-estree": "8.35.1", - "@typescript-eslint/visitor-keys": "8.35.1", + "@typescript-eslint/scope-manager": "8.37.0", + "@typescript-eslint/types": "8.37.0", + "@typescript-eslint/typescript-estree": "8.37.0", + "@typescript-eslint/visitor-keys": "8.37.0", "debug": "^4.3.4" }, "engines": { @@ -3650,14 +3637,14 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.35.1.tgz", - "integrity": "sha512-VYxn/5LOpVxADAuP3NrnxxHYfzVtQzLKeldIhDhzC8UHaiQvYlXvKuVho1qLduFbJjjy5U5bkGwa3rUGUb1Q6Q==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.37.0.tgz", + "integrity": "sha512-BIUXYsbkl5A1aJDdYJCBAo8rCEbAvdquQ8AnLb6z5Lp1u3x5PNgSSx9A/zqYc++Xnr/0DVpls8iQ2cJs/izTXA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.35.1", - "@typescript-eslint/types": "^8.35.1", + "@typescript-eslint/tsconfig-utils": "^8.37.0", + "@typescript-eslint/types": "^8.37.0", "debug": "^4.3.4" }, "engines": { @@ -3672,14 +3659,14 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.35.1.tgz", - "integrity": "sha512-s/Bpd4i7ht2934nG+UoSPlYXd08KYz3bmjLEb7Ye1UVob0d1ENiT3lY8bsCmik4RqfSbPw9xJJHbugpPpP5JUg==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.37.0.tgz", + "integrity": "sha512-0vGq0yiU1gbjKob2q691ybTg9JX6ShiVXAAfm2jGf3q0hdP6/BruaFjL/ManAR/lj05AvYCH+5bbVo0VtzmjOA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.35.1", - "@typescript-eslint/visitor-keys": "8.35.1" + "@typescript-eslint/types": "8.37.0", + "@typescript-eslint/visitor-keys": "8.37.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3690,9 +3677,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.35.1.tgz", - "integrity": "sha512-K5/U9VmT9dTHoNowWZpz+/TObS3xqC5h0xAIjXPw+MNcKV9qg6eSatEnmeAwkjHijhACH0/N7bkhKvbt1+DXWQ==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.37.0.tgz", + "integrity": "sha512-1/YHvAVTimMM9mmlPvTec9NP4bobA1RkDbMydxG8omqwJJLEW/Iy2C4adsAESIXU3WGLXFHSZUU+C9EoFWl4Zg==", "dev": true, "license": "MIT", "engines": { @@ -3707,14 +3694,15 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.35.1.tgz", - "integrity": "sha512-HOrUBlfVRz5W2LIKpXzZoy6VTZzMu2n8q9C2V/cFngIC5U1nStJgv0tMV4sZPzdf4wQm9/ToWUFPMN9Vq9VJQQ==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.37.0.tgz", + "integrity": "sha512-SPkXWIkVZxhgwSwVq9rqj/4VFo7MnWwVaRNznfQDc/xPYHjXnPfLWn+4L6FF1cAz6e7dsqBeMawgl7QjUMj4Ow==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/typescript-estree": "8.35.1", - "@typescript-eslint/utils": "8.35.1", + "@typescript-eslint/types": "8.37.0", + "@typescript-eslint/typescript-estree": "8.37.0", + "@typescript-eslint/utils": "8.37.0", "debug": "^4.3.4", "ts-api-utils": "^2.1.0" }, @@ -3731,9 +3719,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.35.1.tgz", - "integrity": "sha512-q/O04vVnKHfrrhNAscndAn1tuQhIkwqnaW+eu5waD5IPts2eX1dgJxgqcPx5BX109/qAz7IG6VrEPTOYKCNfRQ==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.37.0.tgz", + "integrity": "sha512-ax0nv7PUF9NOVPs+lmQ7yIE7IQmAf8LGcXbMvHX5Gm+YJUYNAl340XkGnrimxZ0elXyoQJuN5sbg6C4evKA4SQ==", "dev": true, "license": "MIT", "engines": { @@ -3745,16 +3733,16 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.35.1.tgz", - "integrity": "sha512-Vvpuvj4tBxIka7cPs6Y1uvM7gJgdF5Uu9F+mBJBPY4MhvjrjWGK4H0lVgLJd/8PWZ23FTqsaJaLEkBCFUk8Y9g==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.37.0.tgz", + "integrity": "sha512-zuWDMDuzMRbQOM+bHyU4/slw27bAUEcKSKKs3hcv2aNnc/tvE/h7w60dwVw8vnal2Pub6RT1T7BI8tFZ1fE+yg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.35.1", - "@typescript-eslint/tsconfig-utils": "8.35.1", - "@typescript-eslint/types": "8.35.1", - "@typescript-eslint/visitor-keys": "8.35.1", + "@typescript-eslint/project-service": "8.37.0", + "@typescript-eslint/tsconfig-utils": "8.37.0", + "@typescript-eslint/types": "8.37.0", + "@typescript-eslint/visitor-keys": "8.37.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -3807,16 +3795,16 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.35.1.tgz", - "integrity": "sha512-lhnwatFmOFcazAsUm3ZnZFpXSxiwoa1Lj50HphnDe1Et01NF4+hrdXONSUHIcbVu2eFb1bAf+5yjXkGVkXBKAQ==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.37.0.tgz", + "integrity": "sha512-TSFvkIW6gGjN2p6zbXo20FzCABbyUAuq6tBvNRGsKdsSQ6a7rnV6ADfZ7f4iI3lIiXc4F4WWvtUfDw9CJ9pO5A==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/scope-manager": "8.35.1", - "@typescript-eslint/types": "8.35.1", - "@typescript-eslint/typescript-estree": "8.35.1" + "@typescript-eslint/scope-manager": "8.37.0", + "@typescript-eslint/types": "8.37.0", + "@typescript-eslint/typescript-estree": "8.37.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3831,13 +3819,13 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.35.1.tgz", - "integrity": "sha512-VRwixir4zBWCSTP/ljEo091lbpypz57PoeAQ9imjG+vbeof9LplljsL1mos4ccG6H9IjfrVGM359RozUnuFhpw==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.37.0.tgz", + "integrity": "sha512-YzfhzcTnZVPiLfP/oeKtDp2evwvHLMe0LOy7oe+hb9KKIumLNohYS9Hgp1ifwpu42YWxhZE8yieggz6JpqO/1w==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.35.1", + "@typescript-eslint/types": "8.37.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -7302,9 +7290,9 @@ } }, "node_modules/eslint": { - "version": "9.30.1", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.30.1.tgz", - "integrity": "sha512-zmxXPNMOXmwm9E0yQLi5uqXHs7uq2UIiqEKo3Gq+3fwo1XrJ+hijAZImyF7hclW3E6oHz43Yk3RP8at6OTKflQ==", + "version": "9.31.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.31.0.tgz", + "integrity": "sha512-QldCVh/ztyKJJZLr4jXNUByx3gR+TDYZCRXEktiZoUR3PGy4qCmSbkxcIle8GEwGpb5JBZazlaJ/CxLidXdEbQ==", "dev": true, "license": "MIT", "dependencies": { @@ -7312,9 +7300,9 @@ "@eslint-community/regexpp": "^4.12.1", "@eslint/config-array": "^0.21.0", "@eslint/config-helpers": "^0.3.0", - "@eslint/core": "^0.14.0", + "@eslint/core": "^0.15.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "9.30.1", + "@eslint/js": "9.31.0", "@eslint/plugin-kit": "^0.3.1", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", @@ -13850,9 +13838,9 @@ "license": "ISC" }, "node_modules/stylelint": { - "version": "16.21.1", - "resolved": "https://registry.npmjs.org/stylelint/-/stylelint-16.21.1.tgz", - "integrity": "sha512-WCXdXnYK2tpCbebgMF0Bme3YZH/Rh/UXerj75twYo4uLULlcrLwFVdZTvTEF8idFnAcW21YUDJFyKOfaf6xJRw==", + "version": "16.22.0", + "resolved": "https://registry.npmjs.org/stylelint/-/stylelint-16.22.0.tgz", + "integrity": "sha512-SVEMTdjKNV4ollUrIY9ordZ36zHv2/PHzPjfPMau370MlL2VYXeLgSNMMiEbLGRO8RmD2R8/BVUeF2DfnfkC0w==", "dev": true, "funding": [ { @@ -14936,15 +14924,16 @@ } }, "node_modules/typescript-eslint": { - "version": "8.35.1", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.35.1.tgz", - "integrity": "sha512-xslJjFzhOmHYQzSB/QTeASAHbjmxOGEP6Coh93TXmUBFQoJ1VU35UHIDmG06Jd6taf3wqqC1ntBnCMeymy5Ovw==", + "version": "8.37.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.37.0.tgz", + "integrity": "sha512-TnbEjzkE9EmcO0Q2zM+GE8NQLItNAJpMmED1BdgoBMYNdqMhzlbqfdSwiRlAzEK2pA9UzVW0gzaaIzXWg2BjfA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/eslint-plugin": "8.35.1", - "@typescript-eslint/parser": "8.35.1", - "@typescript-eslint/utils": "8.35.1" + "@typescript-eslint/eslint-plugin": "8.37.0", + "@typescript-eslint/parser": "8.37.0", + "@typescript-eslint/typescript-estree": "8.37.0", + "@typescript-eslint/utils": "8.37.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" diff --git a/package.json b/package.json index b0ce447b2b..4f4f9d48b8 100644 --- a/package.json +++ b/package.json @@ -64,13 +64,13 @@ "@eslint-community/eslint-plugin-eslint-comments": "4.5.0", "@playwright/test": "1.54.1", "@stoplight/spectral-cli": "6.15.0", - "@stylistic/eslint-plugin": "5.1.0", + "@stylistic/eslint-plugin": "5.2.0", "@stylistic/stylelint-plugin": "3.1.3", "@vitejs/plugin-vue": "6.0.0", "@vitest/coverage-v8": "3.2.4", "@vitest/eslint-plugin": "1.3.4", "@vue/test-utils": "2.4.6", - "eslint": "9.30.1", + "eslint": "9.31.0", "eslint-import-resolver-typescript": "4.4.4", "eslint-plugin-array-func": "5.0.2", "eslint-plugin-import-x": "4.16.1", @@ -91,13 +91,13 @@ "markdownlint-cli": "0.45.0", "postcss-html": "1.8.0", "sharp": "0.34.3", - "stylelint": "16.21.1", + "stylelint": "16.22.0", "stylelint-declaration-block-no-ignored-properties": "2.8.0", "stylelint-declaration-strict-value": "1.10.11", "stylelint-value-no-unknown-custom-properties": "6.0.1", "svgo": "4.0.0", "typescript": "5.8.3", - "typescript-eslint": "8.35.1", + "typescript-eslint": "8.37.0", "vite-string-plugin": "1.4.6", "vitest": "3.2.4" }, From 8c8d6460994a9897c9df3cbfacc61c623c55e714 Mon Sep 17 00:00:00 2001 From: Gusted Date: Sat, 19 Jul 2025 15:03:10 +0200 Subject: [PATCH 11/20] fix: correct image source for quoted reply (#8565) - Since v10 replies are generated on the fly to handle quoted reply (forgejo/forgejo#5677), this means that we have to do some work to construct markdown that is equivalent to the HTML of the comment. - Images are slightly strange in the context of issues and pull requests, as Forgejo will render them in the context of the repository and as such links such as `/attachments` become `/user/repo/attachments`, the quoted reply did not take into account and would use `/user/repo/attachments` as link which means it gets transformed to `/user/repo//user/repo/attachments`. - Instead of fixing this on the backend (and maybe break some existing links), teach the quoted reply about this context and remove it from the image source before generating the markdown. Reported-by: mrwusel (via Matrix) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8565 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Beowulf Co-authored-by: Gusted Co-committed-by: Gusted --- .../repo/issue/view_content/context_menu.tmpl | 2 +- tests/e2e/fixtures/comment.yml | 4 +- tests/e2e/issue-comment.test.e2e.ts | 6 ++- web_src/js/features/repo-legacy.js | 53 +++++++++++-------- 4 files changed, 38 insertions(+), 27 deletions(-) diff --git a/templates/repo/issue/view_content/context_menu.tmpl b/templates/repo/issue/view_content/context_menu.tmpl index 6f43f768b3..8cd4a056f0 100644 --- a/templates/repo/issue/view_content/context_menu.tmpl +++ b/templates/repo/issue/view_content/context_menu.tmpl @@ -11,7 +11,7 @@ {{end}}
{{ctx.Locale.Tr "repo.issues.context.copy_link"}}
{{if and .ctxData.IsSigned (not .ctxData.Repository.IsArchived)}} -
{{ctx.Locale.Tr "repo.issues.context.quote_reply"}}
+
{{ctx.Locale.Tr "repo.issues.context.quote_reply"}}
{{if not .ctxData.UnitIssuesGlobalDisabled}}
{{ctx.Locale.Tr "repo.issues.context.reference_issue"}}
{{end}} diff --git a/tests/e2e/fixtures/comment.yml b/tests/e2e/fixtures/comment.yml index f3f8a2d8e8..ae7c850036 100644 --- a/tests/e2e/fixtures/comment.yml +++ b/tests/e2e/fixtures/comment.yml @@ -3,7 +3,7 @@ type: 0 # comment poster_id: 2 issue_id: 1 # in repo_id 1 - content: "## Lorem Ipsum\nI would like to say that **I am not appealed** that it took _so long_ for this `feature` to be [created](https://example.com) $e^{\\pi i} + 1 = 0$\n$$e^{\\pi i} + 1 = 0$$\n#1\n```js\nconsole.log('evil')\nalert('evil')\n```\n:+1: :100:" + content: "## Lorem Ipsum\nI would like to say that **I am not appealed** that it took _so long_ for this `feature` to be [created](https://example.com) $e^{\\pi i} + 1 = 0$\n$$e^{\\pi i} + 1 = 0$$\n#1\n```js\nconsole.log('evil')\nalert('evil')\n```\n:+1: :100:\n![hi there](/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)\n\nsomething something" created_unix: 946684811 updated_unix: 946684811 content_version: 1 @@ -13,7 +13,7 @@ type: 21 # code comment poster_id: 2 issue_id: 19 - content: "## Lorem Ipsum\nI would like to say that **I am not appealed** that it took _so long_ for this `feature` to be [created](https://example.com) $e^{\\pi i} + 1 = 0$\n$$e^{\\pi i} + 1 = 0$$\n#1\n```js\nconsole.log('evil')\nalert('evil')\n```\n:+1: :100:" + content: "## Lorem Ipsum\nI would like to say that **I am not appealed** that it took _so long_ for this `feature` to be [created](https://example.com) $e^{\\pi i} + 1 = 0$\n$$e^{\\pi i} + 1 = 0$$\n#1\n```js\nconsole.log('evil')\nalert('evil')\n```\n:+1: :100:\n![hi there](/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)\n\nsomething something" review_id: 1001 line: 1 tree_path: "test1.txt" diff --git a/tests/e2e/issue-comment.test.e2e.ts b/tests/e2e/issue-comment.test.e2e.ts index d2dbafafd0..2017e4563e 100644 --- a/tests/e2e/issue-comment.test.e2e.ts +++ b/tests/e2e/issue-comment.test.e2e.ts @@ -123,7 +123,8 @@ test('Quote reply', async ({page}, workerInfo) => { "> alert('evil')\n" + '> ```\n' + '> \n' + - '> :+1: :100:\n\n'); + '> :+1: :100: [![hi there](/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)](/user2/repo1/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)\n' + + '> something something\n\n'); await editorTextarea.fill(''); @@ -197,7 +198,8 @@ test('Pull quote reply', async ({page}, workerInfo) => { "> alert('evil')\n" + '> ```\n' + '> \n' + - '> :+1: :100:\n\n'); + '> :+1: :100: [![hi there](/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)](/user2/commitsonpr/attachments/3f4f4016-877b-46b3-b79f-ad24519a9cf2)\n' + + '> something something\n\n'); await editorTextarea.fill(''); }); diff --git a/web_src/js/features/repo-legacy.js b/web_src/js/features/repo-legacy.js index e6af4cbf04..66ee945d02 100644 --- a/web_src/js/features/repo-legacy.js +++ b/web_src/js/features/repo-legacy.js @@ -531,6 +531,13 @@ const filters = { } return el; }, + IMG(el, context) { + const src = el.getAttribute('src'); + if (src?.startsWith(context)) { + el.src = src.slice(context.length); + } + return el; + }, }; function hasContent(node) { @@ -538,32 +545,34 @@ function hasContent(node) { } // This code matches that of what is done by @github/quote-selection -function preprocessFragment(fragment) { - const nodeIterator = document.createNodeIterator(fragment, NodeFilter.SHOW_ELEMENT, { - acceptNode(node) { - if (node.nodeName in filters && hasContent(node)) { - return NodeFilter.FILTER_ACCEPT; +function preprocessFragment(context) { + return function(fragment) { + const nodeIterator = document.createNodeIterator(fragment, NodeFilter.SHOW_ELEMENT, { + acceptNode(node) { + if (node.nodeName in filters && hasContent(node)) { + return NodeFilter.FILTER_ACCEPT; + } + + return NodeFilter.FILTER_SKIP; + }, + }); + const results = []; + let node = nodeIterator.nextNode(); + + while (node) { + if (node instanceof HTMLElement) { + results.push(node); } - - return NodeFilter.FILTER_SKIP; - }, - }); - const results = []; - let node = nodeIterator.nextNode(); - - while (node) { - if (node instanceof HTMLElement) { - results.push(node); + node = nodeIterator.nextNode(); } - node = nodeIterator.nextNode(); - } // process deepest matches first - results.reverse(); + results.reverse(); - for (const el of results) { - el.replaceWith(filters[el.nodeName](el)); - } + for (const el of results) { + el.replaceWith(filters[el.nodeName](el, context)); + } + }; } function initRepoIssueCommentEdit() { @@ -573,7 +582,7 @@ function initRepoIssueCommentEdit() { // Quote reply $(document).on('click', '.quote-reply', async (event) => { event.preventDefault(); - const quote = new MarkdownQuote('', preprocessFragment); + const quote = new MarkdownQuote('', preprocessFragment(event.target.getAttribute('data-context'))); let editorTextArea; if (event.target.classList.contains('quote-reply-diff')) { From 1b217198978746a5e5d625cb6aaab43af1702930 Mon Sep 17 00:00:00 2001 From: 0ko <0ko@noreply.codeberg.org> Date: Sat, 19 Jul 2025 15:49:48 +0200 Subject: [PATCH 12/20] fix(ui): remove unused rule with unused class .tight (#8573) There's no usage of `tight` across the codebase. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8573 Reviewed-by: Gusted --- web_src/css/base.css | 5 ----- 1 file changed, 5 deletions(-) diff --git a/web_src/css/base.css b/web_src/css/base.css index cbb21951b4..af23ecf2c2 100644 --- a/web_src/css/base.css +++ b/web_src/css/base.css @@ -546,11 +546,6 @@ a.label, background: var(--color-active); } -.ui.secondary.menu.tight .item { - padding-left: 0.85714286em; - padding-right: 0.85714286em; -} - /* remove the menu clearfix so that it won't add undesired gaps when using "gap" */ .ui.menu::after { content: normal; From a5f7acdd2e83f4e62369c71009483f9f71a0c564 Mon Sep 17 00:00:00 2001 From: Gusted Date: Sat, 19 Jul 2025 16:34:21 +0200 Subject: [PATCH 13/20] fix: allow for tracked time to be removed again (#8575) - `getElementById` requires a id to be passed and not a query selector, change it to `querySelector`. - Regression of forgejo/forgejo#7408 - Resolves forgejo/forgejo#8571 - Add E2E tests for adding manual tracked time and removing it. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8575 Reviewed-by: Otto Reviewed-by: 0ko <0ko@noreply.codeberg.org> Co-authored-by: Gusted Co-committed-by: Gusted --- tests/e2e/issue-timetracking.test.e2e.ts | 48 ++++++++++++++++++++++++ web_src/js/features/repo-issue.js | 2 +- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 tests/e2e/issue-timetracking.test.e2e.ts diff --git a/tests/e2e/issue-timetracking.test.e2e.ts b/tests/e2e/issue-timetracking.test.e2e.ts new file mode 100644 index 0000000000..901cbe793f --- /dev/null +++ b/tests/e2e/issue-timetracking.test.e2e.ts @@ -0,0 +1,48 @@ +// @watch start +// web_src/js/features/comp/** +// web_src/js/features/repo-** +// templates/repo/issue/view_content/* +// @watch end + +import {expect} from '@playwright/test'; +import {test, save_visual} from './utils_e2e.ts'; + +test.use({user: 'user2'}); + +test('Issue timetracking', async ({page}) => { + await page.goto('/user2/repo1/issues/new'); + + // Create temporary issue. + await page.getByPlaceholder('Title').fill('Just a title'); + await page.getByPlaceholder('Leave a comment').fill('Hi, have you considered using a rotating fish as logo?'); + await page.getByRole('button', {name: 'Create issue'}).click(); + await expect(page).toHaveURL(/\/user2\/repo1\/issues\/\d+$/); + + // Manually add time to the time tracker. + await page.getByRole('button', {name: 'Add time'}).click(); + await page.getByPlaceholder('Hours').fill('5'); + await page.getByPlaceholder('Minutes').fill('32'); + await page.getByRole('button', {name: 'Add time', exact: true}).click(); + + // Verify this was added in the timeline. + await expect(page.locator('.ui.timeline')).toContainText('added spent time'); + await expect(page.locator('.ui.timeline')).toContainText('5 hours 32 minutes'); + + // Verify it is shown in the issue sidebar + await expect(page.locator('.issue-content-right .comments')).toContainText('Total time spent: 5 hours 32 minutes'); + + await save_visual(page); + + // Delete the added time. + await page.getByRole('button', {name: 'Delete this time log'}).click(); + await page.getByRole('button', {name: 'Yes'}).click(); + + // Verify this was removed in the timeline. + await expect(page.locator('.ui.timeline')).toContainText('deleted spent time'); + await expect(page.locator('.ui.timeline')).toContainText('- 5 hours 32 minutes'); + + // Delete the issue. + await page.getByRole('button', {name: 'Delete'}).click(); + await page.getByRole('button', {name: 'Yes'}).click(); + await expect(page).toHaveURL('/user2/repo1/issues'); +}); diff --git a/web_src/js/features/repo-issue.js b/web_src/js/features/repo-issue.js index d678d9195b..84b8e42a61 100644 --- a/web_src/js/features/repo-issue.js +++ b/web_src/js/features/repo-issue.js @@ -57,7 +57,7 @@ export function initRepoIssueTimeTracking() { $(sel).modal({ duration: 200, onApprove() { - document.getElementById(`${sel} form`).requestSubmit(); + document.querySelector(`${sel} form`).requestSubmit(); }, }).modal('show'); }); From a16204d99f7498f7a85a9fd7bcdc8f7986a5ca67 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 19 Jul 2025 23:01:40 +0200 Subject: [PATCH 14/20] Update https://data.forgejo.org/actions/setup-forgejo action to v3 (forgejo) (#8562) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [https://data.forgejo.org/actions/setup-forgejo](https://code.forgejo.org/actions/setup-forgejo) | action | major | `v2.0.4` -> `v3.0.1` | --- ### Release Notes
actions/setup-forgejo (https://data.forgejo.org/actions/setup-forgejo) ### [`v3.0.1`](https://code.forgejo.org/actions/setup-forgejo/compare/v3.0.0...v3.0.1) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v3.0.0...v3.0.1) ### [`v3.0.0`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.13...v3.0.0) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.13...v3.0.0) ### [`v2.0.13`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.12...v2.0.13) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.12...v2.0.13) ### [`v2.0.12`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.11...v2.0.12) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.11...v2.0.12) ### [`v2.0.11`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.10...v2.0.11) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.10...v2.0.11) ### [`v2.0.10`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.9...v2.0.10) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.9...v2.0.10) ### [`v2.0.9`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.8...v2.0.9) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.8...v2.0.9) ### [`v2.0.8`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.7...v2.0.8) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.7...v2.0.8) ### [`v2.0.7`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.6...v2.0.7) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.6...v2.0.7) ### [`v2.0.6`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.5...v2.0.6) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.5...v2.0.6) ### [`v2.0.5`](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.4...v2.0.5) [Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v2.0.4...v2.0.5)
--- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8562 Reviewed-by: Earl Warren Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .forgejo/workflows/build-release-integration.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml index 1af6d567dd..a5f9991d45 100644 --- a/.forgejo/workflows/build-release-integration.yml +++ b/.forgejo/workflows/build-release-integration.yml @@ -28,7 +28,7 @@ jobs: - uses: https://data.forgejo.org/actions/checkout@v4 - id: forgejo - uses: https://data.forgejo.org/actions/setup-forgejo@v2.0.4 + uses: https://data.forgejo.org/actions/setup-forgejo@v3.0.1 with: user: root password: admin1234 From 4c34615e4eeb2e46e021c87d5f93bd7d6ce6de29 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 19 Jul 2025 23:08:04 +0200 Subject: [PATCH 15/20] Update dependency forgejo/release-notes-assistant to v1.3.1 (forgejo) (#8568) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [forgejo/release-notes-assistant](https://code.forgejo.org/forgejo/release-notes-assistant) | minor | `v1.2.5` -> `v1.3.1` | | [forgejo/release-notes-assistant](https://code.forgejo.org/forgejo/release-notes-assistant) | patch | `v1.3.0` -> `v1.3.1` | --- ### Release Notes
forgejo/release-notes-assistant (forgejo/release-notes-assistant) ### [`v1.3.1`](https://code.forgejo.org/forgejo/release-notes-assistant/releases/tag/v1.3.1) [Compare Source](https://code.forgejo.org/forgejo/release-notes-assistant/compare/v1.3.0...v1.3.1) - bug fixes - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/91): fix: pull requests need sort=recentupdate not just in debug output ### [`v1.3.0`](https://code.forgejo.org/forgejo/release-notes-assistant/releases/tag/v1.3.0) [Compare Source](https://code.forgejo.org/forgejo/release-notes-assistant/compare/v1.2.5...v1.3.0) - features including breaking changes - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/86): feat!: remove maximum-age option - features - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/89): feat: get pull requests modified since the last cache update - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/88): feat: add last update time to the pull request cache - other - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/90): chore: improve verbosity when obtaining pull requests - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/87): chore(cleanup): pull request handler no longer needs a bool return value - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/85): Update module golang.org/x/tools/cmd/deadcode to v0.35.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/84): Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.2.2 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/83): chore: s/GITHUB\_*/FORGEJO\_*/ & s/github./forge./ - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/82): Update dependency go to v1.24.5 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/81): Update module mvdan.cc/sh/v3/cmd/shfmt to v3.12.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/80): Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.2.1 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/79): Update module github.com/urfave/cli/v2 to v2.27.7 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/78): Update module golang.org/x/tools/cmd/deadcode to v0.34.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/77): Update dependency go to v1.24.4 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/76): Update module mvdan.cc/sh/v3/cmd/shfmt to v3.11.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/75): Update module mvdan.cc/gofumpt to v0.8.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/74): Update module golang.org/x/tools/cmd/deadcode to v0.33.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/73): Update module github.com/golangci/misspell/cmd/misspell to v0.7.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/72): Update dependency go to v1.23 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/70): Update module github.com/stretchr/testify to v1.10.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/69): Update module github.com/go-resty/resty/v2 to v2.16.5 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/68): Update https://code.forgejo.org/actions/forgejo-release action to v2.6.0 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/67): Update module github.com/urfave/cli/v2 to v2.27.6 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/66): ci: use `data.forgejo.org` - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/65): Update Node.js to v22 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/64): Update https://code.forgejo.org/actions/checkout action to v4 - [PR](https://placeholder:ca61bc9776c376e293039231cd01158c2c2f0a4f@code.forgejo.org/forgejo/release-notes-assistant/pulls/61): Configure Renovate
--- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8568 Reviewed-by: Earl Warren Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .forgejo/workflows/release-notes-assistant-milestones.yml | 2 +- .forgejo/workflows/release-notes-assistant.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/release-notes-assistant-milestones.yml b/.forgejo/workflows/release-notes-assistant-milestones.yml index 0b8a416a02..2c278c7eb5 100644 --- a/.forgejo/workflows/release-notes-assistant-milestones.yml +++ b/.forgejo/workflows/release-notes-assistant-milestones.yml @@ -6,7 +6,7 @@ on: env: RNA_WORKDIR: /srv/rna - RNA_VERSION: v1.3.0 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org + RNA_VERSION: v1.3.1 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org jobs: release-notes: diff --git a/.forgejo/workflows/release-notes-assistant.yml b/.forgejo/workflows/release-notes-assistant.yml index cdcd2e6fe4..b5eb9cd2b0 100644 --- a/.forgejo/workflows/release-notes-assistant.yml +++ b/.forgejo/workflows/release-notes-assistant.yml @@ -8,7 +8,7 @@ on: - labeled env: - RNA_VERSION: v1.2.5 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org + RNA_VERSION: v1.3.1 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org jobs: release-notes: From b83a55492117ed108e9421b92d94133b9b26d1f1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 20 Jul 2025 02:48:29 +0200 Subject: [PATCH 16/20] Update module github.com/niklasfasching/go-org to v1.9.1 (forgejo) (#8579) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8579 Reviewed-by: Gusted Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 9e0f47f968..3dab99daf8 100644 --- a/go.mod +++ b/go.mod @@ -78,7 +78,7 @@ require ( github.com/minio/minio-go/v7 v7.0.94 github.com/msteinert/pam/v2 v2.1.0 github.com/nektos/act v0.2.52 - github.com/niklasfasching/go-org v1.9.0 + github.com/niklasfasching/go-org v1.9.1 github.com/olivere/elastic/v7 v7.0.32 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 diff --git a/go.sum b/go.sum index db2a186d2c..243dd6154d 100644 --- a/go.sum +++ b/go.sum @@ -426,8 +426,8 @@ github.com/msteinert/pam/v2 v2.1.0 h1:er5F9TKV5nGFuTt12ubtqPHEUdeBwReP7vd3wovidG github.com/msteinert/pam/v2 v2.1.0/go.mod h1:KT28NNIcDFf3PcBmNI2mIGO4zZJ+9RSs/At2PB3IDVc= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/niklasfasching/go-org v1.9.0 h1:4/Sr68Qx06hjC9MVDB/4etGP67JionLHGscLMOClpnk= -github.com/niklasfasching/go-org v1.9.0/go.mod h1:ZAGFFkWvUQcpazmi/8nHqwvARpr1xpb+Es67oUGX/48= +github.com/niklasfasching/go-org v1.9.1 h1:/3s4uTPOF06pImGa2Yvlp24yKXZoTYM+nsIlMzfpg/0= +github.com/niklasfasching/go-org v1.9.1/go.mod h1:ZAGFFkWvUQcpazmi/8nHqwvARpr1xpb+Es67oUGX/48= github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0= github.com/nwaples/rardecode v1.1.3 h1:cWCaZwfM5H7nAD6PyEdcVnczzV8i/JtotnyW/dD9lEc= github.com/nwaples/rardecode v1.1.3/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0= From 95e8bbd5f0434c5c377666524a9a496ac06f783f Mon Sep 17 00:00:00 2001 From: floss4good Date: Sun, 20 Jul 2025 23:52:58 +0200 Subject: [PATCH 17/20] fix: make sure to use unaltered fields when saving a shadow copy for updated profiles or comments (#8533) Follow-up of !6977 ### Manual testing - User **S** creates an organization **O** and posts a comment **C** (on a random issue); - User **R** report as abuse the comment **C**, the organization **O** as well as the user **S**; - User **S** changes the content of comment **C** and the description of organization **O** as well as the description of their own profile; - Check (within DB) that shadow copies are being created (and linked to corresponding abuse reports) for comment **C**, organization **O** and user **S** and the content is the one from the moment when the reports were submitted (therefore before the updates made by **S**). Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8533 Reviewed-by: Gusted Co-authored-by: floss4good Co-committed-by: floss4good --- .../ModerationFeatures/abuse_report.yml | 21 +++++++ .../fixtures/ModerationFeatures/comment.yml | 7 +++ models/fixtures/ModerationFeatures/user.yml | 22 ++++++++ models/issues/comment.go | 4 +- models/issues/moderation.go | 8 ++- models/user/moderation.go | 19 +++++-- models/user/user.go | 4 +- services/issue/comments_test.go | 39 +++++++++++++ services/user/delete.go | 2 +- services/user/email.go | 2 +- services/user/user_test.go | 56 +++++++++++++++++++ 11 files changed, 173 insertions(+), 11 deletions(-) create mode 100644 models/fixtures/ModerationFeatures/abuse_report.yml create mode 100644 models/fixtures/ModerationFeatures/comment.yml create mode 100644 models/fixtures/ModerationFeatures/user.yml diff --git a/models/fixtures/ModerationFeatures/abuse_report.yml b/models/fixtures/ModerationFeatures/abuse_report.yml new file mode 100644 index 0000000000..f2e371ee35 --- /dev/null +++ b/models/fixtures/ModerationFeatures/abuse_report.yml @@ -0,0 +1,21 @@ +- + id: 1 + status: 1 + reporter_id: 2 # @user2 + content_type: 4 # Comment + content_id: 18 # user2/repo2/issues/2#issuecomment-18 + category: 2 # Spam + remarks: The comment I'm reporting is pure SPAM. + shadow_copy_id: null + created_unix: 1752697980 # 2025-07-16 20:33:00 + +- + id: 2 + status: 1 # Open + reporter_id: 2 # @user2 + content_type: 1 # User (users or organizations) + content_id: 1002 # @alexsmith + category: 2 # Spam + remarks: This user just posted a spammy comment on my issue. + shadow_copy_id: null + created_unix: 1752698010 # 2025-07-16 20:33:30 diff --git a/models/fixtures/ModerationFeatures/comment.yml b/models/fixtures/ModerationFeatures/comment.yml new file mode 100644 index 0000000000..a4d41ad997 --- /dev/null +++ b/models/fixtures/ModerationFeatures/comment.yml @@ -0,0 +1,7 @@ +- # This is a spam comment (abusive content), created for testing moderation functionalities. + id: 18 + type: 0 # Standard comment + poster_id: 1002 # @alexsmith + issue_id: 7 # user2/repo2#2 + content: If anyone needs help for promoting their business online using SEO, just contact me (check my profile page). + created_unix: 1752697860 # 2025-07-16 20:31:00 diff --git a/models/fixtures/ModerationFeatures/user.yml b/models/fixtures/ModerationFeatures/user.yml new file mode 100644 index 0000000000..662c61a3e9 --- /dev/null +++ b/models/fixtures/ModerationFeatures/user.yml @@ -0,0 +1,22 @@ +- # This user is a spammer and will create abusive content (for testing moderation functionalities). + id: 1002 + lower_name: alexsmith + name: alexsmith + full_name: Alex Smith + email: alexsmith@example.org + keep_email_private: false + passwd: passwdSalt:password + passwd_hash_algo: dummy + type: 0 + location: '@master@seo.net' + website: http://promote-your-business.biz + pronouns: SEO + salt: passwdSalt + description: I can help you promote your business online using SEO. + created_unix: 1752697800 # 2025-07-16 20:30:00 + is_active: true + is_admin: false + is_restricted: false + avatar: avatar-hash-1002 + avatar_email: alexsmith@example.org + use_custom_avatar: false diff --git a/models/issues/comment.go b/models/issues/comment.go index a81221caf4..523a6ba9b9 100644 --- a/models/issues/comment.go +++ b/models/issues/comment.go @@ -1156,7 +1156,7 @@ func UpdateComment(ctx context.Context, c *Comment, contentVersion int, doer *us defer committer.Close() // If the comment was reported as abusive, a shadow copy should be created before first update. - if err := IfNeededCreateShadowCopyForComment(ctx, c); err != nil { + if err := IfNeededCreateShadowCopyForComment(ctx, c, true); err != nil { return err } @@ -1197,7 +1197,7 @@ func DeleteComment(ctx context.Context, comment *Comment) error { e := db.GetEngine(ctx) // If the comment was reported as abusive, a shadow copy should be created before deletion. - if err := IfNeededCreateShadowCopyForComment(ctx, comment); err != nil { + if err := IfNeededCreateShadowCopyForComment(ctx, comment, false); err != nil { return err } diff --git a/models/issues/moderation.go b/models/issues/moderation.go index 635d295db0..921f770d4d 100644 --- a/models/issues/moderation.go +++ b/models/issues/moderation.go @@ -87,13 +87,19 @@ func IfNeededCreateShadowCopyForIssue(ctx context.Context, issue *Issue) error { // IfNeededCreateShadowCopyForComment checks if for the given comment there are any reports of abusive content submitted // and if found a shadow copy of relevant comment fields will be stored into DB and linked to the above report(s). // This function should be called before a comment is deleted or updated. -func IfNeededCreateShadowCopyForComment(ctx context.Context, comment *Comment) error { +func IfNeededCreateShadowCopyForComment(ctx context.Context, comment *Comment, forUpdates bool) error { shadowCopyNeeded, err := moderation.IsShadowCopyNeeded(ctx, moderation.ReportedContentTypeComment, comment.ID) if err != nil { return err } if shadowCopyNeeded { + if forUpdates { + // get the unaltered comment fields (for updates the provided variable is already altered but not yet saved) + if comment, err = GetCommentByID(ctx, comment.ID); err != nil { + return err + } + } commentData := newCommentData(comment) content, err := json.Marshal(commentData) if err != nil { diff --git a/models/user/moderation.go b/models/user/moderation.go index afda497f02..f9c16a17b3 100644 --- a/models/user/moderation.go +++ b/models/user/moderation.go @@ -73,16 +73,20 @@ var userDataColumnNames = sync.OnceValue(func() []string { // and if found a shadow copy of relevant user fields will be stored into DB and linked to the above report(s). // This function should be called before a user is deleted or updated. // +// In case the User object was already altered before calling this method, just provide the userID and +// nil for unalteredUser; when it is decided that a shadow copy should be created and unalteredUser is nil, +// the user will be retrieved from DB based on the provided userID. +// // For deletions alteredCols argument must be omitted. // // In case of updates it will first checks whether any of the columns being updated (alteredCols argument) // is relevant for moderation purposes (i.e. included in the UserData struct). -func IfNeededCreateShadowCopyForUser(ctx context.Context, user *User, alteredCols ...string) error { +func IfNeededCreateShadowCopyForUser(ctx context.Context, userID int64, unalteredUser *User, alteredCols ...string) error { // TODO: this can be triggered quite often (e.g. by routers/web/repo/middlewares.go SetDiffViewStyle()) shouldCheckIfNeeded := len(alteredCols) == 0 // no columns being updated, therefore a deletion if !shouldCheckIfNeeded { - // for updates we need to go further only if certain column are being changed + // for updates we need to go further only if certain columns are being changed for _, colName := range userDataColumnNames() { if shouldCheckIfNeeded = slices.Contains(alteredCols, colName); shouldCheckIfNeeded { break @@ -94,18 +98,23 @@ func IfNeededCreateShadowCopyForUser(ctx context.Context, user *User, alteredCol return nil } - shadowCopyNeeded, err := moderation.IsShadowCopyNeeded(ctx, moderation.ReportedContentTypeUser, user.ID) + shadowCopyNeeded, err := moderation.IsShadowCopyNeeded(ctx, moderation.ReportedContentTypeUser, userID) if err != nil { return err } if shadowCopyNeeded { - userData := newUserData(user) + if unalteredUser == nil { + if unalteredUser, err = GetUserByID(ctx, userID); err != nil { + return err + } + } + userData := newUserData(unalteredUser) content, err := json.Marshal(userData) if err != nil { return err } - return moderation.CreateShadowCopyForUser(ctx, user.ID, string(content)) + return moderation.CreateShadowCopyForUser(ctx, userID, string(content)) } return nil diff --git a/models/user/user.go b/models/user/user.go index b124572bb6..6b54776adf 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -927,7 +927,9 @@ func UpdateUserCols(ctx context.Context, u *User, cols ...string) error { // If the user was reported as abusive and any of the columns being updated is relevant // for moderation purposes a shadow copy should be created before first update. - if err := IfNeededCreateShadowCopyForUser(ctx, u, cols...); err != nil { + // Since u is already altered at this point we are sending nil instead as an argument + // so that the unaltered version will be retrieved from DB. + if err := IfNeededCreateShadowCopyForUser(ctx, u.ID, nil, cols...); err != nil { return err } diff --git a/services/issue/comments_test.go b/services/issue/comments_test.go index 8fa410c0f0..fcf06d9ec8 100644 --- a/services/issue/comments_test.go +++ b/services/issue/comments_test.go @@ -8,9 +8,11 @@ import ( "forgejo.org/models/db" issues_model "forgejo.org/models/issues" + "forgejo.org/models/moderation" "forgejo.org/models/unittest" user_model "forgejo.org/models/user" webhook_model "forgejo.org/models/webhook" + "forgejo.org/modules/json" "forgejo.org/modules/setting" "forgejo.org/modules/test" issue_service "forgejo.org/services/issue" @@ -148,3 +150,40 @@ func TestUpdateComment(t *testing.T) { unittest.AssertNotExistsBean(t, &issues_model.ContentHistory{CommentID: comment.ID}) }) } + +func TestCreateShadowCopyOnCommentUpdate(t *testing.T) { + defer unittest.OverrideFixtures("models/fixtures/ModerationFeatures")() + require.NoError(t, unittest.PrepareTestDatabase()) + + userAlexSmithID := int64(1002) + spamCommentID := int64(18) // posted by @alexsmith + abuseReportID := int64(1) // submitted for above comment + newCommentContent := "If anyone needs help, just contact me." + + // Retrieve the abusive user (@alexsmith), their SPAM comment and the abuse report already created for this comment. + poster := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userAlexSmithID}) + comment := unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{ID: spamCommentID, PosterID: poster.ID}) + report := unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReport{ + ID: abuseReportID, + ContentType: moderation.ReportedContentTypeComment, + ContentID: comment.ID, + }) + // The report should not already have a shadow copy linked. + assert.False(t, report.ShadowCopyID.Valid) + + // The abusive user is updating their comment. + oldContent := comment.Content + comment.Content = newCommentContent + require.NoError(t, issue_service.UpdateComment(t.Context(), comment, 0, poster, oldContent)) + + // Reload the report. + report = unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReport{ID: report.ID}) + // A shadow copy should have been created and linked to our report. + assert.True(t, report.ShadowCopyID.Valid) + // Retrieve the newly created shadow copy and unmarshal the stored JSON so that we can check the values. + shadowCopy := unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReportShadowCopy{ID: report.ShadowCopyID.Int64}) + shadowCopyCommentData := new(issues_model.CommentData) + require.NoError(t, json.Unmarshal([]byte(shadowCopy.RawValue), &shadowCopyCommentData)) + // Check to see if the initial content of the comment was stored within the shadow copy. + assert.Equal(t, oldContent, shadowCopyCommentData.Content) +} diff --git a/services/user/delete.go b/services/user/delete.go index 9caa24c373..bed7abde07 100644 --- a/services/user/delete.go +++ b/services/user/delete.go @@ -218,7 +218,7 @@ func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error) // ***** END: ExternalLoginUser ***** // If the user was reported as abusive, a shadow copy should be created before deletion. - if err = user_model.IfNeededCreateShadowCopyForUser(ctx, u); err != nil { + if err = user_model.IfNeededCreateShadowCopyForUser(ctx, u.ID, u); err != nil { return err } diff --git a/services/user/email.go b/services/user/email.go index 7a01fa77b3..36a1145aec 100644 --- a/services/user/email.go +++ b/services/user/email.go @@ -205,7 +205,7 @@ func MakeEmailAddressPrimary(ctx context.Context, u *user_model.User, newPrimary oldPrimaryEmail := u.Email // If the user was reported as abusive, a shadow copy should be created before first update (of certain columns). - if err = user_model.IfNeededCreateShadowCopyForUser(ctx, u, "email"); err != nil { + if err = user_model.IfNeededCreateShadowCopyForUser(ctx, u.ID, u, "email"); err != nil { return err } diff --git a/services/user/user_test.go b/services/user/user_test.go index 4678d3bc9a..36f2776ad8 100644 --- a/services/user/user_test.go +++ b/services/user/user_test.go @@ -15,10 +15,13 @@ import ( asymkey_model "forgejo.org/models/asymkey" "forgejo.org/models/auth" "forgejo.org/models/db" + "forgejo.org/models/moderation" "forgejo.org/models/organization" repo_model "forgejo.org/models/repo" "forgejo.org/models/unittest" user_model "forgejo.org/models/user" + "forgejo.org/modules/json" + "forgejo.org/modules/optional" "forgejo.org/modules/setting" "forgejo.org/modules/test" "forgejo.org/modules/timeutil" @@ -277,3 +280,56 @@ func TestDeleteInactiveUsers(t *testing.T) { unittest.AssertExistsIf(t, true, newUser) unittest.AssertExistsIf(t, true, newEmail) } + +func TestCreateShadowCopyOnUserUpdate(t *testing.T) { + defer unittest.OverrideFixtures("models/fixtures/ModerationFeatures")() + require.NoError(t, unittest.PrepareTestDatabase()) + + userAlexSmithID := int64(1002) + abuseReportID := int64(2) // submitted for @alexsmith + newDummyValue := "[REDACTED]" // used for updating profile text fields + + // Retrieve the abusive user (@alexsmith) and the abuse report already created for this user. + abuser := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userAlexSmithID}) + report := unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReport{ + ID: abuseReportID, + ContentType: moderation.ReportedContentTypeUser, + ContentID: abuser.ID, + }) + // The report should not already have a shadow copy linked. + assert.False(t, report.ShadowCopyID.Valid) + + // Keep a copy of old field values before updating them. + oldUserData := user_model.UserData{ + FullName: abuser.FullName, + Location: abuser.Location, + Website: abuser.Website, + Pronouns: abuser.Pronouns, + Description: abuser.Description, + } + + // The abusive user is updating their profile. + opts := &UpdateOptions{ + FullName: optional.Some(newDummyValue), + Location: optional.Some(newDummyValue), + Website: optional.Some(newDummyValue), + Pronouns: optional.Some(newDummyValue), + Description: optional.Some(newDummyValue), + } + require.NoError(t, UpdateUser(t.Context(), abuser, opts)) + + // Reload the report. + report = unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReport{ID: report.ID}) + // A shadow copy should have been created and linked to our report. + assert.True(t, report.ShadowCopyID.Valid) + // Retrieve the newly created shadow copy and unmarshal the stored JSON so that we can check the values. + shadowCopy := unittest.AssertExistsAndLoadBean(t, &moderation.AbuseReportShadowCopy{ID: report.ShadowCopyID.Int64}) + shadowCopyUserData := new(user_model.UserData) + require.NoError(t, json.Unmarshal([]byte(shadowCopy.RawValue), &shadowCopyUserData)) + // Check to see if the initial field values of the user were stored within the shadow copy. + assert.Equal(t, oldUserData.FullName, shadowCopyUserData.FullName) + assert.Equal(t, oldUserData.Location, shadowCopyUserData.Location) + assert.Equal(t, oldUserData.Website, shadowCopyUserData.Website) + assert.Equal(t, oldUserData.Pronouns, shadowCopyUserData.Pronouns) + assert.Equal(t, oldUserData.Description, shadowCopyUserData.Description) +} From 9b470d27096a912ca09a3b57d322231abf7ad355 Mon Sep 17 00:00:00 2001 From: 0ko <0ko@noreply.codeberg.org> Date: Mon, 21 Jul 2025 09:20:24 +0200 Subject: [PATCH 18/20] feat(ui): use simplified visibility label in dashboard orgs list (#8582) Followup to https://codeberg.org/forgejo/forgejo/pulls/6201 Label height making entry height inconsistent isn't a concern because this change makes them 2px shorter. _And they are already inconsistent._ Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8582 Reviewed-by: Gusted Reviewed-by: Otto Co-authored-by: 0ko <0ko@noreply.codeberg.org> Co-committed-by: 0ko <0ko@noreply.codeberg.org> --- web_src/js/components/DashboardRepoList.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web_src/js/components/DashboardRepoList.vue b/web_src/js/components/DashboardRepoList.vue index 35f1082a93..e8c1b76a7f 100644 --- a/web_src/js/components/DashboardRepoList.vue +++ b/web_src/js/components/DashboardRepoList.vue @@ -457,7 +457,7 @@ export default sfc; // activate the IDE's Vue plugin
{{ org.name }}
- + {{ org.org_visibility === 'limited' ? textOrgVisibilityLimited: textOrgVisibilityPrivate }}
From 6ee4dd753a717e9acd145b8b846798f820755c5d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 21 Jul 2025 09:32:04 +0200 Subject: [PATCH 19/20] Update renovate to v41.40.0 (forgejo) (#8585) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .forgejo/workflows/renovate.yml | 2 +- Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml index c127dd2eba..1be3cc0b17 100644 --- a/.forgejo/workflows/renovate.yml +++ b/.forgejo/workflows/renovate.yml @@ -28,7 +28,7 @@ jobs: runs-on: docker container: - image: data.forgejo.org/renovate/renovate:41.32.1 + image: data.forgejo.org/renovate/renovate:41.40.0 steps: - name: Load renovate repo cache diff --git a/Makefile b/Makefile index 213d7f4b0b..ea8ba4b192 100644 --- a/Makefile +++ b/Makefile @@ -47,7 +47,7 @@ GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0 # renovate: datasour GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1 # renovate: datasource=go DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.35.0 # renovate: datasource=go GOMOCK_PACKAGE ?= go.uber.org/mock/mockgen@v0.5.2 # renovate: datasource=go -RENOVATE_NPM_PACKAGE ?= renovate@41.32.1 # renovate: datasource=docker packageName=data.forgejo.org/renovate/renovate +RENOVATE_NPM_PACKAGE ?= renovate@41.40.0 # renovate: datasource=docker packageName=data.forgejo.org/renovate/renovate # https://github.com/disposable-email-domains/disposable-email-domains/commits/main/ DISPOSABLE_EMAILS_SHA ?= 0c27e671231d27cf66370034d7f6818037416989 # renovate: ... From 8fc7295869e911fa83b7efae64efd78b510c441a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 21 Jul 2025 09:40:20 +0200 Subject: [PATCH 20/20] Update https://data.forgejo.org/actions/cascading-pr action to v2.2.1 (forgejo) (#8586) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [https://data.forgejo.org/actions/cascading-pr](https://code.forgejo.org/actions/cascading-pr) | action | patch | `v2.2.0` -> `v2.2.1` | --- ### Release Notes
actions/cascading-pr (https://data.forgejo.org/actions/cascading-pr) ### [`v2.2.1`](https://code.forgejo.org/actions/cascading-pr/compare/v2.2.0...v2.2.1) [Compare Source](https://code.forgejo.org/actions/cascading-pr/compare/v2.2.0...v2.2.1)
--- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8586 Reviewed-by: Earl Warren Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .forgejo/workflows/build-release.yml | 2 +- .forgejo/workflows/cascade-setup-end-to-end.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/build-release.yml b/.forgejo/workflows/build-release.yml index 3ab63b0589..944fd68fb7 100644 --- a/.forgejo/workflows/build-release.yml +++ b/.forgejo/workflows/build-release.yml @@ -201,7 +201,7 @@ jobs: - name: end-to-end tests if: ${{ secrets.TOKEN != '' && vars.ROLE == 'forgejo-integration' && vars.SKIP_END_TO_END != 'true' }} - uses: https://data.forgejo.org/actions/cascading-pr@v2.2.0 + uses: https://data.forgejo.org/actions/cascading-pr@v2.2.1 with: origin-url: ${{ env.GITHUB_SERVER_URL }} origin-repo: ${{ github.repository }} diff --git a/.forgejo/workflows/cascade-setup-end-to-end.yml b/.forgejo/workflows/cascade-setup-end-to-end.yml index 7c8c56de13..9d613189a4 100644 --- a/.forgejo/workflows/cascade-setup-end-to-end.yml +++ b/.forgejo/workflows/cascade-setup-end-to-end.yml @@ -41,7 +41,7 @@ jobs: with: fetch-depth: '0' show-progress: 'false' - - uses: https://data.forgejo.org/actions/cascading-pr@v2.2.0 + - uses: https://data.forgejo.org/actions/cascading-pr@v2.2.1 with: origin-url: ${{ env.GITHUB_SERVER_URL }} origin-repo: ${{ github.repository }}