From b915e6908cdf1143069edee1385e29a48557ddc2 Mon Sep 17 00:00:00 2001 From: silverwind Date: Fri, 19 Dec 2025 07:27:21 +0100 Subject: [PATCH 1/6] Add JSON linting (#36192) Uses https://github.com/eslint/json to lint all JSON and JSONC files in the repo. --- .github/workflows/files-changed.yml | 6 ++++++ .github/workflows/pull-compliance.yml | 15 ++++++++++++++ Makefile | 8 +++++++ eslint.json.config.ts | 30 +++++++++++++++++++++++++++ package.json | 1 + pnpm-lock.yaml | 20 ++++++++++++++++++ 6 files changed, 80 insertions(+) create mode 100644 eslint.json.config.ts diff --git a/.github/workflows/files-changed.yml b/.github/workflows/files-changed.yml index d18ee6e998..cbf8758ab3 100644 --- a/.github/workflows/files-changed.yml +++ b/.github/workflows/files-changed.yml @@ -19,6 +19,8 @@ on: value: ${{ jobs.detect.outputs.swagger }} yaml: value: ${{ jobs.detect.outputs.yaml }} + json: + value: ${{ jobs.detect.outputs.json }} jobs: detect: @@ -35,6 +37,7 @@ jobs: docker: ${{ steps.changes.outputs.docker }} swagger: ${{ steps.changes.outputs.swagger }} yaml: ${{ steps.changes.outputs.yaml }} + json: ${{ steps.changes.outputs.json }} steps: - uses: actions/checkout@v6 - uses: dorny/paths-filter@v3 @@ -100,3 +103,6 @@ jobs: - "**/*.yaml" - ".yamllint.yaml" - "pyproject.toml" + + json: + - "**/*.json" diff --git a/.github/workflows/pull-compliance.yml b/.github/workflows/pull-compliance.yml index a5b6c550bb..99ff95e9c6 100644 --- a/.github/workflows/pull-compliance.yml +++ b/.github/workflows/pull-compliance.yml @@ -63,6 +63,21 @@ jobs: - run: make deps-py - run: make lint-yaml + lint-json: + if: needs.files-changed.outputs.json == 'true' + needs: files-changed + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v6 + - uses: pnpm/action-setup@v4 + - uses: actions/setup-node@v5 + with: + node-version: 24 + - run: make deps-frontend + - run: make lint-json + lint-swagger: if: needs.files-changed.outputs.swagger == 'true' needs: files-changed diff --git a/Makefile b/Makefile index 4536447e86..ccd3c25da8 100644 --- a/Makefile +++ b/Makefile @@ -413,6 +413,14 @@ lint-templates: .venv node_modules ## lint template files lint-yaml: .venv ## lint yaml files @uv run --frozen yamllint -s . +.PHONY: lint-json +lint-json: node_modules ## lint json files + $(NODE_VARS) pnpm exec eslint -c eslint.json.config.ts --color --max-warnings=0 + +.PHONY: lint-json-fix +lint-json-fix: node_modules ## lint and fix json files + $(NODE_VARS) pnpm exec eslint -c eslint.json.config.ts --color --max-warnings=0 --fix + .PHONY: watch watch: ## watch everything and continuously rebuild @bash tools/watch.sh diff --git a/eslint.json.config.ts b/eslint.json.config.ts new file mode 100644 index 0000000000..45696fb79c --- /dev/null +++ b/eslint.json.config.ts @@ -0,0 +1,30 @@ +import {defineConfig, globalIgnores} from 'eslint/config'; +import json from '@eslint/json'; + +export default defineConfig([ + globalIgnores([ + '**/.venv', + '**/node_modules', + '**/public', + ]), + { + files: ['**/*.json'], + plugins: {json}, + language: 'json/json', + extends: ['json/recommended'], + }, + { + files: [ + 'tsconfig.json', + '.devcontainer/*.json', + '.vscode/*.json', + 'contrib/ide/vscode/*.json', + ], + plugins: {json}, + language: 'json/jsonc', + languageOptions: { + allowTrailingCommas: true, + }, + extends: ['json/recommended'], + }, +]); diff --git a/package.json b/package.json index 6193687593..af4ccb54d8 100644 --- a/package.json +++ b/package.json @@ -66,6 +66,7 @@ }, "devDependencies": { "@eslint-community/eslint-plugin-eslint-comments": "4.5.0", + "@eslint/json": "0.14.0", "@playwright/test": "1.57.0", "@stylistic/eslint-plugin": "5.6.1", "@stylistic/stylelint-plugin": "4.0.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 8835303925..117896c941 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -201,6 +201,9 @@ importers: '@eslint-community/eslint-plugin-eslint-comments': specifier: 4.5.0 version: 4.5.0(eslint@9.39.2(jiti@2.6.1)) + '@eslint/json': + specifier: 0.14.0 + version: 0.14.0 '@playwright/test': specifier: 1.57.0 version: 1.57.0 @@ -856,6 +859,10 @@ packages: resolution: {integrity: sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} + '@eslint/json@0.14.0': + resolution: {integrity: sha512-rvR/EZtvUG3p9uqrSmcDJPYSH7atmWr0RnFWN6m917MAPx82+zQgPUmDu0whPFG6XTyM0vB/hR6c1Q63OaYtCQ==} + engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} + '@eslint/object-schema@2.1.7': resolution: {integrity: sha512-VtAOaymWVfZcmZbp6E2mympDIHvyjXs/12LqWYjVw6qjrfF+VK+fyG33kChz3nnK+SU5/NeHOqrTEHS8sXO3OA==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} @@ -894,6 +901,10 @@ packages: resolution: {integrity: sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==} engines: {node: '>=12.22'} + '@humanwhocodes/momoa@3.3.10': + resolution: {integrity: sha512-KWiFQpSAqEIyrTXko3hFNLeQvSK8zXlJQzhhxsyVn58WFRYXST99b3Nqnu+ttOtjds2Pl2grUHGpe2NzhPynuQ==} + engines: {node: '>=18'} + '@humanwhocodes/retry@0.4.3': resolution: {integrity: sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ==} engines: {node: '>=18.18'} @@ -4815,6 +4826,13 @@ snapshots: '@eslint/js@9.39.2': {} + '@eslint/json@0.14.0': + dependencies: + '@eslint/core': 0.17.0 + '@eslint/plugin-kit': 0.4.1 + '@humanwhocodes/momoa': 3.3.10 + natural-compare: 1.4.0 + '@eslint/object-schema@2.1.7': {} '@eslint/plugin-kit@0.4.1': @@ -4846,6 +4864,8 @@ snapshots: '@humanwhocodes/module-importer@1.0.1': {} + '@humanwhocodes/momoa@3.3.10': {} + '@humanwhocodes/retry@0.4.3': {} '@iconify/types@2.0.0': {} From 0043ae0139de3e08aef408d2567f2a2546eb0517 Mon Sep 17 00:00:00 2001 From: silverwind Date: Fri, 19 Dec 2025 08:18:01 +0100 Subject: [PATCH 2/6] Revert "Bump alpine to 3.23 (#36185)" (#36202) Unbreak the release pipelines. The issue is caused by https://gitlab.alpinelinux.org/alpine/aports/-/issues/17775 which supposedly fixed in 3.23.2 and our build did use that version from what I see, but maybe it's not fixed yet for `riscv`. We should try this upgrade again later. --- Dockerfile | 4 ++-- Dockerfile.rootless | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index c272aec94d..7cee0f32d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # Build stage -FROM docker.io/library/golang:1.25-alpine3.23 AS build-env +FROM docker.io/library/golang:1.25-alpine3.22 AS build-env ARG GOPROXY=direct @@ -39,7 +39,7 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \ /tmp/local/etc/s6/.s6-svscan/* \ /go/src/code.gitea.io/gitea/gitea -FROM docker.io/library/alpine:3.23 AS gitea +FROM docker.io/library/alpine:3.22 AS gitea EXPOSE 22 3000 diff --git a/Dockerfile.rootless b/Dockerfile.rootless index 2c6abaab3c..8a6fa587e9 100644 --- a/Dockerfile.rootless +++ b/Dockerfile.rootless @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # Build stage -FROM docker.io/library/golang:1.25-alpine3.23 AS build-env +FROM docker.io/library/golang:1.25-alpine3.22 AS build-env ARG GOPROXY=direct @@ -33,7 +33,7 @@ COPY docker/rootless /tmp/local RUN chmod 755 /tmp/local/usr/local/bin/* \ /go/src/code.gitea.io/gitea/gitea -FROM docker.io/library/alpine:3.23 AS gitea-rootless +FROM docker.io/library/alpine:3.22 AS gitea-rootless EXPOSE 2222 3000 From 16aa0fcc98542a58a4dcd15bc1a5932cb7de663e Mon Sep 17 00:00:00 2001 From: silverwind Date: Fri, 19 Dec 2025 09:48:53 +0100 Subject: [PATCH 3/6] Add date to "No Contributions" tooltip (#36190) Fixes https://github.com/go-gitea/gitea/issues/36188 via https://github.com/silverwind/vue3-calendar-heatmap/commit/52bbfd7a15bb3ebbedcaae4d1f792dc3e4acc221. Before: Screenshot 2025-12-18 at 16 50 18 After: Screenshot 2025-12-18 at 17 08 36 If there will be more changes in the future, we should vendor this module. Co-authored-by: Giteabot --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index af4ccb54d8..7954e15046 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "@mcaptcha/vanilla-glue": "0.1.0-alpha-3", "@primer/octicons": "19.21.1", "@resvg/resvg-wasm": "2.6.2", - "@silverwind/vue3-calendar-heatmap": "2.0.6", + "@silverwind/vue3-calendar-heatmap": "2.1.1", "@techknowlogick/license-checker-webpack-plugin": "0.3.0", "add-asset-webpack-plugin": "3.1.1", "ansi_up": "6.0.6", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 117896c941..82d899b5fd 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -60,8 +60,8 @@ importers: specifier: 2.6.2 version: 2.6.2 '@silverwind/vue3-calendar-heatmap': - specifier: 2.0.6 - version: 2.0.6(tippy.js@6.3.7)(vue@3.5.25(typescript@5.9.3)) + specifier: 2.1.1 + version: 2.1.1(tippy.js@6.3.7)(vue@3.5.25(typescript@5.9.3)) '@techknowlogick/license-checker-webpack-plugin': specifier: 0.3.0 version: 0.3.0(webpack@5.104.0) @@ -1176,8 +1176,8 @@ packages: '@scarf/scarf@1.4.0': resolution: {integrity: sha512-xxeapPiUXdZAE3che6f3xogoJPeZgig6omHEy1rIY5WVsB3H2BHNnZH+gHG6x91SCWyQCzWGsuL2Hh3ClO5/qQ==} - '@silverwind/vue3-calendar-heatmap@2.0.6': - resolution: {integrity: sha512-efX+nf2GR7EfA7iNgZDeM9Jue5ksglSXvN0C/ja0M1bTmkCpAxKlGJ3vki7wfTPQgX1O0nCfAM62IKqUUEM0cQ==} + '@silverwind/vue3-calendar-heatmap@2.1.1': + resolution: {integrity: sha512-RQtLOpkysm0LR3PbUoc+aDcYxzy7xboygb1SQEwrUm2/XB2nmt0BEra2ADXpu4kwFxtk0+IyNwzFvbBai/wvTg==} engines: {node: '>=16'} peerDependencies: tippy.js: ^6.3.7 @@ -5078,7 +5078,7 @@ snapshots: '@scarf/scarf@1.4.0': {} - '@silverwind/vue3-calendar-heatmap@2.0.6(tippy.js@6.3.7)(vue@3.5.25(typescript@5.9.3))': + '@silverwind/vue3-calendar-heatmap@2.1.1(tippy.js@6.3.7)(vue@3.5.25(typescript@5.9.3))': dependencies: tippy.js: 6.3.7 vue: 3.5.25(typescript@5.9.3) From e06040efd87677a9d1f27b50364d53db37c5cba3 Mon Sep 17 00:00:00 2001 From: silverwind Date: Fri, 19 Dec 2025 09:49:26 +0100 Subject: [PATCH 4/6] Add `modifies/dependencies` label to dependabot (#36206) `actions/labeler` can not detect dependency updates in actions because it works on file level, so we need to let dependabot set this label. --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5ddf28b726..be33b8975f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,7 +2,7 @@ version: 2 updates: - package-ecosystem: github-actions - labels: [] + labels: [modifies/dependencies] directory: / schedule: interval: daily From 8f672cea4a9b5ee09cc04f85098e8eb74dfd49de Mon Sep 17 00:00:00 2001 From: silverwind Date: Fri, 19 Dec 2025 10:47:03 +0100 Subject: [PATCH 5/6] Fix labeler config for stylelint (#36199) Followup to rename in https://github.com/go-gitea/gitea/commit/b8f1c9f048c23cff5cd5516b14242d3d3afb618d#diff-cb3b3f608024ee0bd45ea10b08ca6d3fcf40523a3d40182a438937231d8b8072. --- .github/labeler.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index 750f2b2cfb..c940afef0c 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -46,7 +46,7 @@ modifies/internal: - ".gitpod.yml" - ".markdownlint.yaml" - ".spectral.yaml" - - "stylelint.config.js" + - "stylelint.config.ts" - ".yamllint.yaml" - ".github/**" - ".gitea/**" @@ -89,4 +89,4 @@ topic/code-linting: - ".markdownlint.yaml" - ".spectral.yaml" - ".yamllint.yaml" - - "stylelint.config.js" + - "stylelint.config.ts" From 684a5417999748b418e9dc64d90d5961096eb755 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 11:28:11 +0000 Subject: [PATCH 6/6] Bump appleboy/git-push-action from 0.0.3 to 1.0.0 (#36194) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [appleboy/git-push-action](https://github.com/appleboy/git-push-action) from 0.0.3 to 1.0.0.
Release notes

Sourced from appleboy/git-push-action's releases.

v1.0.0

Changelog

Enhancements

  • 50ae8aaf06c6fc08b3d13da3aa03deb50d970125: chore(docker): improve overall system performance and API integration (@​appleboy)

Build process updates

  • feea2e25baaa5ea24a9689a8af03f229ec1dd1a2: ci: improve testing workflow and API usage (@​appleboy)
  • 5d65d1094eb0415898554ba83c4f3196778f9a85: ci: improve testing workflow and API usage (@​appleboy)
  • b31dd8d6e7ba1e80a96a4772d8c4290fe7bac0ce: build: update base image in Dockerfile (@​appleboy)
  • fc585cfea49d10c08f8009f674c05961a0934647: ci(goreleaser): implement automated release process with GoReleaser (@​appleboy)
  • b1e5e3d76ccb4afd43bc0859672a6f9113fa0458: ci(test): optimize CI workflow and test configurations (@​appleboy)

Documentation updates

  • 8f1f45876617e5d74085a38164c421be39f099b3: docs(readme): refactor codebase and improve test coverage (@​appleboy)
Commits
  • b1e5e3d ci(test): optimize CI workflow and test configurations
  • 8f1f458 docs(readme): refactor codebase and improve test coverage
  • fc585cf ci(goreleaser): implement automated release process with GoReleaser
  • 50ae8aa chore(docker): improve overall system performance and API integration
  • b31dd8d build: update base image in Dockerfile
  • 5d65d10 ci: improve testing workflow and API usage
  • feea2e2 ci: improve testing workflow and API usage
  • See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=appleboy/git-push-action&package-manager=github_actions&previous-version=0.0.3&new-version=1.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/cron-licenses.yml | 2 +- .github/workflows/cron-translations.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cron-licenses.yml b/.github/workflows/cron-licenses.yml index a8be1ffa59..c5dd70a1f8 100644 --- a/.github/workflows/cron-licenses.yml +++ b/.github/workflows/cron-licenses.yml @@ -20,7 +20,7 @@ jobs: - run: make generate-gitignore timeout-minutes: 40 - name: push translations to repo - uses: appleboy/git-push-action@v0.0.3 + uses: appleboy/git-push-action@v1.0.0 with: author_email: "teabot@gitea.io" author_name: GiteaBot diff --git a/.github/workflows/cron-translations.yml b/.github/workflows/cron-translations.yml index 3a012e9876..305a6f7df2 100644 --- a/.github/workflows/cron-translations.yml +++ b/.github/workflows/cron-translations.yml @@ -29,7 +29,7 @@ jobs: - name: update locales run: ./build/update-locales.sh - name: push translations to repo - uses: appleboy/git-push-action@v0.0.3 + uses: appleboy/git-push-action@v1.0.0 with: author_email: "teabot@gitea.io" author_name: GiteaBot