Change the OpenAPI response of `ListWorkflowRuns` to `WorkflowRunsList`
like it is supposed to be.
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Make "Issuer" strictly follow the spec (see comment)
2. Make "/.well-known/openid-configuration" respond 404 if the OAuth2
provider is not enabled.
Then by the way, remove the JSEscape template helper because it is not
needed any more.
Symlinks are followed when you click on a link next to an entry, either
until a file has been found or until we know that the link is dead.
When the link cannot be accessed, we fall back to the current behavior
of showing the document containing the target.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
enable nolintlint scope requirement
add comments to new directives so it's more obvious why they are in
place
---
I can also toggle the mandatory comments on if that's something of
interest.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Follow up the "editor" refactor, use the same approach to simplify code,
and fix some docs & comments
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
This PR fixes a state de-synchronization bug with the issue stopwatch,
it resolves the issue by replacing the ambiguous `/toggle` endpoint
with two explicit endpoints: `/start` and `/stop`.
- The "Start timer" button now exclusively calls the `/start` endpoint.
- The "Stop timer" button now exclusively calls the `/stop` endpoint.
This ensures the user's intent is clearly communicated to the server,
eliminating the state inconsistency and fixing the bug.
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#34504
Since one required context can match more than one commit statuses, we
should not directly compare the lengths of `requiredCommitStatuses` and
`requiredContexts`
---------
Signed-off-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
When viewing a file that the user can't edit because they can't write to
the branch, the new, upload, patch, edit and delete functionality is no
longer disabled.
If no user fork of the repository exists, there is now a page to create one.
It will automatically create a fork with a single branch matching the one
being viewed, and a unique repository name will be automatically picked.
When a fork exists, but it's archived, a mirror or the user can't write
code to it, there will instead be a message explaining the situation.
If the usable fork exists, a message will appear at the top of the edit page
explaining that the changes will be applied to a branch in the fork. The
base repository branch will be pushed to a new branch to the fork, and
then the edits will be applied on top.
The suggestion to fork happens when accessing /_edit/, so that for
example online documentation can have an "edit this page" link to
the base repository that does the right thing.
Also includes changes to properly report errors when trying to commit
to a new branch that is protected, and when trying to commit to an
existing branch when choosing the new branch option.
Resolves#9017, #20882
---------
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
# Fix Feishu Webhook Signature Verification
This PR implements proper signature verification for Feishu (Lark)
webhooks according to the [official
documentation](https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot).
## Changes
- Implemented the `GenSign` function based on Feishu's official Go
sample code
- Modified the webhook request creation to include timestamp and
signature in the payload when a secret is configured
- Fixed the signature generation algorithm to properly use HMAC-SHA256
with the correct string format
## Implementation Details
The signature verification works as follows:
1. When a webhook secret is provided, a timestamp is generated
2. The signature string is created using `timestamp + "\n" + secret`
3. The HMAC-SHA256 algorithm is applied to an empty string using the
signature string as the key
4. The result is Base64 encoded to produce the final signature
5. Both timestamp and signature are added to the payload
According to Feishu's documentation, the timestamp must be within 1 hour
(3600 seconds) of the current time to be considered valid.
## Security Note
Feishu emphasizes the importance of keeping webhook URLs secure. Do not
disclose them on GitHub, blogs, or any public sites to prevent
unauthorized use.
## References
- [Feishu Custom Bot
Documentation](https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot)
---------
Co-authored-by: hiifong <i@hiif.ong>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The merge-upstream route was so far performing any kind of merge, even
those that would create merge commits and thus make your branch diverge
from upstream, requiring manual intervention via the git cli to undo the
damage.
With the new optional parameter ff_only, we can instruct gitea to error
out, if a non-fast-forward merge would be performed.
Upgrade to
[v0.19.0](https://github.com/golang/tools/releases/tag/gopls%2Fv0.19.0)
and fix issues. Runs with new `warning` serverity setting. This likely
does less checks than before. Additionally, add `make fix` which runs
modernize. This is also verified on CI.
For the record, here are the issues discoverd when running with `info`
severity, in case we want to fix these:
```
tests/integration/repo_test.go:95:5-14: could use tagged switch on i
tests/integration/api_packages_generic_test.go:149:4-64: could use tagged switch on setting.Packages.Storage.Type
services/webhook/msteams_test.go:33:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:59:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:85:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:111:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:138:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:161:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:187:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:213:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:239:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:266:4-33: could use tagged switch on fact.Name
services/webhook/msteams_test.go:407:4-33: could use tagged switch on fact.Name
tests/integration/api_packages_conan_test.go:350:6-33: could use tagged switch on pf.Name
models/issues/tracked_time_test.go:98:3-18: could use tagged switch on user.ID
tests/integration/api_token_test.go:505:5-43: could use tagged switch on minRequiredLevel
services/gitdiff/gitdiff.go:220:33-46: method "getLineLegacy" is unused
```
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
1. Use `OpenXxx` instead of `GetXxx` because the returned readers should
be correctly closed, and clarify the behaviors of the functions: they
increase the download counter
2. Use `packages-content` styles instead of `issue-content`
By default, the code extracts 200 package versions. If too many packages
are generated every day or if rule cleaning is enabled later, which
means there are more than 200 versions corresponding to the library
package, it may not be cleaned up completely, resulting in residue
Fix#31961
---------
Co-authored-by: yeyuanjie <yecao100@126.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Add some missing (optional) fields for nuget v2, and sort the fields
to make it easier to maintain
2. Add missing "platform" for rubygems: `VERSION-PLATFORM` and
`VERSION_PLATFORM`
Co-authored-by: Giteabot <teabot@gitea.io>
`UpdateAllCols` is dangerous, the columns should be updated when
necessary.
This PR replaces some `updateRepository` invokes to reduce possible
problems and wrongly updated time. Some parts have been fixed in #34388,
but some are hidden in the function `updateRepository`. Alternatively,
using `UpdateRepositoryColsNoAutoTime` to update the changed columns.
Some `UpdateRepoSize` invokes are duplicated, so they will be removed
when extracting from `updateRepository`.
