DmitryFrolovTri
ca9489a137
merge of upstream/main + limitsize w/o DB
2026-01-22 11:19:26 +00:00
DmitryFrolovTri
374989abcf
Merge remote-tracking branch 'upstream/main' into limit-repo-size
2026-01-21 20:09:27 +00:00
DmitryFrolovTri
c16ad5643a
refactor handling of -1 from base to business logic and UI for sizelimit working
2026-01-21 09:44:52 +00:00
DmitryFrolovTri
7942523c3f
SizeLimit w/o DB changes
2026-01-13 09:18:03 +00:00
Lunny Xiao
1771569300
Some refactor for repo path ( #36251 )
...
- Use `gitrepo.IsRepositoryExist` instead of `util.IsExit` or
`util.IsDir`
- Use `gitrepo.OpenRepository` instead of `git.OpenRepository`
- Use `gitrepo.DeleteRepository` instead of `util.RemoveAll`
- Use `gitrepo.RenameRepository` instead of `util.Rename`
2025-12-29 18:49:54 +00:00
Ivan Tkatchev
19e1997ee2
Add an option to automatically verify SSH keys from LDAP ( #35927 )
...
This pull request adds an option to automatically verify SSH keys from
LDAP authentication sources.
This allows a correct authentication and verification workflow for
LDAP-enabled organizations; under normal circumstances SSH keys in LDAP
are not managed by users manually.
2025-12-27 12:33:08 +00:00
silverwind
7b10eb20a5
Merge latest master commits and fix the translations.
...
* Bump docker/build-push-action from 5 to 6 (#36197 )
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">build
summary</a> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120 ">docker/build-push-action#1120</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132 ">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136 ">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138 ">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137 ">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/ ">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary ">
<code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 ">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0 </a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128 ">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086 ">docker/build-push-action#1086</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088 ">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105 ">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121 ">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127 ">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090 ">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 ">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 </a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080 ">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 ">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 </a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074 ">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia "><code>@favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019 ">docker/build-push-action#1019</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070 ">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057 ">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 ">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 </a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992 ">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren "><code>@elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980 ">docker/build-push-action#980</a></li>
<li>Bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991 ">docker/build-push-action#991</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990 ">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006 ">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 ">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318dhttps://redirect.github.com/docker/build-push-action/issues/1381 ">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e010bb1f27d6b5f9dbf956c0788c444d8https://redirect.github.com/docker/build-push-action/issues/1375 ">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f41dc7386353https://redirect.github.com/docker/build-push-action/issues/1364 ">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364db1f6c46e8721e8c79dehttps://github.com/docker/build-push-action/compare/v5...v6 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump aws-actions/configure-aws-credentials from 4 to 5 (#36196 )
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials )
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases ">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<p>NOTE: This release tag originally pointed to
59b441846ad109fa4a1549b73ef4e149c4bfb53b, but a critical bug was
discovered shortly after publishing. We updated this tag to
d0834ad3a60a024346910e522a81b0002bd37fea to prevent anyone using the
4.3.0 tag from encountering the bug, and we published 4.3.1 to allow
workflows to auto update correctly.</p>
<h3>Features</h3>
<ul>
<li>dependency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b05b3c89504637fe9a740bcbea70821e3f7c218721https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.0...v4.2.1 ">4.2.1</a>
(2025-05-14)</h2>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md ">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1 ">5.1.1</a>
(2025-11-24)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>release 5.1.1 (<a
href="56d6a583f0https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0 ">5.1.0</a>
(2025-10-06)</h2>
<h3>Features</h3>
<ul>
<li>Add global timeout support (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487 ">#1487</a>)
(<a
href="1584b8b0e2https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="dde9b22a8ehttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485 ">#1485</a>)
(<a
href="97ef425d73https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486 ">#1486</a>)
(<a
href="cea42985achttps://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Cleanup input handling. Changes invalid boolean input behavior (see
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add skip OIDC option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1458 ">#1458</a>)
(<a
href="8c45f6b081https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445 ">#1445</a>)
(<a
href="74b3e27aa8https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1456 ">#1456</a>)
(<a
href="c4be498953https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.0...v4.3.1 ">4.3.1</a>
(2025-08-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update readme to 4.3.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1424 ">#1424</a>)
(<a
href="be2e7ad815https://github.com/aws-actions/configure-aws-credentials/compare/v4.2.1...v4.3.0 ">4.3.0</a>
(2025-08-04)</h2>
<h3>Features</h3>
<ul>
<li>depenency update and feature cleanup (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1414 ">#1414</a>)
(<a
href="59489ba544https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1062 ">#1062</a>
<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1191 ">#1191</a></li>
<li>Optional environment variable output (<a
href="c3b3ce61b061815dcd50https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1564 ">#1564</a>)</li>
<li><a
href="56d6a583f04a54c24244https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1563 ">#1563</a>)</li>
<li><a
href="b2793c943dhttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1559 ">#1559</a>)</li>
<li><a
href="8c230bf21df7a5b07d53https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1558 ">#1558</a>)</li>
<li><a
href="730fc04382https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1555 ">#1555</a>)</li>
<li><a
href="bc0dd36aechttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1556 ">#1556</a>)</li>
<li><a
href="f2964c7281cf464951behttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1548 ">#1548</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump dev-hanz-ops/install-gh-cli-action from 0.1.0 to 0.2.1 (#36195 )
Bumps
[dev-hanz-ops/install-gh-cli-action](https://github.com/dev-hanz-ops/install-gh-cli-action )
from 0.1.0 to 0.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/releases ">dev-hanz-ops/install-gh-cli-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.1 - arm64 support</h2>
<ul>
<li>support arm64 architecture - <a
href="https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/pull/10 ">dev-hanz-ops/install-gh-cli-action#10</a>
(by <a
href="https://github.com/whatthefinemanual "><code>@whatthefinemanual</code></a>)</li>
</ul>
<h2>v0.2.0 - update to node20</h2>
<ul>
<li><a
href="8fff9050daaf38ce09b1eef2976cedhttps://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/10 ">#10</a>)</li>
<li><a
href="2d19dc38f3https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/8 ">#8</a>)</li>
<li><a
href="8fff9050da67bfd053934474568036https://redirect.github.com/dev-hanz-ops/install-gh-cli-action/issues/3 ">#3</a>)</li>
<li>See full diff in <a
href="https://github.com/dev-hanz-ops/install-gh-cli-action/compare/v0.1.0...v0.2.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Front port changelog (#36193 )
Signed-off-by: silverwind <me@silverwind.io>
Co-authored-by: silverwind <me@silverwind.io>
* Bump astral-sh/setup-uv from 6 to 7 (#36198 )
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6
to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/setup-uv/releases ">astral-sh/setup-uv's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0 🌈 node24 and a lot of bugfixes</h2>
<h2>Changes</h2>
<p>This release comes with a load of bug fixes and a speed up. Because
of switching from node20 to node24 it is also a breaking change. If you
are running on GitHub hosted runners this will just work, if you are
using self-hosted runners make sure, that your runners are up to date.
If you followed the normal installation instructions your self-hosted
runner will keep itself updated.</p>
<p>This release also removes the deprecated input
<code>server-url</code> which was used to download uv releases from a
different server.
The <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#manifest-file ">manifest-file</a>
input supersedes that functionality by adding a flexible way to define
available versions and where they should be downloaded from.</p>
<h3>Fixes</h3>
<ul>
<li>The action now respects when the environment variable
<code>UV_CACHE_DIR</code> is already set and does not overwrite it. It
now also finds <a
href="https://docs.astral.sh/uv/reference/settings/#cache-dir ">cache-dir</a>
settings in config files if you set them.</li>
<li>Some users encountered problems that <a
href="https://github.com/astral-sh/setup-uv?tab=readme-ov-file#disable-cache-pruning ">cache
pruning</a> took forever because they had some <code>uv</code> processes
running in the background. Starting with uv version <code>0.8.24</code>
this action uses <code>uv cache prune --ci --force</code> to ignore the
running processes</li>
<li>If you just want to install uv but not have it available in path,
this action now respects <code>UV_NO_MODIFY_PATH</code></li>
<li>Some other actions also set the env var <code>UV_CACHE_DIR</code>.
This action can now deal with that but as this could lead to unwanted
behavior in some edgecases a warning is now displayed.</li>
</ul>
<h3>Improvements</h3>
<p>If you are using minimum version specifiers for the version of uv to
install for example</p>
<pre lang="toml"><code>[tool.uv]
required-version = ">=0.8.17"
</code></pre>
<p>This action now detects that and directly uses the latest version.
Previously it would download all available releases from the uv repo
to determine the highest matching candidate for the version specifier,
which took much more time.</p>
<p>If you are using other specifiers like <code>0.8.x</code> this action
still needs to download all available releases because the specifier
defines an upper bound (not 0.9.0 or later) and "latest" would
possibly not satisfy that.</p>
<h2>🚨 Breaking changes</h2>
<ul>
<li>Use node24 instead of node20 <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/608 ">#608</a>)</li>
<li>Remove deprecated input server-url <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/607 ">#607</a>)</li>
</ul>
<h2>🐛 Bug fixes</h2>
<ul>
<li>Respect UV_CACHE_DIR and cache-dir <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/612 ">#612</a>)</li>
<li>Use --force when pruning cache <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/611 ">#611</a>)</li>
<li>Respect UV_NO_MODIFY_PATH <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/603 ">#603</a>)</li>
<li>Warn when <code>UV_CACHE_DIR</code> has changed <a
href="https://github.com/jamesbraza "><code>@jamesbraza</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/601 ">#601</a>)</li>
</ul>
<h2>🚀 Enhancements</h2>
<ul>
<li>Shortcut to latest version for minimum version specifier <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/598 ">#598</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>Bump dependencies <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/613 ">#613</a>)</li>
<li>Fix test-uv-no-modify-path <a
href="https://github.com/eifinger "><code>@eifinger</code></a> (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/604 ">#604</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="681c641abahttps://redirect.github.com/astral-sh/setup-uv/issues/712 ">#712</a>)</li>
<li><a
href="2e85713bb0https://redirect.github.com/astral-sh/setup-uv/issues/715 ">#715</a>)</li>
<li><a
href="58b6d7b303https://redirect.github.com/astral-sh/setup-uv/issues/716 ">#716</a>)</li>
<li><a
href="e8b52af86ehttps://redirect.github.com/astral-sh/setup-uv/issues/714 ">#714</a>)</li>
<li><a
href="ed21f2f24fhttps://redirect.github.com/astral-sh/setup-uv/issues/695 ">#695</a>)</li>
<li><a
href="93202d8fbehttps://redirect.github.com/astral-sh/setup-uv/issues/709 ">#709</a>)</li>
<li><a
href="5ce090076dhttps://redirect.github.com/astral-sh/setup-uv/issues/708 ">#708</a>)</li>
<li><a
href="4180991cd9https://redirect.github.com/astral-sh/setup-uv/issues/707 ">#707</a>)</li>
<li><a
href="0439606c8ehttps://redirect.github.com/astral-sh/setup-uv/issues/698 ">#698</a>)</li>
<li><a
href="7dd56c18e9https://redirect.github.com/astral-sh/setup-uv/issues/706 ">#706</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/setup-uv/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Disable dependabot automatic labels (#36203 )
Disable dependabot's [automatic
labels](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#labels-- ),
we have `actions/labeler` to do this job. After this is merged, I will
delete the labels `dependencies` and `github_actions` that dependabot
had created.
* Update chroma to v2.21.1 (#36201 )
https://github.com/alecthomas/chroma/releases/tag/v2.21.1
* [skip ci] Updated translations via Crowdin
* Bump setup-node to v6, re-enable cache (#36207 )
* Add JSON linting (#36192 )
Uses https://github.com/eslint/json to lint all JSON and JSONC files in the repo.
* Revert "Bump alpine to 3.23 (#36185 )" (#36202 )
Unbreak the release pipelines. The issue is caused by
https://gitlab.alpinelinux.org/alpine/aports/-/issues/17775 which
supposedly fixed in 3.23.2 and our build did use that version from what
I see, but maybe it's not fixed yet for `riscv`. We should try this
upgrade again later.
* Add date to "No Contributions" tooltip (#36190 )
Fixes https://github.com/go-gitea/gitea/issues/36188 via
52bbfd7a15https://github.com/user-attachments/assets/f06ca7d6-a141-499f-b6da-e46064a44846 "
/>
After:
<img width="292" height="78" alt="Screenshot 2025-12-18 at 17 08 36"
src="https://github.com/user-attachments/assets/b80f7391-7960-44ad-8184-ffab4c9a4ea7 "
/>
If there will be more changes in the future, we should vendor this
module.
Co-authored-by: Giteabot <teabot@gitea.io>
* Add `modifies/dependencies` label to dependabot (#36206 )
`actions/labeler` can not detect dependency updates in actions because
it works on file level, so we need to let dependabot set this label.
* Fix labeler config for stylelint (#36199 )
Followup to rename in
b8f1c9f048 (diff-cb3b3f608024ee0bd45ea10b08ca6d3fcf40523a3d40182a438937231d8b8072)#36194 )
Bumps
[appleboy/git-push-action](https://github.com/appleboy/git-push-action )
from 0.0.3 to 1.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/appleboy/git-push-action/releases ">appleboy/git-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.0</h2>
<h2>Changelog</h2>
<h3>Enhancements</h3>
<ul>
<li>50ae8aaf06c6fc08b3d13da3aa03deb50d970125: chore(docker): improve
overall system performance and API integration (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>feea2e25baaa5ea24a9689a8af03f229ec1dd1a2: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>5d65d1094eb0415898554ba83c4f3196778f9a85: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>b31dd8d6e7ba1e80a96a4772d8c4290fe7bac0ce: build: update base image
in Dockerfile (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>fc585cfea49d10c08f8009f674c05961a0934647: ci(goreleaser): implement
automated release process with GoReleaser (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
<li>b1e5e3d76ccb4afd43bc0859672a6f9113fa0458: ci(test): optimize CI
workflow and test configurations (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>8f1f45876617e5d74085a38164c421be39f099b3: docs(readme): refactor
codebase and improve test coverage (<a
href="https://github.com/appleboy "><code>@appleboy</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b1e5e3d76c8f1f458766fc585cfea450ae8aaf06b31dd8d6e75d65d1094efeea2e25bahttps://github.com/appleboy/git-push-action/compare/v0.0.3...v1.0.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump crowdin/github-action from 1 to 2 (#36204 )
Bumps [crowdin/github-action](https://github.com/crowdin/github-action )
from 1 to 2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crowdin/github-action/releases ">crowdin/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.0</h2>
<h2>What's Changed</h2>
<h3>Features</h3>
<ul>
<li>Now the Action uses the new <a
href="https://crowdin.github.io/crowdin-cli/blog/2024/05/28/cli-v4 ">CLI
v4</a></li>
</ul>
<h3>Deprecations</h3>
<p>Removed deprecated options:</p>
<ul>
<li><code>add_crowdin_branch</code></li>
<li><code>new_branch_title</code></li>
<li><code>new_branch_export_pattern</code></li>
<li><code>new_branch_priority</code></li>
<li><code>delete_crowdin_branch</code></li>
</ul>
<p>Instead, use the <code>command: branch add <name></code> to
create a new branch.</p>
<ul>
<li><code>identity</code> - this option doesn't make much sense in the
context of the GitHub action, where environment variables are a de facto
standard for credentials loading.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.4...v2.0.0 ">https://github.com/crowdin/github-action/compare/v1.20.4...v2.0.0 </a></p>
<h2>v1.20.4</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.4 ">3.19.4</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
<li>ci: upgrade actions by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a>
in <a
href="https://redirect.github.com/crowdin/github-action/pull/226 ">crowdin/github-action#226</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.3...v1.20.4 ">https://github.com/crowdin/github-action/compare/v1.20.3...v1.20.4 </a></p>
<h2>v1.20.3</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.3 ">3.19.3</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
<li>chore: deprecate the 'identity' option by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a>
in <a
href="https://redirect.github.com/crowdin/github-action/pull/224 ">crowdin/github-action#224</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.2...v1.20.3 ">https://github.com/crowdin/github-action/compare/v1.20.2...v1.20.3 </a></p>
<h2>v1.20.2</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI <a
href="https://github.com/crowdin/crowdin-cli/releases/tag/3.19.2 ">3.19.2</a>
by <a
href="https://github.com/andrii-bodnar "><code>@andrii-bodnar</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crowdin/github-action/compare/v1.20.1...v1.20.2 ">https://github.com/crowdin/github-action/compare/v1.20.1...v1.20.2 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60debf382ehttps://redirect.github.com/crowdin/github-action/issues/298 ">#298</a>)</li>
<li><a
href="96b44e669708713f00a5https://redirect.github.com/crowdin/github-action/issues/294 ">#294</a>)</li>
<li><a
href="fb221ac1c8https://redirect.github.com/crowdin/github-action/issues/291 ">#291</a>)</li>
<li><a
href="0749939f639787f4fcb6590c05e09a9fd07c1c5b297234bae037201e27eehttps://redirect.github.com/crowdin/github-action/issues/283 ">#283</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/crowdin/github-action/compare/v1...v2 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: silverwind <me@silverwind.io>
* Convert locale files from ini to json format (#35489 )
Migrate from the current INI format to JSON for translations. JSON is
widely supported, including by platforms such as Crowdin and Weblate.
* [skip ci] Updated translations via Crowdin
* Fix regression in writing authorized principals (#36213 )
Add additional logic with tests to restore the
previous behaviour when writing the principals file.
Fixes : #36212
---------
Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Show edit page confirmation dialog on tree view file change (#36130 )
Currently, when editing or deleting a file and the edit/commit form has
changes, navigating the file tree will discard all changes without any
warning. This PR prevents partial reloading when the edit form has
unsaved changes, which will trigger a browser native warning dialog.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: silverwind <me@silverwind.io>
Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Sebastian Ertz <sebastian.ertz@gmx.de>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: Peter Verraedt <peter.verraedt@kuleuven.be>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: bytedream <me@bytedream.dev>
2025-12-24 07:29:36 +00:00
Lunny Xiao
ffea9a27c3
Convert locale files from ini to json format ( #35489 )
...
Migrate from the current INI format to JSON for translations. JSON is
widely supported, including by platforms such as Crowdin and Weblate.
2025-12-19 09:50:48 -08:00
DmitryFrolovTri
624fe24693
refactor to remove ENABLE_SIZE_LIMIT option and replace it with -1 in the config.
2025-12-18 19:06:11 +00:00
DmitryFrolovTri
4ef0f996b3
LFSSize and related features
2025-12-18 12:52:27 +00:00
DmitryFrolovTri
56d388e111
refactor messages and admin settings to latest gitea
2025-12-12 15:19:57 +00:00
DmitryFrolovTri
ef94e79941
Merge remote-tracking branch 'upstream/main' into limit-repo-size
2025-12-09 12:40:19 +00:00
Lunny Xiao
5340db4dbe
Fix bug when updating user email ( #36058 )
...
Fix #20390
We should use `ReplacePrimaryEmailAddress` instead of
`AdminAddOrSetPrimaryEmailAddress` when modify user's email from admin
panel. And also we need a database transaction to keep deletion and
insertion succeed at the same time.
2025-12-01 23:50:10 +00:00
Andrew Melnick
688430e3ce
Allow admins to rename non-local users ( #35970 )
...
Presently, attempting to rename a non-local (e.g. Oauth2 or LDAP) user
results in an error, even if the requester is an administrator. As far
as I can tell, this is a security feature, not architectural in nature,
as automatic account linking could be used to take control of another
user's account. This is not a concern for an administrator, who we
should trust to know what they are doing.
This patch allows admins, and only admins, to rename non-local users.
Fixes https://github.com/go-gitea/gitea/issues/18308 (sort of)
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-11-23 20:59:55 +00:00
Zettat123
c9beb0b01f
Support actions and reusable workflows from private repos ( #32562 )
...
Resolve https://gitea.com/gitea/act_runner/issues/102
This PR allows administrators of a private repository to specify some
collaborative owners. The repositories of collaborative owners will be
allowed to access this repository's actions and workflows.
Settings for private repos:
---
This PR also moves "Enable Actions" setting to `Actions > General` page
<img width="960" alt="image"
src="https://github.com/user-attachments/assets/49337ec2-afb1-4a67-8516-5c9ef0ce05d4 "
/>
<img width="960" alt="image"
src="https://github.com/user-attachments/assets/f58ee6d5-17f9-4180-8760-a78e859f1c37 "
/>
---------
Signed-off-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
2025-10-25 17:37:33 +00:00
Lunny Xiao
3e3c36bc30
split admin config settings templates to make it maintain easier ( #35294 )
2025-09-04 15:42:26 +00:00
wxiaoguang
e837c998b7
Fix context usages ( #35348 )
2025-08-27 11:00:01 +00:00
techknowlogick
a2d88cd597
Remove deprecated auth sources ( #35272 )
...
Entra ID users should use the OIDC oauth2 provider.
They will still be shown if the instance has a previous Azure AD source
configured.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-08-23 20:39:05 +00:00
Ilya Nurullin
e844a41248
Use configurable remote name for git commands ( #35172 )
...
Closes #19403 , and makes it possible to use any remote name in code
snippets for an empty repository and pull request.
This change is very helpful to me, because I always use different name
for my gitea remote.
Uses setting config module to store the value. Default is `origin` for
backward compatibility.
### Screenshots
<details>
<summary>Empty repo</summary>
<img width="791" height="398" alt="image"
src="https://github.com/user-attachments/assets/7214053d-a8dd-4e77-8c9d-78936d9859e0 "
/>
</details>
<details>
<summary>Pull Request</summary>
<img width="591" height="452" alt="image"
src="https://github.com/user-attachments/assets/ebc3d25c-5d6d-481d-819d-9706af3c5594 "
/>
</details>
<details>
<summary>Settings page</summary>
<img width="1438" height="839" alt="image"
src="https://github.com/user-attachments/assets/d92bfa2c-7adc-4efe-95fa-0c55ad13b3f5 "
/>
</details>
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-08-21 10:14:35 -07:00
wxiaoguang
a5a3d9b101
Refactor OpenIDConnect to support SSH/FullName sync ( #34978 )
...
* Fix #26585
* Fix #28327
* Fix #34932
2025-07-10 18:35:59 +00:00
TheFox0x7
aa9d86745a
enforce explanation for necessary nolints and fix bugs ( #34883 )
...
Follows up https://github.com/go-gitea/gitea/pull/34851
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-27 21:48:03 +08:00
silverwind
1f35435b81
Run gopls modernize on codebase ( #34751 )
...
Recent modernize fixes:
https://github.com/golang/tools/commits/master/gopls/internal/analysis/modernize
2025-06-18 01:48:09 +00:00
wxiaoguang
0082cb51fa
Fix last admin check when syncing users ( #34649 )
...
Fix #34358
2025-06-09 20:57:45 +00:00
wxiaoguang
f6041441ee
Refactor FindOrgOptions to use enum instead of bool, fix membership visibility ( #34629 )
2025-06-09 03:30:34 +00:00
Philip Peterson
c5e78fc7ad
Do not mutate incoming options to SearchRepositoryByName ( #34553 )
...
Similar to #34544 , this PR changes the `opts` argument in
`SearchRepositoryByName()` to be passed by value instead of by pointer,
as its mutations do not escape the function scope and are not used
elsewhere. This simplifies reasoning about the function and avoids
unnecessary pointer usage.
This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.
---------
Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
2025-06-02 17:33:25 +00:00
Philip Peterson
b0936f4f41
Do not mutate incoming options to RenderUserSearch and SearchUsers ( #34544 )
...
This PR changes the `opts` argument in `SearchUsers()` to be passed by
value instead of by pointer, as its mutations do not escape the function
scope and are not used elsewhere. This simplifies reasoning about the
function and avoids unnecessary pointer usage.
This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.
Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
2025-05-27 19:36:02 +00:00
wxiaoguang
0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) ( #34187 )
...
Fix #880
Design:
1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
wxiaoguang
9705adb27f
Make public URL generation configurable ( #34250 )
...
Follow up #32564
Co-authored-by: Jannis Pohl <838818+jannispl@users.noreply.github.com>
Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2025-04-22 06:49:37 +08:00
Jannis Pohl
d1a3bd6814
Make ROOT_URL support using request Host header ( #32564 )
...
Resolve #32554
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-20 11:43:48 +00:00
TheFox0x7
ee3c82f874
Enable addtional linters ( #34085 )
...
enable mirror, usestdlibbars and perfsprint
part of: https://github.com/go-gitea/gitea/issues/34083
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-01 10:14:01 +00:00
TheFox0x7
0fde8ecd55
Enable testifylint rules ( #34075 )
...
enable testifylint rules disabled in:
https://github.com/go-gitea/gitea/pull/34054
2025-03-31 01:53:48 -04:00
Lunny Xiao
25b6f38865
Move ParseBool to optional ( #33979 )
2025-03-24 03:53:30 +00:00
wxiaoguang
f35850f48e
Refactor error system ( #33610 )
2025-02-16 22:13:17 -08:00
wxiaoguang
7069369e03
Support performance trace ( #32973 )
...
1. Add a OpenTelemetry-like shim-layer to collect traces
2. Add a simple builtin trace collector and exporter, end users could
download the diagnosis report to get the traces.
This PR's design is quite lightweight, no hard-dependency, and it is
easy to improve or remove. We can try it on gitea.com first to see
whether it works well, and fine tune the details.
---------
Co-authored-by: silverwind <me@silverwind.io>
2025-01-21 18:57:07 +00:00
wxiaoguang
2564c15cb0
Remove some unnecessary template helpers ( #33069 )
...
DisableGitHooks and DisableImportLocal are only used when editing a
user, so only set them in `editUserCommon`
2025-01-01 18:02:34 +08:00
wxiaoguang
cd1b5488a3
Refactor pagination ( #33037 )
...
I am sure the simple approach should work, let's try it in 1.24
Follow #29834 and #29841
2024-12-30 01:57:38 +00:00
wxiaoguang
2a828e2798
Clarify path param naming ( #32969 )
...
In history (from some legacy frameworks), both `:name` and `name` are
supported as path path name, `:name` is an alias to `name`.
To make code consistent, now we should only use `name` but not `:name`.
Also added panic check in related functions to make sure the name won't
be abused in case some downstreams still use them.
2024-12-24 13:47:45 +00:00
wxiaoguang
a163c53a60
Refactor template & test related code ( #32938 )
...
Move some legacy code from "base" package to proper packages.
2024-12-22 15:33:19 +00:00
Lunny Xiao
751fe8b714
Move some errors to their own sub packages ( #32880 )
2024-12-20 18:05:29 +00:00
wxiaoguang
0f4b0cf892
Refactor some frontend problems ( #32646 )
...
1. correct the modal usage on "admin email list" page (then
`web_src/js/features/admin/emails.ts` is removed)
2. use `addDelegatedEventListener` instead of `jQuery().on`
3. more jQuery related changes and remove jQuery from
`web_src/js/features/common-button.ts`
4. improve `confirmModal` to make it support header, and remove
incorrect double-escaping
5. fix more typescript related types
6. fine tune devtest pages and add more tests
2024-11-26 15:36:55 +00:00
Lunny Xiao
c2217670dd
Move admin routers from /admin to /-/admin ( #32189 )
...
Resolve #32181
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-10 04:56:49 +00:00
techknowlogick
f183783baa
Save initial signup information for users to aid in spam prevention ( #31852 )
...
This will allow instance admins to view signup pattern patterns for
public instances. It is modelled after discourse, mastodon, and
MediaWiki's approaches.
Note: This has privacy implications, but as the above-stated open-source
projects take this approach, especially MediaWiki, which I have no doubt
looked into this thoroughly, it is likely okay for us, too. However, I
would be appreciative of any feedback on how this could be improved.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
2024-09-09 17:05:16 -04:00
techknowlogick
748dbd012f
Merge remote-tracking branch 'upstream/main' into limit-repo-size
2024-09-07 15:21:12 -04:00
Denys Konovalov
83f37f6302
Remove urls from translations ( #31950 )
...
Part of #27700
Removes all URLs from translation strings to easy up changing them in
the future and to exclude people injecting malicious URLs through
translations. First measure as long as #24402 is out of scope.
2024-09-02 18:36:24 +00:00
yp05327
cc044818c3
Support delete user email in admin panel ( #31690 )
...
---------
Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-25 18:11:04 +08:00
wxiaoguang
43c7a2e7b1
Refactor names ( #31405 )
...
This PR only does "renaming":
* `Route` should be `Router` (and chi router is also called "router")
* `Params` should be `PathParam` (to distingush it from URL query param, and to match `FormString`)
* Use lower case for private functions to avoid exposing or abusing
2024-06-19 06:32:45 +08:00
6543
363c123598
Add cache test for admins ( #31265 )
...
Add a test to probe the cache similar to the email test func.
---------
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
2024-06-17 21:22:39 +02:00
silverwind
fc2d75f86d
Enable unparam linter ( #31277 )
...
Enable [unparam](https://github.com/mvdan/unparam ) linter.
Often I could not tell the intention why param is unused, so I put
`//nolint` for those cases like webhook request creation functions never
using `ctx`.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-06-11 18:47:45 +00:00
Lunny Xiao
b6f15c7948
Add missed return after ctx.ServerError ( #31130 )
2024-05-28 12:31:59 +03:00
wxiaoguang
339bc8bc8f
Improve reverse proxy documents and clarify the AppURL guessing behavior ( #31003 )
...
Fix #31002
1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea
2. Clarify the basic requirements and move the "general configuration" to the top
3. Add a comment for the "container registry"
4. Use 1.21 behavior if the reverse proxy is not correctly configured
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-19 14:56:08 +00:00
