Merge branch 'main' into lunny/fix_history_count

Author: lunny

.air.conf renamed to .air.toml

@@ -117,7 +117,7 @@ rules:
   import/no-amd: [0]
   import/no-anonymous-default-export: [0]
   import/no-commonjs: [0]
-  import/no-cycle: [2, {ignoreExternal: true}]
+  import/no-cycle: [2, {ignoreExternal: true, maxDepth: 1}]
   import/no-default-export: [0]
   import/no-deprecated: [0]
   import/no-dynamic-require: [0]
@@ -371,6 +371,7 @@ rules:
   unicorn/no-fn-reference-in-iterator: [0]
   unicorn/no-for-loop: [0]
   unicorn/no-hex-escape: [0]
+  unicorn/no-invalid-remove-event-listener: [2]
   unicorn/no-keyword-prefix: [0]
   unicorn/no-lonely-if: [2]
   unicorn/no-nested-ternary: [0]
@@ -385,6 +386,7 @@ rules:
   unicorn/no-unreadable-array-destructuring: [0]
   unicorn/no-unsafe-regex: [0]
   unicorn/no-unused-properties: [2]
+  unicorn/no-useless-fallback-in-spread: [2]
   unicorn/no-useless-length-check: [2]
   unicorn/no-useless-spread: [2]
   unicorn/no-useless-undefined: [0]
@@ -434,6 +436,7 @@ rules:
   unicorn/require-number-to-fixed-digits-argument: [2]
   unicorn/require-post-message-target-origin: [0]
   unicorn/string-content: [0]
+  unicorn/template-indent: [2]
   unicorn/throw-new-error: [2]
   use-isnan: [2]
   valid-typeof: [2, {requireStringLiterals: true}]

.eslintrc

@@ -352,7 +352,7 @@ watch-backend: go-check
 	@hash air > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) install github.com/cosmtrek/air@bedc18201271882c2be66d216d0e1a275b526ec4; \
 	fi
-	air -c .air.conf
+	air -c .air.toml
 
 .PHONY: test
 test: test-frontend test-backend

Makefile

@@ -80,7 +80,7 @@ func fail(userMessage, logMessage string, args ...interface{}) error {
 	fmt.Fprintln(os.Stderr, "Gitea:", userMessage)
 
 	if len(logMessage) > 0 {
-		if !setting.IsProd() {
+		if !setting.IsProd {
 			fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
 		}
 	}

cmd/serv.go

@@ -333,9 +333,16 @@ sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
 In the next step a file named `/app/gitea/gitea` (with executable permissions) needs to be created on the host. This file will issue the SSH forwarding from the host to the container. Add the following contents to `/app/gitea/gitea`:
 
 ```bash
+#!/bin/sh
 ssh -p 2222 -o StrictHostKeyChecking=no [email protected] "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
 ```
 
+Here you should also make sure that you've set the permisson of `/app/gitea/gitea` correctly:
+
+```bash
+sudo chmod +x /app/gitea/gitea
+```
+
 To make the forwarding work, the SSH port of the container (22) needs to be mapped to the host port 2222 in `docker-compose.yml` . Since this port does not need to be exposed to the outside world, it can be mapped to the `localhost` of the host machine:
 
 ```bash

docs/content/doc/installation/with-docker.en-us.md

@@ -82,7 +82,7 @@ require (
 	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/mattn/go-sqlite3 v1.14.8
 	github.com/mholt/archiver/v3 v3.5.0
-	github.com/microcosm-cc/bluemonday v1.0.15
+	github.com/microcosm-cc/bluemonday v1.0.16
 	github.com/miekg/dns v1.1.43 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
 	github.com/minio/minio-go/v7 v7.0.12

go.mod

@@ -869,8 +869,8 @@ github.com/mholt/acmez v0.1.3 h1:J7MmNIk4Qf9b8mAGqAh4XkNeowv3f1zW816yf4zt7Qk=
 github.com/mholt/acmez v0.1.3/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM=
 github.com/mholt/archiver/v3 v3.5.0 h1:nE8gZIrw66cu4osS/U7UW7YDuGMHssxKutU8IfWxwWE=
 github.com/mholt/archiver/v3 v3.5.0/go.mod h1:qqTTPUK/HZPFgFQ/TJ3BzvTpF/dPtFVJXdQbCmeMxwc=
-github.com/microcosm-cc/bluemonday v1.0.15 h1:J4uN+qPng9rvkBZBoBb8YGR+ijuklIMpSOZZLjYpbeY=
-github.com/microcosm-cc/bluemonday v1.0.15/go.mod h1:ZLvAzeakRwrGnzQEvstVzVt3ZpqOF2+sdFr0Om+ce30=
+github.com/microcosm-cc/bluemonday v1.0.16 h1:kHmAq2t7WPWLjiGvzKa5o3HzSfahUKiOq7fAPUiMNIc=
+github.com/microcosm-cc/bluemonday v1.0.16/go.mod h1:Z0r70sCuXHig8YpBzCc5eGHAap2K7e/u082ZUpDRRqM=
 github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
 github.com/miekg/dns v1.1.42/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
 github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg=

go.sum

@@ -8,8 +8,10 @@ import (
 	"fmt"
 	"net/http"
 	"testing"
+	"time"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/timeutil"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -20,6 +22,10 @@ func TestUserHeatmap(t *testing.T) {
 	normalUsername := "user2"
 	session := loginUser(t, adminUsername)
 
+	var fakeNow = time.Date(2011, 10, 20, 0, 0, 0, 0, time.Local)
+	timeutil.Set(fakeNow)
+	defer timeutil.Unset()
+
 	urlStr := fmt.Sprintf("/api/v1/users/%s/heatmap", normalUsername)
 	req := NewRequest(t, "GET", urlStr)
 	resp := session.MakeRequest(t, req, http.StatusOK)

integrations/api_user_heatmap_test.go

@@ -1,6 +1,6 @@
 export default {
   rootDir: 'web_src',
-  setupFilesAfterEnv: ['jest-extended'],
+  setupFilesAfterEnv: ['jest-extended/all'],
   testEnvironment: 'jsdom',
   testMatch: ['<rootDir>/**/*.test.js'],
   testTimeout: 20000,

jest.config.js

@@ -136,8 +136,8 @@ func NewTestEngine() (err error) {
 	}
 
 	x.SetMapper(names.GonicMapper{})
-	x.SetLogger(NewXORMLogger(!setting.IsProd()))
-	x.ShowSQL(!setting.IsProd())
+	x.SetLogger(NewXORMLogger(!setting.IsProd))
+	x.ShowSQL(!setting.IsProd)
 	return syncTables()
 }
 

models/db/engine.go

@@ -7,9 +7,11 @@ package models
 import (
 	"fmt"
 	"testing"
+	"time"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/timeutil"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -39,6 +41,10 @@ func TestGetUserHeatmapDataByUser(t *testing.T) {
 	// Prepare
 	assert.NoError(t, db.PrepareTestDatabase())
 
+	// Mock time
+	timeutil.Set(time.Date(2021, 1, 1, 0, 0, 0, 0, time.UTC))
+	defer timeutil.Unset()
+
 	for i, tc := range testCases {
 		user := db.AssertExistsAndLoadBean(t, &User{ID: tc.userID}).(*User)
 

models/user_heatmap_test.go

@@ -95,7 +95,7 @@ func (ctx *APIContext) Error(status int, title string, obj interface{}) {
 	if status == http.StatusInternalServerError {
 		log.ErrorWithSkip(1, "%s: %s", title, message)
 
-		if setting.IsProd() && !(ctx.User != nil && ctx.User.IsAdmin) {
+		if setting.IsProd && !(ctx.User != nil && ctx.User.IsAdmin) {
 			message = ""
 		}
 	}
@@ -112,7 +112,7 @@ func (ctx *APIContext) InternalServerError(err error) {
 	log.ErrorWithSkip(1, "InternalServerError: %v", err)
 
 	var message string
-	if !setting.IsProd() || (ctx.User != nil && ctx.User.IsAdmin) {
+	if !setting.IsProd || (ctx.User != nil && ctx.User.IsAdmin) {
 		message = err.Error()
 	}
 

modules/context/api.go

@@ -225,7 +225,7 @@ func (ctx *Context) NotFound(title string, err error) {
 func (ctx *Context) notFoundInternal(title string, err error) {
 	if err != nil {
 		log.ErrorWithSkip(2, "%s: %v", title, err)
-		if !setting.IsProd() {
+		if !setting.IsProd {
 			ctx.Data["ErrorMsg"] = err
 		}
 	}
@@ -261,7 +261,7 @@ func (ctx *Context) ServerError(title string, err error) {
 func (ctx *Context) serverErrorInternal(title string, err error) {
 	if err != nil {
 		log.ErrorWithSkip(2, "%s: %v", title, err)
-		if !setting.IsProd() {
+		if !setting.IsProd {
 			ctx.Data["ErrorMsg"] = err
 		}
 	}
@@ -645,7 +645,7 @@ func Contexter() func(next http.Handler) http.Handler {
 					"CurrentURL":    setting.AppSubURL + req.URL.RequestURI(),
 					"PageStartTime": startTime,
 					"Link":          link,
-					"IsProd":        setting.IsProd(),
+					"IsProd":        setting.IsProd,
 				},
 			}
 			// PageData is passed by reference, and it will be rendered to `window.config.pageData` in `head.tmpl` for JavaScript modules

modules/context/context.go

@@ -31,6 +31,9 @@ func CreateReaderAndGuessDelimiter(rd io.Reader) (*stdcsv.Reader, error) {
 	var data = make([]byte, 1e4)
 	size, err := rd.Read(data)
 	if err != nil {
+		if err == io.EOF {
+			return CreateReader(bytes.NewReader([]byte{}), rune(',')), nil
+		}
 		return nil, err
 	}
 

modules/csv/csv.go

@@ -18,7 +18,7 @@ import (
 
 // AddCacheControlToHeader adds suitable cache-control headers to response
 func AddCacheControlToHeader(h http.Header, d time.Duration) {
-	if setting.IsProd() {
+	if setting.IsProd {
 		h.Set("Cache-Control", "private, max-age="+strconv.Itoa(int(d.Seconds())))
 	} else {
 		h.Set("Cache-Control", "no-store")

modules/httpcache/httpcache.go

@@ -419,17 +419,13 @@ var (
 	PIDFile       = "/run/gitea.pid"
 	WritePIDFile  bool
 	RunMode       string
+	IsProd        bool
 	RunUser       string
 	IsWindows     bool
 	HasRobotsTxt  bool
 	InternalToken string // internal access token
 )
 
-// IsProd if it's a production mode
-func IsProd() bool {
-	return strings.EqualFold(RunMode, "prod")
-}
-
 func getAppPath() (string, error) {
 	var appPath string
 	var err error
@@ -906,6 +902,7 @@ func NewContext() {
 	// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
 	unsafeAllowRunAsRoot := Cfg.Section("").Key("I_AM_BEING_UNSAFE_RUNNING_AS_ROOT").MustBool(false)
 	RunMode = Cfg.Section("").Key("RUN_MODE").MustString("prod")
+	IsProd = strings.EqualFold(RunMode, "prod")
 	// Does not check run user when the install lock is off.
 	if InstallLock {
 		currentUser, match := IsRunUserMatchCurrentUser(RunUser)

modules/setting/setting.go

@@ -316,10 +316,66 @@ func Listen(host string, port int, ciphers []string, keyExchanges []string, macs
 		}
 	}
 
+	// Workaround slightly broken behaviour in x/crypto/ssh/handshake.go:458-463
+	//
+	// Fundamentally the issue here is that HostKeyAlgos make the incorrect assumption
+	// that the PublicKey().Type() matches the signature algorithm.
+	//
+	// Therefore we need to add duplicates for the RSA with different signing algorithms.
+	signers := make([]ssh.Signer, 0, len(srv.HostSigners))
+	for _, signer := range srv.HostSigners {
+		if signer.PublicKey().Type() == "ssh-rsa" {
+			signers = append(signers,
+				&wrapSigner{
+					Signer:    signer,
+					algorithm: gossh.SigAlgoRSASHA2512,
+				},
+				&wrapSigner{
+					Signer:    signer,
+					algorithm: gossh.SigAlgoRSASHA2256,
+				},
+			)
+		}
+		signers = append(signers, signer)
+	}
+	srv.HostSigners = signers
+
 	go listen(&srv)
 
 }
 
+// wrapSigner wraps a signer and overrides its public key type with the provided algorithm
+type wrapSigner struct {
+	ssh.Signer
+	algorithm string
+}
+
+// PublicKey returns an associated PublicKey instance.
+func (s *wrapSigner) PublicKey() gossh.PublicKey {
+	return &wrapPublicKey{
+		PublicKey: s.Signer.PublicKey(),
+		algorithm: s.algorithm,
+	}
+}
+
+// Sign returns raw signature for the given data. This method
+// will apply the hash specified for the keytype to the data using
+// the algorithm assigned for this key
+func (s *wrapSigner) Sign(rand io.Reader, data []byte) (*gossh.Signature, error) {
+	return s.Signer.(gossh.AlgorithmSigner).SignWithAlgorithm(rand, data, s.algorithm)
+}
+
+// wrapPublicKey wraps a PublicKey and overrides its type
+type wrapPublicKey struct {
+	gossh.PublicKey
+	algorithm string
+}
+
+// Type returns the algorithm
+func (k *wrapPublicKey) Type() string {
+	return k.algorithm
+}
+
 // GenKeyPair make a pair of public and private keys for SSH access.
 // Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.
 // Private Key generated is PEM encoded

modules/ssh/ssh.go

@@ -91,7 +91,7 @@ func HTMLRenderer() *render.Render {
 		Funcs:                     NewFuncMap(),
 		Asset:                     GetAsset,
 		AssetNames:                GetAssetNames,
-		IsDevelopment:             !setting.IsProd(),
+		IsDevelopment:             !setting.IsProd,
 		DisableHTTPErrorRendering: true,
 	})
 }

modules/templates/base.go

@@ -13,8 +13,24 @@ import (
 // TimeStamp defines a timestamp
 type TimeStamp int64
 
+// mock is NOT concurrency-safe!!
+var mock time.Time
+
+// Set sets the time to a mocked time.Time
+func Set(now time.Time) {
+	mock = now
+}
+
+// Unset will unset the mocked time.Time
+func Unset() {
+	mock = time.Time{}
+}
+
 // TimeStampNow returns now int64
 func TimeStampNow() TimeStamp {
+	if !mock.IsZero() {
+		return TimeStamp(mock.Unix())
+	}
 	return TimeStamp(time.Now().Unix())
 }
 

modules/timeutil/timestamp.go

@@ -927,6 +927,9 @@ star_guest_user = Sign in to star this repository.
 copy_link = Copy
 copy_link_success = Link has been copied
 copy_link_error = Use ⌘C or Ctrl-C to copy
+copy_branch = Copy
+copy_branch_success = Branch name has been copied
+copy_branch_error = Use ⌘C or Ctrl-C to copy
 copied = Copied OK
 unwatch = Unwatch
 watch = Watch

options/locale/locale_en-US.ini

@@ -2026,6 +2026,8 @@ diff.file_image_height=高さ
 diff.file_byte_size=サイズ
 diff.file_suppressed=ファイル差分が大きすぎるため省略します
 diff.file_suppressed_line_too_long=長すぎる行があるためファイル差分は表示されません
+diff.too_many_files=変更されたファイルが多すぎるため、一部のファイルは表示されません
+diff.show_more=さらに表示
 diff.generated=generated
 diff.vendored=vendored
 diff.comment.placeholder=コメントを残す