Merge branch 'main' into fix-pr-manually-merged

Author: wolfogre

.github/pull_request_template.md

@@ -1,9 +1,9 @@
-<!--
-
+<!-- start tips --> 
 Please check the following:
-
-1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for bug fixes.
-2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md
-3. Describe what your pull request does and which issue you're targeting (if any)
-
--->  
+1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for backports.
+2. Make sure you have read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md .
+3. Describe what your pull request does and which issue you're targeting (if any).
+4. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
+5. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
+6. Delete all these tips before posting.
+<!-- end tips -->

CHANGELOG.md

@@ -4,6 +4,43 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 
+## [1.18.4](https://github.com/go-gitea/gitea/releases/tag/1.18.4) - 2023-02-20
+
+* SECURITY
+  * Provide the ability to set password hash algorithm parameters (#22942) (#22943)
+  * Add command to bulk set must-change-password (#22823) (#22928)
+* ENHANCEMENTS
+  * Use import of OCI structs (#22765) (#22805)
+  * Fix color of tertiary button on dark theme (#22739) (#22744)
+  * Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642)
+* BUGFIXES
+  * Notify on container image create (#22806) (#22965)
+  * Fix blame view missing lines (#22826) (#22929)
+  * Fix incorrect role labels for migrated issues and comments (#22914) (#22923)
+  * Fix PR file tree folders no longer collapsing (#22864) (#22872)
+  * Escape filename when assemble URL (#22850) (#22871)
+  * Fix isAllowed of escapeStreamer (#22814) (#22837)
+  * Load issue before accessing index in merge message (#22822) (#22830)
+  * Improve trace logging for pulls and processes (#22633) (#22812)
+  * Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794)
+  * Add default user visibility to cli command "admin user create" (#22750) (#22760)
+  * Escape path for the file list (#22741) (#22757)
+  * Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721)
+  * Add missing close bracket in imagediff (#22710) (#22712)
+  * Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707)
+  * Fix line spacing for plaintext previews (#22699) (#22701)
+  * Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698)
+  * Fix README TOC links (#22577) (#22677)
+  * Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658)
+  * Improve checkIfPRContentChanged (#22611) (#22644)
+  * Prevent duplicate labels when importing more than 99 (#22591) (#22598)
+  * Don't return duplicated users who can create org repo (#22560) (#22562)
+* BUILD
+  * Upgrade golangcilint to v1.51.0 (#22764)
+* MISC
+  * Use proxy for pull mirror (#22771) (#22772)
+  * Use `--index-url` in PyPi description (#22620) (#22636)
+
 ## [1.18.3](https://github.com/go-gitea/gitea/releases/tag/v1.18.3) - 2023-01-23
 
 * SECURITY

MAINTAINERS

@@ -48,3 +48,4 @@ Xinyu Zhou <[email protected]> (@xin-u)
 Jason Song <[email protected]> (@wolfogre)
 Yarden Shoham <[email protected]> (@yardenshoham)
 Yu Tian <[email protected]> (@Zettat123)
+Eddie Yang <[email protected]> (@yp05327)

models/auth/token_scope.go

@@ -168,10 +168,23 @@ var allAccessTokenScopeBits = map[AccessTokenScope]AccessTokenScopeBitmap{
 
 // Parse parses the scope string into a bitmap, thus removing possible duplicates.
 func (s AccessTokenScope) Parse() (AccessTokenScopeBitmap, error) {
-	list := strings.Split(string(s), ",")
-
 	var bitmap AccessTokenScopeBitmap
-	for _, v := range list {
+
+	// The following is the more performant equivalent of 'for _, v := range strings.Split(remainingScope, ",")' as this is hot code
+	remainingScopes := string(s)
+	for len(remainingScopes) > 0 {
+		i := strings.IndexByte(remainingScopes, ',')
+		var v string
+		if i < 0 {
+			v = remainingScopes
+			remainingScopes = ""
+		} else if i+1 >= len(remainingScopes) {
+			v = remainingScopes[:i]
+			remainingScopes = ""
+		} else {
+			v = remainingScopes[:i]
+			remainingScopes = remainingScopes[i+1:]
+		}
 		singleScope := AccessTokenScope(v)
 		if singleScope == "" {
 			continue
@@ -187,9 +200,15 @@ func (s AccessTokenScope) Parse() (AccessTokenScopeBitmap, error) {
 		}
 		bitmap |= bits
 	}
+
 	return bitmap, nil
 }
 
+// StringSlice returns the AccessTokenScope as a []string
+func (s AccessTokenScope) StringSlice() []string {
+	return strings.Split(string(s), ",")
+}
+
 // Normalize returns a normalized scope string without any duplicates.
 func (s AccessTokenScope) Normalize() (AccessTokenScope, error) {
 	bitmap, err := s.Parse()

models/issues/issue.go

@@ -251,13 +251,15 @@ func (issue *Issue) LoadPoster(ctx context.Context) (err error) {
 
 // LoadPullRequest loads pull request info
 func (issue *Issue) LoadPullRequest(ctx context.Context) (err error) {
-	if issue.IsPull && issue.PullRequest == nil {
-		issue.PullRequest, err = GetPullRequestByIssueID(ctx, issue.ID)
-		if err != nil {
-			if IsErrPullRequestNotExist(err) {
-				return err
+	if issue.IsPull {
+		if issue.PullRequest == nil {
+			issue.PullRequest, err = GetPullRequestByIssueID(ctx, issue.ID)
+			if err != nil {
+				if IsErrPullRequestNotExist(err) {
+					return err
+				}
+				return fmt.Errorf("getPullRequestByIssueID [%d]: %w", issue.ID, err)
 			}
-			return fmt.Errorf("getPullRequestByIssueID [%d]: %w", issue.ID, err)
 		}
 		issue.PullRequest.Issue = issue
 	}
@@ -347,7 +349,7 @@ func (issue *Issue) LoadAttributes(ctx context.Context) (err error) {
 		return
 	}
 
-	if err = issue.loadProject(ctx); err != nil {
+	if err = issue.LoadProject(ctx); err != nil {
 		return
 	}
 

models/issues/issue_project.go

@@ -13,11 +13,7 @@ import (
 )
 
 // LoadProject load the project the issue was assigned to
-func (issue *Issue) LoadProject() (err error) {
-	return issue.loadProject(db.DefaultContext)
-}
-
-func (issue *Issue) loadProject(ctx context.Context) (err error) {
+func (issue *Issue) LoadProject(ctx context.Context) (err error) {
 	if issue.Project == nil {
 		var p project_model.Project
 		if _, err = db.GetEngine(ctx).Table("project").

modules/context/access_log.go

@@ -6,8 +6,8 @@ package context
 import (
 	"bytes"
 	"context"
-	"html/template"
 	"net/http"
+	"text/template"
 	"time"
 
 	"code.gitea.io/gitea/modules/log"

modules/setting/config_provider.go

@@ -25,9 +25,9 @@ func mustMapSetting(rootCfg ConfigProvider, sectionName string, setting interfac
 	}
 }
 
-func deprecatedSetting(rootCfg ConfigProvider, oldSection, oldKey, newSection, newKey string) {
+func deprecatedSetting(rootCfg ConfigProvider, oldSection, oldKey, newSection, newKey, version string) {
 	if rootCfg.Section(oldSection).HasKey(oldKey) {
-		log.Error("Deprecated fallback `[%s]` `%s` present. Use `[%s]` `%s` instead. This fallback will be removed in v1.19.0", oldSection, oldKey, newSection, newKey)
+		log.Error("Deprecated fallback `[%s]` `%s` present. Use `[%s]` `%s` instead. This fallback will be/has been removed in %s", oldSection, oldKey, newSection, newKey, version)
 	}
 }
 

modules/setting/indexer.go

@@ -56,12 +56,13 @@ func loadIndexerFrom(rootCfg ConfigProvider) {
 	Indexer.IssueIndexerName = sec.Key("ISSUE_INDEXER_NAME").MustString(Indexer.IssueIndexerName)
 
 	// The following settings are deprecated and can be overridden by settings in [queue] or [queue.issue_indexer]
-	// FIXME: DEPRECATED to be removed in v1.18.0
-	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_TYPE", "queue.issue_indexer", "TYPE")
-	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_DIR", "queue.issue_indexer", "DATADIR")
-	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_CONN_STR", "queue.issue_indexer", "CONN_STR")
-	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_BATCH_NUMBER", "queue.issue_indexer", "BATCH_LENGTH")
-	deprecatedSetting(rootCfg, "indexer", "UPDATE_BUFFER_LEN", "queue.issue_indexer", "LENGTH")
+	// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+	// if these are removed, the warning will not be shown
+	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_TYPE", "queue.issue_indexer", "TYPE", "v1.19.0")
+	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_DIR", "queue.issue_indexer", "DATADIR", "v1.19.0")
+	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_CONN_STR", "queue.issue_indexer", "CONN_STR", "v1.19.0")
+	deprecatedSetting(rootCfg, "indexer", "ISSUE_INDEXER_QUEUE_BATCH_NUMBER", "queue.issue_indexer", "BATCH_LENGTH", "v1.19.0")
+	deprecatedSetting(rootCfg, "indexer", "UPDATE_BUFFER_LEN", "queue.issue_indexer", "LENGTH", "v1.19.0")
 
 	Indexer.RepoIndexerEnabled = sec.Key("REPO_INDEXER_ENABLED").MustBool(false)
 	Indexer.RepoType = sec.Key("REPO_INDEXER_TYPE").MustString("bleve")

modules/setting/lfs.go

@@ -35,8 +35,9 @@ func loadLFSFrom(rootCfg ConfigProvider) {
 	storageType := lfsSec.Key("STORAGE_TYPE").MustString("")
 
 	// Specifically default PATH to LFS_CONTENT_PATH
-	// FIXME: DEPRECATED to be removed in v1.18.0
-	deprecatedSetting(rootCfg, "server", "LFS_CONTENT_PATH", "lfs", "PATH")
+	// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+	// if these are removed, the warning will not be shown
+	deprecatedSetting(rootCfg, "server", "LFS_CONTENT_PATH", "lfs", "PATH", "v1.19.0")
 	lfsSec.Key("PATH").MustString(
 		sec.Key("LFS_CONTENT_PATH").String())
 

modules/setting/mailer.go

@@ -64,16 +64,16 @@ func loadMailerFrom(rootCfg ConfigProvider) {
 	}
 
 	// Handle Deprecations and map on to new configuration
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "MAILER_TYPE", "mailer", "PROTOCOL")
+	// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+	// if these are removed, the warning will not be shown
+	deprecatedSetting(rootCfg, "mailer", "MAILER_TYPE", "mailer", "PROTOCOL", "v1.19.0")
 	if sec.HasKey("MAILER_TYPE") && !sec.HasKey("PROTOCOL") {
 		if sec.Key("MAILER_TYPE").String() == "sendmail" {
 			sec.Key("PROTOCOL").MustString("sendmail")
 		}
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "HOST", "mailer", "SMTP_ADDR")
+	deprecatedSetting(rootCfg, "mailer", "HOST", "mailer", "SMTP_ADDR", "v1.19.0")
 	if sec.HasKey("HOST") && !sec.HasKey("SMTP_ADDR") {
 		givenHost := sec.Key("HOST").String()
 		addr, port, err := net.SplitHostPort(givenHost)
@@ -89,8 +89,7 @@ func loadMailerFrom(rootCfg ConfigProvider) {
 		sec.Key("SMTP_PORT").MustString(port)
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "IS_TLS_ENABLED", "mailer", "PROTOCOL")
+	deprecatedSetting(rootCfg, "mailer", "IS_TLS_ENABLED", "mailer", "PROTOCOL", "v1.19.0")
 	if sec.HasKey("IS_TLS_ENABLED") && !sec.HasKey("PROTOCOL") {
 		if sec.Key("IS_TLS_ENABLED").MustBool() {
 			sec.Key("PROTOCOL").MustString("smtps")
@@ -99,38 +98,32 @@ func loadMailerFrom(rootCfg ConfigProvider) {
 		}
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "DISABLE_HELO", "mailer", "ENABLE_HELO")
+	deprecatedSetting(rootCfg, "mailer", "DISABLE_HELO", "mailer", "ENABLE_HELO", "v1.19.0")
 	if sec.HasKey("DISABLE_HELO") && !sec.HasKey("ENABLE_HELO") {
 		sec.Key("ENABLE_HELO").MustBool(!sec.Key("DISABLE_HELO").MustBool())
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "SKIP_VERIFY", "mailer", "FORCE_TRUST_SERVER_CERT")
+	deprecatedSetting(rootCfg, "mailer", "SKIP_VERIFY", "mailer", "FORCE_TRUST_SERVER_CERT", "v1.19.0")
 	if sec.HasKey("SKIP_VERIFY") && !sec.HasKey("FORCE_TRUST_SERVER_CERT") {
 		sec.Key("FORCE_TRUST_SERVER_CERT").MustBool(sec.Key("SKIP_VERIFY").MustBool())
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "USE_CERTIFICATE", "mailer", "USE_CLIENT_CERT")
+	deprecatedSetting(rootCfg, "mailer", "USE_CERTIFICATE", "mailer", "USE_CLIENT_CERT", "v1.19.0")
 	if sec.HasKey("USE_CERTIFICATE") && !sec.HasKey("USE_CLIENT_CERT") {
 		sec.Key("USE_CLIENT_CERT").MustBool(sec.Key("USE_CERTIFICATE").MustBool())
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "CERT_FILE", "mailer", "CLIENT_CERT_FILE")
+	deprecatedSetting(rootCfg, "mailer", "CERT_FILE", "mailer", "CLIENT_CERT_FILE", "v1.19.0")
 	if sec.HasKey("CERT_FILE") && !sec.HasKey("CLIENT_CERT_FILE") {
 		sec.Key("CERT_FILE").MustString(sec.Key("CERT_FILE").String())
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "KEY_FILE", "mailer", "CLIENT_KEY_FILE")
+	deprecatedSetting(rootCfg, "mailer", "KEY_FILE", "mailer", "CLIENT_KEY_FILE", "v1.19.0")
 	if sec.HasKey("KEY_FILE") && !sec.HasKey("CLIENT_KEY_FILE") {
 		sec.Key("KEY_FILE").MustString(sec.Key("KEY_FILE").String())
 	}
 
-	// FIXME: DEPRECATED to be removed in v1.19.0
-	deprecatedSetting(rootCfg, "mailer", "ENABLE_HTML_ALTERNATIVE", "mailer", "SEND_AS_PLAIN_TEXT")
+	deprecatedSetting(rootCfg, "mailer", "ENABLE_HTML_ALTERNATIVE", "mailer", "SEND_AS_PLAIN_TEXT", "v1.19.0")
 	if sec.HasKey("ENABLE_HTML_ALTERNATIVE") && !sec.HasKey("SEND_AS_PLAIN_TEXT") {
 		sec.Key("SEND_AS_PLAIN_TEXT").MustBool(!sec.Key("ENABLE_HTML_ALTERNATIVE").MustBool(false))
 	}

modules/setting/mirror.go

@@ -27,8 +27,9 @@ var Mirror = struct {
 func loadMirrorFrom(rootCfg ConfigProvider) {
 	// Handle old configuration through `[repository]` `DISABLE_MIRRORS`
 	// - please note this was badly named and only disabled the creation of new pull mirrors
-	// FIXME: DEPRECATED to be removed in v1.18.0
-	deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED")
+	// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+	// if these are removed, the warning will not be shown
+	deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED", "v1.19.0")
 	if rootCfg.Section("repository").Key("DISABLE_MIRRORS").MustBool(false) {
 		Mirror.DisableNewPull = true
 	}

modules/setting/server.go

@@ -178,38 +178,40 @@ func loadServerFrom(rootCfg ConfigProvider) {
 	switch protocolCfg {
 	case "https":
 		Protocol = HTTPS
-		// FIXME: DEPRECATED to be removed in v1.18.0
+
+		// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+		// if these are removed, the warning will not be shown
 		if sec.HasKey("ENABLE_ACME") {
 			EnableAcme = sec.Key("ENABLE_ACME").MustBool(false)
 		} else {
-			deprecatedSetting(rootCfg, "server", "ENABLE_LETSENCRYPT", "server", "ENABLE_ACME")
+			deprecatedSetting(rootCfg, "server", "ENABLE_LETSENCRYPT", "server", "ENABLE_ACME", "v1.19.0")
 			EnableAcme = sec.Key("ENABLE_LETSENCRYPT").MustBool(false)
 		}
 		if EnableAcme {
 			AcmeURL = sec.Key("ACME_URL").MustString("")
 			AcmeCARoot = sec.Key("ACME_CA_ROOT").MustString("")
-			// FIXME: DEPRECATED to be removed in v1.18.0
+
 			if sec.HasKey("ACME_ACCEPTTOS") {
 				AcmeTOS = sec.Key("ACME_ACCEPTTOS").MustBool(false)
 			} else {
-				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_ACCEPTTOS", "server", "ACME_ACCEPTTOS")
+				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_ACCEPTTOS", "server", "ACME_ACCEPTTOS", "v1.19.0")
 				AcmeTOS = sec.Key("LETSENCRYPT_ACCEPTTOS").MustBool(false)
 			}
 			if !AcmeTOS {
 				log.Fatal("ACME TOS is not accepted (ACME_ACCEPTTOS).")
 			}
-			// FIXME: DEPRECATED to be removed in v1.18.0
+
 			if sec.HasKey("ACME_DIRECTORY") {
 				AcmeLiveDirectory = sec.Key("ACME_DIRECTORY").MustString("https")
 			} else {
-				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_DIRECTORY", "server", "ACME_DIRECTORY")
+				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_DIRECTORY", "server", "ACME_DIRECTORY", "v1.19.0")
 				AcmeLiveDirectory = sec.Key("LETSENCRYPT_DIRECTORY").MustString("https")
 			}
-			// FIXME: DEPRECATED to be removed in v1.18.0
+
 			if sec.HasKey("ACME_EMAIL") {
 				AcmeEmail = sec.Key("ACME_EMAIL").MustString("")
 			} else {
-				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_EMAIL", "server", "ACME_EMAIL")
+				deprecatedSetting(rootCfg, "server", "LETSENCRYPT_EMAIL", "server", "ACME_EMAIL", "v1.19.0")
 				AcmeEmail = sec.Key("LETSENCRYPT_EMAIL").MustString("")
 			}
 		} else {

modules/setting/task.go

@@ -3,15 +3,16 @@
 
 package setting
 
-// FIXME: DEPRECATED to be removed in v1.18.0
+// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
+// if these are removed, the warning will not be shown
 // - will need to set default for [queue.task] LENGTH to 1000 though
 func loadTaskFrom(rootCfg ConfigProvider) {
 	taskSec := rootCfg.Section("task")
 	queueTaskSec := rootCfg.Section("queue.task")
 
-	deprecatedSetting(rootCfg, "task", "QUEUE_TYPE", "queue.task", "TYPE")
-	deprecatedSetting(rootCfg, "task", "QUEUE_CONN_STR", "queue.task", "CONN_STR")
-	deprecatedSetting(rootCfg, "task", "QUEUE_LENGTH", "queue.task", "LENGTH")
+	deprecatedSetting(rootCfg, "task", "QUEUE_TYPE", "queue.task", "TYPE", "v1.19.0")
+	deprecatedSetting(rootCfg, "task", "QUEUE_CONN_STR", "queue.task", "CONN_STR", "v1.19.0")
+	deprecatedSetting(rootCfg, "task", "QUEUE_LENGTH", "queue.task", "LENGTH", "v1.19.0")
 
 	switch taskSec.Key("QUEUE_TYPE").MustString("channel") {
 	case "channel":

modules/structs/user_app.go

@@ -11,20 +11,22 @@ import (
 // AccessToken represents an API access token.
 // swagger:response AccessToken
 type AccessToken struct {
-	ID             int64  `json:"id"`
-	Name           string `json:"name"`
-	Token          string `json:"sha1"`
-	TokenLastEight string `json:"token_last_eight"`
+	ID             int64    `json:"id"`
+	Name           string   `json:"name"`
+	Token          string   `json:"sha1"`
+	TokenLastEight string   `json:"token_last_eight"`
+	Scopes         []string `json:"scopes"`
 }
 
 // AccessTokenList represents a list of API access token.
 // swagger:response AccessTokenList
 type AccessTokenList []*AccessToken
 
 // CreateAccessTokenOption options when create access token
-// swagger:parameters userCreateToken
 type CreateAccessTokenOption struct {
-	Name string `json:"name" binding:"Required"`
+	// required: true
+	Name   string   `json:"name" binding:"Required"`
+	Scopes []string `json:"scopes"`
 }
 
 // CreateOAuth2ApplicationOptions holds options to create an oauth2 application