Bumps
[appleboy/git-push-action](https://github.com/appleboy/git-push-action)
from 1.0.0 to 1.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/appleboy/git-push-action/releases">appleboy/git-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.0</h2>
<h2>Changelog</h2>
<h3>Features</h3>
<ul>
<li>2722561d2c158e67f0e4b908bda83937e53bbdd4: feat: add options for
insecure SSL and SSH version selection (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Others</h3>
<ul>
<li>2c87d5bacd46972f72523394e67af39825081037: style: standardize YAML
quoting and update input descriptions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>66a962f89a56024b2a36de61fe65ba6b9994be15: fix: rename drone-git-push
env vars and update default version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>e37f17de403a8b0b59184d852be6b7a7e017d376: chore: mark all
directories as safe in global git configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Refactor</h3>
<ul>
<li>7bdda76242d8f6b40576a039a2d2233c43b7661e: refactor: refactor GitHub
Action to use Bash instead of Docker (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>4873de66e7bed19267cc8cd66959005c42d41cc7: refactor: simplify stdout
capturing by removing legacy logic (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>d1c361f2d2e128593b5dfeb3c2d9a5c6a1af7128: ci: run Docker actions as
nobody and inject GITHUB_WORKSPACE (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>fdf995de1284df95f38a3d99275eb38537eb05a4: ci: simplify Docker action
environment variable configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>8e938ac7df8937d595e4c4fcf345139339a34819: ci: update
GITHUB_WORKSPACE to use /github/home path (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>3b2c8661652360dbf1afe1b319a49dbb739c39f1: docs: migrate to composite
GitHub Action and standardize env vars (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h2>v1.1.0</h2>
<h2>Changelog</h2>
<h3>Features</h3>
<ul>
<li>28a54bbef16233cbea6f9fe39f318a4f055cd749: feat: add mirror input
support to GitHub Action configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>a63ac675f748ad297929b6d9688f94939fbe3dea: fix: fix spelling of
'force' option in git push actions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>ee39884535468c8b6f101c0980aec38a61bc6c8b: chore(readme): refactor
codebase and update dependencies (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>94fb0c0d87ba52affdcb2daf8505a0e7f086f205: chore: bump drone-git-push
base image to version 1.2.0 (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>a939634b19fa88f0d4c853f4b604a4df5549911d: chore: pin Drone Git Push
image to a specific version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>0a16d15bfdca306c84a299db735f248e9d408bb3: ci: improve CI workflow
for semantic version releases (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>1807bf9a1b801f99799e4e2a64ca1c6b11301fc3: ci: automate maintenance
and enhance repository security (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>f39abba130277d16a141588c1b4c194a8f0b4636: build: run container as
non-root user for enhanced security (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>ed86ac596a332db5353062d7cbdf24d61554f5f1: ci: update CI workflows to
trigger on main branch (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>cd8de7f6c86b1390f0108011580b6c9845b9f5df: build: eliminate
"nobody" user references from Dockerfile (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>7465fee0c6ac1466048408a99c52598be9abf00f: ci: update CI workflow to
use newer actions/checkout version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>b9d4e07212dd711b7e57352e5b6172038ab20f6e: build: simplify Docker
build by removing entrypoint.sh chmod step (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>14d3003b72ea485bf8707bfbef4926eca78cc341: build: upgrade CI pipeline
to latest drone-git-push base image (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>378ab1be62cfbae4111d3bbbec417d5b2e97134d: docs: clarify and
standardize input and action descriptions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>4c679526c0d1910c6e058a82fdde978d5cd8c0c2: docs: revamp documentation
with expanded features and usage examples (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>61f29e5108e85fa252a0556c08ec87f0c425f1b2: docs: document GitHub
Action integration and Claude Code guidelines (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>a7ef8abff3f71345b67dc056ac3d7b2d006efa42: docs: add Trivy security
scan badge to documentation (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3b2c866165"><code>3b2c866</code></a>
docs: migrate to composite GitHub Action and standardize env vars</li>
<li><a
href="4873de66e7"><code>4873de6</code></a>
refactor: simplify stdout capturing by removing legacy logic</li>
<li><a
href="2c87d5bacd"><code>2c87d5b</code></a>
style: standardize YAML quoting and update input descriptions</li>
<li><a
href="2722561d2c"><code>2722561</code></a>
feat: add options for insecure SSL and SSH version selection</li>
<li><a
href="66a962f89a"><code>66a962f</code></a>
fix: rename drone-git-push env vars and update default version</li>
<li><a
href="7bdda76242"><code>7bdda76</code></a>
refactor: refactor GitHub Action to use Bash instead of Docker</li>
<li><a
href="8e938ac7df"><code>8e938ac</code></a>
ci: update GITHUB_WORKSPACE to use /github/home path</li>
<li><a
href="e37f17de40"><code>e37f17d</code></a>
chore: mark all directories as safe in global git configuration</li>
<li><a
href="fdf995de12"><code>fdf995d</code></a>
ci: simplify Docker action environment variable configuration</li>
<li><a
href="d1c361f2d2"><code>d1c361f</code></a>
ci: run Docker actions as nobody and inject GITHUB_WORKSPACE</li>
<li>Additional commits viewable in <a
href="https://github.com/appleboy/git-push-action/compare/v1.0.0...v1.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- reduce file name font size from 15px to 14px
- fix labels and buttons being cut off when their size is constrained
- change labels from monospace to sans-serif font
- move diff stats to right and change them from sum of changes to +/-
- change filemode to label and change text to match other labels
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. correctly parse git protocol's "OldCommit NewCommit RefName" line, it
should be explicitly split by space
2. add missing "return" in CreatePullRequest
3. add comments for "/user.keys" and "/user.gpg" outputs
4. trim space for the "commit status context name" to follow the same
behavior of git_model.NewCommitStatus
Replace #34651 and address more problems including fix framework bugs and changing to QueryInfo and QueryContent calls.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This PR fixes#27383 where HTML headings like `<h1>Title</h1>` in
markdown files would have empty permalink anchors
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
WebUI has a checkbox for enabling maintainer edits you can check right
away when creating a new pull request.
Also, it is possible to set `allow_maintainer_edit` in an existing pull
request via API.
This change enables the option while creating a new pull request via
API.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
The code incorrectly assumed rel.Assets.Links and rel.Assets.Sources
arrays have equal length. This causes index out of bounds panic when
migrating GitLab releases with more links than sources, which is common
with GoReleaser-generated releases.
Fixes#36292
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#35998
1. Fix `<a rel>` :
* "_blank" already means "noopener"
* "noreferrer" is already provided by page's `<meta name="referrer">`
2. Fix "redirect_to" mechisam
* Use "referer" header to determine the redirect link for a successful
login
3. Simplify code and merge duplicate logic
- The compare page head title should be `compare` but not `new pull
request`.
- Use `UnstableGuessRefByShortName` instead of duplicated functions
calls.
- Direct-compare, tags, commits compare will not display `New Pull
Request` button any more.
The new screenshot
<img width="1459" height="391" alt="image"
src="https://github.com/user-attachments/assets/64e9b070-9c0b-41d1-b4b8-233b96270e1b"
/>
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Make Debian repository signing key generation use explicit stronger defaults
and embed the creation time in the OpenPGP comment for newly created keys.
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
- Use `gitrepo.IsRepositoryExist` instead of `util.IsExit` or
`util.IsDir`
- Use `gitrepo.OpenRepository` instead of `git.OpenRepository`
- Use `gitrepo.DeleteRepository` instead of `util.RemoveAll`
- Use `gitrepo.RenameRepository` instead of `util.Rename`
## Summary
This PR adds support for closing keywords (`closes`, `fixes`, `reopens`,
etc.) with full URL references in markdown links.
**Before:**
- `closes #123` ✅ works
- `closes org/repo#123` ✅ works
- `Closes [this issue](https://gitea.io/user/repo/issues/123)` ❌ didn't
work
- `Fixes [#456](https://gitea.io/org/project/issues/456)` ❌ didn't work
**After:**
All of the above now work correctly.
## Problem
When users reference issues using full URLs in markdown links (e.g.,
`Closes [this issue](https://gitea.io/user/repo/issues/123)`), the
closing keywords were not detected. This was because the URL processing
code explicitly stated:
```go
// Note: closing/reopening keywords not supported with URLs
```
Both methods of writing the reference render the same in the UI, so
users expected the closing keywords to behave the same.
## Solution
The fix works by:
1. Passing the original (unstripped) content to
`findAllIssueReferencesBytes`
2. When processing URL links from markdown, finding the URL position in
the original content
3. For markdown links `[text](url)`, finding the opening bracket `[`
position
4. Using that position to detect closing keywords before the link
## Testing
Added test cases for:
- `Closes [this issue](url)` - single URL with closing keyword
- `This fixes [#456](url)` - keyword in middle of text
- `Reopens [PR](url)` - reopen keyword with pull request URL
- Multiple URLs where only one has a closing keyword
All existing tests continue to pass.
Fixes#27549
This pull request adds an option to automatically verify SSH keys from
LDAP authentication sources.
This allows a correct authentication and verification workflow for
LDAP-enabled organizations; under normal circumstances SSH keys in LDAP
are not managed by users manually.
Use the dynamically parsed host in the request for LFS links, but not
use the hard-coded AppURL.
Make LFS server support multi-domain or run Gitea behind a reverse-proxy
with different ROOT_URL.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Crowdin does not remove empty lines in nested JSON translation files.
Therefore, we use flattened translation keys instead. We have also
updated the key-loading logic to ensure that empty values are not
applied during translation.
---------
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
- Replace fomantic form CSS with custom module
- Moved code in `form.css` to `modules/form.css`, removed around 70% of
the previous module.
- Moved captcha styles previously in `form.css` to its own file.
There is probably more unused CSS, like form error state colors which to
my knowledge is not used anywhere, but I'm not sure about that one so I
kept it.
One notable change is the removal of `type` combinator here, which
lowers the selector specificity and I noticed one issue where selector
`.ui.search > .prompt` was winning, so I added a workaround for that
until the `search` module can be removed as well.
```css
.ui.form .fields.error .field input:not([type])
.ui.form .fields.error .field input[type="date"]
```
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Fixes: https://github.com/go-gitea/gitea/issues/36216
Now `detectWebAuthnSupport` returns the error type and lets the caller
decide whether they call `webAuthnError` and show the error. It no
longer shows the error during page load when the user has not even
interacted with the feature.
The bug affects all users on HTTP, so I think a quick fix release for
this might be good.
## Summary
This PR refactors the `SearchIssues` function in
`routers/api/v1/repo/issue.go` by extracting common logic into reusable
helper functions:
- `parseIssueIsClosed()`: Parses the "state" query parameter and returns
the corresponding `isClosed` option
- `parseIssueIsPull()`: Parses the "type" query parameter and returns
the corresponding `isPull` option
- `buildSearchIssuesRepoIDs()`: Builds the list of repository IDs for
issue search based on query parameters
### Benefits:
- Improved code readability
- Smaller, more focused functions
- Easier to test individual components
- Potential for reuse in other handlers
### Changes:
- Extracted 3 helper functions from the ~292 line `SearchIssues`
function
- No functional changes - behavior remains the same
- Proper error handling preserved
## Test plan
- [ ] Verify existing API tests pass
- [ ] Manual testing of `/repos/issues/search` endpoint
Ref: #35015
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
