From c1ec79aeaff6192207e1ed335822c6a20ef1b3e2 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Wed, 20 Mar 2024 22:31:32 +0800 Subject: [PATCH 01/17] Fix loadOneBranch panic (#29938) (#29939) Backport #29938 Try to fix #29936 Far from ideal, but still better than panic. (cherry picked from commit b4a6c6fd7a4ed8e018d27fcdb5203fa04becdddb) --- modules/git/repo.go | 2 +- services/repository/branch.go | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/modules/git/repo.go b/modules/git/repo.go index 32f0e7007e..9c72f884df 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -248,7 +248,7 @@ type DivergeObject struct { // GetDivergingCommits returns the number of commits a targetBranch is ahead or behind a baseBranch func GetDivergingCommits(ctx context.Context, repoPath, baseBranch, targetBranch string) (do DivergeObject, err error) { cmd := NewCommand(ctx, "rev-list", "--count", "--left-right"). - AddDynamicArguments(baseBranch + "..." + targetBranch) + AddDynamicArguments(baseBranch + "..." + targetBranch).AddArguments("--") stdout, _, err := cmd.RunStdString(&RunOpts{Dir: repoPath}) if err != nil { return do, err diff --git a/services/repository/branch.go b/services/repository/branch.go index 567104d29f..47463519db 100644 --- a/services/repository/branch.go +++ b/services/repository/branch.go @@ -132,10 +132,7 @@ func loadOneBranch(ctx context.Context, repo *repo_model.Repository, dbBranch *g p := protectedBranches.GetFirstMatched(branchName) isProtected := p != nil - divergence := &git.DivergeObject{ - Ahead: -1, - Behind: -1, - } + var divergence *git.DivergeObject // it's not default branch if repo.DefaultBranch != dbBranch.Name && !dbBranch.IsDeleted { @@ -146,6 +143,11 @@ func loadOneBranch(ctx context.Context, repo *repo_model.Repository, dbBranch *g } } + if divergence == nil { + // tolerate error that we can't get divergence + divergence = &git.DivergeObject{Ahead: -1, Behind: -1} + } + pr, err := issues_model.GetLatestPullRequestByHeadInfo(repo.ID, branchName) if err != nil { return nil, fmt.Errorf("GetLatestPullRequestByHeadInfo: %v", err) From 456a33e8bb770a86341dc883edc6b62264b950a1 Mon Sep 17 00:00:00 2001 From: HEREYUA <37935145+HEREYUA@users.noreply.github.com> Date: Thu, 21 Mar 2024 22:03:01 +0800 Subject: [PATCH 02/17] Solving the issue of UI disruption when the review is deleted without refreshing (#29951) (#29968) backport #29951 (cherry picked from commit 3ff3c5ba780bc1b01004b9d0f8b4d56dd1aa9820) --- web_src/js/features/repo-issue.js | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/web_src/js/features/repo-issue.js b/web_src/js/features/repo-issue.js index 0be118db31..ecddbe15a9 100644 --- a/web_src/js/features/repo-issue.js +++ b/web_src/js/features/repo-issue.js @@ -162,7 +162,8 @@ export function initRepoIssueCommentDelete() { _csrf: csrfToken, }).done(() => { const $conversationHolder = $this.closest('.conversation-holder'); - + const $parentTimelineItem = $this.closest('.timeline-item'); + const $parentTimelineGroup = $this.closest('.timeline-item-group'); // Check if this was a pending comment. if ($conversationHolder.find('.pending-label').length) { const $counter = $('#review-box .review-comments-counter'); @@ -185,6 +186,11 @@ export function initRepoIssueCommentDelete() { } $conversationHolder.remove(); } + // Check if there is no review content, move the time avatar upward to avoid overlapping the content below. + if (!$parentTimelineGroup.find('.timeline-item.comment').length && !$parentTimelineItem.find('.conversation-holder').length) { + const $timelineAvatar = $parentTimelineGroup.find('.timeline-avatar'); + $timelineAvatar.removeClass('timeline-avatar-offset'); + } }); } return false; From fccb34c389711fbc639fda04a01a58c793a66823 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Thu, 21 Mar 2024 22:30:55 +0800 Subject: [PATCH 03/17] Fix the bug that user may logout if GetUserByID return unknow error (#29964) backport #29962 This PR fixed a bug when the user switching pages too fast, he will logout automatically. The reason is that when the error is context cancelled, the previous code think user hasn't login then the session will be deleted. Now it will return the errors but not think it's not login. Co-authored-by: wxiaoguang (cherry picked from commit c03b1e28544ee60c72f9dc7d9f362753bb3d778c) --- services/auth/session.go | 26 +++++++++----------------- 1 file changed, 9 insertions(+), 17 deletions(-) diff --git a/services/auth/session.go b/services/auth/session.go index 52cfb8ac21..35d97e42da 100644 --- a/services/auth/session.go +++ b/services/auth/session.go @@ -6,7 +6,6 @@ package auth import ( "net/http" - "code.gitea.io/gitea/models/db" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/log" ) @@ -29,40 +28,33 @@ func (s *Session) Name() string { // object for that uid. // Returns nil if there is no user uid stored in the session. func (s *Session) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) { - user := SessionUser(sess) - if user != nil { - return user, nil - } - return nil, nil -} - -// SessionUser returns the user object corresponding to the "uid" session variable. -func SessionUser(sess SessionStore) *user_model.User { if sess == nil { - return nil + return nil, nil } // Get user ID uid := sess.Get("uid") if uid == nil { - return nil + return nil, nil } log.Trace("Session Authorization: Found user[%d]", uid) id, ok := uid.(int64) if !ok { - return nil + return nil, nil } // Get user object - user, err := user_model.GetUserByID(db.DefaultContext, id) + user, err := user_model.GetUserByID(req.Context(), id) if err != nil { if !user_model.IsErrUserNotExist(err) { - log.Error("GetUserById: %v", err) + log.Error("GetUserByID: %v", err) + // Return the err as-is to keep current signed-in session, in case the err is something like context.Canceled. Otherwise non-existing user (nil, nil) will make the caller clear the signed-in session. + return nil, err } - return nil + return nil, nil } log.Trace("Session Authorization: Logged in user %-v", user) - return user + return user, nil } From 7c8f1d7b202eca08ef100b497bbd2cc58d94887a Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Sat, 23 Mar 2024 22:56:19 +0800 Subject: [PATCH 04/17] Remove duplicate option in admin screen and now-unused translation keys (#28492) (#30024) Backport #28492 Fix #30019 Co-authored-by: The Magician <142242365+TheMagician23@users.noreply.github.com> (cherry picked from commit 01f736f68c5620957419c609bbf78f8e5ce76359) --- options/locales/gitea_en-US.ini | 1 - templates/admin/config.tmpl | 2 -- 2 files changed, 3 deletions(-) diff --git a/options/locales/gitea_en-US.ini b/options/locales/gitea_en-US.ini index c100318118..a3d154ee40 100644 --- a/options/locales/gitea_en-US.ini +++ b/options/locales/gitea_en-US.ini @@ -3110,7 +3110,6 @@ config.enable_openid_signin = Enable OpenID Sign-In config.show_registration_button = Show Register Button config.require_sign_in_view = Require Sign-In to View Pages config.mail_notify = Enable Email Notifications -config.disable_key_size_check = Disable Minimum Key Size Check config.enable_captcha = Enable CAPTCHA config.active_code_lives = Active Code Lives config.reset_password_code_lives = Recover Account Code Expiry Time diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl index d40af66bc4..ce6edf8a97 100644 --- a/templates/admin/config.tmpl +++ b/templates/admin/config.tmpl @@ -151,8 +151,6 @@
{{if .Service.RequireSignInView}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
{{ctx.Locale.Tr "admin.config.mail_notify"}}
{{if .Service.EnableNotifyMail}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
-
{{ctx.Locale.Tr "admin.config.disable_key_size_check"}}
-
{{if .SSH.MinimumKeySizeCheck}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
{{ctx.Locale.Tr "admin.config.enable_captcha"}}
{{if .Service.EnableCaptcha}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
{{ctx.Locale.Tr "admin.config.default_keep_email_private"}}
From b22be0c03fa4814c1b8b892346de5d4547782ce7 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Sun, 24 Mar 2024 00:21:57 +0800 Subject: [PATCH 05/17] Escape paths for find file correctly (#30026) (#30031) Backport #30026 (cherry picked from commit 2172b38d505fa9586edf5da0d4aad7307dc92b7d) --- routers/web/repo/find.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/routers/web/repo/find.go b/routers/web/repo/find.go index daefe59c8f..9d03e4b4c9 100644 --- a/routers/web/repo/find.go +++ b/routers/web/repo/find.go @@ -8,6 +8,7 @@ import ( "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/util" ) const ( @@ -17,7 +18,7 @@ const ( // FindFiles render the page to find repository files func FindFiles(ctx *context.Context) { path := ctx.Params("*") - ctx.Data["TreeLink"] = ctx.Repo.RepoLink + "/src/" + path - ctx.Data["DataLink"] = ctx.Repo.RepoLink + "/tree-list/" + path + ctx.Data["TreeLink"] = ctx.Repo.RepoLink + "/src/" + util.PathEscapeSegments(path) + ctx.Data["DataLink"] = ctx.Repo.RepoLink + "/tree-list/" + util.PathEscapeSegments(path) ctx.HTML(http.StatusOK, tplFindFiles) } From 5e5574c7b328e2c500d497517047b8d1fd0ca478 Mon Sep 17 00:00:00 2001 From: Giteabot Date: Sun, 24 Mar 2024 13:38:31 +0800 Subject: [PATCH 06/17] Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org (#30013) (#30035) Backport #30013 by @DrMaxNix This PR adds `setting.Service.DefaultOrgMemberVisible` value to dataset of user when the initial org creator is being added to the created org. Fixes #30012. Co-authored-by: DrMaxNix (cherry picked from commit e321b8a849087d736a96275d5960f9b1446c95ba) --- models/organization/org.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index 260571b4b2..dad6c7f37d 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -319,8 +319,9 @@ func CreateOrganization(org *Organization, owner *user_model.User) (err error) { // Add initial creator to organization and owner team. if err = db.Insert(ctx, &OrgUser{ - UID: owner.ID, - OrgID: org.ID, + UID: owner.ID, + OrgID: org.ID, + IsPublic: setting.Service.DefaultOrgMemberVisible, }); err != nil { return fmt.Errorf("insert org-user relation: %w", err) } From 40fba39dc13101da5f2830e556e4ccd817c90e6d Mon Sep 17 00:00:00 2001 From: Giteabot Date: Mon, 25 Mar 2024 15:22:09 +0800 Subject: [PATCH 07/17] Fix misuse of `TxContext` (#30061) (#30062) Backport #30061 by @wolfogre Help #29999, or its tests cannot pass. Also, add some comments to clarify the usage of `TxContext`. I don't check all usages of `TxContext` because there are too many (almost 140+). It's a better idea to replace them with `WithTx` instead of checking them one by one. However, that may be another refactoring PR. Co-authored-by: Jason Song (cherry picked from commit 78795dd5663b7d8df4620bd50c74a7d71606f1d2) --- models/db/context.go | 10 ++++++++++ models/issues/review.go | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/models/db/context.go b/models/db/context.go index 9f72b43555..fc1fecb0e3 100644 --- a/models/db/context.go +++ b/models/db/context.go @@ -120,6 +120,16 @@ func (c *halfCommitter) Close() error { // TxContext represents a transaction Context, // it will reuse the existing transaction in the parent context or create a new one. +// Some tips to use: +// +// 1 It's always recommended to use `WithTx` in new code instead of `TxContext`, since `WithTx` will handle the transaction automatically. +// 2. To maintain the old code which uses `TxContext`: +// a. Always call `Close()` before returning regardless of whether `Commit()` has been called. +// b. Always call `Commit()` before returning if there are no errors, even if the code did not change any data. +// c. Remember the `Committer` will be a halfCommitter when a transaction is being reused. +// So calling `Commit()` will do nothing, but calling `Close()` without calling `Commit()` will rollback the transaction. +// And all operations submitted by the caller stack will be rollbacked as well, not only the operations in the current function. +// d. It doesn't mean rollback is forbidden, but always do it only when there is an error, and you do want to rollback. func TxContext(parentCtx context.Context) (*Context, Committer, error) { if sess, ok := inTransaction(parentCtx); ok { return newContext(parentCtx, sess, true), &halfCommitter{committer: sess}, nil diff --git a/models/issues/review.go b/models/issues/review.go index 18296c0dda..1bd165e80d 100644 --- a/models/issues/review.go +++ b/models/issues/review.go @@ -622,7 +622,7 @@ func AddReviewRequest(ctx context.Context, issue *Issue, reviewer, doer *user_mo // skip it when reviewer hase been request to review if review != nil && review.Type == ReviewTypeRequest { - return nil, nil + return nil, committer.Commit() // still commit the transaction, or committer.Close() will rollback it, even if it's a reused transaction. } // if the reviewer is an official reviewer, From 90537783ff6eb5571519a6e69e00bd2d49aee207 Mon Sep 17 00:00:00 2001 From: silverwind Date: Tue, 26 Mar 2024 01:10:24 +0100 Subject: [PATCH 08/17] Fix incorrect SVGs (#30087) Just the SVG fixes from https://github.com/go-gitea/gitea/pull/30086 for v1.21 branch. (cherry picked from commit 03f29db46dbaa4cacca875cfe6b1c0b012a93406) --- templates/devtest/flex-list.tmpl | 4 ++-- templates/repo/diff/comment_form.tmpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/devtest/flex-list.tmpl b/templates/devtest/flex-list.tmpl index c8584c110b..3c6256a59c 100644 --- a/templates/devtest/flex-list.tmpl +++ b/templates/devtest/flex-list.tmpl @@ -25,7 +25,7 @@
diff --git a/templates/repo/diff/comment_form.tmpl b/templates/repo/diff/comment_form.tmpl index 767c2613a0..1528578bdc 100644 --- a/templates/repo/diff/comment_form.tmpl +++ b/templates/repo/diff/comment_form.tmpl @@ -20,7 +20,7 @@ )}}
- {{svg "octicon-markup"}} {{ctx.Locale.Tr "repo.diff.comment.markdown_info"}} + {{svg "octicon-markdown"}} {{ctx.Locale.Tr "repo.diff.comment.markdown_info"}}
{{if $.reply}} From 5b6c93cc0216d84d42d9d0cc7b2a1b60f7b9ca40 Mon Sep 17 00:00:00 2001 From: silverwind Date: Tue, 26 Mar 2024 02:42:37 +0100 Subject: [PATCH 09/17] Update katex to 0.16.10 (#30089) https://github.com/KaTeX/KaTeX/releases/tag/v0.16.10 --------- Co-authored-by: Giteabot (cherry picked from commit 8dccea02f2cf85592c31be35ec9ef5c974a09222) --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index cad2c43151..682db5a3f8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -27,7 +27,7 @@ "escape-goat": "4.0.0", "fast-glob": "3.3.1", "jquery": "3.7.1", - "katex": "0.16.9", + "katex": "0.16.10", "license-checker-webpack-plugin": "0.2.1", "lightningcss-loader": "2.1.0", "mermaid": "10.6.1", @@ -6726,9 +6726,9 @@ "integrity": "sha512-b+z6yF1d4EOyDgylzQo5IminlUmzSeqR1hs/bzjBNjuGras4FXq/6TrzjxfN0j+TmI0ltJzTNlqXUMCniciwKQ==" }, "node_modules/katex": { - "version": "0.16.9", - "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.9.tgz", - "integrity": "sha512-fsSYjWS0EEOwvy81j3vRA8TEAhQhKiqO+FQaKWp0m39qwOzHVBgAUBIXWj1pB+O2W3fIpNa6Y9KSKCVbfPhyAQ==", + "version": "0.16.10", + "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.10.tgz", + "integrity": "sha512-ZiqaC04tp2O5utMsl2TEZTXxa6WSC4yo0fv5ML++D3QZv/vx2Mct0mTlRx3O+uUkjfuAgOkzsCmq5MiUEsDDdA==", "funding": [ "https://opencollective.com/katex", "https://github.com/sponsors/katex" diff --git a/package.json b/package.json index ad09cb9648..c01f466d13 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "escape-goat": "4.0.0", "fast-glob": "3.3.1", "jquery": "3.7.1", - "katex": "0.16.9", + "katex": "0.16.10", "license-checker-webpack-plugin": "0.2.1", "lightningcss-loader": "2.1.0", "mermaid": "10.6.1", From 29b352f490a23539c3bc3e864b0e47ccc9a6bedd Mon Sep 17 00:00:00 2001 From: yp05327 <576951401@qq.com> Date: Tue, 26 Mar 2024 19:20:03 +0900 Subject: [PATCH 10/17] Fix panic for fixBrokenRepoUnits16961 (#30068) (#30100) backport #30068 (cherry picked from commit 6d47b63be25dd23d81c8286ac993281c8099e963) --- modules/doctor/fix16961.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/doctor/fix16961.go b/modules/doctor/fix16961.go index 562c78dd76..3b1f34c907 100644 --- a/modules/doctor/fix16961.go +++ b/modules/doctor/fix16961.go @@ -216,6 +216,12 @@ func fixBrokenRepoUnit16961(repoUnit *repo_model.RepoUnit, bs []byte) (fixed boo return false, nil } + var cfg any + err = json.UnmarshalHandleDoubleEncode(bs, &cfg) + if err == nil { + return false, nil + } + switch repoUnit.Type { case unit.TypeCode, unit.TypeReleases, unit.TypeWiki, unit.TypeProjects: cfg := &repo_model.UnitConfig{} From 706ff7aa9fcfe4c43893dc12e27d064064e80635 Mon Sep 17 00:00:00 2001 From: yp05327 <576951401@qq.com> Date: Tue, 26 Mar 2024 21:58:56 +0900 Subject: [PATCH 11/17] Fix duplicate migrated milestones (#30102) (#30105) backport #30102 (cherry picked from commit a0f89ba8c76dd77990f73151cf60e9b945c31587) --- services/migrations/migrate.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/services/migrations/migrate.go b/services/migrations/migrate.go index 0b83f3b4a3..5bb3056161 100644 --- a/services/migrations/migrate.go +++ b/services/migrations/migrate.go @@ -250,14 +250,13 @@ func migrateRepository(ctx context.Context, doer *user_model.User, downloader ba } log.Warn("migrating milestones is not supported, ignored") } - msBatchSize := uploader.MaxBatchInsertSize("milestone") for len(milestones) > 0 { if len(milestones) < msBatchSize { msBatchSize = len(milestones) } - if err := uploader.CreateMilestones(milestones...); err != nil { + if err := uploader.CreateMilestones(milestones[:msBatchSize]...); err != nil { return err } milestones = milestones[msBatchSize:] From 65d34f93138f0369d296db8fca54697682b76d18 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Tue, 26 Mar 2024 23:49:48 +0800 Subject: [PATCH 12/17] Fix possible data race on tests (#30093) (#30108) backport #30093 (cherry picked from commit 09a5067c0c496d514adac7b82a44ae2061a171db) --- services/webhook/deliver_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/services/webhook/deliver_test.go b/services/webhook/deliver_test.go index 72aa00478a..eb0314d3c8 100644 --- a/services/webhook/deliver_test.go +++ b/services/webhook/deliver_test.go @@ -105,7 +105,6 @@ func TestWebhookDeliverAuthorizationHeader(t *testing.T) { err := hook.SetHeaderAuthorization("Bearer s3cr3t-t0ken") assert.NoError(t, err) assert.NoError(t, webhook_model.CreateWebhook(db.DefaultContext, hook)) - db.GetEngine(db.DefaultContext).NoAutoTime().DB().Logger.ShowSQL(true) hookTask := &webhook_model.HookTask{HookID: hook.ID, EventType: webhook_module.HookEventPush, Payloader: &api.PushPayload{}} From e9932a404d4bb5b22a87797094dff615eb38171a Mon Sep 17 00:00:00 2001 From: yp05327 <576951401@qq.com> Date: Wed, 27 Mar 2024 11:09:17 +0900 Subject: [PATCH 13/17] Fix gitea doctor will remove repo-avatar files when execute command storage-archives (#30094) (#30120) backport #30094 (cherry picked from commit 0c10c3a282463d9ada2a6d05cfc733e742c93351) --- modules/doctor/storage.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/doctor/storage.go b/modules/doctor/storage.go index f338537864..787df27549 100644 --- a/modules/doctor/storage.go +++ b/modules/doctor/storage.go @@ -162,7 +162,7 @@ func checkStorage(opts *checkStorageOptions) func(ctx context.Context, logger lo if opts.RepoArchives || opts.All { if err := commonCheckStorage(ctx, logger, autofix, &commonStorageCheckOptions{ - storer: storage.RepoAvatars, + storer: storage.RepoArchives, isOrphaned: func(path string, obj storage.Object, stat fs.FileInfo) (bool, error) { exists, err := repo.ExistsRepoArchiverWithStoragePath(ctx, path) if err == nil || errors.Is(err, util.ErrInvalidArgument) { From 953914d1f7b06112c6efd34176b06b4a3849db00 Mon Sep 17 00:00:00 2001 From: yp05327 <576951401@qq.com> Date: Wed, 27 Mar 2024 17:06:23 +0900 Subject: [PATCH 14/17] Load attachments for code comments (#30124) (#30126) backport #30124 (cherry picked from commit 7bffb923ce723947837fd1c12fe2f1edcba72315) --- models/issues/comment_code.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/models/issues/comment_code.go b/models/issues/comment_code.go index 0e6340c189..0b96f93ee0 100644 --- a/models/issues/comment_code.go +++ b/models/issues/comment_code.go @@ -117,6 +117,10 @@ func findCodeComments(ctx context.Context, opts FindCommentsOptions, issue *Issu return nil, err } + if err := comments.LoadAttachments(ctx); err != nil { + return nil, err + } + // Find all reviews by ReviewID reviews := make(map[int64]*Review) ids := make([]int64, 0, len(comments)) From 8d3db1264c5af5a40e3a1f7d67a7aaa9807571d9 Mon Sep 17 00:00:00 2001 From: Giteabot Date: Mon, 1 Apr 2024 09:47:11 +0800 Subject: [PATCH 15/17] Include encoding in signature payload (#30174) (#30181) Backport #30174 by @KN4CK3R Fixes #30119 Include the encoding in the signature payload. before ![grafik](https://github.com/go-gitea/gitea/assets/1666336/01ab94a3-8af5-4d6f-be73-a10b65a15421) after ![grafik](https://github.com/go-gitea/gitea/assets/1666336/3a37d438-c70d-4d69-b178-d170e74aa683) --------- Co-authored-by: KN4CK3R (cherry picked from commit 2ac78c75d08cbd4c9a47e982021789e6d85a1a32) --- modules/git/commit_convert_gogit.go | 6 +++ modules/git/commit_reader.go | 2 + modules/git/commit_test.go | 67 +++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) diff --git a/modules/git/commit_convert_gogit.go b/modules/git/commit_convert_gogit.go index 669f1b15d5..0a3d6ffa95 100644 --- a/modules/git/commit_convert_gogit.go +++ b/modules/git/commit_convert_gogit.go @@ -47,6 +47,12 @@ func convertPGPSignature(c *object.Commit) *CommitGPGSignature { return nil } + if c.Encoding != "" && c.Encoding != "UTF-8" { + if _, err = fmt.Fprintf(&w, "\nencoding %s\n", c.Encoding); err != nil { + return nil + } + } + if _, err = fmt.Fprintf(&w, "\n\n%s", c.Message); err != nil { return nil } diff --git a/modules/git/commit_reader.go b/modules/git/commit_reader.go index 23607c43ab..3c2cda4171 100644 --- a/modules/git/commit_reader.go +++ b/modules/git/commit_reader.go @@ -84,6 +84,8 @@ readLoop: commit.Committer = &Signature{} commit.Committer.Decode(data) _, _ = payloadSB.Write(line) + case "encoding": + _, _ = payloadSB.Write(line) case "gpgsig": _, _ = signatureSB.Write(data) _ = signatureSB.WriteByte('\n') diff --git a/modules/git/commit_test.go b/modules/git/commit_test.go index a095ac9844..fd979e7f8d 100644 --- a/modules/git/commit_test.go +++ b/modules/git/commit_test.go @@ -125,6 +125,73 @@ empty commit`, commitFromReader.Signature.Payload) assert.EqualValues(t, commitFromReader, commitFromReader2) } +func TestCommitWithEncodingFromReader(t *testing.T) { + commitString := `feaf4ba6bc635fec442f46ddd4512416ec43c2c2 commit 1074 +tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5 +parent 47b24e7ab977ed31c5a39989d570847d6d0052af +author KN4CK3R 1711702962 +0100 +committer KN4CK3R 1711702962 +0100 +encoding ISO-8859-1 +gpgsig -----BEGIN PGP SIGNATURE----- + + iQGzBAABCgAdFiEE9HRrbqvYxPT8PXbefPSEkrowAa8FAmYGg7IACgkQfPSEkrow + Aa9olwv+P0HhtCM6CRvlUmPaqswRsDPNR4i66xyXGiSxdI9V5oJL7HLiQIM7KrFR + gizKa2COiGtugv8fE+TKqXKaJx6uJUJEjaBd8E9Af9PrAzjWj+A84lU6/PgPS8hq + zOfZraLOEWRH4tZcS+u2yFLu3ez2Wqh1xW5LNy7xqEedMXEFD1HwSJ0+pjacNkzr + frp6Asyt7xRI6YmgFJZJoRsS3Ktr6rtKeRL2IErSQQyorOqj6gKrglhrhfG/114j + FKB1v4or0WZ1DE8iP2SJZ3n+/K1IuWAINh7MVdb7PndfBPEa+IL+ucNk5uzEE8Jd + G8smGxXUeFEt2cP1dj2W8EgAxuA9sTnH9dqI5aRqy5ifDjuya7Emm8sdOUvtGdmn + SONRzusmu5n3DgV956REL7x62h7JuqmBz/12HZkr0z0zgXkcZ04q08pSJATX5N1F + yN+tWxTsWg+zhDk96d5Esdo9JMjcFvPv0eioo30GAERaz1hoD7zCMT4jgUFTQwgz + jw4YcO5u + =r3UU + -----END PGP SIGNATURE----- + +ISO-8859-1` + + sha := SHA1{0xfe, 0xaf, 0x4b, 0xa6, 0xbc, 0x63, 0x5f, 0xec, 0x44, 0x2f, 0x46, 0xdd, 0xd4, 0x51, 0x24, 0x16, 0xec, 0x43, 0xc2, 0xc2} + gitRepo, err := openRepositoryWithDefaultContext(filepath.Join(testReposDir, "repo1_bare")) + assert.NoError(t, err) + assert.NotNil(t, gitRepo) + defer gitRepo.Close() + + commitFromReader, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString)) + assert.NoError(t, err) + if !assert.NotNil(t, commitFromReader) { + return + } + assert.EqualValues(t, sha, commitFromReader.ID) + assert.EqualValues(t, `-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEE9HRrbqvYxPT8PXbefPSEkrowAa8FAmYGg7IACgkQfPSEkrow +Aa9olwv+P0HhtCM6CRvlUmPaqswRsDPNR4i66xyXGiSxdI9V5oJL7HLiQIM7KrFR +gizKa2COiGtugv8fE+TKqXKaJx6uJUJEjaBd8E9Af9PrAzjWj+A84lU6/PgPS8hq +zOfZraLOEWRH4tZcS+u2yFLu3ez2Wqh1xW5LNy7xqEedMXEFD1HwSJ0+pjacNkzr +frp6Asyt7xRI6YmgFJZJoRsS3Ktr6rtKeRL2IErSQQyorOqj6gKrglhrhfG/114j +FKB1v4or0WZ1DE8iP2SJZ3n+/K1IuWAINh7MVdb7PndfBPEa+IL+ucNk5uzEE8Jd +G8smGxXUeFEt2cP1dj2W8EgAxuA9sTnH9dqI5aRqy5ifDjuya7Emm8sdOUvtGdmn +SONRzusmu5n3DgV956REL7x62h7JuqmBz/12HZkr0z0zgXkcZ04q08pSJATX5N1F +yN+tWxTsWg+zhDk96d5Esdo9JMjcFvPv0eioo30GAERaz1hoD7zCMT4jgUFTQwgz +jw4YcO5u +=r3UU +-----END PGP SIGNATURE----- +`, commitFromReader.Signature.Signature) + assert.EqualValues(t, `tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5 +parent 47b24e7ab977ed31c5a39989d570847d6d0052af +author KN4CK3R 1711702962 +0100 +committer KN4CK3R 1711702962 +0100 +encoding ISO-8859-1 + +ISO-8859-1`, commitFromReader.Signature.Payload) + assert.EqualValues(t, "KN4CK3R ", commitFromReader.Author.String()) + + commitFromReader2, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString+"\n\n")) + assert.NoError(t, err) + commitFromReader.CommitMessage += "\n\n" + commitFromReader.Signature.Payload += "\n\n" + assert.EqualValues(t, commitFromReader, commitFromReader2) +} + func TestHasPreviousCommit(t *testing.T) { bareRepo1Path := filepath.Join(testReposDir, "repo1_bare") From 4ed431531ba091bf5dd293bacb838480ed7c8baa Mon Sep 17 00:00:00 2001 From: Giteabot Date: Wed, 3 Apr 2024 00:13:07 +0800 Subject: [PATCH 16/17] Fix missing 0 prefix of GPG key id (#30245) (#30247) Backport #30245 by @KN4CK3R Fixes #30235 If the key id "front" byte has a single digit, `%X` is missing the 0 prefix. ` 38D1A3EADDBEA9C` instead of `038D1A3EADDBEA9C` When using the `IssuerFingerprint` slice `%X` is enough but I changed it to `%016X` too to be consistent. Co-authored-by: KN4CK3R (cherry picked from commit 935bfe6445f55f1011782eb93492dc55839b2d16) --- models/asymkey/gpg_key_commit_verification.go | 8 +------- models/asymkey/gpg_key_common.go | 10 ++++++++++ models/asymkey/gpg_key_test.go | 12 ++++++++++++ 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/models/asymkey/gpg_key_commit_verification.go b/models/asymkey/gpg_key_commit_verification.go index 8ac4364404..614a97f7dc 100644 --- a/models/asymkey/gpg_key_commit_verification.go +++ b/models/asymkey/gpg_key_commit_verification.go @@ -139,13 +139,7 @@ func ParseCommitWithSignature(ctx context.Context, c *git.Commit) *CommitVerific } } - keyID := "" - if sig.IssuerKeyId != nil && (*sig.IssuerKeyId) != 0 { - keyID = fmt.Sprintf("%X", *sig.IssuerKeyId) - } - if keyID == "" && sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) > 0 { - keyID = fmt.Sprintf("%X", sig.IssuerFingerprint[12:20]) - } + keyID := tryGetKeyIDFromSignature(sig) defaultReason := NoKeyFound // First check if the sig has a keyID and if so just look at that diff --git a/models/asymkey/gpg_key_common.go b/models/asymkey/gpg_key_common.go index b02be2851a..9c015582f1 100644 --- a/models/asymkey/gpg_key_common.go +++ b/models/asymkey/gpg_key_common.go @@ -134,3 +134,13 @@ func extractSignature(s string) (*packet.Signature, error) { } return sig, nil } + +func tryGetKeyIDFromSignature(sig *packet.Signature) string { + if sig.IssuerKeyId != nil && (*sig.IssuerKeyId) != 0 { + return fmt.Sprintf("%016X", *sig.IssuerKeyId) + } + if sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) > 0 { + return fmt.Sprintf("%016X", sig.IssuerFingerprint[12:20]) + } + return "" +} diff --git a/models/asymkey/gpg_key_test.go b/models/asymkey/gpg_key_test.go index dee74bc281..d3fbb01d82 100644 --- a/models/asymkey/gpg_key_test.go +++ b/models/asymkey/gpg_key_test.go @@ -11,7 +11,9 @@ import ( "code.gitea.io/gitea/models/unittest" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/util" + "github.com/keybase/go-crypto/openpgp/packet" "github.com/stretchr/testify/assert" ) @@ -391,3 +393,13 @@ epiDVQ== assert.Equal(t, time.Unix(1586105389, 0), expire) } } + +func TestTryGetKeyIDFromSignature(t *testing.T) { + assert.Empty(t, tryGetKeyIDFromSignature(&packet.Signature{})) + assert.Equal(t, "038D1A3EADDBEA9C", tryGetKeyIDFromSignature(&packet.Signature{ + IssuerKeyId: util.ToPointer(uint64(0x38D1A3EADDBEA9C)), + })) + assert.Equal(t, "038D1A3EADDBEA9C", tryGetKeyIDFromSignature(&packet.Signature{ + IssuerFingerprint: []uint8{0xb, 0x23, 0x24, 0xc7, 0xe6, 0xfe, 0x4f, 0x3a, 0x6, 0x26, 0xc1, 0x21, 0x3, 0x8d, 0x1a, 0x3e, 0xad, 0xdb, 0xea, 0x9c}, + })) +} From 0d3f446460b22a29c259e7d42ed89f90fd216ca7 Mon Sep 17 00:00:00 2001 From: Giteabot Date: Wed, 3 Apr 2024 14:06:39 +0800 Subject: [PATCH 17/17] Fixes #27605: inline math blocks can't be preceeded/followed by alphanumerical characters (#30175) (#30250) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Backport #30175 by @jmlt2002 - Inline math blocks couldn't be preceeded or succeeded by alphanumerical characters due to changes introduced in PR #21171. Removed the condition that caused this (precedingCharacter condition) and added a new exit condition of the for-loop that checks if a specific '$' was escaped using '\' so that the math expression can be rendered as intended. - Additionally this PR fixes another bug where math blocks of the type '$xyz$abc$' where the dollar sign was not escaped by the user, generated an error (shown in the screenshots below) - Altered the tests to accomodate for the changes Former behaviour (from try.gitea.io): ![image](https://github.com/go-gitea/gitea/assets/114936010/8f0cbb21-321d-451c-b871-c67a8e1e9235) Fixed behaviour (from my local build): ![image](https://github.com/go-gitea/gitea/assets/114936010/5c22687c-6f11-4407-b5e7-c14b838bc20d) (Edit) Source code for the README.md file: ``` $x$ -$x$ $x$- a$xa$ $xa$a 1$xb$ $xb$1 $a a$b b$ a$b $a a$b b$ $a a\$b b$ ``` Signed-off-by: João Tiago Co-authored-by: João Tiago <114936010+jmlt2002@users.noreply.github.com> (cherry picked from commit 5123ed31914f704348c0660468a3707011f5a160) --- modules/markup/markdown/markdown_test.go | 20 +++++++++++++++++-- modules/markup/markdown/math/inline_parser.go | 18 ++++++++++++----- 2 files changed, 31 insertions(+), 7 deletions(-) diff --git a/modules/markup/markdown/markdown_test.go b/modules/markup/markdown/markdown_test.go index 3cb11c9482..a2285a223a 100644 --- a/modules/markup/markdown/markdown_test.go +++ b/modules/markup/markdown/markdown_test.go @@ -509,9 +509,17 @@ func TestMathBlock(t *testing.T) { `\(a\) \(b\)`, `

a b

` + nl, }, + { + `$a$.`, + `

a.

` + nl, + }, + { + `.$a$`, + `

.$a$

` + nl, + }, { `$a a$b b$`, - `

a a$b b

` + nl, + `

$a a$b b$

` + nl, }, { `a a$b b`, @@ -519,7 +527,15 @@ func TestMathBlock(t *testing.T) { }, { `a$b $a a$b b$`, - `

a$b a a$b b

` + nl, + `

a$b $a a$b b$

` + nl, + }, + { + "a$x$", + `

a$x$

` + nl, + }, + { + "$x$a", + `

$x$a

` + nl, }, { "$$a$$", diff --git a/modules/markup/markdown/math/inline_parser.go b/modules/markup/markdown/math/inline_parser.go index 0ac25c2b2a..862234e69b 100644 --- a/modules/markup/markdown/math/inline_parser.go +++ b/modules/markup/markdown/math/inline_parser.go @@ -41,9 +41,12 @@ func (parser *inlineParser) Trigger() []byte { return parser.start[0:1] } +func isPunctuation(b byte) bool { + return b == '.' || b == '!' || b == '?' || b == ',' || b == ';' || b == ':' +} + func isAlphanumeric(b byte) bool { - // Github only cares about 0-9A-Za-z - return (b >= '0' && b <= '9') || (b >= 'A' && b <= 'Z') || (b >= 'a' && b <= 'z') + return (b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') || (b >= '0' && b <= '9') } // Parse parses the current line and returns a result of parsing. @@ -56,7 +59,7 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser. } precedingCharacter := block.PrecendingCharacter() - if precedingCharacter < 256 && isAlphanumeric(byte(precedingCharacter)) { + if precedingCharacter < 256 && (isAlphanumeric(byte(precedingCharacter)) || isPunctuation(byte(precedingCharacter))) { // need to exclude things like `a$` from being considered a start return nil } @@ -75,14 +78,19 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser. ender += pos // Now we want to check the character at the end of our parser section - // that is ender + len(parser.end) + // that is ender + len(parser.end) and check if char before ender is '\' pos = ender + len(parser.end) if len(line) <= pos { break } - if !isAlphanumeric(line[pos]) { + suceedingCharacter := line[pos] + if !isPunctuation(suceedingCharacter) && !(suceedingCharacter == ' ') { + return nil + } + if line[ender-1] != '\\' { break } + // move the pointer onwards ender += len(parser.end) }