* first draft
* update gitea sdk to 9e280adb4da
* adapt feat of updated sdk
* releases now works
* break the Reactions loop
* use convertGiteaLabel
* fix endless loop because paggination is not supported there !!!
* rename gitea local uploader files
* pagination can bite you in the ass
* Version Checks
* lint
* docs
* rename gitea sdk import to miss future conficts
* go-swagger: dont scan the sdk structs
* make sure gitea can shutdown gracefully
* make GetPullRequests and GetIssues similar
* rm useles
* Add Test: started ...
* ... add tests ...
* Add tests and Fixing things
* Workaround missing SHA
* Adapt: Ensure that all migration requests are cancellable
(714ab71ddc)
* LINT: fix misspells in test set
* adapt ListMergeRequestAwardEmoji
* update sdk
* Return error when creating giteadownloader failed
* update sdk
* adapt new sdk
* adopt new features
* check version before err
* adapt: 'migrate service type switch page'
* optimize
* Fix DefaultBranch
* impruve
* handle subPath
* fix test
* Fix ReviewCommentPosition
* test GetReviews
* add DefaultBranch int test set
* rm unused
* Update SDK to v0.13.0
* addopt sdk changes
* found better link
* format template
* Update Docs
* Update Gitea SDK (v0.13.1)
* Add ssh certificate support
* Add ssh certificate support to builtin ssh
* Write trusted-user-ca-keys.pem based on configuration
* Update app.example.ini
* Update templates/user/settings/keys_principal.tmpl
Co-authored-by: silverwind <[email protected]>
* Remove unused locale string
* Update options/locale/locale_en-US.ini
Co-authored-by: silverwind <[email protected]>
* Update options/locale/locale_en-US.ini
Co-authored-by: silverwind <[email protected]>
* Update models/ssh_key.go
Co-authored-by: silverwind <[email protected]>
* Add missing creation of SSH.Rootpath
* Update cheatsheet, example and locale strings
* Update models/ssh_key.go
Co-authored-by: zeripath <[email protected]>
* Update models/ssh_key.go
Co-authored-by: zeripath <[email protected]>
* Update models/ssh_key.go
Co-authored-by: zeripath <[email protected]>
* Update models/ssh_key.go
Co-authored-by: zeripath <[email protected]>
* Update models/ssh_key.go
* Optimizations based on feedback
* Validate CA keys for external sshd
* Add filename option and change default filename
Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem
Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.
Add some more documentation.
* Remove unneeded principalkey functions
* Add blank line
* Apply suggestions from code review
Co-authored-by: zeripath <[email protected]>
* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option
This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.
To allow anything the admin need to set the option anything.
This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).
This commit also has some small other fixes from the last code review.
* Rewrite principal keys file on user deletion
* Use correct rewrite method
* Set correct AuthorizedPrincipalsBackup default setting
* Rewrite principalsfile when adding principals
* Add update authorized_principals option to admin dashboard
* Handle non-primary emails
Signed-off-by: Andrew Thornton <[email protected]>
* Add the command actually to the dashboard template
* Update models/ssh_key.go
Co-authored-by: silverwind <[email protected]>
* By default do not show principal options unless there are CA keys set or they are explicitly set
Signed-off-by: Andrew Thornton <[email protected]>
* allow settings when enabled
* Fix typos in TrustedUserCAKeys path
* Allow every CASignatureAlgorithms algorithm
As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA
* Update models/ssh_key.go
Co-authored-by: Lauris BH <[email protected]>
* Fix linting issue
Co-authored-by: silverwind <[email protected]>
Co-authored-by: zeripath <[email protected]>
Co-authored-by: Lauris BH <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
* Extend git hook warning in the UI.
Git hooks are a dangerous feature, administrators should be warned before giving
the git hook privilege to users.
* Disable Git hooks by default and add warning.
Git hooks are a dangerous features (see warning text) that should only
be enabled if the administrator was informed about the risk involved.
Co-authored-by: Niklas Goerke <[email protected]>
* Don't automatically delete repository files if they are present
Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.
This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.
PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.
Signed-off-by: Andrew Thornton <[email protected]>
* Update swagger
Signed-off-by: Andrew Thornton <[email protected]>
* Fix tests and migrate overwrite
Signed-off-by: Andrew Thornton <[email protected]>
* as per @lunny
Only offer to adopt or overwrite if the user can do that.
Allow the site administrator to adopt or overwrite in all
circumstances
Signed-off-by: Andrew Thornton <[email protected]>
* Use setting.Repository.DefaultBranch for the default branch
Signed-off-by: Andrew Thornton <[email protected]>
* Always set setting.Repository.DefaultBranch
Signed-off-by: Andrew Thornton <[email protected]>
* update swagger
Signed-off-by: Andrew Thornton <[email protected]>
* update templates
Signed-off-by: Andrew Thornton <[email protected]>
* ensure repo closed
Signed-off-by: Andrew Thornton <[email protected]>
* Rewrite of adoption as per @6543 and @lunny
Signed-off-by: Andrew Thornton <[email protected]>
* Apply suggestions from code review
* update swagger
Signed-off-by: Andrew Thornton <[email protected]>
* missing not
Signed-off-by: Andrew Thornton <[email protected]>
* add modals and flash reporting
Signed-off-by: Andrew Thornton <[email protected]>
* Make the unadopted page searchable
Signed-off-by: Andrew Thornton <[email protected]>
* Add API
Signed-off-by: Andrew Thornton <[email protected]>
* Fix swagger
Signed-off-by: Andrew Thornton <[email protected]>
* fix swagger
Signed-off-by: Andrew Thornton <[email protected]>
* Handle empty and non-master branched repositories
Signed-off-by: Andrew Thornton <[email protected]>
* placate lint
Signed-off-by: Andrew Thornton <[email protected]>
* remove commented out code
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
* Add configurable Trust Models
Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.
The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.
The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.
Signed-off-by: Andrew Thornton <[email protected]>
* Adjust locale strings
Signed-off-by: Andrew Thornton <[email protected]>
* as per @6543
Co-authored-by: 6543 <[email protected]>
* Update models/gpg_key.go
* Add migration for repository
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: 6543 <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
Lauris BHandGitHub
GiteaBot
