Merge remote-tracking branch 'origin/main' into fix-13939-make-2fa-op…

…tional

.drone.yml

@@ -214,16 +214,6 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata sqlite sqlite_unlock_notify
-      GITHUB_READ_TOKEN:
-        from_secret: github_read_token
-
-  - name: unit-test-race
-    image: golang:1.17
-    commands:
-      - make test-backend
-    environment:
-      GOPROXY: off
-      TAGS: sqlite sqlite_unlock_notify
       RACE_ENABLED: true
       GITHUB_READ_TOKEN:
         from_secret: github_read_token
@@ -236,6 +226,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata gogit sqlite sqlite_unlock_notify
+      RACE_ENABLED: true
       GITHUB_READ_TOKEN:
         from_secret: github_read_token
 
@@ -246,6 +237,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata
+      RACE_ENABLED: true
       TEST_LDAP: 1
       USE_REPO_TEST_DIR: 1
       TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200"
@@ -259,6 +251,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata
+      RACE_ENABLED: true
       TEST_LDAP: 1
       USE_REPO_TEST_DIR: 1
     depends_on:
@@ -271,6 +264,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata
+      RACE_ENABLED: true
       TEST_LDAP: 1
       USE_REPO_TEST_DIR: 1
     depends_on:
@@ -366,6 +360,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata gogit sqlite sqlite_unlock_notify
+      RACE_ENABLED: true
       TEST_TAGS: gogit sqlite sqlite_unlock_notify
       USE_REPO_TEST_DIR: 1
     depends_on:
@@ -378,6 +373,7 @@ steps:
     environment:
       GOPROXY: off
       TAGS: bindata gogit
+      RACE_ENABLED: true
       TEST_TAGS: gogit
       TEST_LDAP: 1
       USE_REPO_TEST_DIR: 1

.gitattributes

@@ -4,3 +4,4 @@
 /templates/**/*.tmpl linguist-language=Handlebars
 /.eslintrc linguist-language=YAML
 /.stylelintrc linguist-language=YAML
+/web_src/fomantic/build/** linguist-generated

CHANGELOG.md

@@ -4,51 +4,42 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 
-## [1.15.0-rc3](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc3) - 2021-08-06
+## [1.15.2](https://github.com/go-gitea/gitea/releases/tag/v1.15.2) - 2021-09-03
 
-* BREAKING
-  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
-* SECURITY
-  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
-  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
-  * Don't show private user's repo in explore view (#16550) (#16554)
-  * Update node tar dependency to 6.1.6 (#16622) (#16623)
-* API
-  * Swagger AccessToken fixes (#16574) (#16597)
-  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
 * BUGFIXES
-  * Restore Accessibility for Dropdown (#16576) (#16617)
-  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
-  * Fix table alignment in markdown (#16596) (#16602)
-  * Fix 500 on first wiki page (#16586) (#16598)
-  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
-  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
-  * Handle too long PR titles correctly (#16517) (#16549)
-  * Fix data race in bleve indexer (#16474) (#16509)
-  * Restore CORS on git smart http protocol (#16496) (#16506)
-  * Fix race in log (#16490) (#16505)
-  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
-  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
-  * Update notification table with only latest data (#16445) (#16469)
-  * Revert to use alpine 3.13 (#16451) (#16452)
-  * Fix crash following ldap authentication update (#16447) (#16448)
-  * Fix direct creation of external users on admin page (partial #16612) (#16613)
-  * Prevent 500 on draft releases without tag (#16634) (#16636)
+  * Add unique constraint back into issue_index (#16938)
+  * Close storage objects before cleaning (#16934) (#16942)
 
-## [1.15.0-rc2](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc2) - 2021-07-22
+## [1.15.1](https://github.com/go-gitea/gitea/releases/tag/v1.15.1) - 2021-09-02
 
 * BUGFIXES
-  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
-  * Fix data race in bleve indexer (#16474) (#16509)
-  * Restore CORS on git smart http protocol (#16496) (#16506)
-  * Fix race in log (#16490) (#16505)
-  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
-  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
-  * Update notification table with only latest data (#16445) (#16469)
-  * Revert to use alpine 3.13 to fix multiple seccomp related issues with Docker <20 (#16451) (#16452)
-  * Fix crash following ldap authentication update (#16447) (#16448)
-
-## [1.15.0-rc1](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc1) - 2021-07-15
+  * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923)
+  * Prevent leave changes dialogs due to autofill fields (#16912) (#16920)
+  * Ignore review comment when ref commit is missed (#16905) (#16919)
+  * Fix wrong attachment removal (#16915) (#16917)
+  * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)
+  * Correctly return the number of Repositories for Organizations (#16807) (#16911)
+  * Test if LFS object is accessible (#16865) (#16904)
+  * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900)
+  * Fix dump and restore respository (#16698) (#16898)
+  * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895)
+  * Fix wiki raw commit diff/patch view (#16891) (#16892)
+  * Ensure wiki repos are all closed (#16886) (#16888)
+  * List limited and private orgs if authenticated on API (#16866) (#16879)
+  * Simplify split diff view generation and remove JS dependency (#16775) (#16863)
+  * Ensure that the default visibility is set on the user create page (#16845) (#16862)
+  * In Render tolerate not being passed a context (#16842) (#16858)
+  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)
+  * Report the correct number of pushes on the feeds (#16811) (#16822)
+  * Add primary_key to issue_index (#16813) (#16820)
+  * Prevent NPE on empty commit (#16812) (#16819)
+  * Fix branch pagination error (#16805) (#16816)
+  * Add missing return to handleSettingRemoteAddrError (#16794) (#16795)
+  * Remove spurious / from issues.opened_by (#16793)
+  * Ensure that template compilation panics are sent to the logs (#16788) (#16792)
+  * Update caddyserver/certmagic (#16789) (#16790)
+
+## [1.15.0](https://github.com/go-gitea/gitea/releases/tag/v1.15.0) - 2021-08-21
 
 * BREAKING
   * Make app.ini permissions more restrictive (#16266)
@@ -63,9 +54,15 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Move (custom) assets into subpath `/assets` (#15219)
   * Use level config in log section when sub log section not set level (#15176)
   * Links in markdown should be absolute to the repository not the server (#15088)
+  * Upgrade to the latest version of golang-jwt (#16590) (#16606)
+  * Set minimum supported version of go to 1.16 (#16710)
 * SECURITY
   * Encrypt LDAP bind password in db with SECRET_KEY (#15547)
   * Remove random password in Dockerfiles (#15362)
+  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
+  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
+  * Don't show private user's repo in explore view (#16550) (#16554)
+  * Update node tar dependency to 6.1.6 (#16622) (#16623)
 * FEATURES
   * Update Go-Git to take advantage of LargeObjectThreshold (#16316)
   * Support custom mime type mapping for text files (#16304)
@@ -86,7 +83,7 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add LFS Migration and Mirror (#14726)
   * Improve notifications for WIP draft PR's (#14663)
   * Disable Stars config option (#14653)
-  * Add option to provide signature for a token to verify key ownership (#14054)
+  * GPG Key Ownership verification with Signed Token (#14054)
   * OAuth2 auto-register (#5123)
 * API
   * Return updated repository when changing repository using API (#16420)
@@ -106,6 +103,8 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add Active and ProhibitLogin to API (#15689)
   * Add Location, Website and Description to API (#15675)
   * Expose resolver via API (#15167)
+  * Swagger AccessToken fixes (#16574) (#16597)
+  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
 * ENHANCEMENTS
   * Support HTTP/2 in Let's Encrypt (#16371)
   * Introduce NotifySubjectType (#16320)
@@ -231,6 +230,41 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
   * Add code block highlight to orgmode back (#14222)
   * Remove User.GetOrganizations() (#14032)
+  * Restore Accessibility for Dropdown (#16576) (#16617)
+  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
+  * Fix table alignment in markdown (#16596) (#16602)
+  * Fix 500 on first wiki page (#16586) (#16598)
+  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
+  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
+  * Handle too long PR titles correctly (#16517) (#16549)
+  * Fix data race in bleve indexer (#16474) (#16509)
+  * Restore CORS on git smart http protocol (#16496) (#16506)
+  * Fix race in log (#16490) (#16505)
+  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
+  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
+  * Update notification table with only latest data (#16445) (#16469)
+  * Fix crash following ldap authentication update (#16447) (#16448)
+  * Fix direct creation of external users on admin page (partial #16612) (#16613)
+  * Prevent 500 on draft releases without tag (#16634) (#16636)
+  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
+  * Fix data race in bleve indexer (#16474) (#16509)
+  * Restore CORS on git smart http protocol (#16496) (#16506)
+  * Fix race in log (#16490) (#16505)
+  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
+  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
+  * Update notification table with only latest data (#16445) (#16469)
+  * Fix crash following ldap authentication update (#16447) (#16448)
+  * Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
+  * Fix direct creation of external users on admin page (#16613)
+  * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
+  * Fix NPE in fuzzer (#16680) (#16682)
+  * Set issue_index when finishing migration (#16685) (#16687)
+  * Skip patch download when no patch file exists (#16356) (#16681)
+  * Ensure empty lines are copiable and final new line too (#16678) (#16692)
+  * Fix wrong user in OpenID response (#16736) (#16741)
+  * Do not use thin scrollbars on Firefox (#16738) (#16745)
+  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
+  * Keep attachments on tasklist update (#16750) (#16757)
 * TESTING
   * Bump `postgres` and `mysql` versions (#15710)
   * Add tests for clone from wiki (#15513)
@@ -241,7 +275,6 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Fix mirror_lfs source string in en-US locale (#15369)
 * BUILD
   * Upgrade xorm to v1.1.1 (#16339)
-  * Alpine 3.14 released (#16170)
   * Disable legal comments in esbuild (#15929)
   * Switch to Node 16 to build fronted  (#15804)
   * Use esbuild to minify CSS (#15756)
@@ -260,6 +293,15 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Remove utf8 option from installation page (#16126)
   * Use Wants= over Requires= in systemd file (#15897)
 
+## [1.14.7](https://github.com/go-gitea/gitea/releases/tag/v1.14.7) - 2021-09-02
+
+* BUGFIXES
+  * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896)
+  * Fix wiki raw commit diff/patch view (#16891) (#16893)
+  * Ensure wiki repos are all closed (#16886) (#16889)
+  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849)
+  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740)
+
 ## [1.14.6](https://github.com/go-gitea/gitea/releases/tag/v1.14.6) - 2021-08-04
 
 * SECURITY

Makefile

@@ -385,7 +385,9 @@ test\#%:
 
 .PHONY: coverage
 coverage:
-	GO111MODULE=on $(GO) run -mod=vendor build/gocovmerge.go integration.coverage.out $(shell find . -type f -name "coverage.out") > coverage.all
+	grep '^\(mode: .*\)\|\(.*:[0-9]\+\.[0-9]\+,[0-9]\+\.[0-9]\+ [0-9]\+ [0-9]\+\)$$' coverage.out > coverage-bodged.out
+	grep '^\(mode: .*\)\|\(.*:[0-9]\+\.[0-9]\+,[0-9]\+\.[0-9]\+ [0-9]\+ [0-9]\+\)$$' integration.coverage.out > integration.coverage-bodged.out
+	GO111MODULE=on $(GO) run -mod=vendor build/gocovmerge.go integration.coverage-bodged.out coverage-bodged.out > coverage.all || (echo "gocovmerge failed"; echo "integration.coverage.out"; cat integration.coverage.out; echo "coverage.out"; cat coverage.out; exit 1)
 
 .PHONY: unit-test-coverage
 unit-test-coverage:
@@ -701,6 +703,7 @@ fomantic:
 	cp -rf $(FOMANTIC_WORK_DIR)/_site $(FOMANTIC_WORK_DIR)/node_modules/fomantic-ui/src/
 	cp -f web_src/js/vendor/dropdown.js $(FOMANTIC_WORK_DIR)/node_modules/fomantic-ui/src/definitions/modules
 	cd $(FOMANTIC_WORK_DIR) && npx gulp -f node_modules/fomantic-ui/gulpfile.js build
+	rm -f $(FOMANTIC_WORK_DIR)/build/*.min.*
 
 .PHONY: webpack
 webpack: $(WEBPACK_DEST)

README.md

@@ -15,7 +15,7 @@
   <a href="https://codecov.io/gh/go-gitea/gitea" title="Codecov">
     <img src="https://codecov.io/gh/go-gitea/gitea/branch/main/graph/badge.svg">
   </a>
-  <a href="https://godoc.org/code.gitea.io/gitea" title="Go Report Card">
+  <a href="https://goreportcard.com/report/code.gitea.io/gitea" title="Go Report Card">
     <img src="https://goreportcard.com/badge/code.gitea.io/gitea">
   </a>
   <a href="https://godoc.org/code.gitea.io/gitea" title="GoDoc">
@@ -73,7 +73,7 @@ or if sqlite support is required:
 
 The `build` target is split into two sub-targets:
 
-- `make backend` which requires [Go 1.13](https://golang.org/dl/) or greater.
+- `make backend` which requires [Go 1.16](https://golang.org/dl/) or greater.
 - `make frontend` which requires [Node.js 12.17](https://nodejs.org/en/download/) or greater and Internet connectivity to download npm dependencies.
 
 When building from the official source tarballs which include pre-built frontend files, the `frontend` target will not be triggered, making it possible to build without Node.js and Internet connectivity.

README_ZH.md

@@ -15,7 +15,7 @@
   <a href="https://codecov.io/gh/go-gitea/gitea" title="Codecov">
     <img src="https://codecov.io/gh/go-gitea/gitea/branch/main/graph/badge.svg">
   </a>
-  <a href="https://godoc.org/code.gitea.io/gitea" title="Go Report Card">
+  <a href="https://goreportcard.com/report/code.gitea.io/gitea" title="Go Report Card">
     <img src="https://goreportcard.com/badge/code.gitea.io/gitea">
   </a>
   <a href="https://godoc.org/code.gitea.io/gitea" title="GoDoc">

build.go

@@ -2,7 +2,8 @@
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
-//+build vendor
+//go:build vendor
+// +build vendor
 
 package main
 

build/generate-bindata.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build ignore
 // +build ignore
 
 package main

build/generate-emoji.go

@@ -3,6 +3,7 @@
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build ignore
 // +build ignore
 
 package main

build/generate-gitignores.go

@@ -1,3 +1,4 @@
+//go:build ignore
 // +build ignore
 
 package main

build/generate-licenses.go

@@ -1,3 +1,4 @@
+//go:build ignore
 // +build ignore
 
 package main

build/gocovmerge.go

@@ -6,6 +6,7 @@
 // gocovmerge takes the results from multiple `go test -coverprofile` runs and
 // merges them into one profile
 
+//go:build ignore
 // +build ignore
 
 package main
@@ -108,7 +109,7 @@ func main() {
 	for _, file := range flag.Args() {
 		profiles, err := cover.ParseProfiles(file)
 		if err != nil {
-			log.Fatalf("failed to parse profiles: %v", err)
+			log.Fatalf("failed to parse profile '%s': %v", file, err)
 		}
 		for _, p := range profiles {
 			merged = addProfile(merged, p)

cmd/embedded.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build bindata
 // +build bindata
 
 package cmd

cmd/embedded_stub.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !bindata
 // +build !bindata
 
 package cmd

cmd/web.go

@@ -86,6 +86,11 @@ func runWeb(ctx *cli.Context) error {
 		_ = log.DelLogger("console")
 		log.NewLogger(0, "console", "console", fmt.Sprintf(`{"level": "fatal", "colorize": %t, "stacktraceLevel": "none"}`, log.CanColorStdout))
 	}
+	defer func() {
+		if panicked := recover(); panicked != nil {
+			log.Fatal("PANIC: %v\n%s", panicked, string(log.Stack(2)))
+		}
+	}()
 
 	managerCtx, cancel := context.WithCancel(context.Background())
 	graceful.InitManager(managerCtx)

custom/conf/app.example.ini

@@ -392,7 +392,7 @@ INTERNAL_TOKEN=
 ;; Enables OAuth2 provider
 ENABLE = true
 ;;
-;; Algorithm used to sign OAuth2 tokens. Valid values: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512
+;; Algorithm used to sign OAuth2 tokens. Valid values: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512, EdDSA
 ;JWT_SIGNING_ALGORITHM = RS256
 ;;
 ;; Private key file path used to sign OAuth2 tokens. The path is relative to APP_DATA_PATH.
@@ -907,6 +907,7 @@ PATH =
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
 ;ALLOWED_TYPES =
+;DEFAULT_PAGING_NUM = 10
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;