Commit graph

15056 commits

Author SHA1 Message Date
Loïc Dachary
031928c447
[DOCS] CONTRIBUTING
Refs: https://codeberg.org/forgejo/forgejo/issues/8
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153
Refs: https://codeberg.org/forgejo/forgejo/issues/123
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299
(cherry picked from commit 08dcef0c8c)

[DOCS] CONTRIBUTING/RELEASE: https://forgejo.org/docs/admin

Because the version is not displayed on the landing page of Forgejo,
there cannot be a link to a versionned documentation. There must exist
a link that points to the latest version on the website for the
forgejo instance to display.

Better but more complicated approaches could be to:

* Embed the documentation in Forgejo
* Allow the admin to not display the help
* Allow the admin to display a versionned help or not

(cherry picked from commit 83cc389239)
(cherry picked from commit 5df52b8a4f)
(cherry picked from commit 9a66b3d70b)

[DOCS] CONTRIBUTING/RELEASE: reminder to update FORGEJO_VERSION

(cherry picked from commit 2a4d0bd164)
(cherry picked from commit d68576ba67)

[DOCS] CONTRIBUTING: updates

* Remove obsolete description of the well being & moderation team and
  replace them with a link to the moderation email.

* Remove description of the governance process and replace with a link
  to the governance readme that did not exist at the time.

* Add links to the Forgejo documentation

(cherry picked from commit df749da272)
(cherry picked from commit 4da39128c5)
(cherry picked from commit f442ca6f40)
2023-04-11 23:28:02 +02:00
Loïc Dachary
68c19d977d
delete Gitea specific files that need rewriting for Forgejo
Although it would be possible to modify these files, it would create
conflicts when rebasing. Instead, this commit removes them entirely
and another commit can start from scratch, borrowing content from the
original files.

The drawback of this approach is that some content updates from Gitea
that also need updating in Forgejo will have to be copy/pasted
instead of being merged.

(cherry picked from commit eb85782115)
(cherry picked from commit 34401f2004)
(cherry picked from commit ef43b1c691)
(cherry picked from commit d17fe25e2f)
(cherry picked from commit 3f65dea3e7)
(cherry picked from commit 3cacb64a1b)
(cherry picked from commit b531b014b7)
(cherry picked from commit adf6e7a840)
2023-04-11 23:28:02 +02:00
Loïc Dachary
57bdc91de5
[CI] [v1.20] tests/pgsql.ini.tmpl: do not use minio
f92e0a4018 added minio to the tests/pgsql.ini.tmpl and Forgejo CI does
not run a minio server. It will if there are external storage related
changes at some point but it is not the case now so it is not worth
the burden.

(cherry picked from commit 4cfbf4718d)
(cherry picked from commit 9bd644d601)
(cherry picked from commit 604636c7c4)
(cherry picked from commit 341cdb8540)
2023-04-11 22:46:30 +02:00
Loïc Dachary
c572666d78
[CI] set PASSWORD_HASH_ALGO = argon2 for integration tests
(cherry picked from commit 1d7ce2a39c)
(cherry picked from commit 3af8757583)
(cherry picked from commit 0b81815209)
(cherry picked from commit 7180a3222a)
(cherry picked from commit 069044f4a6)
(cherry picked from commit dd1438f389)
(cherry picked from commit 4ae6b5d64d)
2023-04-11 22:46:30 +02:00
Loïc Dachary
b777fc91d0
[CI] implementation: forgejo container images
(cherry picked from commit dd1971d4e6)
(cherry picked from commit 3981dbaf8c)
(cherry picked from commit 8dff3cc2d1)
(cherry picked from commit e7673e5d22)
(cherry picked from commit 326174064b)
(cherry picked from commit eb769dbde4)
(cherry picked from commit 335829ade2)
(cherry picked from commit 5e8e4f549d)

Conflicts:
	Dockerfile
	Dockerfile.rootless
2023-04-11 22:46:21 +02:00
Loïc Dachary
c78a861d1b
[CI] implementation: Woodpecker based CI
(cherry picked from commit c2a7aaeee8)
(cherry picked from commit 6b6007fbce)
(cherry picked from commit 63608a221e)
(cherry picked from commit 5cfe60baa7)
(cherry picked from commit 2af4c73d12)
(cherry picked from commit 1985959bfe)
(cherry picked from commit 880424c77e)
2023-04-11 22:42:41 +02:00
Loïc Dachary
148b3ee9cb
[CI] implementation: publish forgejo- binaries instead of gitea-
(cherry picked from commit 6d910daafb)
(cherry picked from commit d447861cc9)
(cherry picked from commit dc6e9d8799)
(cherry picked from commit ef232fa20c)
(cherry picked from commit 290c55517a)
(cherry picked from commit db48af1784)
(cherry picked from commit 85f33237a2)
(cherry picked from commit 76899ee33e)
2023-04-11 22:42:41 +02:00
Hester Gong
6a4be2cb6a
Add cardtype to org/user level project on creation, edit and view (#24043)
Part of #23318

The way to fix the missing cardtype for user/org level projects in this
PR is to port the cardtype related part from #22112 to org/user level
projects' template and router functions.

Before:
<img width="1135" alt="截屏2023-04-11 13 55 49"
src="https://user-images.githubusercontent.com/17645053/231069068-ba897129-ae90-4aa0-9b0f-468bf5c65375.png">

<img width="1131" alt="截屏2023-04-11 13 55 59"
src="https://user-images.githubusercontent.com/17645053/231069084-279f6681-5a10-42da-b5a8-2b0ba47c7078.png">


After:
Create
<img width="835" alt="截屏2023-04-11 13 27 16"
src="https://user-images.githubusercontent.com/17645053/231064445-0d6e12bd-5725-48db-a102-80e7472757c2.png">

Edit
<img width="852" alt="截屏2023-04-11 13 27 05"
src="https://user-images.githubusercontent.com/17645053/231064503-c70525cd-1038-43ec-8d93-8b8d95d183d4.png">

View
<img width="1329" alt="截屏2023-04-11 13 26 56"
src="https://user-images.githubusercontent.com/17645053/231064529-26023c85-698b-4b2e-af02-45f9820c77ec.png">

Co-authored-by: Giteabot <teabot@gitea.io>
2023-04-11 14:28:40 -04:00
Lunny Xiao
0536712ee7
Fix branch protection priority (#24045)
Fix #24044
2023-04-11 13:22:49 -04:00
6543
60fb63ba08
Update documentation to explain which projects allow Gitea to host static pages (#23993)
close  #23521

---------

Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-04-11 11:36:58 -05:00
wxiaoguang
25faee3c5f
Fix date display bug (#24047)
Follow
https://github.com/go-gitea/gitea/pull/23988#pullrequestreview-1377696819

Many template helper functions are not good enough and cause various
problems, that's why I am cleaning them.

## Before


![image](https://user-images.githubusercontent.com/51889757/230930898-0c48150f-de85-461d-9455-efcfdc36b644.png)


![image](https://user-images.githubusercontent.com/2114189/231111676-b0da1392-5e47-4f89-a81e-85156aca5cfd.png)


## After


![image](https://user-images.githubusercontent.com/2114189/231111732-920f304d-dd44-4c54-9f5f-518e325006fc.png)
2023-04-11 17:48:13 +08:00
wxiaoguang
704f3aa91c
Fine tune markdown editor toolbar (#24046)
1. Remove unnecessary `btn-link` `muted` classes
* Link is link, button is button, I can't see a real requirement to make
a button like a link.
* If anyone insists, please help to show me real example from modern
frameworks / websites, how and why they do so.
    * No need to duplicate a lot of class names on similar elements
* Declare styles clearly, for example, `markdown-toolbar` itself should
have `display: flex`, but not use `gt-df` to overwrite the `display:
block`.
2. Remove unnecessary `role` attribute
    * https://github.com/github/markdown-toolbar-element/issues/70
* The `markdown-toolbar-element` does want to add `role=button`, but
there is a bug.
* So we do the similar thing as upstream does (add the role by JS),
until they fix their bugs.
3. Indent `markdown-switch-easymde` (before it doesn't have a proper
indent)

Screenshot:

![image](https://user-images.githubusercontent.com/2114189/231090912-f6ba01cb-d0eb-40ad-bf8c-ffc597d9a778.png)
2023-04-11 16:36:18 +08:00
delvh
91c8261e2c
Add tooltips for MD editor buttons and add muted class for buttons (#23896)
Followup of #23876 according to my unreleased review demanding tooltips.
Additionally
- add a `muted` equivalent for buttons
- convert `switch to legacy` to an actual button
- enroll `switch to legacy` in the builtin pseudo focus cycle
- remove spaces between the buttons

The effect of the `muted` class is what you would expect: The button
loses all of its normal styling, and is defined only by its content instead.
This will help reduce a11y infractions in the future, as that was one of
the major points why people didn't use `<button>` tags and decided on a
bad fix (i.e. through `<div>`s) instead.

## Appearance

![image](https://user-images.githubusercontent.com/51889757/229510842-337378e5-faa5-4886-a910-08614c0c233d.png)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-11 15:26:18 +08:00
Leon Busch-George
7a8a4f5432
Prefer native parser for SSH public key parsing (#23798)
Without this patch, the setting SSH.StartBuiltinServer decides whether
the native (Go) implementation is used rather than calling 'ssh-keygen'.
It's possible for 'using ssh-keygen' and 'using the built-in server' to
be independent.
In fact, the gitea rootless container doesn't ship ssh-keygen and can be
configured to use the host's SSH server - which will cause the public
key parsing mechanism to break.

This commit changes the decision to be based on SSH.KeygenPath instead.
Any existing configurations with a custom KeygenPath set will continue
to function. The new default value of '' selects the native version. The
downside of this approach is that anyone who has relying on plain
'ssh-keygen' to have special properties will now be using the native
version instead.
I assume the exec-variant is only there because /x/crypto/ssh didn't
support ssh-ed25519 until 2016. I don't see any other reason for using
it so it might be an acceptable risk.

Fixes #23363

EDIT: this message was garbled when I tried to get the commit
description back in.. Trying to reconstruct it:

## ⚠️ BREAKING ⚠️ Users who don't have SSH.KeygenPath
explicitly set and rely on the ssh-keygen binary need to set
SSH.KeygenPath to 'ssh-keygen' in order to be able to continue using it
for public key parsing.

There was something else but I can't remember at the moment.

EDIT2: It was about `make test` and `make lint`. Can't get them to run.
To reproduce the issue, I installed `golang` in `docker.io/node:16` and
got:
```
...
go: mvdan.cc/xurls/v2@v2.4.0: unknown revision mvdan.cc/xurls/v2.4.0
go: gotest.tools/v3@v3.4.0: unknown revision gotest.tools/v3.4.0
...
go: gotest.tools/v3@v3.0.3: unknown revision gotest.tools/v3.0.3
...
go: error loading module requirements
```

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-04-11 14:34:28 +08:00
Nick
ef7fd781f5
Avoid recursing into sub-sub-sub-docs folders when looking for READMEs. (#23695)
Fixes a bug introduced in https://github.com/go-gitea/gitea/pull/22177
which allows finding READMEs like
docs/docs/docs/.gitea/.github/docs/README.md

Fixes https://github.com/go-gitea/gitea/issues/23694
2023-04-10 23:00:19 -04:00
GiteaBot
b7b887ba00 [skip ci] Updated translations via Crowdin 2023-04-11 00:08:10 +00:00
Yarden Shoham
b7b5834831
Use auto-updating, natively hoverable, localized time elements (#23988)
- Added [GitHub's `relative-time` element](https://github.com/github/relative-time-element)
- Converted all formatted timestamps to use this element
- No more flashes of unstyled content around time elements
- These elements are localized using the `lang` property of the HTML file
- Relative (e.g. the activities in the dashboard) and duration (e.g.
server uptime in the admin page) time elements are auto-updated to keep
up with the current time without refreshing the page
- Code that is not needed anymore such as `formatting.js` and parts of `since.go` have been deleted

Replaces #21440
Follows #22861

## Screenshots

### Localized

![image](https://user-images.githubusercontent.com/20454870/230775041-f0af4fda-8f6b-46d3-b8e3-d340c791a50c.png)

![image](https://user-images.githubusercontent.com/20454870/230673393-931415a9-5729-4ac3-9a89-c0fb5fbeeeb7.png)

### Tooltips

#### Native for dates

![image](https://user-images.githubusercontent.com/20454870/230797525-1fa0a854-83e3-484c-9da5-9425ab6528a3.png)

#### Interactive for relative

![image](https://user-images.githubusercontent.com/115237/230796860-51e1d640-c820-4a34-ba2e-39087020626a.png)

### Auto-update

![rec](https://user-images.githubusercontent.com/20454870/230672159-37480d8f-435a-43e9-a2b0-44073351c805.gif)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
2023-04-11 01:01:20 +02:00
6543
2b91841cd3
Reserve ".png" suffix for user/org names (#23992)
Org/User names ending with ".png" where not functional, so reserve them

alternative / close  #23908
2023-04-10 16:14:16 -04:00
Dmitry Sharshakov
eb397c3e63
Allow adding SSH keys even if SSH server is disabled (#24025)
This is useful in case you want to use them for signature verification.

A notice is added to avoid confusion.
2023-04-10 13:22:51 -04:00
silverwind
d7552c27d3
Add placeholder and aria attributes to release and wiki edit page (#24031)
- Add placeholders and aria-label all input fields on these two pages
- Add margin before wiki change message
- Remove labels from release page, replacing them with aria-label
2023-04-10 11:56:57 -04:00
Fredrik Eriksson
cb1536471b
Add --quiet option to gitea dump (#22969)
Fixes: #19687

The --quiet options to gitea dump silences informational and less
important messages, but will still log warnings and errors to console.
Very useful in combination with cron backups and '-f -'.

Since --verbose and --quiet are incompatible with each other I made it
an error to specify both. To get the error message to be printed to
stderr I had to make this test after the NewServices()-call, which is
why there are three new blocks of code instead of two.
2023-04-10 09:46:23 -04:00
Hester Gong
f9d6092cfe
Remove "inverted" class on creating new label and cancel buttons (#24030)
"inverted" class might not be needed because background of these two
buttons is light color.

inverted related rule from `semantic.css`:
```css
.ui.inverted.green.basic.buttons .button,
.ui.inverted.green.buttons .basic.button,
.ui.inverted.green.basic.button {
  background-color: transparent;
  box-shadow: 0 0 0 2px rgba(255, 255, 255, 0.5) inset;
  color: #FFFFFF;
}
```

Before:
<img width="771" alt="截屏2023-04-10 17 21 22"
src="https://user-images.githubusercontent.com/17645053/230873878-cc64b3d6-ffa9-4cae-9280-07b06f7829b2.png">

After:
<img width="765" alt="截屏2023-04-10 17 22 14"
src="https://user-images.githubusercontent.com/17645053/230873956-9412054f-b739-4878-9ee9-57ff65eb7910.png">
2023-04-10 20:00:30 +08:00
Jason Song
8cbc4a367d
Use actions job link as commit status URL instead of run link (#24023)
A commit status is bound to a job, not a run.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-10 06:40:30 -04:00
wxiaoguang
4e33481357
Make label templates have consistent behavior and priority (#23749)
Fix https://github.com/go-gitea/gitea/issues/23715

Other related PRs:

* #23717
* #23716
* #23719

This PR is different from others, it tries to resolve the problem fundamentally (and brings more benefits)

Although it looks like some more lines are added, actually many new lines are for tests.

----

Before, the code was just "guessing" the file type and try to parse them.

<details>

![image](https://user-images.githubusercontent.com/2114189/228002245-57d58e27-1078-4da9-bf42-5bc0b264c6ce.png)

</details>

This PR:

* Always remember the original option file names, and always use correct parser for them.

* Another benefit is that we can sort the Label Templates now (before there was a map, its key order is undefined)

![image](https://user-images.githubusercontent.com/2114189/228002432-931b9f18-3908-484b-a36b-04760c9ad132.png)
2023-04-10 16:44:02 +08:00
yp05327
bb6c670cff
Add actions support to package auth verification (#23729)
Partly fixes https://github.com/go-gitea/gitea/issues/23642

Error info:

![image](https://user-images.githubusercontent.com/18380374/227827027-4280a368-ec9e-49e0-bb93-6b496ada7cd9.png)
ActionsUser (userID -2) is used to login in to docker in action jobs.

Due to we have no permission policy settings of ActionsUser now,
ActionsUser can only access public registry by this quick fix.
2023-04-10 15:21:03 +08:00
Lunny Xiao
fd9d072af1
Fix protected branch for API (#24013)
Fix #23998
2023-04-09 22:52:16 -04:00
GiteaBot
ce8a6be55d [skip ci] Updated translations via Crowdin 2023-04-10 00:07:14 +00:00
silverwind
55d93fed8a
Fix markdownlint (#24024)
Should fix the currently broken CI, and also validate via new
`complicance-docs` pipeline.
2023-04-09 14:39:37 -04:00
silverwind
96fb7506db
Introduce lint-md and compliance-docs pipeline (#24021)
- Add new Make target `lint-md`
- Add new Drone pipeline `compliance-docs`
- Add `*.md` to docs exclusion/inclusion
- Consistently quote `path.include` and `path.exclude` statements in
YAML
2023-04-09 20:05:12 +02:00
Lunny Xiao
53439e5c79
Fix https setup doc zh-cn (#24015) 2023-04-09 19:53:08 +02:00
silverwind
9f6bc7c6f4
Replace tribute with text-expander-element for textarea (#23985)
The completion popup now behaves now much more as expected than before
for the raw textarea:
- You can press <kbd>Tab</kbd> or <kbd>Enter</kbd> once the completion
popup is open to accept the selected item
- The menu does not close automatically when moving the cursor
- When you delete text, previously correct suggestions are shown again
- If you delete all text until the opening char (`@` or `:`) after
applying a suggestion, the popup reappears again
- Menu UI has been improved

<img width="278" alt="Screenshot 2023-04-07 at 19 43 42"
src="https://user-images.githubusercontent.com/115237/230653601-d6517b9f-0988-445e-aa57-5ebfaf5039f3.png">
2023-04-09 12:18:45 -04:00
yp05327
8bc8ca1953
Improve GetBoards and getDefaultBoard (#22981)
Change 
`GetBoards(ctx context.Context, projectID int64)`
to
`(p *Project) GetBoards(ctx context.Context) (BoardList, error)`

`getDefaultBoard` is same.
2023-04-09 22:07:23 +08:00
sillyguodong
bedad23f9e
Expand/Collapse all changed files (#23639)
close #23628 

Now in `...` dropdown, you can expand or collapse all diff files that
have loaded.

https://user-images.githubusercontent.com/33891828/227749688-2d406916-3347-49f6-93a5-4092a00e8809.mov

Co-authored-by: silverwind <me@silverwind.io>
2023-04-09 21:11:02 +08:00
silverwind
f2b98d8259
Show errors for KaTeX and mermaid on the preview tab (#24009)
There is a conflicting fomantic rule that hid the error messages inside
the markdown preview tab for things like mermaid or katex.
Overruled it to always show these errors.

<img width="774" alt="image"
src="https://user-images.githubusercontent.com/115237/230738528-322814c1-8994-495e-b901-bbb79b924ccb.png">
2023-04-09 08:07:43 -04:00
Hester Gong
a519aac6d5
Show protected branch rule names again (#23907)
`!important`s for one of the primary label selectors are removed by
#23774, so the repository branch protection settings ui will not have
the demanding css. This PR modifies `.ui.primary.label` to fix it.

Before:
<img width="1408" alt="飞书20230404-115410"
src="https://user-images.githubusercontent.com/17645053/229683221-ef9c7d5c-68a8-42b0-ba19-ef2d5dfce5f9.png">

After:
<img width="1419" alt="截屏2023-04-04 11 56 32"
src="https://user-images.githubusercontent.com/17645053/229683469-70cfc92d-d7ef-4323-a7f5-2247810fabce.png">

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-09 06:15:43 -04:00
Yarden Shoham
42e009fa11
Reference the zh-CN version of reverse-proxies in https-support (#24016) 2023-04-09 17:31:31 +08:00
Yarden Shoham
768ee158f5
Fix lint problem in https-support.zh-cn.md (#24014)
https://github.com/DavidAnson/markdownlint/blob/v0.26.2/doc/Rules.md#md051
2023-04-09 17:06:31 +08:00
阿卡林刘
57aab79b0d
docs: HTTPS configuration for zh-cn (#23039)
added the Use HTTPS Configuration section Translation Chinese

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-09 16:30:26 +08:00
wxiaoguang
2f46838120
Re-add initial wiki page text when editing the page (#23984)
The `$content` was prepared above, but forgot to put it into the editor

Fix #23979
2023-04-09 15:51:32 +08:00
GiteaBot
d1517946b4 [skip ci] Updated translations via Crowdin 2023-04-09 00:07:20 +00:00
Daniel Gunzinger
31ae81fe70
fix: do not escape space between PyPI repository url and package name… (#23981)
…; add trailing slash to PyPI repository URL (in accordance to PEP-503)

This should solve Issue #23980, by moving the space in front of the
package name and the package name out of the `gitea-origin-url` block.
It also adds a trailing slash to the PyPI repository URL in accordance
to [Python PEP-503](https://peps.python.org/pep-0503/).

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-08 14:57:00 -04:00
wxiaoguang
94fde46151
Make bindata static build parse builtin templates correctly (#24003)
Close #24002


Two problems before:

1. The `log.Fatal` is missing after these `wrapFatal` calls, so the
error is not shown to users.
2. `GetTemplateAssetNames` has different behaviors for local files and
builtin assets, for builtin assets, it also returns directories, so we
need to check the extension again.

I have tested with `TAGS="bindata sqlite sqlite_unlock_notify" make
build && ./gitea` , it works well now. Before, the server responds
internal server error (because it doesn't complete the template parsing)
2023-04-08 21:56:50 +08:00
wxiaoguang
fdbd646113
Group template helper functions, remove Printf, improve template error messages (#23982)
Follow #23328 


Major changes:

* Group the function in `templates/help.go` by their purposes. It could
make future work easier.
* Remove the `Printf` helper function, there is already a builtin
`printf`.
* Remove `DiffStatsWidth`, replace with `Eval` in template
* Rename the `NewTextFuncMap` to `mailSubjectTextFuncMap`, it's for
subject text template only, no need to make it support HTML functions.


----

And fine tune template error messages, to make it more friendly to
developers and users.


![image](https://user-images.githubusercontent.com/2114189/230714245-4fd202d1-2b25-41b2-8be5-03c5fee45091.png)


![image](https://user-images.githubusercontent.com/2114189/230714277-66783577-2a03-49d5-8e8c-ceba5e07a2d4.png)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-08 21:15:22 +08:00
silverwind
cf5a281fdc
Adjust sticky pr header to cover background (#23956)
Very minor CSS tweak: Adjust sticky PR header to cover the box-shadow of
selected files.

Before:
<img width="1250" alt="Screenshot 2023-04-06 at 22 54 59"
src="https://user-images.githubusercontent.com/115237/230492218-4d71da48-a362-4c52-a7f7-01daf4ffa458.png">

After:
<img width="1255" alt="Screenshot 2023-04-06 at 22 54 46"
src="https://user-images.githubusercontent.com/115237/230492227-c7142210-e535-4da8-b610-37d33dcbb549.png">
2023-04-08 20:43:15 +08:00
harryzcy
1ee45305e0
Update github.com/google/go-github to v51 (#23946)
`github.com/google/go-github` has new major version releases frequently.
It is required to update all import path, in additional to `go.mod`
2023-04-08 19:27:30 +08:00
n0toose
5e1bd8af5f
Show visibility status of email in own profile (#23900)
I've heard many reports of users getting scared when they see their own
email address for their own profile, as they believe that the email
field is also visible to other users. Currently, using Incognito mode
or going over the Settings is the only "reasonable" way to verify this
from the perspective of the user.

A locked padlock should be enough to indicate that the email is not
visible to anyone apart from the user and the admins. An unlocked
padlock is used if the email address is only shown to authenticated
users.

Some additional string-related changes in the Settings were introduced
as well to ensure consistency, and the comments in the relevant tests
were improved so as to allow for easier modifications in the future.

---

#### Screenshot (EDIT: Scroll down for more up-to-date screenshots)

***Please remove this section before merging.***


![image](https://user-images.githubusercontent.com/30193966/229572425-909894aa-a7d5-4bf3-92d3-23b1921dcc90.png)

This lock should only appear if the email address is explicitly hidden
using the `Hide Email Address` setting. The change was originally tested
on top of and designed for the Forgejo fork, but I don't expect any
problems to arise from this and I don't think that a
documentation-related change is strictly necessary.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-08 06:05:21 -04:00
silverwind
3037922a9b
Add eslint-plugin-custom-elements (#23991)
Add
[eslint-plugin-custom-elements](https://github.com/github/eslint-plugin-custom-elements)
and enable all rules that I've found sensible.
2023-04-08 05:24:42 -04:00
Lunny Xiao
b918a2c4fb
Fix redirect bug when creating issue from a project (#23971)
Fix #23966
2023-04-08 16:17:50 +08:00
wxiaoguang
8f00979f73
Drop "unrolled/render" package (#23965)
None of the features of `unrolled/render` package is used. 

The Golang builtin "html/template" just works well. Then we can improve
our HTML render to resolve the "$.root.locale.Tr" problem as much as
possible.

Next step: we can have a template render pool (by Clone), then we can
inject global functions with dynamic context to every `Execute` calls.
Then we can use `{{Locale.Tr ....}}` directly in all templates , no need
to pass the `$.root.locale` again and again.
2023-04-08 14:21:50 +08:00
dependabot[bot]
7ee2c1336c
Bump vm2 from 3.9.14 to 3.9.15 (#23990)
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.14 to 3.9.15.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/patriksimek/vm2/releases">vm2's
releases</a>.</em></p>
<blockquote>
<h2>3.9.15</h2>
<p><strong>Fixes</strong></p>
<p><a
href="d534e5785f</a>:
Ensure no host objects are passed through to
<code>Error.prepareStackTrace</code>. (Thanky to Seongil Wi from KAIST
<a href="https://wsp-lab.github.io/">WSP Lab</a>)</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md">vm2's
changelog</a>.</em></p>
<blockquote>
<h2>v3.9.15 (2023-04-06)</h2>
<p>[fix] Security fix (see <a
href="https://redirect.github.com/patriksimek/vm2/issues/515">patriksimek/vm2#515</a>).</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="115d1644b7"><code>115d164</code></a>
Release 3.9.15</li>
<li><a
href="d534e5785f"><code>d534e57</code></a>
Wrap host objects passes through prepareStackTrace</li>
<li>See full diff in <a
href="https://github.com/patriksimek/vm2/compare/3.9.14...3.9.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vm2&package-manager=npm_and_yarn&previous-version=3.9.14&new-version=3.9.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/go-gitea/gitea/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-07 19:29:07 -04:00