gitcaddy/gitea
2
0
Fork 0
Code Issues Packages Releases 7 Wiki

Compare commits

base: gitcaddy:main
Branches Tags
gitcaddy:main gitcaddy:release/v1.25 gitcaddy:release/v1.24 gitcaddy:release/v1.23 gitcaddy:release/v1.22 gitcaddy:release/v1.21 gitcaddy:release/v1.20 gitcaddy:release/v1.19 gitcaddy:release/v1.18 gitcaddy:release/v1.17 gitcaddy:release/v1.16 gitcaddy:release/v1.15 gitcaddy:release/v1.14 gitcaddy:release/v1.13 gitcaddy:release/v1.12 gitcaddy:release/v1.11 gitcaddy:release/v1.10 gitcaddy:release/v1.9 gitcaddy:release/v1.8
gitcaddy:v1.26.10-gitcaddy gitcaddy:v1.26.9-gitcaddy gitcaddy:v1.26.8-gitcaddy gitcaddy:v1.26.7-gitcaddy gitcaddy:v1.26.6-gitcaddy gitcaddy:v1.26.5-gitcaddy gitcaddy:v1.26.4-gitcaddy gitcaddy:v1.26.3-gitcaddy gitcaddy:v1.26.2-gitcaddy gitcaddy:v1.26.1-gitcaddy gitcaddy:v1.26.0 gitcaddy:v1.25.3 gitcaddy:v1.25.2 gitcaddy:v1.25.1 gitcaddy:v1.25.0 gitcaddy:v1.24.7 gitcaddy:v1.25.0-rc0 gitcaddy:v1.26.0-dev gitcaddy:v1.24.6 gitcaddy:v1.24.5 gitcaddy:v1.24.4 gitcaddy:v1.24.3 gitcaddy:v1.24.2 gitcaddy:v1.24.1 gitcaddy:v1.24.0 gitcaddy:v1.23.8 gitcaddy:v1.24.0-rc0 gitcaddy:v1.25.0-dev gitcaddy:v1.23.7 gitcaddy:v1.23.6 gitcaddy:v1.23.5 gitcaddy:v1.23.4 gitcaddy:v1.23.3 gitcaddy:v1.23.2 gitcaddy:v1.23.1 gitcaddy:v1.23.0 gitcaddy:v1.23.0-rc0 gitcaddy:v1.24.0-dev gitcaddy:v1.22.6 gitcaddy:v1.22.5 gitcaddy:v1.22.4 gitcaddy:v1.22.3 gitcaddy:v1.22.2 gitcaddy:v1.22.1 gitcaddy:v1.22.0 gitcaddy:v1.23.0-dev gitcaddy:v1.22.0-rc1 gitcaddy:v1.21.11 gitcaddy:v1.22.0-rc0 gitcaddy:v1.21.10 gitcaddy:v1.21.9 gitcaddy:v1.21.8 gitcaddy:v1.21.7 gitcaddy:v1.21.6 gitcaddy:v1.21.5 gitcaddy:v1.21.4 gitcaddy:v1.21.3 gitcaddy:v1.21.2 gitcaddy:v1.20.6 gitcaddy:v1.21.1 gitcaddy:v1.21.0 gitcaddy:v1.21.0-rc2 gitcaddy:v1.21.0-rc1 gitcaddy:v1.20.5 gitcaddy:v1.22.0-dev gitcaddy:v1.21.0-rc0 gitcaddy:v1.20.4 gitcaddy:v1.20.3 gitcaddy:v1.20.2 gitcaddy:v1.20.1 gitcaddy:v1.20.0 gitcaddy:v1.19.4 gitcaddy:v1.21.0-dev gitcaddy:v1.20.0-rc2 gitcaddy:v1.20.0-rc1 gitcaddy:v1.20.0-rc0 gitcaddy:v1.19.3 gitcaddy:v1.19.2 gitcaddy:v1.19.1 gitcaddy:v1.19.0 gitcaddy:v1.19.0-rc1 gitcaddy:v1.20.0-dev gitcaddy:v1.19.0-rc0 gitcaddy:v1.18.5 gitcaddy:v1.18.4 gitcaddy:v1.18.3 gitcaddy:v1.18.2 gitcaddy:v1.18.1 gitcaddy:v1.18.0 gitcaddy:v1.17.4 gitcaddy:v1.18.0-rc1 gitcaddy:v1.19.0-dev gitcaddy:v1.18.0-rc0 gitcaddy:v1.17.3 gitcaddy:v1.17.2 gitcaddy:v1.17.1 gitcaddy:v1.17.0 gitcaddy:v1.17.0-rc2 gitcaddy:v1.16.9 gitcaddy:v1.17.0-rc1 gitcaddy:v1.18.0-dev gitcaddy:v1.16.8 gitcaddy:v1.16.7 gitcaddy:v1.16.6 gitcaddy:v1.16.5 gitcaddy:v1.16.4 gitcaddy:v1.16.3 gitcaddy:v1.16.2 gitcaddy:v1.16.1 gitcaddy:v1.16.0 gitcaddy:v1.15.11 gitcaddy:v1.17.0-dev gitcaddy:v1.16.0-rc1 gitcaddy:v1.15.10 gitcaddy:v1.15.9 gitcaddy:v1.15.8 gitcaddy:v1.15.7 gitcaddy:v1.15.6 gitcaddy:v1.15.5 gitcaddy:v1.15.4 gitcaddy:v1.15.3 gitcaddy:v1.15.2 gitcaddy:v1.15.1 gitcaddy:v1.14.7 gitcaddy:v1.15.0 gitcaddy:v1.15.0-rc3 gitcaddy:v1.14.6 gitcaddy:v1.15.0-rc2 gitcaddy:v1.14.5 gitcaddy:v1.16.0-dev gitcaddy:v1.15.0-rc1 gitcaddy:v1.14.4 gitcaddy:v1.14.3 gitcaddy:v1.14.2 gitcaddy:v1.14.1 gitcaddy:v1.14.0 gitcaddy:v1.13.7 gitcaddy:v1.14.0-rc2 gitcaddy:v1.13.6 gitcaddy:v1.13.5 gitcaddy:v1.14.0-rc1 gitcaddy:v1.15.0-dev gitcaddy:v1.13.4 gitcaddy:v1.13.3 gitcaddy:v1.13.2 gitcaddy:v1.13.1 gitcaddy:v1.13.0 gitcaddy:v1.12.6 gitcaddy:v1.13.0-rc2 gitcaddy:v1.14.0-dev gitcaddy:v1.13.0-rc1 gitcaddy:v1.12.5 gitcaddy:v1.12.4 gitcaddy:v1.12.3 gitcaddy:v1.12.2 gitcaddy:v1.12.1 gitcaddy:v1.11.8 gitcaddy:v1.12.0 gitcaddy:v1.11.7 gitcaddy:v1.12.0-rc2 gitcaddy:v1.11.6 gitcaddy:v1.12.0-rc1 gitcaddy:v1.13.0-dev gitcaddy:v1.11.5 gitcaddy:v1.11.4 gitcaddy:v1.11.3 gitcaddy:v1.10.6 gitcaddy:v1.12.0-dev gitcaddy:v1.11.2 gitcaddy:v1.10.5 gitcaddy:v1.11.1 gitcaddy:v1.10.4 gitcaddy:v1.11.0 gitcaddy:v1.11.0-rc2 gitcaddy:v1.10.3 gitcaddy:v1.11.0-rc1 gitcaddy:v1.10.2 gitcaddy:v1.10.1 gitcaddy:v1.10.0 gitcaddy:v1.9.6 gitcaddy:v1.9.5 gitcaddy:v1.10.0-rc2 gitcaddy:v1.11.0-dev gitcaddy:v1.10.0-rc1 gitcaddy:v1.9.4 gitcaddy:v1.9.3 gitcaddy:v1.9.2 gitcaddy:v1.9.1 gitcaddy:v1.9.0 gitcaddy:v1.9.0-rc2 gitcaddy:v1.10.0-dev gitcaddy:v1.9.0-rc1 gitcaddy:v1.8.3 gitcaddy:v1.8.2 gitcaddy:v1.8.1 gitcaddy:v1.8.0 gitcaddy:v1.8.0-rc3 gitcaddy:v1.7.6 gitcaddy:v1.8.0-rc2 gitcaddy:v1.7.5 gitcaddy:v1.8.0-rc1 gitcaddy:v1.9.0-dev gitcaddy:v1.7.4 gitcaddy:v1.7.3 gitcaddy:v1.7.2 gitcaddy:v1.7.1 gitcaddy:v1.7.0 gitcaddy:v1.7.0-rc3 gitcaddy:v1.6.4 gitcaddy:v1.7.0-rc2 gitcaddy:v1.6.3 gitcaddy:v1.7.0-rc1 gitcaddy:v1.7.0-dev gitcaddy:v1.6.2 gitcaddy:v1.6.1 gitcaddy:v1.6.0 gitcaddy:v1.6.0-rc2 gitcaddy:v1.5.3 gitcaddy:v1.6.0-rc1 gitcaddy:v1.6.0-dev gitcaddy:v1.5.2 gitcaddy:v1.5.1 gitcaddy:v1.5.0 gitcaddy:v1.5.0-rc2 gitcaddy:v1.5.0-rc1 gitcaddy:v1.5.0-dev gitcaddy:v1.4.3 gitcaddy:v1.4.2 gitcaddy:v1.4.1 gitcaddy:v1.4.0 gitcaddy:v1.4.0-rc3 gitcaddy:v1.4.0-rc2 gitcaddy:v1.3.3 gitcaddy:v1.4.0-rc1 gitcaddy:v1.3.2 gitcaddy:v1.3.1 gitcaddy:v1.3.0 gitcaddy:v1.3.0-rc2 gitcaddy:v1.3.0-rc1 gitcaddy:v1.2.3 gitcaddy:v1.2.2 gitcaddy:v1.2.1 gitcaddy:v1.2.0 gitcaddy:v1.2.0-rc3 gitcaddy:v1.2.0-rc2 gitcaddy:v1.1.4 gitcaddy:v1.2.0-rc1 gitcaddy:v1.1.3 gitcaddy:v1.1.2 gitcaddy:v1.1.1 gitcaddy:v1.1.0 gitcaddy:v1.0.2 gitcaddy:v1.0.1 gitcaddy:v1.0.0 gitcaddy:v0.9.99
..
compare: gitcaddy:v1.25.0
Branches Tags
gitcaddy:main gitcaddy:release/v1.25 gitcaddy:release/v1.24 gitcaddy:release/v1.23 gitcaddy:release/v1.22 gitcaddy:release/v1.21 gitcaddy:release/v1.20 gitcaddy:release/v1.19 gitcaddy:release/v1.18 gitcaddy:release/v1.17 gitcaddy:release/v1.16 gitcaddy:release/v1.15 gitcaddy:release/v1.14 gitcaddy:release/v1.13 gitcaddy:release/v1.12 gitcaddy:release/v1.11 gitcaddy:release/v1.10 gitcaddy:release/v1.9 gitcaddy:release/v1.8
gitcaddy:v1.26.10-gitcaddy gitcaddy:v1.26.9-gitcaddy gitcaddy:v1.26.8-gitcaddy gitcaddy:v1.26.7-gitcaddy gitcaddy:v1.26.6-gitcaddy gitcaddy:v1.26.5-gitcaddy gitcaddy:v1.26.4-gitcaddy gitcaddy:v1.26.3-gitcaddy gitcaddy:v1.26.2-gitcaddy gitcaddy:v1.26.1-gitcaddy gitcaddy:v1.26.0 gitcaddy:v1.25.3 gitcaddy:v1.25.2 gitcaddy:v1.25.1 gitcaddy:v1.25.0 gitcaddy:v1.24.7 gitcaddy:v1.25.0-rc0 gitcaddy:v1.26.0-dev gitcaddy:v1.24.6 gitcaddy:v1.24.5 gitcaddy:v1.24.4 gitcaddy:v1.24.3 gitcaddy:v1.24.2 gitcaddy:v1.24.1 gitcaddy:v1.24.0 gitcaddy:v1.23.8 gitcaddy:v1.24.0-rc0 gitcaddy:v1.25.0-dev gitcaddy:v1.23.7 gitcaddy:v1.23.6 gitcaddy:v1.23.5 gitcaddy:v1.23.4 gitcaddy:v1.23.3 gitcaddy:v1.23.2 gitcaddy:v1.23.1 gitcaddy:v1.23.0 gitcaddy:v1.23.0-rc0 gitcaddy:v1.24.0-dev gitcaddy:v1.22.6 gitcaddy:v1.22.5 gitcaddy:v1.22.4 gitcaddy:v1.22.3 gitcaddy:v1.22.2 gitcaddy:v1.22.1 gitcaddy:v1.22.0 gitcaddy:v1.23.0-dev gitcaddy:v1.22.0-rc1 gitcaddy:v1.21.11 gitcaddy:v1.22.0-rc0 gitcaddy:v1.21.10 gitcaddy:v1.21.9 gitcaddy:v1.21.8 gitcaddy:v1.21.7 gitcaddy:v1.21.6 gitcaddy:v1.21.5 gitcaddy:v1.21.4 gitcaddy:v1.21.3 gitcaddy:v1.21.2 gitcaddy:v1.20.6 gitcaddy:v1.21.1 gitcaddy:v1.21.0 gitcaddy:v1.21.0-rc2 gitcaddy:v1.21.0-rc1 gitcaddy:v1.20.5 gitcaddy:v1.22.0-dev gitcaddy:v1.21.0-rc0 gitcaddy:v1.20.4 gitcaddy:v1.20.3 gitcaddy:v1.20.2 gitcaddy:v1.20.1 gitcaddy:v1.20.0 gitcaddy:v1.19.4 gitcaddy:v1.21.0-dev gitcaddy:v1.20.0-rc2 gitcaddy:v1.20.0-rc1 gitcaddy:v1.20.0-rc0 gitcaddy:v1.19.3 gitcaddy:v1.19.2 gitcaddy:v1.19.1 gitcaddy:v1.19.0 gitcaddy:v1.19.0-rc1 gitcaddy:v1.20.0-dev gitcaddy:v1.19.0-rc0 gitcaddy:v1.18.5 gitcaddy:v1.18.4 gitcaddy:v1.18.3 gitcaddy:v1.18.2 gitcaddy:v1.18.1 gitcaddy:v1.18.0 gitcaddy:v1.17.4 gitcaddy:v1.18.0-rc1 gitcaddy:v1.19.0-dev gitcaddy:v1.18.0-rc0 gitcaddy:v1.17.3 gitcaddy:v1.17.2 gitcaddy:v1.17.1 gitcaddy:v1.17.0 gitcaddy:v1.17.0-rc2 gitcaddy:v1.16.9 gitcaddy:v1.17.0-rc1 gitcaddy:v1.18.0-dev gitcaddy:v1.16.8 gitcaddy:v1.16.7 gitcaddy:v1.16.6 gitcaddy:v1.16.5 gitcaddy:v1.16.4 gitcaddy:v1.16.3 gitcaddy:v1.16.2 gitcaddy:v1.16.1 gitcaddy:v1.16.0 gitcaddy:v1.15.11 gitcaddy:v1.17.0-dev gitcaddy:v1.16.0-rc1 gitcaddy:v1.15.10 gitcaddy:v1.15.9 gitcaddy:v1.15.8 gitcaddy:v1.15.7 gitcaddy:v1.15.6 gitcaddy:v1.15.5 gitcaddy:v1.15.4 gitcaddy:v1.15.3 gitcaddy:v1.15.2 gitcaddy:v1.15.1 gitcaddy:v1.14.7 gitcaddy:v1.15.0 gitcaddy:v1.15.0-rc3 gitcaddy:v1.14.6 gitcaddy:v1.15.0-rc2 gitcaddy:v1.14.5 gitcaddy:v1.16.0-dev gitcaddy:v1.15.0-rc1 gitcaddy:v1.14.4 gitcaddy:v1.14.3 gitcaddy:v1.14.2 gitcaddy:v1.14.1 gitcaddy:v1.14.0 gitcaddy:v1.13.7 gitcaddy:v1.14.0-rc2 gitcaddy:v1.13.6 gitcaddy:v1.13.5 gitcaddy:v1.14.0-rc1 gitcaddy:v1.15.0-dev gitcaddy:v1.13.4 gitcaddy:v1.13.3 gitcaddy:v1.13.2 gitcaddy:v1.13.1 gitcaddy:v1.13.0 gitcaddy:v1.12.6 gitcaddy:v1.13.0-rc2 gitcaddy:v1.14.0-dev gitcaddy:v1.13.0-rc1 gitcaddy:v1.12.5 gitcaddy:v1.12.4 gitcaddy:v1.12.3 gitcaddy:v1.12.2 gitcaddy:v1.12.1 gitcaddy:v1.11.8 gitcaddy:v1.12.0 gitcaddy:v1.11.7 gitcaddy:v1.12.0-rc2 gitcaddy:v1.11.6 gitcaddy:v1.12.0-rc1 gitcaddy:v1.13.0-dev gitcaddy:v1.11.5 gitcaddy:v1.11.4 gitcaddy:v1.11.3 gitcaddy:v1.10.6 gitcaddy:v1.12.0-dev gitcaddy:v1.11.2 gitcaddy:v1.10.5 gitcaddy:v1.11.1 gitcaddy:v1.10.4 gitcaddy:v1.11.0 gitcaddy:v1.11.0-rc2 gitcaddy:v1.10.3 gitcaddy:v1.11.0-rc1 gitcaddy:v1.10.2 gitcaddy:v1.10.1 gitcaddy:v1.10.0 gitcaddy:v1.9.6 gitcaddy:v1.9.5 gitcaddy:v1.10.0-rc2 gitcaddy:v1.11.0-dev gitcaddy:v1.10.0-rc1 gitcaddy:v1.9.4 gitcaddy:v1.9.3 gitcaddy:v1.9.2 gitcaddy:v1.9.1 gitcaddy:v1.9.0 gitcaddy:v1.9.0-rc2 gitcaddy:v1.10.0-dev gitcaddy:v1.9.0-rc1 gitcaddy:v1.8.3 gitcaddy:v1.8.2 gitcaddy:v1.8.1 gitcaddy:v1.8.0 gitcaddy:v1.8.0-rc3 gitcaddy:v1.7.6 gitcaddy:v1.8.0-rc2 gitcaddy:v1.7.5 gitcaddy:v1.8.0-rc1 gitcaddy:v1.9.0-dev gitcaddy:v1.7.4 gitcaddy:v1.7.3 gitcaddy:v1.7.2 gitcaddy:v1.7.1 gitcaddy:v1.7.0 gitcaddy:v1.7.0-rc3 gitcaddy:v1.6.4 gitcaddy:v1.7.0-rc2 gitcaddy:v1.6.3 gitcaddy:v1.7.0-rc1 gitcaddy:v1.7.0-dev gitcaddy:v1.6.2 gitcaddy:v1.6.1 gitcaddy:v1.6.0 gitcaddy:v1.6.0-rc2 gitcaddy:v1.5.3 gitcaddy:v1.6.0-rc1 gitcaddy:v1.6.0-dev gitcaddy:v1.5.2 gitcaddy:v1.5.1 gitcaddy:v1.5.0 gitcaddy:v1.5.0-rc2 gitcaddy:v1.5.0-rc1 gitcaddy:v1.5.0-dev gitcaddy:v1.4.3 gitcaddy:v1.4.2 gitcaddy:v1.4.1 gitcaddy:v1.4.0 gitcaddy:v1.4.0-rc3 gitcaddy:v1.4.0-rc2 gitcaddy:v1.3.3 gitcaddy:v1.4.0-rc1 gitcaddy:v1.3.2 gitcaddy:v1.3.1 gitcaddy:v1.3.0 gitcaddy:v1.3.0-rc2 gitcaddy:v1.3.0-rc1 gitcaddy:v1.2.3 gitcaddy:v1.2.2 gitcaddy:v1.2.1 gitcaddy:v1.2.0 gitcaddy:v1.2.0-rc3 gitcaddy:v1.2.0-rc2 gitcaddy:v1.1.4 gitcaddy:v1.2.0-rc1 gitcaddy:v1.1.3 gitcaddy:v1.1.2 gitcaddy:v1.1.1 gitcaddy:v1.1.0 gitcaddy:v1.0.2 gitcaddy:v1.0.1 gitcaddy:v1.0.0 gitcaddy:v0.9.99

36 Commits
main .. v1.25.0

Author SHA1 Message Date
Lunny Xiao
cf644d565d Update release notes for 1.25.0 (#35769) 
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-29 09:14:32 -07:00
Giteabot
88a8571b93 Update tab title when navigating file tree (#35757) (#35772) 
Backport #35757 by bytedream
 2025-10-29 14:04:19 +00:00
Giteabot
45a88e09af Fix "ref-issue" handling in markup (#35739) (#35771) 
Backport #35739 by wxiaoguang

This is a follow up for #35662, and also fix #31181, help #30275, fix
#31161

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-29 19:03:02 +08:00
Lunny Xiao
6aa1a1e54d Upgrade go mail to 0.7.2 (#35748) (#35750) 
backport #35748
 2025-10-27 16:50:15 +00:00
Giteabot
18cc3160b5 Revert #18491, fix oauth2 client link account (#35745) (#35751) 
Backport #35745 by @wxiaoguang

Fix #35744 by reverting #18491

* "OpenID" options don't mean "OAuth2Client" options
* "OAuth2(server)" options don't mean "OAuth2Client" options

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-26 15:26:40 -07:00
Lunny Xiao
123c8d2b81 Fix review request webhook bug (#35339) (#35596) 
Frontport from #35339
 2025-10-24 19:10:50 +00:00
wxiaoguang
b2f2f8528a Fix external render, make iframe render work (#35727, #35730) (#35731) 
Backport #35727 and #35730

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-23 16:07:17 +08:00
Giteabot
0925089b5e Honor delete branch on merge repo setting when using merge API (#35488) (#35726) 
Backport #35488 by @kemzeb

Fix #35463.

---------

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-22 09:41:40 -07:00
Giteabot
c84d17b1bb Don't block site admin's operation if SECRET_KEY is lost (#35721) (#35724) 
Backport #35721 by wxiaoguang

Related: #24573

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-22 05:02:47 +00:00
Giteabot
cb338a2ba1 fix attachment file size limit in server backend (#35519) (#35720) 
Backport #35519 by @a1012112796

fix #35512

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-21 18:01:59 +00:00
Giteabot
16f4f0d473 Make restricted users can access public repositories (#35693) (#35719) 
Backport #35693 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-21 15:35:41 +00:00
Giteabot
387a4e72f7 Fix various trivial problems (#35714) (#35718) 
Backport #35714 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-21 18:02:57 +08:00
Giteabot
ac6d38e4b7 Refactor legacy code (#35708) (#35716) 
Backport #35708 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-21 05:47:37 +00:00
Giteabot
6df51d4ef5 Avoid emoji mismatch and allow to only enable chosen emojis (#35692) (#35705) 
Backport #35692 by wxiaoguang

Fix #23635

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-20 08:29:02 +08:00
ChristopherHX
46f695ac65 Fix workflow run event status while rerunning a failed job (#35689) (#35703) 
The event reported a completion status instead of requested, therefore
sent an email

Backport #35689
 2025-10-19 10:49:20 -07:00
Giteabot
4af1d58c86 Fix various bugs (#35684) (#35696) 
Backport #35684 by wxiaoguang
 2025-10-19 02:26:03 +08:00
Giteabot
f71df88a6b Use LFS object size instead of blob size when viewing a LFS file (#35679) (#35680) 
Backport #35679 by surya-purohit

shows the main LFS filesize instead of the pointer filesize when viewing
a file

Co-authored-by: Surya Purohit <suryaprakash.sharma@sourcefuse.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-16 22:41:24 +08:00
Lunny Xiao
18b178e63f Creating push comments before invoke pull request checking (#35647) (#35668) 
Backport #35647 

This PR moved the creation of pushing comments before pull request
mergeable checking. So that when the pull request status changed, the
comments should have been created.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-15 17:42:52 +00:00
Lunny Xiao
1644b8743c Fix build (#35674) 
backport #35656
 2025-10-15 12:55:30 +00:00
wxiaoguang
53a2aaee35 Fix missing Close when error occurs and abused connection pool (#35658) (#35670) 
Backport #35658
 2025-10-15 09:56:53 +00:00
Giteabot
5ae9bb4df9 Fix a bug missed return (#35655) (#35667) 
Backport #35655 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2025-10-15 07:40:31 +02:00
Giteabot
ae2e8c1f00 Always create Actions logs stepsContainer (#35654) (#35672) 
Backport #35654 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-15 04:16:06 +00:00
techknowlogick
602af1499e bump archives&rar dep (#35637) (#35638) 2025-10-12 05:48:39 +02:00
Giteabot
f4512426a1 Fix code tag style problem and LFS view bug (#35628) (#35636) 
Backport #35628 by lutinglt

Signed-off-by: 鲁汀 <131967983+lutinglt@users.noreply.github.com>
Co-authored-by: 鲁汀 <131967983+lutinglt@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-11 20:25:03 +00:00
Giteabot
a3458c669a The status icon of the Action step is consistent with GitHub (#35618) (#35621) 
Backport #35618 by @lutinglt

#35616
Before:
running:
<img width="45" height="34" alt="image"
src="https://github.com/user-attachments/assets/e2508f98-2f1f-4b7e-a80c-30b406f42531"
/>
waiting:
<img width="44" height="33" alt="image"
src="https://github.com/user-attachments/assets/e7c8164e-fdc3-4546-b088-31166544edb0"
/>

---
After:
running:
<img width="49" height="43" alt="image"
src="https://github.com/user-attachments/assets/b5a9b245-a995-458a-af23-d1723daa3692"
/>
waiting:
<img width="42" height="44" alt="image"
src="https://github.com/user-attachments/assets/ff72551e-cfb5-4665-af52-938ef0cf8f1c"
/>

`gitea-running.svg` is not an icon from the @ primer/octicon library,
extracted from the Github page. Github did not assign a clear class name
to this icon

Signed-off-by: 鲁汀 <131967983+lutinglt@users.noreply.github.com>
Co-authored-by: 鲁汀 <131967983+lutinglt@users.noreply.github.com>
Co-authored-by: lutinglt <lutinglt@users.noreply.github.com>
 2025-10-10 12:12:21 -07:00
Giteabot
609d88f029 Fix inputing review comment will remove reviewer (#35591) (#35615) 
Backport #35591 by @lunny

Fix #34617

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2025-10-10 08:28:44 +00:00
Giteabot
3c78598217 Mock external service in hcaptcha TestCaptcha (#35604) (#35614) 
Backport #35604 by silverwind

The test calls out to a web service which may be down or unreachable as
seen in the linked issue. It's better for tests to not have such
external dependencies to make them absolutely stable.

Fixes: https://github.com/go-gitea/gitea/issues/35571

Co-authored-by: silverwind <me@silverwind.io>
 2025-10-10 04:49:20 +00:00
Giteabot
b7bb0fa538 Fix diffpatch API endpoint (#35610) (#35613) 
Backport #35610 by @surya-purohit

Updates the swagger documentation for the `diffpatch` API endpoint.

The request body is corrected from the outdated `UpdateFileOptions` to
the current `ApplyDiffPatchOptions` to match the code implementation.

Closes [issue#35602](https://github.com/go-gitea/gitea/issues/35602)

---------

Co-authored-by: Surya Purohit <suryaprakash.sharma@sourcefuse.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2025-10-10 03:28:40 +00:00
Giteabot
6de2151607 Fixing issue #35530: Password Leak in Log Messages (#35584) (#35609) 
Backport #35584 by @shashank-netapp

# Summary
The Gitea codebase was logging `Elasticsearch` and `Meilisearch`
connection strings directly to log files without sanitizing them. Since
connection strings often contain credentials in the format
`protocol://username:password@host:port`, this resulted in passwords
being exposed in plain text in log output.

Fix:
- wrapped all instances of setting.Indexer.RepoConnStr and
setting.Indexer.IssueConnStr with the `util.SanitizeCredentialURLs()`
function before logging them.

Fixes: #35530

Co-authored-by: shashank-netapp <108022276+shashank-netapp@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2025-10-09 11:00:40 +02:00
Giteabot
a99761d466 Use inputs context when parsing workflows (#35590) (#35595) 
Backport #35590 by @Zettat123

Depends on [gitea/act#143](https://gitea.com/gitea/act/pulls/143)

The [`inputs`
context](https://docs.github.com/en/actions/reference/workflows-and-actions/contexts#inputs-context)
is used when parsing workflows so that `run-name` like `run-name: Deploy
to ${{ inputs.deploy_target }}` can be parsed correctly.

Co-authored-by: Zettat123 <zettat123@gmail.com>
 2025-10-06 22:28:17 +00:00
Giteabot
8d1c04bda4 Fix creating pull request failure when the target branch name is the same as some tag (#35552) (#35582) 
Backport #35552 by @lunny

Use full reference name in the git command to avoid ambiguity.

Fix #35470

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2025-10-06 06:10:52 +02:00
Giteabot
aa57531aac fix: auto-expand and auto-scroll for actions logs (#35583) (#35586) 
Backport #35583 by ita004

Co-authored-by: Shafi Ahmed <98274448+ita004@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-05 12:06:41 +08:00
Giteabot
006fe2a907 Add rebase push display wrong comments bug (#35560) (#35580) 
Backport #35560 by @lunny

Fix #35518

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-10-04 10:28:32 +02:00
Giteabot
d94faf6d7e fix(webhook): prevent tag events from bypassing branch filters targets (#35567) (#35577) 
Backport #35567 by Exgene

Co-authored-by: Kausthubh J Rao <105716675+Exgene@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
 2025-10-03 17:49:16 +00:00
Giteabot
6c8879b832 Fix markup init after issue comment editing (#35536) (#35537) 
Backport #35536 by wxiaoguang

Fix #35533

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2025-09-26 07:11:21 +08:00
Lunny Xiao
94a6da3bc8 Add changelog for 1.25.0-rc0 (#35531) 2025-09-25 09:32:30 -07:00
1267 changed files with 98558 additions and 126248 deletions
Expand all files Collapse all files

2
.air.toml
View File

@@ -4,7 +4,7 @@ tmp_dir = ".air"
[build]
pre_cmd = ["killall -9 gitea 2>/dev/null || true"] # kill off potential zombie processes from previous runs
cmd = "make --no-print-directory backend"
entrypoint = ["./gitea"]
bin = "gitea"
delay = 2000
include_ext = ["go", "tmpl"]
include_file = ["main.go"]

3
.dockerignore
View File

@@ -74,9 +74,6 @@ cpu.out
/VERSION
/.air
/.go-licenses
/Dockerfile
/Dockerfile.rootless
/.venv
# Files and folders that were previously generated
/public/assets/img/webpack

4
.editorconfig
View File

@@ -25,10 +25,6 @@ insert_final_newline = false
[templates/user/auth/oidc_wellknown.tmpl]
indent_style = space
[templates/shared/actions/runner_badge_*.tmpl]
# editconfig lint requires these XML-like files to have charset defined, but the files don't have.
charset = unset
[Makefile]
indent_style = tab

1
.gitattributes vendored
View File

@@ -8,4 +8,3 @@
/vendor/** -text -eol linguist-vendored
/web_src/js/vendor/** -text -eol linguist-vendored
Dockerfile.* linguist-language=Dockerfile
Makefile.* linguist-language=Makefile

26
.gitcleaner/health-report.md
View File

@@ -1,26 +0,0 @@
# Repository Health Report
## Overall Score: 77/100 (Good)
### Summary
- Commits Analyzed: 1000
- Branches: 1
- Authors: 149
- Merges: 0
### Component Scores
| Component | Score |
|-----------|-------|
| Messages | 90% |
| Merges | 97% |
| Duplicates | 0% |
| Branches | 100% |
| Authorship | 100% |
### Issues (3)
- **Merge fix commits detected**: Found 1 commits with messages like 'fix merge' detected after merges. (-3 pts)
- **Duplicate commits with identical content**: Found 1 groups of commits with identical file content (1 redundant commits). These are safe to squash as they have the same tree SHA. (-7 pts)
- **Commits with duplicate messages**: Found 1 groups of commits with identical messages but different code changes (135 commits). Consider using more descriptive messages to differentiate changes. (-1 pts)
---
Generated by GitCleaner for GitCaddy dd

308
.gitea/workflows/build.yml
View File

@@ -1,308 +0,0 @@
name: Build and Release
on:
push:
branches:
- main
- release/*
tags:
- 'v*'
pull_request:
branches:
- main
env:
GOPROXY: https://proxy.golang.org,direct
GOPRIVATE: git.marketally.com
GONOSUMDB: git.marketally.com
GO_VERSION: "1.25"
NODE_VERSION: "22"
jobs:
# Lint job - must pass
lint:
name: Lint
runs-on: linux-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install pnpm
run: npm install -g pnpm
- name: Install dependencies
run: make deps-frontend deps-backend
- name: Run Go linter
run: make lint-go
- name: Run frontend linter
run: make lint-frontend
continue-on-error: true
# Unit tests with SQLite (no external database needed)
test-unit:
name: Unit Tests
runs-on: linux-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Install dependencies
run: go mod download
- name: Run unit tests
run: |
# Skip tests that require external services (Redis, Elasticsearch, Meilisearch, Azure, SHA256 git)
go test -tags="sqlite sqlite_unlock_notify" -race \
-skip "TestRepoStatsIndex|TestRenderHelper|Sha256|SHA256|Redis|redis|Elasticsearch|Meilisearch|AzureBlob|TestLockAndDo|TestLocker|TestBaseRedis" \
./modules/... \
./services/...
env:
GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT: true
# Integration tests with PostgreSQL
test-pgsql:
name: Integration Tests (PostgreSQL)
runs-on: linux-latest
services:
pgsql:
image: postgres:15
env:
POSTGRES_DB: testgitea
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install pnpm
run: npm install -g pnpm
- name: Install dependencies
run: make deps-frontend deps-backend
- name: Build frontend
run: make frontend
- name: Generate bindata
run: make generate
env:
TAGS: bindata
- name: Build test binary
run: |
go build -tags="bindata sqlite sqlite_unlock_notify" -o gitea .
- name: Generate test config
run: |
make generate-ini-pgsql
env:
TEST_PGSQL_HOST: localhost:5432
TEST_PGSQL_DBNAME: testgitea
TEST_PGSQL_USERNAME: postgres
TEST_PGSQL_PASSWORD: postgres
TEST_PGSQL_SCHEMA: gtestschema
- name: Run PostgreSQL integration tests
run: |
make test-pgsql
continue-on-error: true
env:
TEST_PGSQL_HOST: localhost:5432
TEST_PGSQL_DBNAME: testgitea
TEST_PGSQL_USERNAME: postgres
TEST_PGSQL_PASSWORD: postgres
TEST_PGSQL_SCHEMA: gtestschema
GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT: true
# Create release job - runs first to create the release before build jobs upload
create-release:
name: Create Release
runs-on: linux-latest
if: startsWith(github.ref, 'refs/tags/v')
outputs:
release_id: ${{ steps.create.outputs.release_id }}
steps:
- name: Create or get release
id: create
run: |
TAG="${{ github.ref_name }}"
echo "Creating/getting release for tag: $TAG"
# Try to get existing release first
EXISTING=$(curl -sf \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases/tags/$TAG" 2>/dev/null || echo "")
if echo "$EXISTING" | grep -q '"id":[0-9]'; then
RELEASE_ID=$(echo "$EXISTING" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)
echo "Found existing release: $RELEASE_ID"
echo "release_id=$RELEASE_ID" >> "$GITHUB_OUTPUT"
exit 0
fi
# Create new release
echo "Creating new release..."
RESPONSE=$(curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"tag_name":"'"$TAG"'","name":"Gitea '"$TAG"'","body":"Official release of Gitea '"$TAG"'.","draft":false,"prerelease":false}' \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases" 2>&1)
if echo "$RESPONSE" | grep -q '"id":[0-9]'; then
RELEASE_ID=$(echo "$RESPONSE" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)
echo "Created release: $RELEASE_ID"
echo "release_id=$RELEASE_ID" >> "$GITHUB_OUTPUT"
else
echo "ERROR: Failed to create release: $RESPONSE"
exit 1
fi
# Build job for binaries
build:
name: Build Binaries
runs-on: linux-latest
needs: [lint, create-release]
if: always() && needs.lint.result == 'success' && (needs.create-release.result == 'success' || needs.create-release.result == 'skipped')
strategy:
matrix:
include:
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: darwin
goarch: amd64
- goos: darwin
goarch: arm64
- goos: windows
goarch: amd64
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install pnpm
run: npm install -g pnpm
- name: Install dependencies
run: make deps-frontend deps-backend
- name: Build frontend
run: make frontend
- name: Generate bindata
run: make generate
env:
TAGS: bindata
- name: Build binary
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
TAGS: bindata sqlite sqlite_unlock_notify
run: |
VERSION=$(git describe --tags --always --dirty 2>/dev/null || echo "dev")
LDFLAGS="-X code.gitea.io/gitea/modules/setting.AppVer=${VERSION}"
EXT=""
if [ "$GOOS" = "windows" ]; then
EXT=".exe"
fi
OUTPUT="gitea-${VERSION}-${GOOS}-${GOARCH}${EXT}"
go build -v -trimpath -tags "${TAGS}" -ldflags "${LDFLAGS}" -o "dist/${OUTPUT}" .
# Create checksum
cd dist && sha256sum "${OUTPUT}" > "${OUTPUT}.sha256"
- name: Upload to release
if: startsWith(github.ref, 'refs/tags/v')
env:
RELEASE_ID: ${{ needs.create-release.outputs.release_id }}
run: |
set -e
echo "Uploading binaries to release ID: $RELEASE_ID"
if [ -z "$RELEASE_ID" ]; then
echo "ERROR: No release ID provided"
exit 1
fi
# Upload files with retry
for file in dist/*; do
if [ -f "$file" ]; then
filename=$(basename "$file")
echo "Uploading $filename..."
for attempt in 1 2 3; do
UPLOAD_RESPONSE=$(curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-F "attachment=@$file" \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=$filename" 2>&1 || echo "")
if echo "$UPLOAD_RESPONSE" | grep -q '"id":[0-9]'; then
echo "✓ Uploaded $filename successfully"
break
else
if [ $attempt -lt 3 ]; then
echo "Attempt $attempt failed, retrying in 5s..."
sleep 5
else
echo "✗ Failed to upload $filename after 3 attempts: $UPLOAD_RESPONSE"
exit 1
fi
fi
done
fi
done
echo "All uploads complete!"

113
.gitea/workflows/pr-checks.yml
View File

@@ -1,113 +0,0 @@
name: PR Checks
on:
pull_request:
branches:
- main
- release/*
env:
GOPROXY: https://proxy.golang.org,direct
GOPRIVATE: git.marketally.com
GONOSUMDB: git.marketally.com
GO_VERSION: "1.25"
NODE_VERSION: "22"
jobs:
# Quick lint checks - must pass
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install pnpm
run: npm install -g pnpm
- name: Install Go dependencies
run: go mod download
- name: Check Go formatting
run: |
if [ -n "$(gofmt -l .)" ]; then
echo "Go code is not formatted. Please run 'gofmt -w .'"
gofmt -l .
exit 1
fi
- name: Go vet
run: go vet ./...
- name: Go linter
run: |
go run github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.7.2 run
- name: Check for build errors
run: go build -v ./...
# Unit tests
test-unit:
name: Unit Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Install dependencies
run: go mod download
- name: Run unit tests
run: |
# Skip tests that require external services (Redis, Elasticsearch, Meilisearch, Azure, SHA256 git)
go test -tags="sqlite sqlite_unlock_notify" -race \
-skip "TestRepoStatsIndex|TestRenderHelper|Sha256|SHA256|Redis|redis|Elasticsearch|Meilisearch|AzureBlob|TestLockAndDo|TestLocker|TestBaseRedis" \
./modules/... \
./services/...
env:
GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT: true
# Frontend checks
frontend:
name: Frontend Checks
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install pnpm
run: npm install -g pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
continue-on-error: true
- name: TypeScript check
run: pnpm run tsc
continue-on-error: true
- name: ESLint
run: pnpm run eslint
continue-on-error: true

10
.github/dependabot.yml vendored
View File

@@ -1,10 +0,0 @@
version: 2
updates:
- package-ecosystem: github-actions
labels: [modifies/dependencies]
directory: /
schedule:
interval: daily
cooldown:
default-days: 5

5
.github/labeler.yml vendored
View File

@@ -46,11 +46,12 @@ modifies/internal:
- ".gitpod.yml"
- ".markdownlint.yaml"
- ".spectral.yaml"
- "stylelint.config.ts"
- "stylelint.config.js"
- ".yamllint.yaml"
- ".github/**"
- ".gitea/**"
- ".devcontainer/**"
- "build.go"
- "build/**"
- "contrib/**"
@@ -89,4 +90,4 @@ topic/code-linting:
- ".markdownlint.yaml"
- ".spectral.yaml"
- ".yamllint.yaml"
- "stylelint.config.ts"
- "stylelint.config.js"

8
.github/workflows/cron-licenses.yml vendored
View File

@@ -9,18 +9,16 @@ jobs:
cron-licenses:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
permissions:
contents: write
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- run: make generate-gitignore
timeout-minutes: 40
- name: push translations to repo
uses: appleboy/git-push-action@v1.0.0
uses: appleboy/git-push-action@v0.0.3
with:
author_email: "teabot@gitea.io"
author_name: GiteaBot

8
.github/workflows/cron-translations.yml vendored
View File

@@ -9,11 +9,9 @@ jobs:
crowdin-pull:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
permissions:
contents: write
steps:
- uses: actions/checkout@v6
- uses: crowdin/github-action@v2
- uses: actions/checkout@v4
- uses: crowdin/github-action@v1
with:
upload_sources: true
upload_translations: false
@@ -29,7 +27,7 @@ jobs:
- name: update locales
run: ./build/update-locales.sh
- name: push translations to repo
uses: appleboy/git-push-action@v1.0.0
uses: appleboy/git-push-action@v0.0.3
with:
author_email: "teabot@gitea.io"
author_name: GiteaBot

12
.github/workflows/files-changed.yml vendored
View File

@@ -19,15 +19,11 @@ on:
value: ${{ jobs.detect.outputs.swagger }}
yaml:
value: ${{ jobs.detect.outputs.yaml }}
json:
value: ${{ jobs.detect.outputs.json }}
jobs:
detect:
runs-on: ubuntu-latest
timeout-minutes: 3
permissions:
contents: read
outputs:
backend: ${{ steps.changes.outputs.backend }}
frontend: ${{ steps.changes.outputs.frontend }}
@@ -37,9 +33,8 @@ jobs:
docker: ${{ steps.changes.outputs.docker }}
swagger: ${{ steps.changes.outputs.swagger }}
yaml: ${{ steps.changes.outputs.yaml }}
json: ${{ steps.changes.outputs.json }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: changes
with:
@@ -53,7 +48,7 @@ jobs:
- "Makefile"
- ".golangci.yml"
- ".editorconfig"
- "options/locale/locale_en-US.json"
- "options/locale/locale_en-US.ini"
frontend:
- "*.js"
@@ -103,6 +98,3 @@ jobs:
- "**/*.yaml"
- ".yamllint.yaml"
- "pyproject.toml"
json:
- "**/*.json"

99
.github/workflows/pull-compliance.yml vendored
View File

@@ -10,18 +10,14 @@ concurrency:
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
permissions:
contents: read
lint-backend:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -34,18 +30,14 @@ jobs:
if: needs.files-changed.outputs.templates == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: astral-sh/setup-uv@v7
- uses: actions/checkout@v4
- uses: astral-sh/setup-uv@v6
- run: uv python install 3.12
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-py
- run: make deps-frontend
- run: make lint-templates
@@ -54,44 +46,23 @@ jobs:
if: needs.files-changed.outputs.yaml == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: astral-sh/setup-uv@v7
- uses: actions/checkout@v4
- uses: astral-sh/setup-uv@v6
- run: uv python install 3.12
- run: make deps-py
- run: make lint-yaml
lint-json:
if: needs.files-changed.outputs.json == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v5
with:
node-version: 24
- run: make deps-frontend
- run: make lint-json
lint-swagger:
if: needs.files-changed.outputs.swagger == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend
- run: make lint-swagger
@@ -99,11 +70,9 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.templates == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -113,11 +82,9 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -132,11 +99,9 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -149,11 +114,9 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -164,16 +127,12 @@ jobs:
if: needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend
- run: make lint-frontend
- run: make checks-frontend
@@ -184,11 +143,9 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -218,16 +175,12 @@ jobs:
if: needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend
- run: make lint-md
@@ -235,11 +188,9 @@ jobs:
if: needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true

38
.github/workflows/pull-db-tests.yml vendored
View File

@@ -10,15 +10,11 @@ concurrency:
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
permissions:
contents: read
test-pgsql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
services:
pgsql:
image: postgres:14
@@ -42,8 +38,8 @@ jobs:
ports:
- "9000:9000"
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -69,22 +65,20 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend
- run: GOEXPERIMENT='' make backend
- run: make backend
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
- name: run migration tests
run: make test-sqlite-migration
- name: run tests
run: GOEXPERIMENT='' make test-sqlite
run: make test-sqlite
timeout-minutes: 50
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
@@ -96,8 +90,6 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
services:
elasticsearch:
image: elasticsearch:7.5.0
@@ -132,8 +124,8 @@ jobs:
ports:
- 10000:10000
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -150,7 +142,7 @@ jobs:
RACE_ENABLED: true
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
- name: unit-tests-gogit
run: GOEXPERIMENT='' make unit-test-coverage test-check
run: make unit-test-coverage test-check
env:
TAGS: bindata gogit
RACE_ENABLED: true
@@ -160,8 +152,6 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
services:
mysql:
# the bitnami mysql image has more options than the official one, it's easier to customize
@@ -187,8 +177,8 @@ jobs:
- "587:587"
- "993:993"
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
@@ -213,8 +203,6 @@ jobs:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
services:
mssql:
image: mcr.microsoft.com/mssql/server:2019-latest
@@ -229,8 +217,8 @@ jobs:
ports:
- 10000:10000
steps:
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true

22
.github/workflows/pull-docker-dryrun.yml vendored
View File

@@ -10,28 +10,26 @@ concurrency:
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
permissions:
contents: read
container:
regular:
if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: docker/setup-buildx-action@v3
- name: Build regular container image
uses: docker/build-push-action@v6
- uses: docker/build-push-action@v5
with:
context: .
push: false
tags: gitea/gitea:linux-amd64
- name: Build rootless container image
uses: docker/build-push-action@v6
rootless:
if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v5
with:
context: .
push: false
file: Dockerfile.rootless
tags: gitea/gitea:linux-amd64

35
.github/workflows/pull-e2e-tests.yml vendored Normal file
View File

@@ -0,0 +1,35 @@
name: e2e-tests
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
test-e2e:
# the "test-e2e" won't pass, and it seems that there is no useful test, so skip
# if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
if: false
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v5
with:
node-version: 24
- run: make deps-frontend frontend deps-backend
- run: pnpm exec playwright install --with-deps
- run: make test-e2e-sqlite
timeout-minutes: 40
env:
USE_REPO_TEST_DIR: 1

2
.github/workflows/pull-labeler.yml vendored
View File

@@ -15,6 +15,6 @@ jobs:
contents: read
pull-requests: write
steps:
- uses: actions/labeler@v6
- uses: actions/labeler@v5
with:
sync-labels: true

98
.github/workflows/release-nightly.yml vendored
View File

@@ -11,23 +11,19 @@ concurrency:
jobs:
nightly-binary:
runs-on: namespace-profile-gitea-release-binary
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v6
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend deps-backend
# xgo build
- run: make release
@@ -52,7 +48,7 @@ jobs:
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v5
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
@@ -60,17 +56,19 @@ jobs:
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
nightly-container:
nightly-docker-rootful:
runs-on: namespace-profile-gitea-release-docker
permissions:
contents: read
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Get cleaned branch name
@@ -78,29 +76,6 @@ jobs:
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- uses: docker/metadata-action@v5
id: meta
with:
images: |-
gitea/gitea
ghcr.io/go-gitea/gitea
tags: |
type=raw,value=${{ steps.clean_name.outputs.branch }}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- uses: docker/metadata-action@v5
id: meta_rootless
with:
images: |-
gitea/gitea
ghcr.io/go-gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
suffix=-rootless
tags: |
type=raw,value=${{ steps.clean_name.outputs.branch }}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
@@ -112,20 +87,57 @@ jobs:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build regular docker image
uses: docker/build-push-action@v6
- name: fetch go modules
run: make vendor
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
tags: ${{ steps.meta.outputs.tags }}
annotations: ${{ steps.meta.outputs.annotations }}
tags: |-
gitea/gitea:${{ steps.clean_name.outputs.branch }}
ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}
nightly-docker-rootless:
runs-on: namespace-profile-gitea-release-docker
permissions:
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR using PAT
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: fetch go modules
run: make vendor
- name: build rootless docker image
uses: docker/build-push-action@v6
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta_rootless.outputs.tags }}
annotations: ${{ steps.meta_rootless.outputs.annotations }}
tags: |-
gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless
ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless

86
.github/workflows/release-tag-rc.yml vendored
View File

@@ -12,23 +12,19 @@ concurrency:
jobs:
binary:
runs-on: namespace-profile-gitea-release-binary
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v6
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend deps-backend
# xgo build
- run: make release
@@ -53,7 +49,7 @@ jobs:
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v5
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
@@ -62,7 +58,7 @@ jobs:
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: Install GH CLI
uses: dev-hanz-ops/install-gh-cli-action@v0.2.1
uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
with:
gh-cli-version: 2.39.1
- name: create github release
@@ -70,14 +66,12 @@ jobs:
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
container:
docker-rootful:
runs-on: namespace-profile-gitea-release-docker
permissions:
contents: read
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
@@ -94,23 +88,6 @@ jobs:
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- uses: docker/metadata-action@v5
id: meta_rootless
with:
images: |-
gitea/gitea
ghcr.io/go-gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
latest=false
suffix=-rootless
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
@@ -122,20 +99,55 @@ jobs:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build regular container image
uses: docker/build-push-action@v6
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
tags: ${{ steps.meta.outputs.tags }}
annotations: ${{ steps.meta.outputs.annotations }}
- name: build rootless container image
uses: docker/build-push-action@v6
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: namespace-profile-gitea-release-docker
permissions:
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta
with:
images: |-
gitea/gitea
ghcr.io/go-gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
latest=false
suffix=-rootless
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR using PAT
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build rootless docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta_rootless.outputs.tags }}
annotations: ${{ steps.meta_rootless.outputs.annotations }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

69
.github/workflows/release-tag-version.yml vendored
View File

@@ -15,23 +15,20 @@ jobs:
binary:
runs-on: namespace-profile-gitea-release-binary
permissions:
contents: read
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v6
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v6
- uses: actions/setup-node@v5
with:
node-version: 24
cache: pnpm
cache-dependency-path: pnpm-lock.yaml
- run: make deps-frontend deps-backend
# xgo build
- run: make release
@@ -56,7 +53,7 @@ jobs:
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v5
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
@@ -65,7 +62,7 @@ jobs:
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: Install GH CLI
uses: dev-hanz-ops/install-gh-cli-action@v0.2.1
uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
with:
gh-cli-version: 2.39.1
- name: create github release
@@ -73,14 +70,12 @@ jobs:
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
container:
docker-rootful:
runs-on: namespace-profile-gitea-release-docker
permissions:
contents: read
packages: write # to publish to ghcr.io
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
@@ -101,10 +96,36 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR using PAT
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: namespace-profile-gitea-release-docker
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta_rootless
id: meta
with:
images: |-
gitea/gitea
@@ -121,8 +142,6 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
@@ -134,20 +153,12 @@ jobs:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build regular container image
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
tags: ${{ steps.meta.outputs.tags }}
annotations: ${{ steps.meta.outputs.annotations }}
- name: build rootless container image
uses: docker/build-push-action@v6
- name: build rootless docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64,linux/riscv64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta_rootless.outputs.tags }}
annotations: ${{ steps.meta_rootless.outputs.annotations }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

8
.gitignore vendored
View File

@@ -25,9 +25,6 @@ __debug_bin*
# Visual Studio
/.vs/
# mise version managment tool
mise.toml
*.cgo1.go
*.cgo2.c
_cgo_defun.c
@@ -125,8 +122,3 @@ prime/
/CLAUDE.md
/llms.txt
# Ignore worktrees when working on multiple branches
.worktrees/
# A Makefile for custom make targets
Makefile.local

19
.golangci.yml
View File

@@ -1,23 +1,19 @@
version: "2"
output:
sort-results: true
sort-order:
- file
linters:
default: none
enable:
- bidichk
- bodyclose
- depguard
- dupl
- errcheck
- forbidigo
- gocheckcompilerdirectives
- gocritic
- govet
- ineffassign
- mirror
- modernize
- nakedret
- nolintlint
- perfsprint
@@ -59,7 +55,6 @@ linters:
disabled-checks:
- ifElseChain
- singleCaseSwitch # Every time this occurred in the code, there was no other way.
- deprecatedComment # conflicts with go-swagger comments
revive:
severity: error
rules:
@@ -112,12 +107,6 @@ linters:
- require-error
usetesting:
os-temp-dir: true
perfsprint:
concat-loop: false
govet:
enable:
- nilness
- unusedwrite
exclusions:
generated: lax
presets:
@@ -143,10 +132,6 @@ linters:
- linters:
- forbidigo
path: cmd
- linters:
- depguard
- gofumpt
path: sdk/
- linters:
- dupl
text: (?i)webhook
@@ -168,7 +153,6 @@ linters:
text: '(?i)exitAfterDefer:'
paths:
- node_modules
- .venv
- public
- web_src
- third_party$
@@ -188,7 +172,6 @@ formatters:
generated: lax
paths:
- node_modules
- .venv
- public
- web_src
- third_party$
@@ -196,4 +179,4 @@ formatters:
- examples$
run:
timeout: 30m
timeout: 10m

189
CHANGELOG.md
View File

@@ -4,82 +4,7 @@ This changelog goes through the changes that have been made in each release
without substantial changes to our git log; to see the highlights of what has
been added to each release, please refer to the [blog](https://blog.gitea.com).
## [1.25.3](https://github.com/go-gitea/gitea/releases/tag/1.25.3) - 2025-12-17
* SECURITY
* Bump toolchain to go1.25.5, misc fixes (#36082)
* ENHANCEMENTS
* Add strikethrough button to markdown editor (#36087) (#36104)
* Add "site admin" back to profile menu (#36010) (#36013)
* Improve math rendering (#36124) (#36125)
* BUGFIXES
* Check user visibility when redirecting to a renamed user (#36148) (#36159)
* Fix various bugs (#36139) (#36151)
* Fix bug when viewing the commit diff page with non-ANSI files (#36149) (#36150)
* Hide RSS icon when viewing a file not under a branch (#36135) (#36141)
* Fix SVG size calulation, only use `style` attribute (#36133) (#36134)
* Make Golang correctly delete temp files during uploading (#36128) (#36129)
* Fix the bug when ssh clone with redirect user or repository (#36039) (#36090)
* Use Golang net/smtp instead of gomail's smtp to send email (#36055) (#36083)
* Fix edit user email bug in API (#36068) (#36081)
* Fix bug when updating user email (#36058) (#36066)
* Fix incorrect viewed files counter if file has changed (#36009) (#36047)
* Fix container registry error handling (#36021) (#36037)
* Fix webAuthn insecure error view (#36165) (#36179)
* Fix some file icon ui (#36078) (#36088)
* Fix Actions `pull_request.paths` being triggered incorrectly by rebase (#36045) (#36054)
* Fix error handling in mailer and wiki services (#36041) (#36053)
* Fix bugs when comparing and creating pull request (#36166) (#36144)
## [1.25.2](https://github.com/go-gitea/gitea/releases/tag/1.25.2) - 2025-11-23
* SECURITY
* Upgrade golang.org/x/crypto to 0.45.0 (#35985) (#35988)
* Fix various permission & login related bugs (#36002) (#36004)
* ENHANCEMENTS
* Display source code downloads last for release attachments (#35897) (#35903)
* Change project default column icon to 'star' (#35967) (#35979)
* BUGFIXES
* Allow empty commit when merging pull request with squash style (#35989) (#36003)
* Fix container push tag overwriting (#35936) (#35954)
* Fix corrupted external render content (#35946) and upgrade golang.org/x packages (#35950)
* Limit reading bytes instead of ReadAll (#35928) (#35934)
* Use correct form field for allowed force push users in branch protection API (#35894) (#35908)
* Fix team member access check (#35899) (#35905)
* Fix conda null depend issue (#35900) (#35902)
* Set the dates to now when not specified by the caller (#35861) (#35874)
* Fix gogit ListEntriesRecursiveWithSize (#35862)
* Misc CSS fixes (#35888) (#35981)
* Don't show unnecessary error message to end users for DeleteBranchAfterMerge (#35937) (#35941)
* Load jQuery as early as possible to support custom scripts (#35926) (#35929)
* Allow to display embed images/pdfs when SERVE_DIRECT was enabled on MinIO storage (#35882) (#35917)
* Make OAuth2 issuer configurable (#35915) (#35916)
* Fix #35763: Add proper page title for project pages (#35773) (#35909)
* Fix avatar upload error handling (#35887) (#35890)
* Contribution heatmap improvements (#35876) (#35880)
* Remove padding override on `.ui .sha.label` (#35864) (#35873)
* Fix pull description code label background (#35865) (#35870)
## [1.25.1](https://github.com/go-gitea/gitea/releases/tag/v1.25.1) - 2025-11-03
* BUGFIXES
* Make ACME email optional (#35849) #35857
* Add a doctor command to fix inconsistent run status (#35840) (#35845)
* Remove wrong code (#35846)
* Fix viewed files number is not right if not all files loaded (#35821) (#35844)
* Fix incorrect pull request counter (#35819) (#35841)
* Upgrade go mail to 0.7.2 and fix the bug (#35833) (#35837)
* Revert gomail to v0.7.0 to fix sending mail failed (#35816) (#35824)
* Fix clone mixed bug (#35810) (#35822)
* Fix cli "Before" handling (#35797) (#35808)
* Improve and fix markup code preview rendering (#35777) (#35787)
* Fix actions rerun bug (#35783) (#35784)
* Fix actions schedule update issue (#35767) (#35774)
* Fix circular spin animation direction (#35785) (#35823)
* Fix file extension on gogs.png (#35793) (#35799)
* Add pnpm to Snapcraft (#35778)
## [1.25.0](https://github.com/go-gitea/gitea/releases/tag/v1.25.0) - 2025-10-30
## [1.25.0](https://github.com/go-gitea/gitea/releases/tag/1.25.0) - 2025-10-30
* BREAKING
* Return 201 Created for CreateVariable API responses (#34517)
@@ -306,118 +231,6 @@ been added to each release, please refer to the [blog](https://blog.gitea.com).
* Docs/fix typo and grammar in CONTRIBUTING.md (#35024)
* Improve english grammar and readability in locale_en-US.ini (#35017)
## [1.24.7](https://github.com/go-gitea/gitea/releases/tag/v1.24.7) - 2025-10-24
* SECURITY
* Refactor legacy code (#35708) (#35713)
* Fixing issue #35530: Password Leak in Log Messages (#35584) (#35665)
* Fix a bug missed return (#35655) (#35671)
* BUGFIXES
* Fix inputing review comment will remove reviewer (#35591) (#35664)
* TESTING
* Mock external service in hcaptcha TestCaptcha (#35604) (#35663)
* Fix build (#35669)
## [1.24.6](https://github.com/go-gitea/gitea/releases/tag/v1.24.6) - 2025-09-10
* SECURITY
* Upgrade xz to v0.5.15 (#35385)
* BUGFIXES
* Fix a compare page 404 bug when the pull request disabled (#35441) (#35453)
* Fix bug when issue disabled, pull request number in the commit message cannot be redirected (#35420) (#35442)
* Add author.name field to Swift Package Registry API response (#35410) (#35431)
* Remove usernames when empty in discord webhook (#35412) (#35417)
* Allow foreachref parser to grow its buffer (#35365) (#35376)
* Allow deleting comment with content via API like web did (#35346) (#35354)
* Fix atom/rss mixed error (#35345) (#35347)
* Fix review request webhook bug (#35339)
* Remove duplicate html IDs (#35210) (#35325)
* Fix LFS range size header response (#35277) (#35293)
* Fix GitHub release assets URL validation (#35287) (#35290)
* Fix token lifetime, closes #35230 (#35271) (#35281)
* Fix push commits comments when changing the pull request target branch (#35386) (#35443)
## [1.24.5](https://github.com/go-gitea/gitea/releases/tag/v1.24.5) - 2025-08-12
* BUGFIXES
* Fix a bug where lfs gc never worked. (#35198) (#35255)
* Reload issue when sending webhook to make num comments is right. (#35243) (#35248)
* Fix bug when review pull request commits (#35192) (#35246)
* MISC
* Vertically center "Show Resolved" (#35211) (#35218)
## [1.24.4](https://github.com/go-gitea/gitea/releases/tag/v1.24.4) - 2025-08-03
* BUGFIXES
* Fix various bugs (1.24) (#35186)
* Fix migrate input box bug (#35166) (#35171)
* Only hide dropzone when no files have been uploaded (#35156) (#35167)
* Fix review comment/dimiss comment x reference can be refereced back (#35094) (#35099)
* Fix submodule nil check (#35096) (#35098)
* MISC
* Don't use full-file highlight when there is a git diff textconv (#35114) (#35119)
* Increase gap on latest commit (#35104) (#35113)
## [1.24.3](https://github.com/go-gitea/gitea/releases/tag/v1.24.3) - 2025-07-15
* BUGFIXES
* Fix form property assignment edge case (#35073) (#35078)
* Improve submodule relative path handling (#35056) (#35075)
* Fix incorrect comment diff hunk parsing, fix github asset ID nil panic (#35046) (#35055)
* Fix updating user visibility (#35036) (#35044)
* Support base64-encoded agit push options (#35037) (#35041)
* Make submodule link work with relative path (#35034) (#35038)
* Fix bug when displaying git user avatar in commits list (#35006)
* Fix API response for swagger spec (#35029)
* Start automerge check again after the conflict check and the schedule (#34988) (#35002)
* Fix the response format for actions/workflows (#35009) (#35016)
* Fix repo settings and protocol log problems (#35012) (#35013)
* Fix project images scroll (#34971) (#34972)
* Mark old reviews as stale on agit pr updates (#34933) (#34965)
* Fix git graph page (#34948) (#34949)
* Don't send trigger for a pending review's comment create/update/delete (#34928) (#34939)
* Fix some log and UI problems (#34863) (#34868)
* Fix archive API (#34853) (#34857)
* Ignore force pushes for changed files in a PR review (#34837) (#34843)
* Fix SSH LFS timeout (#34838) (#34842)
* Fix team permissions (#34827) (#34836)
* Fix job status aggregation logic (#34823) (#34835)
* Fix issue filter (#34914) (#34915)
* Fix typo in pull request merge warning message text (#34899) (#34903)
* Support the open-icon of folder (#34168) (#34896)
* Optimize flex layout of release attachment area (#34885) (#34886)
* Fix the issue of abnormal interface when there is no issue-item on the project page (#34791) (#34880)
* Skip updating timestamp when sync branch (#34875)
* Fix required contexts and commit status matching bug (#34815) (#34829)
## [1.24.2](https://github.com/go-gitea/gitea/releases/tag/v1.24.2) - 2025-06-20
* BUGFIXES
* Fix container range bug (#34795) (#34796)
* Upgrade chi to v5.2.2 (#34798) (#34799)
* BUILD
* Bump poetry feature to new url for dev container (#34787) (#34790)
## [1.24.1](https://github.com/go-gitea/gitea/releases/tag/v1.24.1) - 2025-06-18
* ENHANCEMENTS
* Improve alignment of commit status icon on commit page (#34750) (#34757)
* Support title and body query parameters for new PRs (#34537) (#34752)
* BUGFIXES
* When using rules to delete packages, remove unclean bugs (#34632) (#34761)
* Fix ghost user in feeds when pushing in an actions, it should be gitea-actions (#34703) (#34756)
* Prevent double markdown link brackets when pasting URL (#34745) (#34748)
* Prevent duplicate form submissions when creating forks (#34714) (#34735)
* Fix markdown wrap (#34697) (#34702)
* Fix pull requests API convert panic when head repository is deleted. (#34685) (#34687)
* Fix commit message rendering and some UI problems (#34680) (#34683)
* Fix container range bug (#34725) (#34732)
* Fix incorrect cli default values (#34765) (#34766)
* Fix dropdown filter (#34708) (#34711)
* Hide href attribute of a tag if there is no target_url (#34556) (#34684)
* Fix tag target (#34781) #34783
## [1.24.0](https://github.com/go-gitea/gitea/releases/tag/1.24.0) - 2025-05-26
* BREAKING

18
CONTRIBUTING.md
View File

@@ -166,19 +166,19 @@ Here's how to run the test suite:
- code lint
| | |
| :-------------------- | :--------------------------------------------------------------------------- |
| | |
| :-------------------- | :---------------------------------------------------------------- |
|``make lint`` | lint everything (not needed if you only change the front- **or** backend) |
|``make lint-frontend`` | lint frontend files |
|``make lint-backend`` | lint backend files |
|``make lint-frontend`` | lint frontend files |
|``make lint-backend`` | lint backend files |
- run tests (we suggest running them on Linux)
| Command | Action | |
| :------------------------------------------ | :------------------------------------------------------- | ------------------------------------------- |
|``make test[\#SpecificTestName]`` | run unit test(s) | |
|``make test-sqlite[\#SpecificTestName]`` | run [integration](tests/integration) test(s) for SQLite | [More details](tests/integration/README.md) |
|``make test-e2e-sqlite[\#SpecificTestName]`` | run [end-to-end](tests/e2e) test(s) for SQLite | [More details](tests/e2e/README.md) |
| Command | Action | |
| :------------------------------------- | :----------------------------------------------- | ------------ |
|``make test[\#SpecificTestName]`` | run unit test(s) | |
|``make test-sqlite[\#SpecificTestName]``| run [integration](tests/integration) test(s) for SQLite |[More details](tests/integration/README.md) |
|``make test-e2e-sqlite[\#SpecificTestName]``| run [end-to-end](tests/e2e) test(s) for SQLite |[More details](tests/e2e/README.md) |
## Translation

47
Dockerfile
View File

@@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1
# Build stage
FROM docker.io/library/golang:1.25-alpine3.22 AS build-env
ARG GOPROXY=direct
ARG GOPROXY
ENV GOPROXY=${GOPROXY:-direct}
ARG GITEA_VERSION
ARG TAGS="sqlite sqlite_unlock_notify"
@@ -14,32 +14,35 @@ RUN apk --no-cache add \
build-base \
git \
nodejs \
pnpm
npm \
&& npm install -g pnpm@10 \
&& rm -rf /var/cache/apk/*
# Setup repo
COPY . ${GOPATH}/src/code.gitea.io/gitea
WORKDIR ${GOPATH}/src/code.gitea.io/gitea
# Use COPY but not "mount" because some directories like "node_modules" contain platform-depended contents and these directories need to be ignored.
# ".git" directory will be mounted later separately for getting version data.
# TODO: in the future, maybe we can pre-build the frontend assets on one platform and share them for different platforms, the benefit is that it won't be affected by webpack plugin compatibility problems, then the working directory can be fully mounted and the COPY is not needed.
COPY --exclude=.git/ . .
# Build gitea, .git mount is required for version data
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target="/root/.cache/go-build" \
--mount=type=cache,target=/root/.local/share/pnpm/store \
--mount=type=bind,source=".git/",target=".git/" \
make
# Checkout version if set
RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
&& make clean-all build
# Begin env-to-ini build
RUN go build contrib/environment-to-ini/environment-to-ini.go
# Copy local files
COPY docker/root /tmp/local
# Set permissions for builds that made under windows which strips the executable bit from file
# Set permissions
RUN chmod 755 /tmp/local/usr/bin/entrypoint \
/tmp/local/usr/local/bin/* \
/tmp/local/usr/local/bin/gitea \
/tmp/local/etc/s6/gitea/* \
/tmp/local/etc/s6/openssh/* \
/tmp/local/etc/s6/.s6-svscan/* \
/go/src/code.gitea.io/gitea/gitea
/go/src/code.gitea.io/gitea/gitea \
/go/src/code.gitea.io/gitea/environment-to-ini
FROM docker.io/library/alpine:3.22 AS gitea
FROM docker.io/library/alpine:3.22
LABEL maintainer="maintainers@gitea.io"
EXPOSE 22 3000
@@ -54,7 +57,8 @@ RUN apk --no-cache add \
s6 \
sqlite \
su-exec \
gnupg
gnupg \
&& rm -rf /var/cache/apk/*
RUN addgroup \
-S -g 1000 \
@@ -68,9 +72,6 @@ RUN addgroup \
git && \
echo "git:*" | chpasswd -e
COPY --from=build-env /tmp/local /
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
ENV USER=git
ENV GITEA_CUSTOM=/data/gitea
@@ -78,3 +79,7 @@ VOLUME ["/data"]
ENTRYPOINT ["/usr/bin/entrypoint"]
CMD ["/usr/bin/s6-svscan", "/etc/s6"]
COPY --from=build-env /tmp/local /
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini

43
Dockerfile.rootless
View File

@@ -1,39 +1,46 @@
# syntax=docker/dockerfile:1
# Build stage
FROM docker.io/library/golang:1.25-alpine3.22 AS build-env
ARG GOPROXY=direct
ARG GOPROXY
ENV GOPROXY=${GOPROXY:-direct}
ARG GITEA_VERSION
ARG TAGS="sqlite sqlite_unlock_notify"
ENV TAGS="bindata timetzdata $TAGS"
ARG CGO_EXTRA_CFLAGS
# Build deps
#Build deps
RUN apk --no-cache add \
build-base \
git \
nodejs \
pnpm
npm \
&& npm install -g pnpm@10 \
&& rm -rf /var/cache/apk/*
# Setup repo
COPY . ${GOPATH}/src/code.gitea.io/gitea
WORKDIR ${GOPATH}/src/code.gitea.io/gitea
# See the comments in Dockerfile
COPY --exclude=.git/ . .
# Build gitea, .git mount is required for version data
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target="/root/.cache/go-build" \
--mount=type=cache,target=/root/.local/share/pnpm/store \
--mount=type=bind,source=".git/",target=".git/" \
make
# Checkout version if set
RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
&& make clean-all build
# Begin env-to-ini build
RUN go build contrib/environment-to-ini/environment-to-ini.go
# Copy local files
COPY docker/rootless /tmp/local
# Set permissions for builds that made under windows which strips the executable bit from file
RUN chmod 755 /tmp/local/usr/local/bin/* \
/go/src/code.gitea.io/gitea/gitea
# Set permissions
RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
/tmp/local/usr/local/bin/docker-setup.sh \
/tmp/local/usr/local/bin/gitea \
/go/src/code.gitea.io/gitea/gitea \
/go/src/code.gitea.io/gitea/environment-to-ini
FROM docker.io/library/alpine:3.22 AS gitea-rootless
FROM docker.io/library/alpine:3.22
LABEL maintainer="maintainers@gitea.io"
EXPOSE 2222 3000
@@ -45,7 +52,8 @@ RUN apk --no-cache add \
git \
curl \
gnupg \
openssh-keygen
openssh-keygen \
&& rm -rf /var/cache/apk/*
RUN addgroup \
-S -g 1000 \
@@ -63,6 +71,7 @@ RUN chown git:git /var/lib/gitea /etc/gitea
COPY --from=build-env /tmp/local /
COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
# git:git
USER 1000:1000

87
Makefile
View File

@@ -18,10 +18,6 @@ DIST := dist
DIST_DIRS := $(DIST)/binaries $(DIST)/release
IMPORT := code.gitea.io/gitea
# By default use go's 1.25 experimental json v2 library when building
# TODO: remove when no longer experimental
export GOEXPERIMENT ?= jsonv2
GO ?= go
SHASUM ?= shasum -a 256
HAS_GO := $(shell hash $(GO) > /dev/null 2>&1 && echo yes)
@@ -31,15 +27,17 @@ XGO_VERSION := go-1.25.x
AIR_PACKAGE ?= github.com/air-verse/air@v1
EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3
GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.9.2
GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.7.2
GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.9.1
GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.4.0
GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.15
MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.7.0
SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.33.1
SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@717e3cb29becaaf00e56953556c6d80f8a01b286
XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1
GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1
ACTIONLINT_PACKAGE ?= github.com/rhysd/actionlint/cmd/actionlint@v1.7.9
ACTIONLINT_PACKAGE ?= github.com/rhysd/actionlint/cmd/actionlint@v1
GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.20.0
GOPLS_MODERNIZE_PACKAGE ?= golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize@v0.20.0
DOCKER_IMAGE ?= gitea/gitea
DOCKER_TAG ?= latest
@@ -161,13 +159,13 @@ TEST_TAGS ?= $(TAGS_SPLIT) sqlite sqlite_unlock_notify
TAR_EXCLUDES := .git data indexers queues log node_modules $(EXECUTABLE) $(DIST) $(MAKE_EVIDENCE_DIR) $(AIR_TMP_DIR) $(GO_LICENSE_TMP_DIR)
GO_DIRS := build cmd models modules routers services tests tools
GO_DIRS := build cmd models modules routers services tests
WEB_DIRS := web_src/js web_src/css
ESLINT_FILES := web_src/js tools *.ts tests/e2e
STYLELINT_FILES := web_src/css web_src/js/components/*.vue
SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) templates options/locale/locale_en-US.json .github $(filter-out CHANGELOG.md, $(wildcard *.go *.md *.yml *.yaml *.toml))
EDITORCONFIG_FILES := templates .github/workflows options/locale/locale_en-US.json
SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) templates options/locale/locale_en-US.ini .github $(filter-out CHANGELOG.md, $(wildcard *.go *.md *.yml *.yaml *.toml)) $(filter-out tools/misspellings.csv, $(wildcard tools/*))
EDITORCONFIG_FILES := templates .github/workflows options/locale/locale_en-US.ini
GO_SOURCES := $(wildcard *.go)
GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go")
@@ -197,10 +195,6 @@ TEST_MSSQL_DBNAME ?= gitea
TEST_MSSQL_USERNAME ?= sa
TEST_MSSQL_PASSWORD ?= MwantsaSecurePassword1
# Include local Makefile
# Makefile.local is listed in .gitignore
sinclude Makefile.local
.PHONY: all
all: build
@@ -260,7 +254,7 @@ clean: ## delete backend and integration files
.PHONY: fmt
fmt: ## format the Go and template code
@GOFUMPT_PACKAGE=$(GOFUMPT_PACKAGE) $(GO) run tools/code-batch-process.go gitea-fmt -w '{file-list}'
@GOFUMPT_PACKAGE=$(GOFUMPT_PACKAGE) $(GO) run build/code-batch-process.go gitea-fmt -w '{file-list}'
$(eval TEMPLATES := $(shell find templates -type f -name '*.tmpl'))
@# strip whitespace after '{{' or '(' and before '}}' or ')' unless there is only
@# whitespace before it
@@ -278,6 +272,19 @@ fmt-check: fmt
exit 1; \
fi
.PHONY: fix
fix: ## apply automated fixes to Go code
$(GO) run $(GOPLS_MODERNIZE_PACKAGE) -fix ./...
.PHONY: fix-check
fix-check: fix
@diff=$$(git diff --color=always $(GO_SOURCES)); \
if [ -n "$$diff" ]; then \
echo "Please run 'make fix' and commit the result:"; \
printf "%s" "$${diff}"; \
exit 1; \
fi
.PHONY: $(TAGS_EVIDENCE)
$(TAGS_EVIDENCE):
@mkdir -p $(MAKE_EVIDENCE_DIR)
@@ -317,7 +324,7 @@ checks: checks-frontend checks-backend ## run various consistency checks
checks-frontend: lockfile-check svg-check ## check frontend files
.PHONY: checks-backend
checks-backend: tidy-check swagger-check fmt-check swagger-validate security-check ## check backend files
checks-backend: tidy-check swagger-check fmt-check fix-check swagger-validate security-check ## check backend files
.PHONY: lint
lint: lint-frontend lint-backend lint-spell ## lint everything
@@ -332,19 +339,19 @@ lint-frontend: lint-js lint-css ## lint frontend files
lint-frontend-fix: lint-js-fix lint-css-fix ## lint frontend files and fix issues
.PHONY: lint-backend
lint-backend: lint-go lint-go-gitea-vet lint-editorconfig ## lint backend files
lint-backend: lint-go lint-go-gitea-vet lint-go-gopls lint-editorconfig ## lint backend files
.PHONY: lint-backend-fix
lint-backend-fix: lint-go-fix lint-go-gitea-vet lint-editorconfig ## lint backend files and fix issues
.PHONY: lint-js
lint-js: node_modules ## lint js files
$(NODE_VARS) pnpm exec eslint --color --max-warnings=0 $(ESLINT_FILES)
$(NODE_VARS) pnpm exec eslint --color --max-warnings=0 --flag unstable_native_nodejs_ts_config $(ESLINT_FILES)
$(NODE_VARS) pnpm exec vue-tsc
.PHONY: lint-js-fix
lint-js-fix: node_modules ## lint js files and fix issues
$(NODE_VARS) pnpm exec eslint --color --max-warnings=0 $(ESLINT_FILES) --fix
$(NODE_VARS) pnpm exec eslint --color --max-warnings=0 --flag unstable_native_nodejs_ts_config $(ESLINT_FILES) --fix
$(NODE_VARS) pnpm exec vue-tsc
.PHONY: lint-css
@@ -363,17 +370,13 @@ lint-swagger: node_modules ## lint swagger files
lint-md: node_modules ## lint markdown files
$(NODE_VARS) pnpm exec markdownlint *.md
.PHONY: lint-md-fix
lint-md-fix: node_modules ## lint markdown files and fix issues
$(NODE_VARS) pnpm exec markdownlint --fix *.md
.PHONY: lint-spell
lint-spell: ## lint spelling
@go run $(MISSPELL_PACKAGE) -dict assets/misspellings.csv -error $(SPELLCHECK_FILES)
@go run $(MISSPELL_PACKAGE) -dict tools/misspellings.csv -error $(SPELLCHECK_FILES)
.PHONY: lint-spell-fix
lint-spell-fix: ## lint spelling and fix issues
@go run $(MISSPELL_PACKAGE) -dict assets/misspellings.csv -w $(SPELLCHECK_FILES)
@go run $(MISSPELL_PACKAGE) -dict tools/misspellings.csv -w $(SPELLCHECK_FILES)
.PHONY: lint-go
lint-go: ## lint go files
@@ -393,7 +396,13 @@ lint-go-windows:
.PHONY: lint-go-gitea-vet
lint-go-gitea-vet: ## lint go files with gitea-vet
@echo "Running gitea-vet..."
@$(GO) vet -vettool="$(shell GOOS= GOARCH= go tool -n gitea-vet)" ./...
@GOOS= GOARCH= $(GO) build code.gitea.io/gitea-vet
@$(GO) vet -vettool=gitea-vet ./...
.PHONY: lint-go-gopls
lint-go-gopls: ## lint go files with gopls
@echo "Running gopls check..."
@GO=$(GO) GOPLS_PACKAGE=$(GOPLS_PACKAGE) tools/lint-go-gopls.sh $(GO_SOURCES)
.PHONY: lint-editorconfig
lint-editorconfig:
@@ -413,14 +422,6 @@ lint-templates: .venv node_modules ## lint template files
lint-yaml: .venv ## lint yaml files
@uv run --frozen yamllint -s .
.PHONY: lint-json
lint-json: node_modules ## lint json files
$(NODE_VARS) pnpm exec eslint -c eslint.json.config.ts --color --max-warnings=0
.PHONY: lint-json-fix
lint-json-fix: node_modules ## lint and fix json files
$(NODE_VARS) pnpm exec eslint -c eslint.json.config.ts --color --max-warnings=0 --fix
.PHONY: watch
watch: ## watch everything and continuously rebuild
@bash tools/watch.sh
@@ -467,7 +468,7 @@ test\#%:
coverage:
grep '^\(mode: .*\)\|\(.*:[0-9]\+\.[0-9]\+,[0-9]\+\.[0-9]\+ [0-9]\+ [0-9]\+\)$$' coverage.out > coverage-bodged.out
grep '^\(mode: .*\)\|\(.*:[0-9]\+\.[0-9]\+,[0-9]\+\.[0-9]\+ [0-9]\+ [0-9]\+\)$$' integration.coverage.out > integration.coverage-bodged.out
$(GO) run tools/gocovmerge.go integration.coverage-bodged.out coverage-bodged.out > coverage.all
$(GO) run build/gocovmerge.go integration.coverage-bodged.out coverage-bodged.out > coverage.all
.PHONY: unit-test-coverage
unit-test-coverage:
@@ -765,7 +766,7 @@ generate-go: $(TAGS_PREREQ)
.PHONY: security-check
security-check:
GOEXPERIMENT= go run $(GOVULNCHECK_PACKAGE) -show color ./...
go run $(GOVULNCHECK_PACKAGE) -show color ./...
$(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
ifneq ($(and $(STATIC),$(findstring pam,$(TAGS))),)
@@ -846,6 +847,8 @@ deps-tools: ## install tool dependencies
$(GO) install $(GO_LICENSES_PACKAGE) & \
$(GO) install $(GOVULNCHECK_PACKAGE) & \
$(GO) install $(ACTIONLINT_PACKAGE) & \
$(GO) install $(GOPLS_PACKAGE) & \
$(GO) install $(GOPLS_MODERNIZE_PACKAGE) & \
wait
node_modules: pnpm-lock.yaml
@@ -911,6 +914,16 @@ lockfile-check:
exit 1; \
fi
.PHONY: update-translations
update-translations:
mkdir -p ./translations
cd ./translations && curl -L https://crowdin.com/download/project/gitea.zip > gitea.zip && unzip gitea.zip
rm ./translations/gitea.zip
$(SED_INPLACE) -e 's/="/=/g' -e 's/"$$//g' ./translations/*.ini
$(SED_INPLACE) -e 's/\\"/"/g' ./translations/*.ini
mv ./translations/*.ini ./options/locale/
rmdir ./translations
.PHONY: generate-gitignore
generate-gitignore: ## update gitignore files
$(GO) run build/generate-gitignores.go

571
README.md
View File

@@ -1,416 +1,213 @@
# GitCaddy
# Gitea
The AI-native Git platform. Self-hosted, fast, and designed for the age of AI-assisted development.
[![](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main)](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain "Release Nightly")
[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
[![](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea "Go Report Card")
[![](https://pkg.go.dev/badge/code.gitea.io/gitea?status.svg)](https://pkg.go.dev/code.gitea.io/gitea "GoDoc")
[![](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest "GitHub release")
[![](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea "Help Contribute to Open Source")
[![](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea "Become a backer/sponsor of gitea")
[![](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT "License: MIT")
[![Contribute with Gitpod](https://img.shields.io/badge/Contribute%20with-Gitpod-908a85?logo=gitpod&color=green)](https://gitpod.io/#https://github.com/go-gitea/gitea)
[![](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com "Crowdin")
## What is GitCaddy?
[繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
GitCaddy transforms Git hosting into an AI-ready platform. While traditional Git servers treat AI tools as an afterthought, GitCaddy is built from the ground up with structured APIs, capability discovery, and intelligent context that AI assistants need to write correct code, generate valid CI/CD workflows, and understand your projects deeply.
## Purpose
**Key differentiators:**
The goal of this project is to make the easiest, fastest, and most
painless way of setting up a self-hosted Git service.
- **V2 API** - Modern, AI-optimized endpoints with batch operations, streaming, and structured errors
- **Runner Capability Discovery** - AI tools query runner capabilities before generating workflows
- **Action Compatibility Database** - Curated compatibility matrix prevents workflow errors
- **AI Context APIs** - Rich, structured repository and issue intelligence
- **Workflow Validation** - Pre-flight checks for CI/CD workflows before commit
As Gitea is written in Go, it works across **all** the platforms and
architectures that are supported by Go, including Linux, macOS, and
Windows on x86, amd64, ARM and PowerPC architectures.
This project has been
[forked](https://blog.gitea.com/welcome-to-gitea/) from
[Gogs](https://gogs.io) since November of 2016, but a lot has changed.
## Features
For online demonstrations, you can visit [demo.gitea.com](https://demo.gitea.com).
### V2 API - Modern, AI-Optimized Interface
For accessing free Gitea service (with a limited number of repositories), you can visit [gitea.com](https://gitea.com/user/login).
A complete API redesign focused on AI tool consumption:
To quickly deploy your own dedicated Gitea instance on Gitea Cloud, you can start a free trial at [cloud.gitea.com](https://cloud.gitea.com).
| Feature | Description |
|---------|-------------|
| **Batch Operations** | Fetch up to 100 files in a single request |
| **Streaming** | NDJSON streams for progressive processing |
| **Idempotency** | Built-in support for safe request retries |
| **Structured Errors** | Machine-readable error codes, not just HTTP status |
| **Request Tracking** | Every request gets a unique ID for debugging |
| **Health Checks** | Kubernetes-compatible liveness/readiness probes |
| **Operation Progress** | Server-Sent Events for long-running operations |
## Documentation
```
GET /api/v2/batch/files # Bulk file retrieval
POST /api/v2/stream/files # NDJSON streaming
GET /api/v2/operations/{id} # Operation status
GET /api/v2/health/ready # Readiness probe
```
You can find comprehensive documentation on our official [documentation website](https://docs.gitea.com/).
### AI Context APIs - Repository Intelligence
It includes installation, administration, usage, development, contributing guides, and more to help you get started and explore all features effectively.
Purpose-built endpoints that give AI tools the context they need:
**Repository Summary** (`/api/v2/ai/repo/summary`)
```json
{
"name": "my-project",
"primary_language": "Go",
"project_type": "application",
"build_system": "go modules",
"test_framework": "go test",
"suggested_entry_points": ["cmd/main.go", "internal/app/"],
"config_files": ["go.mod", "Makefile", ".gitea/workflows/"],
"language_stats": {"Go": 45000, "YAML": 2000}
}
```
**Repository Navigation** (`/api/v2/ai/repo/navigation`)
- Directory tree with depth control
- Important paths ranked by priority (entry points, tests, docs)
- File type distribution
**Issue Context** (`/api/v2/ai/issue/context`)
- Issue details with all comments
- Related issues and code references
- AI hints: category (bug/feature), complexity estimation, suggested files
### Runner Capability Discovery
Runners report their capabilities. AI tools query before generating workflows.
**Endpoint:** `GET /api/v2/repos/{owner}/{repo}/actions/runners/capabilities`
```json
{
"runners": [
{
"id": 1,
"name": "ubuntu-runner",
"status": "online",
"labels": ["ubuntu-latest", "docker"],
"capabilities": {
"os": "linux",
"arch": "amd64",
"docker": true,
"docker_compose": true,
"shell": ["bash", "sh"],
"tools": {
"node": ["18.19.0", "20.10.0"],
"go": ["1.21.5", "1.22.0"],
"python": ["3.11.6", "3.12.0"]
},
"features": {
"cache": true,
"services": true
}
}
}
],
"platform": {
"type": "gitea",
"version": "1.26.0",
"supported_actions": {
"actions/checkout": {"versions": ["v3", "v4"]},
"actions/setup-node": {"versions": ["v3", "v4"]},
"actions/upload-artifact": {"versions": ["v3"], "notes": "v4 not supported"}
},
"unsupported_features": [
"GitHub-hosted runners",
"OIDC token authentication"
]
},
"workflow_hints": {
"preferred_checkout": "actions/checkout@v4",
"artifact_upload_alternative": "Use Gitea API for artifacts"
}
}
```
### Workflow Validation
Validate workflows before committing. Catch incompatibilities early.
**Endpoint:** `POST /api/v2/repos/{owner}/{repo}/actions/workflows/validate`
```json
// Request
{
"content": "name: Build\non: push\njobs:\n build:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/upload-artifact@v4"
}
// Response
{
"valid": false,
"warnings": [
{
"line": 8,
"action": "actions/upload-artifact@v4",
"severity": "error",
"message": "actions/upload-artifact@v4 is not supported",
"suggestion": "Use actions/upload-artifact@v3"
}
],
"runner_match": [
{
"job": "build",
"runs_on": ["ubuntu-latest"],
"matched_runners": ["ubuntu-runner-1"],
"capabilities_met": true
}
]
}
```
### Action Compatibility Database
Built-in knowledge of GitHub Action compatibility:
| Action | Compatible Versions | Notes |
|--------|-------------------|-------|
| `actions/checkout` | v2, v3, v4 | Fully compatible |
| `actions/setup-node` | v2, v3, v4 | Fully compatible |
| `actions/setup-go` | v3, v4, v5 | Fully compatible |
| `actions/setup-python` | v4, v5 | Fully compatible |
| `actions/cache` | v3, v4 | Fully compatible |
| `actions/upload-artifact` | v2, v3 | v4 not supported |
| `actions/download-artifact` | v2, v3 | v4 not supported |
### Release Archive
Archive old releases without deleting them:
- Toggle archived status via UI or API
- Filter releases by archived state
- Archived releases hidden by default, toggle to show
- Preserves release history for compliance
```
POST /api/v1/repos/{owner}/{repo}/releases/{id}/archive
DELETE /api/v1/repos/{owner}/{repo}/releases/{id}/archive
GET /api/v1/repos/{owner}/{repo}/releases?archived=false
```
### Public Landing Pages & Releases for Private Repos
Private repositories can expose a public landing page and/or public releases. Perfect for:
- Commercial software with private source but public downloads
- Open-core projects with public documentation
- Electron/desktop apps needing public update endpoints
Configure in `.gitea/landing.yaml`:
```yaml
enabled: true
public_landing: true # Allow unauthenticated access to landing page
hero:
title: "My App"
tagline: "The best app ever"
advanced:
public_releases: true # Allow unauthenticated access to releases
```
**API Endpoints (no auth required when enabled):**
```
GET /api/v2/repos/{owner}/{repo}/pages/config # Landing page config
GET /api/v2/repos/{owner}/{repo}/pages/content # Landing page content
GET /api/v2/repos/{owner}/{repo}/releases # List releases
GET /api/v2/repos/{owner}/{repo}/releases/latest # Latest release
```
### App Update API (Electron/Squirrel Compatible)
Purpose-built endpoint for desktop app auto-updates. Returns Squirrel-compatible JSON format.
**Endpoint:** `GET /api/v2/repos/{owner}/{repo}/releases/update`
**Query Parameters:**
| Parameter | Description | Default |
|-----------|-------------|---------|
| `version` | Current app version (semver) | Required |
| `platform` | `darwin`, `windows`, `linux` | Runtime OS |
| `arch` | `x64`, `arm64` | Runtime arch |
| `channel` | `stable`, `beta`, `alpha` | `stable` |
**Response (200 OK - update available):**
```json
{
"url": "https://git.example.com/owner/repo/releases/download/v1.2.0/App-darwin-arm64.zip",
"name": "v1.2.0",
"notes": "Release notes in markdown...",
"pub_date": "2026-01-10T12:00:00Z",
"platform": {
"size": 45000000,
"releases_url": "https://...", // Windows RELEASES file
"nupkg_url": "https://..." // Windows nupkg
}
}
```
**Response (204 No Content):** No update available
**Electron Integration:**
```typescript
// In your Electron app
import { autoUpdater } from 'electron'
const version = app.getVersion()
const platform = process.platform
const arch = process.arch === 'arm64' ? 'arm64' : 'x64'
autoUpdater.setFeedURL({
url: `https://git.example.com/api/v2/repos/owner/repo/releases/update?version=${version}&platform=${platform}&arch=${arch}`
})
autoUpdater.checkForUpdates()
```
## Installation
### From Binary
Download from [Releases](https://git.marketally.com/gitcaddy/gitea/releases):
```bash
# Linux (amd64)
curl -L -o gitcaddy https://git.marketally.com/gitcaddy/gitea/releases/latest/download/gitea-linux-amd64
chmod +x gitcaddy
./gitcaddy web
```
### From Source
```bash
git clone https://git.marketally.com/gitcaddy/gitea.git
cd gitea
TAGS="bindata sqlite sqlite_unlock_notify" make build
./gitea web
```
### Docker
```bash
docker run -d \
--name gitcaddy \
-p 3000:3000 \
-v ./data:/data \
gitcaddy/gitea:latest
```
## Configuration
GitCaddy uses the same configuration as Gitea. Key settings for AI features:
```ini
[server]
ROOT_URL = https://your-instance.com/
[actions]
ENABLED = true
[api]
; Enable V2 API (enabled by default)
ENABLE_V2_API = true
; Max files in batch request
MAX_BATCH_SIZE = 100
; Enable AI context endpoints
ENABLE_AI_CONTEXT = true
```
## GitCaddy Runner
For full capability reporting, use the [GitCaddy act_runner](https://git.marketally.com/gitcaddy/act_runner):
```bash
# Download
curl -L -o act_runner https://git.marketally.com/gitcaddy/act_runner/releases/latest/download/act_runner-linux-amd64
chmod +x act_runner
# Register
./act_runner register \
--instance https://your-instance.com \
--token YOUR_TOKEN \
--name my-runner
# Run (automatically detects and reports capabilities)
./act_runner daemon
```
The runner automatically detects:
- OS and architecture
- Docker/Podman availability
- Installed tools (Node.js, Go, Python, Java, .NET, Rust)
- Available shells
- Docker Compose support
## API Documentation
Interactive API documentation available at:
- `/api/v2/docs` - Scalar API explorer
- `/api/v2/swagger.json` - OpenAPI specification
## Architecture
```
GitCaddy
|
+------------------------------+------------------------------+
| | |
V2 API Layer Actions Engine Web Interface
| | |
+----+----+ +----+----+ +----+----+
| | | | | |
Batch Streaming Runners Workflows Repos Releases
Files (NDJSON) Capability Validation (Archive)
| | Discovery |
| | | |
+----+----+--------------------+---------+
|
AI Context APIs
|
+----+----+----+
| | | |
Repo Issue Nav Summary
```
## Related Projects
| Project | Description |
|---------|-------------|
| [gitcaddy/act_runner](https://git.marketally.com/gitcaddy/act_runner) | Runner with capability detection |
| [gitcaddy/actions-proto-go](https://git.marketally.com/gitcaddy/actions-proto-go) | Protocol definitions |
If you have any suggestions or would like to contribute to it, you can visit the [documentation repository](https://gitea.com/gitea/docs)
## Building
Requirements:
- Go 1.24+ (see `go.mod`)
- Node.js 22.6+ (for frontend)
- Make
From the root of the source tree, run:
```bash
# Full build
TAGS="bindata sqlite sqlite_unlock_notify" make build
TAGS="bindata" make build
# Backend only
make backend
or if SQLite support is required:
# Frontend only
make frontend
TAGS="bindata sqlite sqlite_unlock_notify" make build
# Run tests
make test
```
The `build` target is split into two sub-targets:
- `make backend` which requires [Go Stable](https://go.dev/dl/), the required version is defined in [go.mod](/go.mod).
- `make frontend` which requires [Node.js LTS](https://nodejs.org/en/download/) or greater and [pnpm](https://pnpm.io/installation).
Internet connectivity is required to download the go and npm modules. When building from the official source tarballs which include pre-built frontend files, the `frontend` target will not be triggered, making it possible to build without Node.js.
More info: https://docs.gitea.com/installation/install-from-source
## Using
After building, a binary file named `gitea` will be generated in the root of the source tree by default. To run it, use:
./gitea web
> [!NOTE]
> If you're interested in using our APIs, we have experimental support with [documentation](https://docs.gitea.com/api).
## Contributing
1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Run tests: `make test`
5. Submit a pull request
Expected workflow is: Fork -> Patch -> Push -> Pull Request
> [!NOTE]
>
> 1. **YOU MUST READ THE [CONTRIBUTORS GUIDE](CONTRIBUTING.md) BEFORE STARTING TO WORK ON A PULL REQUEST.**
> 2. If you have found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
## Translating
[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com)
Translations are done through [Crowdin](https://translate.gitea.com). If you want to translate to a new language, ask one of the managers in the Crowdin project to add a new language there.
You can also just create an issue for adding a language or ask on Discord on the #translation channel. If you need context or find some translation issues, you can leave a comment on the string or ask on Discord. For general translation questions there is a section in the docs. Currently a bit empty, but we hope to fill it as questions pop up.
Get more information from [documentation](https://docs.gitea.com/contributing/localization).
## Official and Third-Party Projects
We provide an official [go-sdk](https://gitea.com/gitea/go-sdk), a CLI tool called [tea](https://gitea.com/gitea/tea) and an [action runner](https://gitea.com/gitea/act_runner) for Gitea Action.
We maintain a list of Gitea-related projects at [gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea), where you can discover more third-party projects, including SDKs, plugins, themes, and more.
## Communication
[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
If you have questions that are not covered by the [documentation](https://docs.gitea.com/), you can get in contact with us on our [Discord server](https://discord.gg/Gitea) or create a post in the [discourse forum](https://forum.gitea.com/).
## Authors
- [Maintainers](https://github.com/orgs/go-gitea/people)
- [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
- [Translators](options/locale/TRANSLATORS)
## Backers
Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/gitea#backer)]
<a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
## Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/gitea#sponsor)]
<a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
<a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
## FAQ
**How do you pronounce Gitea?**
Gitea is pronounced [/ɡɪti:/](https://youtu.be/EM71-2uDAoY) as in "gi-tea" with a hard g.
**Why is this not hosted on a Gitea instance?**
We're [working on it](https://github.com/go-gitea/gitea/issues/1029).
**Where can I find the security patches?**
In the [release log](https://github.com/go-gitea/gitea/releases) or the [change log](https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md), search for the keyword `SECURITY` to find the security patches.
## License
MIT License - see [LICENSE](LICENSE) for details.
This project is licensed under the MIT License.
See the [LICENSE](https://github.com/go-gitea/gitea/blob/main/LICENSE) file
for the full license text.
---
## Further information
## Acknowledgments
<details>
<summary>Looking for an overview of the interface? Check it out!</summary>
GitCaddy is a fork of [Gitea](https://gitea.io), the open-source self-hosted Git service. We thank the Gitea team and all contributors for building the foundation that makes GitCaddy possible.
### Login/Register Page
- [Gitea Project](https://gitea.io)
- [Gitea Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
![Login](https://dl.gitea.com/screenshots/login.png)
![Register](https://dl.gitea.com/screenshots/register.png)
### User Dashboard
![Home](https://dl.gitea.com/screenshots/home.png)
![Issues](https://dl.gitea.com/screenshots/issues.png)
![Pull Requests](https://dl.gitea.com/screenshots/pull_requests.png)
![Milestones](https://dl.gitea.com/screenshots/milestones.png)
### User Profile
![Profile](https://dl.gitea.com/screenshots/user_profile.png)
### Explore
![Repos](https://dl.gitea.com/screenshots/explore_repos.png)
![Users](https://dl.gitea.com/screenshots/explore_users.png)
![Orgs](https://dl.gitea.com/screenshots/explore_orgs.png)
### Repository
![Home](https://dl.gitea.com/screenshots/repo_home.png)
![Commits](https://dl.gitea.com/screenshots/repo_commits.png)
![Branches](https://dl.gitea.com/screenshots/repo_branches.png)
![Labels](https://dl.gitea.com/screenshots/repo_labels.png)
![Milestones](https://dl.gitea.com/screenshots/repo_milestones.png)
![Releases](https://dl.gitea.com/screenshots/repo_releases.png)
![Tags](https://dl.gitea.com/screenshots/repo_tags.png)
#### Repository Issue
![List](https://dl.gitea.com/screenshots/repo_issues.png)
![Issue](https://dl.gitea.com/screenshots/repo_issue.png)
#### Repository Pull Requests
![List](https://dl.gitea.com/screenshots/repo_pull_requests.png)
![Pull Request](https://dl.gitea.com/screenshots/repo_pull_request.png)
![File](https://dl.gitea.com/screenshots/repo_pull_request_file.png)
![Commits](https://dl.gitea.com/screenshots/repo_pull_request_commits.png)
#### Repository Actions
![List](https://dl.gitea.com/screenshots/repo_actions.png)
![Details](https://dl.gitea.com/screenshots/repo_actions_run.png)
#### Repository Activity
![Activity](https://dl.gitea.com/screenshots/repo_activity.png)
![Contributors](https://dl.gitea.com/screenshots/repo_contributors.png)
![Code Frequency](https://dl.gitea.com/screenshots/repo_code_frequency.png)
![Recent Commits](https://dl.gitea.com/screenshots/repo_recent_commits.png)
### Organization
![Home](https://dl.gitea.com/screenshots/org_home.png)
</details>

1328
ai_enhancements.md
View File

File diff suppressed because it is too large Load Diff

BIN
assets/256x256.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

BIN
assets/gitcaddy-icon.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

14
build.go Normal file
View File

@@ -0,0 +1,14 @@
// Copyright 2020 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
//go:build vendor
package main
// Libraries that are included to vendor utilities used during Makefile build.
// These libraries will not be included in a normal compilation.
import (
// for vet
_ "code.gitea.io/gitea-vet"
)

16
tools/code-batch-process.go → build/code-batch-process.go
View File

@@ -12,11 +12,10 @@ import (
"os/exec"
"path/filepath"
"regexp"
"slices"
"strconv"
"strings"
"code.gitea.io/gitea/tools/codeformat"
"code.gitea.io/gitea/build/codeformat"
)
// Windows has a limitation for command line arguments, the size can not exceed 32KB.
@@ -218,6 +217,15 @@ func newFileCollectorFromMainOptions(mainOptions map[string]string) (fc *fileCol
return newFileCollector(fileFilter, batchSize)
}
func containsString(a []string, s string) bool {
for _, v := range a {
if v == s {
return true
}
}
return false
}
func giteaFormatGoImports(files []string, doWriteFile bool) error {
for _, file := range files {
if err := codeformat.FormatGoImports(file, doWriteFile); err != nil {
@@ -256,10 +264,10 @@ func main() {
logVerbose("batch cmd: %s %v", subCmd, substArgs)
switch subCmd {
case "gitea-fmt":
if slices.Contains(subArgs, "-d") {
if containsString(subArgs, "-d") {
log.Print("the -d option is not supported by gitea-fmt")
}
cmdErrors = append(cmdErrors, giteaFormatGoImports(files, slices.Contains(subArgs, "-w")))
cmdErrors = append(cmdErrors, giteaFormatGoImports(files, containsString(subArgs, "-w")))
cmdErrors = append(cmdErrors, passThroughCmd("gofmt", append([]string{"-w", "-r", "interface{} -> any"}, substArgs...)))
cmdErrors = append(cmdErrors, passThroughCmd("go", append([]string{"run", os.Getenv("GOFUMPT_PACKAGE"), "-extra"}, substArgs...)))
default:

0
tools/codeformat/formatimports.go → build/codeformat/formatimports.go
View File

0
tools/codeformat/formatimports_test.go → build/codeformat/formatimports_test.go
View File

0
tools/gocovmerge.go → build/gocovmerge.go
View File

0
tools/test-echo.go → build/test-echo.go
View File

44
build/update-locales.sh
View File

@@ -1,22 +1,52 @@
#!/bin/sh
# this script runs in alpine image which only has `sh` shell
if [ ! -f ./options/locale/locale_en-US.json ]; then
set +e
if sed --version 2>/dev/null | grep -q GNU; then
SED_INPLACE="sed -i"
else
SED_INPLACE="sed -i ''"
fi
set -e
if [ ! -f ./options/locale/locale_en-US.ini ]; then
echo "please run this script in the root directory of the project"
exit 1
fi
mv ./options/locale/locale_en-US.json ./options/
mv ./options/locale/locale_en-US.ini ./options/
# the "ini" library for locale has many quirks, its behavior is different from Crowdin.
# see i18n_test.go for more details
# this script helps to unquote the Crowdin outputs for the quirky ini library
# * find all `key="...\"..."` lines
# * remove the leading quote
# * remove the trailing quote
# * unescape the quotes
# * eg: key="...\"..." => key=..."...
$SED_INPLACE -r -e '/^[-.A-Za-z0-9_]+[ ]*=[ ]*".*"$/ {
s/^([-.A-Za-z0-9_]+)[ ]*=[ ]*"/\1=/
s/"$//
s/\\"/"/g
}' ./options/locale/*.ini
# * if the escaped line is incomplete like `key="...` or `key=..."`, quote it with backticks
# * eg: key="... => key=`"...`
# * eg: key=..." => key=`..."`
$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*(".*[^"])$/\1=`\2`/' ./options/locale/*.ini
$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*([^"].*")$/\1=`\2`/' ./options/locale/*.ini
# Remove translation under 25% of en_us
baselines=$(cat "./options/locale_en-US.json" | wc -l)
baselines=$(wc -l "./options/locale_en-US.ini" | cut -d" " -f1)
baselines=$((baselines / 4))
for filename in ./options/locale/*.json; do
lines=$(cat "$filename" | wc -l)
if [ "$lines" -lt "$baselines" ]; then
for filename in ./options/locale/*.ini; do
lines=$(wc -l "$filename" | cut -d" " -f1)
if [ $lines -lt $baselines ]; then
echo "Removing $filename: $lines/$baselines"
rm "$filename"
fi
done
mv ./options/locale_en-US.json ./options/locale/
mv ./options/locale_en-US.ini ./options/locale/

4
cmd/admin.go
View File

@@ -121,7 +121,7 @@ func runRepoSyncReleases(ctx context.Context, _ *cli.Command) error {
}
log.Trace("Processing next %d repos of %d", len(repos), count)
for _, repo := range repos {
log.Trace("Synchronizing repo %s with path %s", repo.FullName(), repo.RelativePath())
log.Trace("Synchronizing repo %s with path %s", repo.FullName(), repo.RepoPath())
gitRepo, err := gitrepo.OpenRepository(ctx, repo)
if err != nil {
log.Warn("OpenRepository: %v", err)
@@ -147,7 +147,7 @@ func runRepoSyncReleases(ctx context.Context, _ *cli.Command) error {
continue
}
log.Trace("repo %s releases synchronized to tags: from %d to %d",
log.Trace(" repo %s releases synchronized to tags: from %d to %d",
repo.FullName(), oldnum, count)
gitRepo.Close()
}

7
cmd/admin_auth_ldap.go
View File

@@ -94,10 +94,6 @@ func commonLdapCLIFlags() []cli.Flag {
Name: "public-ssh-key-attribute",
Usage: "The attribute of the users LDAP record containing the users public ssh key.",
},
&cli.BoolFlag{
Name: "ssh-keys-are-verified",
Usage: "Set to true to automatically flag SSH keys in LDAP as verified.",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Set to true to skip local 2fa for users authenticated by this source",
@@ -298,9 +294,6 @@ func parseLdapConfig(c *cli.Command, config *ldap.Source) error {
if c.IsSet("public-ssh-key-attribute") {
config.AttributeSSHPublicKey = c.String("public-ssh-key-attribute")
}
if c.IsSet("ssh-keys-are-verified") {
config.SSHKeysAreVerified = c.Bool("ssh-keys-are-verified")
}
if c.IsSet("avatar-attribute") {
config.AttributeAvatar = c.String("avatar-attribute")
}

4
cmd/admin_auth_ldap_test.go
View File

@@ -233,7 +233,7 @@ func TestAddLdapBindDn(t *testing.T) {
},
getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
assert.FailNow(t, "getAuthSourceByID called", "case %d: should not call getAuthSourceByID", n)
return nil, nil //nolint:nilnil // mock function covering improper behavior
return nil, nil
},
}
@@ -463,7 +463,7 @@ func TestAddLdapSimpleAuth(t *testing.T) {
},
getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
assert.FailNow(t, "getAuthSourceById called", "case %d: should not call getAuthSourceByID", n)
return nil, nil //nolint:nilnil // mock function covering improper behavior
return nil, nil
},
}

1
cmd/admin_user_create.go
View File

@@ -151,7 +151,6 @@ func runCreateUser(ctx context.Context, c *cli.Command) error {
if err != nil {
return err
}
// codeql[disable-next-line=go/clear-text-logging]
fmt.Printf("generated random password is '%s'\n", password)
} else if userType == user_model.UserTypeIndividual {
return errors.New("must set either password or random-password flag")

1
cmd/admin_user_must_change_password.go
View File

@@ -58,7 +58,6 @@ func runMustChangePassword(ctx context.Context, c *cli.Command) error {
return err
}
// codeql[disable-next-line=go/clear-text-logging]
fmt.Printf("Updated %d users setting MustChangePassword to %t\n", n, mustChangePassword)
return nil
}

6
cmd/cmd.go
View File

@@ -121,12 +121,6 @@ func globalBool(c *cli.Command, name string) bool {
// Any log appears in git stdout pipe will break the git protocol, eg: client can't push and hangs forever.
func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(context.Context, *cli.Command) (context.Context, error) {
return func(ctx context.Context, c *cli.Command) (context.Context, error) {
if setting.InstallLock {
// During config loading, there might also be logs (for example: deprecation warnings).
// It must make sure that console logger is set up before config is loaded.
log.Error("Config is loaded before console logger is setup, it will cause bugs. Please fix it.")
return nil, errors.New("console logger must be setup before config is loaded")
}
level := defaultLevel
if globalBool(c, "quiet") {
level = log.FATAL

156
cmd/config.go
View File

@@ -1,156 +0,0 @@
// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"context"
"errors"
"fmt"
"os"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli/v3"
)
func cmdConfig() *cli.Command {
subcmdConfigEditIni := &cli.Command{
Name: "edit-ini",
Usage: "Load an existing INI file, apply environment variables, keep specified keys, and output to a new INI file.",
Description: `
Help users to edit the Gitea configuration INI file.
# Keep Specified Keys
If you need to re-create the configuration file with only a subset of keys,
you can provide an INI template file for the kept keys and use the "--config-keep-keys" flag.
For example, if a helm chart needs to reset the settings and only keep SECRET_KEY,
it can use a template file (only keys take effect, values are ignored):
[security]
SECRET_KEY=
$ ./gitea config edit-ini --config app-old.ini --config-keep-keys app-keys.ini --out app-new.ini
# Map Environment Variables to INI Configuration
Environment variables of the form "GITEA__section_name__KEY_NAME"
will be mapped to the ini section "[section_name]" and the key
"KEY_NAME" with the value as provided.
Environment variables of the form "GITEA__section_name__KEY_NAME__FILE"
will be mapped to the ini section "[section_name]" and the key
"KEY_NAME" with the value loaded from the specified file.
Environment variable keys can only contain characters "0-9A-Z_",
if a section or key name contains dot ".", it needs to be escaped as _0x2E_.
For example, to apply this config:
[git.config]
foo.bar=val
$ export GITEA__git_0x2E_config__foo_0x2E_bar=val
# Put All Together
$ ./gitea config edit-ini --config app.ini --config-keep-keys app-keys.ini --apply-env {--in-place|--out app-new.ini}
`,
Flags: []cli.Flag{
// "--config" flag is provided by global flags, and this flag is also used by "environment-to-ini" script wrapper
// "--in-place" is also used by "environment-to-ini" script wrapper for its old behavior: always overwrite the existing config file
&cli.BoolFlag{
Name: "in-place",
Usage: "Output to the same config file as input. This flag will be ignored if --out is set.",
},
&cli.StringFlag{
Name: "config-keep-keys",
Usage: "An INI template file containing keys for keeping. Only the keys defined in the INI template will be kept from old config. If not set, all keys will be kept.",
},
&cli.BoolFlag{
Name: "apply-env",
Usage: "Apply all GITEA__* variables from the environment to the config.",
},
&cli.StringFlag{
Name: "out",
Usage: "Destination config file to write to.",
},
},
Action: runConfigEditIni,
}
return &cli.Command{
Name: "config",
Usage: "Manage Gitea configuration",
Commands: []*cli.Command{
subcmdConfigEditIni,
},
}
}
func runConfigEditIni(_ context.Context, c *cli.Command) error {
// the config system may change the environment variables, so get a copy first, to be used later
env := append([]string{}, os.Environ()...)
// don't use the guessed setting.CustomConf, instead, require the user to provide --config explicitly
if !c.IsSet("config") {
return errors.New("flag is required but not set: --config")
}
configFileIn := c.String("config")
cfgIn, err := setting.NewConfigProviderFromFile(configFileIn)
if err != nil {
return fmt.Errorf("failed to load config file %q: %v", configFileIn, err)
}
// determine output config file: use "--out" flag or use "--in-place" flag to overwrite input file
inPlace := c.Bool("in-place")
configFileOut := c.String("out")
if configFileOut == "" {
if !inPlace {
return errors.New("either --in-place or --out must be specified")
}
configFileOut = configFileIn // in-place edit
}
needWriteOut := configFileOut != configFileIn
cfgOut := cfgIn
configKeepKeys := c.String("config-keep-keys")
if configKeepKeys != "" {
needWriteOut = true
cfgOut, err = setting.NewConfigProviderFromFile(configKeepKeys)
if err != nil {
return fmt.Errorf("failed to load config-keep-keys template file %q: %v", configKeepKeys, err)
}
for _, secOut := range cfgOut.Sections() {
for _, keyOut := range secOut.Keys() {
secIn := cfgIn.Section(secOut.Name())
keyIn := setting.ConfigSectionKey(secIn, keyOut.Name())
if keyIn != nil {
keyOut.SetValue(keyIn.String())
} else {
secOut.DeleteKey(keyOut.Name())
}
}
if len(secOut.Keys()) == 0 {
cfgOut.DeleteSection(secOut.Name())
}
}
}
if c.Bool("apply-env") {
if setting.EnvironmentToConfig(cfgOut, env) {
needWriteOut = true
}
}
if needWriteOut {
err = cfgOut.SaveTo(configFileOut)
if err != nil {
return err
}
}
return nil
}

85
cmd/config_test.go
View File

@@ -1,85 +0,0 @@
// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"os"
"testing"
"github.com/stretchr/testify/require"
)
func TestConfigEdit(t *testing.T) {
tmpDir := t.TempDir()
configOld := tmpDir + "/app-old.ini"
configTemplate := tmpDir + "/app-template.ini"
_ = os.WriteFile(configOld, []byte(`
[sec]
k1=v1
k2=v2
`), os.ModePerm)
_ = os.WriteFile(configTemplate, []byte(`
[sec]
k1=in-template
[sec2]
k3=v3
`), os.ModePerm)
t.Setenv("GITEA__EnV__KeY", "val")
t.Run("OutputToNewWithEnv", func(t *testing.T) {
configNew := tmpDir + "/app-new.ini"
err := NewMainApp(AppVersion{}).Run(t.Context(), []string{
"./gitea", "--config", configOld,
"config", "edit-ini",
"--apply-env",
"--config-keep-keys", configTemplate,
"--out", configNew,
})
require.NoError(t, err)
// "k1" old value is kept because its key is in the template
// "k2" is removed because it isn't in the template
// "k3" isn't in new config because it isn't in the old config
// [env] is applied from environment variable
data, _ := os.ReadFile(configNew)
require.Equal(t, `[sec]
k1 = v1
[env]
KeY = val
`, string(data))
})
t.Run("OutputToExisting(environment-to-ini)", func(t *testing.T) {
// the legacy "environment-to-ini" (now a wrapper script) behavior:
// if no "--out", then "--in-place" must be used to overwrite the existing "--config" file
err := NewMainApp(AppVersion{}).Run(t.Context(), []string{
"./gitea", "config", "edit-ini",
"--apply-env",
"--config", configOld,
})
require.ErrorContains(t, err, "either --in-place or --out must be specified")
// simulate the "environment-to-ini" behavior with "--in-place"
err = NewMainApp(AppVersion{}).Run(t.Context(), []string{
"./gitea", "config", "edit-ini",
"--in-place",
"--apply-env",
"--config", configOld,
})
require.NoError(t, err)
data, _ := os.ReadFile(configOld)
require.Equal(t, `[sec]
k1 = v1
k2 = v2
[env]
KeY = val
`, string(data))
})
}

1
cmd/generate.go
View File

@@ -91,7 +91,6 @@ func runGenerateSecretKey(_ context.Context, c *cli.Command) error {
return err
}
// codeql[disable-next-line=go/clear-text-logging]
fmt.Printf("%s", secretKey)
if isatty.IsTerminal(os.Stdout.Fd()) {

166
cmd/gitea-cli/cmd/auth.go
View File

@@ -1,166 +0,0 @@
// Copyright 2026 MarketAlly. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"bufio"
"errors"
"fmt"
"os"
"path/filepath"
"strings"
"syscall"
"github.com/spf13/cobra"
"github.com/spf13/viper"
"golang.org/x/term"
"gopkg.in/yaml.v3"
)
var authCmd = &cobra.Command{
Use: "auth",
Short: "Manage authentication",
Long: `Manage authentication to Gitea servers.`,
}
var loginCmd = &cobra.Command{
Use: "login",
Short: "Login to a Gitea server",
Long: `Login to a Gitea server and save credentials.
The credentials are stored in ~/.gitea-cli.yaml and used for subsequent commands.`,
RunE: runLogin,
}
var logoutCmd = &cobra.Command{
Use: "logout",
Short: "Logout from the current server",
RunE: runLogout,
}
var statusCmd = &cobra.Command{
Use: "status",
Short: "Show authentication status",
RunE: runStatus,
}
func init() {
loginCmd.Flags().String("server", "", "Gitea server URL (required)")
loginCmd.Flags().String("token", "", "API token (if not provided, will prompt)")
_ = loginCmd.MarkFlagRequired("server")
authCmd.AddCommand(loginCmd)
authCmd.AddCommand(logoutCmd)
authCmd.AddCommand(statusCmd)
}
func runLogin(cmd *cobra.Command, args []string) error {
server, _ := cmd.Flags().GetString("server")
tokenFlag, _ := cmd.Flags().GetString("token")
// Normalize server URL
server = strings.TrimSuffix(server, "/")
if !strings.HasPrefix(server, "http://") && !strings.HasPrefix(server, "https://") {
server = "https://" + server
}
var apiToken string
if tokenFlag != "" {
apiToken = tokenFlag
} else {
// Prompt for token
fmt.Print("API Token: ")
byteToken, err := term.ReadPassword(syscall.Stdin)
if err != nil {
// Fallback if terminal not available
reader := bufio.NewReader(os.Stdin)
apiToken, _ = reader.ReadString('\n')
apiToken = strings.TrimSpace(apiToken)
} else {
apiToken = string(byteToken)
fmt.Println() // New line after password
}
}
if apiToken == "" {
return errors.New("token is required")
}
// Verify the token works
fmt.Printf("Verifying credentials with %s...\n", server)
// TODO: Make actual API call to verify token
// For now, just save the config
// Save configuration
config := map[string]string{
"server": server,
"token": apiToken,
}
home, err := os.UserHomeDir()
if err != nil {
return fmt.Errorf("failed to get home directory: %w", err)
}
configPath := filepath.Join(home, ".gitea-cli.yaml")
data, err := yaml.Marshal(config)
if err != nil {
return fmt.Errorf("failed to marshal config: %w", err)
}
if err := os.WriteFile(configPath, data, 0o600); err != nil {
return fmt.Errorf("failed to write config: %w", err)
}
fmt.Printf("✓ Logged in to %s\n", server)
fmt.Printf(" Configuration saved to %s\n", configPath)
return nil
}
func runLogout(cmd *cobra.Command, args []string) error {
home, err := os.UserHomeDir()
if err != nil {
return fmt.Errorf("failed to get home directory: %w", err)
}
configPath := filepath.Join(home, ".gitea-cli.yaml")
if _, err := os.Stat(configPath); os.IsNotExist(err) {
fmt.Println("Not currently logged in")
return nil
}
if err := os.Remove(configPath); err != nil {
return fmt.Errorf("failed to remove config: %w", err)
}
fmt.Println("✓ Logged out successfully")
return nil
}
func runStatus(cmd *cobra.Command, args []string) error {
server := viper.GetString("server")
token := viper.GetString("token")
if server == "" || token == "" {
fmt.Println("Not logged in")
fmt.Println("\nUse 'gitea-cli auth login --server <url>' to authenticate")
return nil
}
// Mask token for display
maskedToken := token
if len(token) > 8 {
maskedToken = token[:4] + "..." + token[len(token)-4:]
}
fmt.Printf("Server: %s\n", server)
fmt.Printf("Token: %s\n", maskedToken)
// TODO: Verify token is still valid with API call
return nil
}

121
cmd/gitea-cli/cmd/root.go
View File

@@ -1,121 +0,0 @@
// Copyright 2026 MarketAlly. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"fmt"
"os"
"path/filepath"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
var (
cfgFile string
serverURL string
token string
verbose bool
version string
buildTime string
gitCommit string
)
// rootCmd represents the base command
var rootCmd = &cobra.Command{
Use: "gitea-cli",
Short: "A CLI tool for Gitea",
Long: `gitea-cli is a command-line tool for interacting with Gitea instances.
It provides efficient chunked uploads for large files, progress tracking,
and the ability to resume interrupted uploads.
Example usage:
gitea-cli auth login --server https://gitea.example.com
gitea-cli upload release-asset --repo owner/repo --release v1.0.0 --file ./app.tar.gz
gitea-cli upload resume --session sess_abc123`,
}
// Execute runs the root command
func Execute() error {
return rootCmd.Execute()
}
// SetVersion sets version information
func SetVersion(v, bt, gc string) {
version = v
buildTime = bt
gitCommit = gc
}
func init() {
cobra.OnInitialize(initConfig)
rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.gitea-cli.yaml)")
rootCmd.PersistentFlags().StringVarP(&serverURL, "server", "s", "", "Gitea server URL")
rootCmd.PersistentFlags().StringVarP(&token, "token", "t", "", "API token")
rootCmd.PersistentFlags().BoolVarP(&verbose, "verbose", "v", false, "verbose output")
_ = viper.BindPFlag("server", rootCmd.PersistentFlags().Lookup("server"))
_ = viper.BindPFlag("token", rootCmd.PersistentFlags().Lookup("token"))
// Add subcommands
rootCmd.AddCommand(versionCmd)
rootCmd.AddCommand(authCmd)
rootCmd.AddCommand(uploadCmd)
}
func initConfig() {
if cfgFile != "" {
viper.SetConfigFile(cfgFile)
} else {
home, err := os.UserHomeDir()
if err != nil {
fmt.Fprintln(os.Stderr, err)
return
}
viper.AddConfigPath(home)
viper.AddConfigPath(filepath.Join(home, ".config", "gitea-cli"))
viper.SetConfigName(".gitea-cli")
viper.SetConfigType("yaml")
}
viper.SetEnvPrefix("GITEA")
viper.AutomaticEnv()
if err := viper.ReadInConfig(); err == nil {
if verbose {
fmt.Fprintln(os.Stderr, "Using config file:", viper.ConfigFileUsed())
}
}
}
// versionCmd shows version information
var versionCmd = &cobra.Command{
Use: "version",
Short: "Print version information",
Run: func(cmd *cobra.Command, args []string) {
fmt.Printf("gitea-cli version %s\n", version)
fmt.Printf(" Build time: %s\n", buildTime)
fmt.Printf(" Git commit: %s\n", gitCommit)
},
}
// getServer returns the configured server URL
func getServer() string {
if serverURL != "" {
return serverURL
}
return viper.GetString("server")
}
// getToken returns the configured API token
func getToken() string {
if token != "" {
return token
}
return viper.GetString("token")
}

683
cmd/gitea-cli/cmd/upload.go
View File

@@ -1,683 +0,0 @@
// Copyright 2026 MarketAlly. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"bytes"
"context"
"crypto/sha256"
"encoding/hex"
"errors"
"fmt"
"io"
"net/http"
"os"
"path/filepath"
"strings"
"sync"
"sync/atomic"
"time"
"code.gitea.io/gitea/modules/json"
"github.com/spf13/cobra"
)
const (
defaultChunkSize = 10 * 1024 * 1024 // 10MB
maxChunkSize = 100 * 1024 * 1024 // 100MB
)
var uploadCmd = &cobra.Command{
Use: "upload",
Short: "Upload files to Gitea",
Long: `Upload files to Gitea with chunked upload support for large files.`,
}
var releaseAssetCmd = &cobra.Command{
Use: "release-asset",
Short: "Upload a release asset",
Long: `Upload a release asset using chunked upload.
This command supports large files with progress tracking and resume capability.
Interrupted uploads can be resumed using the session ID.`,
Example: ` # Basic upload
gitea-cli upload release-asset --repo owner/repo --release v1.0.0 --file ./app.tar.gz
# With options
gitea-cli upload release-asset \
--repo owner/repo \
--release v1.0.0 \
--file ./app.tar.gz \
--chunk-size 50MB \
--parallel 4 \
--verify-checksum`,
RunE: runReleaseAssetUpload,
}
var resumeCmd = &cobra.Command{
Use: "resume",
Short: "Resume an interrupted upload",
Long: `Resume a previously interrupted chunked upload using its session ID.`,
Example: ` gitea-cli upload resume --session sess_abc123 --file ./app.tar.gz`,
RunE: runResumeUpload,
}
var listCmd = &cobra.Command{
Use: "list",
Short: "List pending uploads",
Long: `List all pending upload sessions for a repository.`,
RunE: runListUploads,
}
func init() {
// release-asset flags
releaseAssetCmd.Flags().StringP("repo", "r", "", "Repository (owner/repo)")
releaseAssetCmd.Flags().String("release", "", "Release tag or ID")
releaseAssetCmd.Flags().StringP("file", "f", "", "File to upload")
releaseAssetCmd.Flags().String("name", "", "Asset name (defaults to filename)")
releaseAssetCmd.Flags().String("chunk-size", "10MB", "Chunk size (e.g., 10MB, 50MB)")
releaseAssetCmd.Flags().IntP("parallel", "p", 4, "Number of parallel uploads")
releaseAssetCmd.Flags().Bool("verify-checksum", true, "Verify checksum after upload")
releaseAssetCmd.Flags().Bool("progress", true, "Show progress bar")
_ = releaseAssetCmd.MarkFlagRequired("repo")
_ = releaseAssetCmd.MarkFlagRequired("release")
_ = releaseAssetCmd.MarkFlagRequired("file")
// resume flags
resumeCmd.Flags().String("session", "", "Upload session ID")
resumeCmd.Flags().StringP("file", "f", "", "File to upload")
_ = resumeCmd.MarkFlagRequired("session")
_ = resumeCmd.MarkFlagRequired("file")
// list flags
listCmd.Flags().StringP("repo", "r", "", "Repository (owner/repo)")
_ = listCmd.MarkFlagRequired("repo")
uploadCmd.AddCommand(releaseAssetCmd)
uploadCmd.AddCommand(resumeCmd)
uploadCmd.AddCommand(listCmd)
}
// UploadSession represents a chunked upload session
type UploadSession struct {
ID string `json:"id"`
FileName string `json:"file_name"`
FileSize int64 `json:"file_size"`
ChunkSize int64 `json:"chunk_size"`
TotalChunks int64 `json:"total_chunks"`
ChunksReceived int64 `json:"chunks_received"`
Status string `json:"status"`
ExpiresAt time.Time `json:"expires_at"`
Checksum string `json:"checksum,omitempty"`
}
// ProgressTracker tracks upload progress
type ProgressTracker struct {
totalBytes int64
bytesWritten int64
startTime time.Time
}
func (p *ProgressTracker) Add(n int64) {
atomic.AddInt64(&p.bytesWritten, n)
}
func (p *ProgressTracker) Progress() (current, total int64, percent, speed float64, eta time.Duration) {
current = atomic.LoadInt64(&p.bytesWritten)
total = p.totalBytes
if total > 0 {
percent = float64(current) / float64(total) * 100
}
elapsed := time.Since(p.startTime).Seconds()
if elapsed > 0 {
speed = float64(current) / elapsed
if speed > 0 {
remaining := total - current
eta = time.Duration(float64(remaining)/speed) * time.Second
}
}
return current, total, percent, speed, eta
}
func runReleaseAssetUpload(cmd *cobra.Command, args []string) error {
repo, _ := cmd.Flags().GetString("repo")
release, _ := cmd.Flags().GetString("release")
filePath, _ := cmd.Flags().GetString("file")
assetName, _ := cmd.Flags().GetString("name")
chunkSizeStr, _ := cmd.Flags().GetString("chunk-size")
parallel, _ := cmd.Flags().GetInt("parallel")
verifyChecksum, _ := cmd.Flags().GetBool("verify-checksum")
showProgress, _ := cmd.Flags().GetBool("progress")
server := getServer()
token := getToken()
if server == "" || token == "" {
return errors.New("not logged in. Use 'gitea-cli auth login' first")
}
// Parse repo
parts := strings.Split(repo, "/")
if len(parts) != 2 {
return errors.New("invalid repository format. Use owner/repo")
}
owner, repoName := parts[0], parts[1]
// Parse chunk size
chunkSize, err := parseSize(chunkSizeStr)
if err != nil {
return fmt.Errorf("invalid chunk size: %w", err)
}
chunkSize = min(chunkSize, maxChunkSize)
// Open file
file, err := os.Open(filePath)
if err != nil {
return fmt.Errorf("failed to open file: %w", err)
}
defer file.Close()
stat, err := file.Stat()
if err != nil {
return fmt.Errorf("failed to stat file: %w", err)
}
fileSize := stat.Size()
if assetName == "" {
assetName = filepath.Base(filePath)
}
fmt.Printf("Uploading %s (%s)\n", assetName, formatSize(fileSize))
// Calculate checksum if requested
var checksum string
if verifyChecksum {
fmt.Print("Calculating checksum... ")
checksum, err = calculateSHA256(file)
if err != nil {
return fmt.Errorf("failed to calculate checksum: %w", err)
}
fmt.Printf("done (%s)\n", checksum[:16]+"...")
if _, err := file.Seek(0, 0); err != nil {
return fmt.Errorf("failed to seek file: %w", err)
}
}
// Create upload session
fmt.Print("Creating upload session... ")
session, err := createUploadSession(server, token, owner, repoName, release, assetName, fileSize, chunkSize, checksum)
if err != nil {
return fmt.Errorf("failed to create session: %w", err)
}
fmt.Printf("done (%s)\n", session.ID)
// Upload chunks
tracker := &ProgressTracker{
totalBytes: fileSize,
startTime: time.Now(),
}
ctx := context.Background()
err = uploadChunks(ctx, server, token, session, file, parallel, tracker, showProgress)
if err != nil {
fmt.Printf("\n❌ Upload failed: %v\n", err)
fmt.Printf(" Resume with: gitea-cli upload resume --session %s --file %s\n", session.ID, filePath)
return err
}
// Complete upload
fmt.Print("\nFinalizing... ")
result, err := completeUpload(server, token, session.ID)
if err != nil {
return fmt.Errorf("failed to complete upload: %w", err)
}
fmt.Println("done")
if verifyChecksum && result.ChecksumVerified {
fmt.Println("Verifying checksum... ✓ SHA256 matches")
}
elapsed := time.Since(tracker.startTime)
fmt.Printf("\n✅ Upload complete!\n")
fmt.Printf(" Asset ID: %d\n", result.ID)
fmt.Printf(" Time: %s\n", elapsed.Round(time.Second))
fmt.Printf(" Speed: %s/s (avg)\n", formatSize(int64(float64(fileSize)/elapsed.Seconds())))
if result.DownloadURL != "" {
fmt.Printf(" Download: %s\n", result.DownloadURL)
}
return nil
}
func runResumeUpload(cmd *cobra.Command, args []string) error {
sessionID, _ := cmd.Flags().GetString("session")
filePath, _ := cmd.Flags().GetString("file")
server := getServer()
token := getToken()
if server == "" || token == "" {
return errors.New("not logged in")
}
// Get session status
session, err := getUploadSession(server, token, sessionID)
if err != nil {
return fmt.Errorf("failed to get session: %w", err)
}
if session.Status == "complete" {
fmt.Println("Upload already completed")
return nil
}
if session.Status == "expired" {
return errors.New("upload session has expired")
}
// Open file
file, err := os.Open(filePath)
if err != nil {
return fmt.Errorf("failed to open file: %w", err)
}
defer file.Close()
fmt.Printf("Resuming upload: %s\n", session.FileName)
fmt.Printf(" Chunks: %d/%d complete\n", session.ChunksReceived, session.TotalChunks)
tracker := &ProgressTracker{
totalBytes: session.FileSize,
bytesWritten: session.ChunksReceived * session.ChunkSize,
startTime: time.Now(),
}
ctx := context.Background()
err = uploadChunks(ctx, server, token, session, file, 4, tracker, true)
if err != nil {
return err
}
// Complete
fmt.Print("\nFinalizing... ")
result, err := completeUpload(server, token, session.ID)
if err != nil {
return fmt.Errorf("failed to complete: %w", err)
}
fmt.Println("done")
fmt.Printf("\n✅ Upload complete!\n")
fmt.Printf(" Asset ID: %d\n", result.ID)
return nil
}
func runListUploads(cmd *cobra.Command, args []string) error {
repo, _ := cmd.Flags().GetString("repo")
server := getServer()
token := getToken()
if server == "" || token == "" {
return errors.New("not logged in")
}
parts := strings.Split(repo, "/")
if len(parts) != 2 {
return errors.New("invalid repository format")
}
sessions, err := listUploadSessions(server, token, parts[0], parts[1])
if err != nil {
return err
}
if len(sessions) == 0 {
fmt.Println("No pending uploads")
return nil
}
fmt.Printf("Pending uploads for %s:\n\n", repo)
for _, s := range sessions {
progress := float64(s.ChunksReceived) / float64(s.TotalChunks) * 100
fmt.Printf(" %s\n", s.ID)
fmt.Printf(" File: %s (%s)\n", s.FileName, formatSize(s.FileSize))
fmt.Printf(" Progress: %.1f%% (%d/%d chunks)\n", progress, s.ChunksReceived, s.TotalChunks)
fmt.Printf(" Expires: %s\n", s.ExpiresAt.Format(time.RFC3339))
fmt.Println()
}
return nil
}
func uploadChunks(ctx context.Context, server, token string, session *UploadSession, file *os.File, parallel int, tracker *ProgressTracker, showProgress bool) error {
totalChunks := session.TotalChunks
chunkSize := session.ChunkSize
// Create worker pool
type chunkJob struct {
number int64
data []byte
}
jobs := make(chan chunkJob, parallel)
errors := make(chan error, totalChunks)
var wg sync.WaitGroup
// Start workers
for range parallel {
wg.Go(func() {
for job := range jobs {
err := uploadChunk(server, token, session.ID, job.number, job.data)
if err != nil {
errors <- fmt.Errorf("chunk %d: %w", job.number, err)
return
}
tracker.Add(int64(len(job.data)))
}
})
}
// Progress display
done := make(chan struct{})
if showProgress {
go func() {
ticker := time.NewTicker(100 * time.Millisecond)
defer ticker.Stop()
for {
select {
case <-done:
return
case <-ticker.C:
current, total, percent, speed, eta := tracker.Progress()
fmt.Printf("\r [%-50s] %5.1f%% %s/%s %s/s ETA %s ",
progressBar(percent, 50),
percent,
formatSize(current),
formatSize(total),
formatSize(int64(speed)),
formatDuration(eta))
}
}
}()
}
// Read and queue chunks
for chunkNum := session.ChunksReceived; chunkNum < totalChunks; chunkNum++ {
offset := chunkNum * chunkSize
if _, err := file.Seek(offset, 0); err != nil {
close(jobs)
close(done)
return fmt.Errorf("failed to seek: %w", err)
}
size := chunkSize
if chunkNum == totalChunks-1 {
size = session.FileSize - offset
}
data := make([]byte, size)
n, err := io.ReadFull(file, data)
if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
close(jobs)
close(done)
return fmt.Errorf("failed to read chunk %d: %w", chunkNum, err)
}
data = data[:n]
select {
case err := <-errors:
close(jobs)
close(done)
return err
case jobs <- chunkJob{number: chunkNum, data: data}:
case <-ctx.Done():
close(jobs)
close(done)
return ctx.Err()
}
}
close(jobs)
wg.Wait()
close(done)
// Check for errors
select {
case err := <-errors:
return err
default:
return nil
}
}
func progressBar(percent float64, width int) string {
filled := int(percent / 100 * float64(width))
filled = min(filled, width)
return strings.Repeat("█", filled) + strings.Repeat("░", width-filled)
}
func formatSize(bytes int64) string {
const unit = 1024
if bytes < unit {
return fmt.Sprintf("%d B", bytes)
}
div, exp := int64(unit), 0
for n := bytes / unit; n >= unit; n /= unit {
div *= unit
exp++
}
return fmt.Sprintf("%.1f %cB", float64(bytes)/float64(div), "KMGTPE"[exp])
}
func formatDuration(d time.Duration) string {
if d < time.Second {
return "<1s"
}
d = d.Round(time.Second)
h := d / time.Hour
d -= h * time.Hour
m := d / time.Minute
d -= m * time.Minute
s := d / time.Second
if h > 0 {
return fmt.Sprintf("%dh%dm", h, m)
}
if m > 0 {
return fmt.Sprintf("%dm%ds", m, s)
}
return fmt.Sprintf("%ds", s)
}
func parseSize(s string) (int64, error) {
s = strings.ToUpper(strings.TrimSpace(s))
multiplier := int64(1)
if strings.HasSuffix(s, "GB") {
multiplier = 1024 * 1024 * 1024
s = strings.TrimSuffix(s, "GB")
} else if strings.HasSuffix(s, "MB") {
multiplier = 1024 * 1024
s = strings.TrimSuffix(s, "MB")
} else if strings.HasSuffix(s, "KB") {
multiplier = 1024
s = strings.TrimSuffix(s, "KB")
} else if suffix, found := strings.CutSuffix(s, "B"); found {
s = suffix
}
var value int64
_, err := fmt.Sscanf(s, "%d", &value)
if err != nil {
return 0, err
}
return value * multiplier, nil
}
func calculateSHA256(file *os.File) (string, error) {
hash := sha256.New()
if _, err := io.Copy(hash, file); err != nil {
return "", err
}
return hex.EncodeToString(hash.Sum(nil)), nil
}
// API functions
func createUploadSession(server, token, owner, repo, release, fileName string, fileSize, chunkSize int64, checksum string) (*UploadSession, error) {
url := fmt.Sprintf("%s/api/v1/repos/%s/%s/releases/%s/assets/upload-session", server, owner, repo, release)
body := map[string]any{
"name": fileName,
"size": fileSize,
"chunk_size": chunkSize,
}
if checksum != "" {
body["checksum"] = checksum
}
jsonBody, _ := json.Marshal(body)
req, err := http.NewRequest(http.MethodPost, url, bytes.NewBuffer(jsonBody))
if err != nil {
return nil, err
}
req.Header.Set("Authorization", "token "+token)
req.Header.Set("Content-Type", "application/json")
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusCreated && resp.StatusCode != http.StatusOK {
body, _ := io.ReadAll(resp.Body)
return nil, fmt.Errorf("server returned %d: %s", resp.StatusCode, string(body))
}
var session UploadSession
if err := json.NewDecoder(resp.Body).Decode(&session); err != nil {
return nil, err
}
return &session, nil
}
func getUploadSession(server, token, sessionID string) (*UploadSession, error) {
url := fmt.Sprintf("%s/api/v1/repos/uploads/%s", server, sessionID)
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return nil, err
}
req.Header.Set("Authorization", "token "+token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, errors.New("session not found")
}
var session UploadSession
if err := json.NewDecoder(resp.Body).Decode(&session); err != nil {
return nil, err
}
return &session, nil
}
func uploadChunk(server, token, sessionID string, chunkNum int64, data []byte) error {
url := fmt.Sprintf("%s/api/v1/repos/uploads/%s/chunks/%d", server, sessionID, chunkNum)
req, err := http.NewRequest(http.MethodPut, url, bytes.NewReader(data))
if err != nil {
return err
}
req.Header.Set("Authorization", "token "+token)
req.Header.Set("Content-Type", "application/octet-stream")
resp, err := http.DefaultClient.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
body, _ := io.ReadAll(resp.Body)
return fmt.Errorf("failed: %s", string(body))
}
return nil
}
type CompleteResult struct {
ID int64 `json:"id"`
DownloadURL string `json:"browser_download_url"`
ChecksumVerified bool `json:"checksum_verified"`
}
func completeUpload(server, token, sessionID string) (*CompleteResult, error) {
url := fmt.Sprintf("%s/api/v1/repos/uploads/%s/complete", server, sessionID)
req, err := http.NewRequest(http.MethodPost, url, nil)
if err != nil {
return nil, err
}
req.Header.Set("Authorization", "token "+token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
body, _ := io.ReadAll(resp.Body)
return nil, fmt.Errorf("failed: %s", string(body))
}
var result CompleteResult
if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
return nil, err
}
return &result, nil
}
func listUploadSessions(server, token, owner, repo string) ([]*UploadSession, error) {
url := fmt.Sprintf("%s/api/v1/repos/%s/%s/uploads", server, owner, repo)
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return nil, err
}
req.Header.Set("Authorization", "token "+token)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, errors.New("failed to list sessions")
}
var sessions []*UploadSession
if err := json.NewDecoder(resp.Body).Decode(&sessions); err != nil {
return nil, err
}
return sessions, nil
}

28
cmd/gitea-cli/main.go
View File

@@ -1,28 +0,0 @@
// Copyright 2026 MarketAlly. All rights reserved.
// SPDX-License-Identifier: MIT
// gitea-cli is a command-line tool for interacting with Gitea instances.
// It provides efficient chunked uploads, progress tracking, and resume capability.
package main
import (
"fmt"
"os"
"code.gitea.io/gitea/cmd/gitea-cli/cmd"
)
var (
Version = "dev"
BuildTime = "unknown"
GitCommit = "unknown"
)
func main() {
cmd.SetVersion(Version, BuildTime, GitCommit)
if err := cmd.Execute(); err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(1)
}
}

6
cmd/hook.go
View File

@@ -186,7 +186,7 @@ Gitea or set your environment appropriately.`, "")
userID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPusherID), 10, 64)
prID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPRID), 10, 64)
deployKeyID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvDeployKeyID), 10, 64)
actionPerm, _ := strconv.Atoi(os.Getenv(repo_module.EnvActionPerm))
actionPerm, _ := strconv.ParseInt(os.Getenv(repo_module.EnvActionPerm), 10, 64)
hookOptions := private.HookOptions{
UserID: userID,
@@ -196,7 +196,7 @@ Gitea or set your environment appropriately.`, "")
GitPushOptions: pushOptions(),
PullRequestID: prID,
DeployKeyID: deployKeyID,
ActionPerm: actionPerm,
ActionPerm: int(actionPerm),
}
scanner := bufio.NewScanner(os.Stdin)
@@ -313,7 +313,7 @@ func runHookPostReceive(ctx context.Context, c *cli.Command) error {
setup(ctx, c.Bool("debug"))
// First of all run update-server-info no matter what
if _, _, err := gitcmd.NewCommand("update-server-info").RunStdString(ctx); err != nil {
if _, _, err := gitcmd.NewCommand("update-server-info").RunStdString(ctx, nil); err != nil {
return fmt.Errorf("failed to call 'git update-server-info': %w", err)
}

2
cmd/keys.go
View File

@@ -19,7 +19,7 @@ import (
var CmdKeys = &cli.Command{
Name: "keys",
Usage: "(internal) Should only be called by SSH server",
Hidden: true, // internal commands shouldn't be visible
Hidden: true, // internal commands shouldn't not be visible
Description: "Queries the Gitea database to get the authorized command for a given ssh key fingerprint",
Before: PrepareConsoleLoggerLevel(log.FATAL),
Action: runKeys,

13
cmd/main.go
View File

@@ -50,15 +50,11 @@ DEFAULT CONFIGURATION:
func prepareSubcommandWithGlobalFlags(originCmd *cli.Command) {
originBefore := originCmd.Before
originCmd.Before = func(ctxOrig context.Context, cmd *cli.Command) (ctx context.Context, err error) {
ctx = ctxOrig
if originBefore != nil {
ctx, err = originBefore(ctx, cmd)
if err != nil {
return ctx, err
}
}
originCmd.Before = func(ctx context.Context, cmd *cli.Command) (context.Context, error) {
prepareWorkPathAndCustomConf(cmd)
if originBefore != nil {
return originBefore(ctx, cmd)
}
return ctx, nil
}
}
@@ -132,7 +128,6 @@ func NewMainApp(appVer AppVersion) *cli.Command {
// these sub-commands do not need the config file, and they do not depend on any path or environment variable.
subCmdStandalone := []*cli.Command{
cmdConfig(),
cmdCert(),
CmdGenerate,
CmdDocs,

48
cmd/main_test.go
View File

@@ -15,7 +15,6 @@ import (
"code.gitea.io/gitea/models/unittest"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/util"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
@@ -29,11 +28,11 @@ func makePathOutput(workPath, customPath, customConf string) string {
return fmt.Sprintf("WorkPath=%s\nCustomPath=%s\nCustomConf=%s", workPath, customPath, customConf)
}
func newTestApp(testCmd cli.Command) *cli.Command {
func newTestApp(testCmdAction cli.ActionFunc) *cli.Command {
app := NewMainApp(AppVersion{})
testCmd.Name = util.IfZero(testCmd.Name, "test-cmd")
prepareSubcommandWithGlobalFlags(&testCmd)
app.Commands = append(app.Commands, &testCmd)
testCmd := &cli.Command{Name: "test-cmd", Action: testCmdAction}
prepareSubcommandWithGlobalFlags(testCmd)
app.Commands = append(app.Commands, testCmd)
app.DefaultCommand = testCmd.Name
return app
}
@@ -157,11 +156,9 @@ func TestCliCmd(t *testing.T) {
for _, c := range cases {
t.Run(c.cmd, func(t *testing.T) {
app := newTestApp(cli.Command{
Action: func(ctx context.Context, cmd *cli.Command) error {
_, _ = fmt.Fprint(cmd.Root().Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
return nil
},
app := newTestApp(func(ctx context.Context, cmd *cli.Command) error {
_, _ = fmt.Fprint(cmd.Root().Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
return nil
})
for k, v := range c.env {
t.Setenv(k, v)
@@ -176,54 +173,31 @@ func TestCliCmd(t *testing.T) {
}
func TestCliCmdError(t *testing.T) {
app := newTestApp(cli.Command{Action: func(ctx context.Context, cmd *cli.Command) error { return errors.New("normal error") }})
app := newTestApp(func(ctx context.Context, cmd *cli.Command) error { return errors.New("normal error") })
r, err := runTestApp(app, "./gitea", "test-cmd")
assert.Error(t, err)
assert.Equal(t, 1, r.ExitCode)
assert.Empty(t, r.Stdout)
assert.Equal(t, "Command error: normal error\n", r.Stderr)
app = newTestApp(cli.Command{Action: func(ctx context.Context, cmd *cli.Command) error { return cli.Exit("exit error", 2) }})
app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return cli.Exit("exit error", 2) })
r, err = runTestApp(app, "./gitea", "test-cmd")
assert.Error(t, err)
assert.Equal(t, 2, r.ExitCode)
assert.Empty(t, r.Stdout)
assert.Equal(t, "exit error\n", r.Stderr)
app = newTestApp(cli.Command{Action: func(ctx context.Context, cmd *cli.Command) error { return nil }})
app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return nil })
r, err = runTestApp(app, "./gitea", "test-cmd", "--no-such")
assert.Error(t, err)
assert.Equal(t, 1, r.ExitCode)
assert.Empty(t, r.Stdout)
assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stderr)
app = newTestApp(cli.Command{Action: func(ctx context.Context, cmd *cli.Command) error { return nil }})
app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return nil })
r, err = runTestApp(app, "./gitea", "test-cmd")
assert.NoError(t, err)
assert.Equal(t, -1, r.ExitCode) // the cli.OsExiter is not called
assert.Empty(t, r.Stdout)
assert.Empty(t, r.Stderr)
}
func TestCliCmdBefore(t *testing.T) {
ctxNew := context.WithValue(context.Background(), any("key"), "value")
configValues := map[string]string{}
setting.CustomConf = "/tmp/any.ini"
var actionCtx context.Context
app := newTestApp(cli.Command{
Before: func(context.Context, *cli.Command) (context.Context, error) {
configValues["before"] = setting.CustomConf
return ctxNew, nil
},
Action: func(ctx context.Context, cmd *cli.Command) error {
configValues["action"] = setting.CustomConf
actionCtx = ctx
return nil
},
})
_, err := runTestApp(app, "./gitea", "--config", "/dev/null", "test-cmd")
assert.NoError(t, err)
assert.Equal(t, ctxNew, actionCtx)
assert.Equal(t, "/tmp/any.ini", configValues["before"], "BeforeFunc must be called before preparing config")
assert.Equal(t, "/dev/null", configValues["action"])
}

154
cmd/mcp-server/main.go
View File

@@ -1,154 +0,0 @@
// Copyright 2026 MarketAlly. All rights reserved.
// SPDX-License-Identifier: MIT
// Gitea MCP Server - Model Context Protocol server for Gitea Actions
//
// This standalone server implements the MCP protocol over stdio,
// proxying requests to a Gitea instance's /api/v2/mcp endpoint.
//
// Usage:
//
// gitea-mcp-server --url https://git.example.com --token YOUR_API_TOKEN
//
// Configure in Claude Code's settings.json:
//
// {
// "mcpServers": {
// "gitea": {
// "command": "gitea-mcp-server",
// "args": ["--url", "https://git.example.com", "--token", "YOUR_TOKEN"]
// }
// }
// }
package main
import (
"bufio"
"bytes"
"flag"
"fmt"
"io"
"net/http"
"os"
"time"
"code.gitea.io/gitea/modules/json"
)
var (
giteaURL string
giteaToken string
debug bool
)
func main() {
flag.StringVar(&giteaURL, "url", "", "Gitea server URL (e.g., https://git.example.com)")
flag.StringVar(&giteaToken, "token", "", "Gitea API token")
flag.BoolVar(&debug, "debug", false, "Enable debug logging to stderr")
flag.Parse()
// Also check environment variables
if giteaURL == "" {
giteaURL = os.Getenv("GITEA_URL")
}
if giteaToken == "" {
giteaToken = os.Getenv("GITEA_TOKEN")
}
if giteaURL == "" {
fmt.Fprintln(os.Stderr, "Error: --url or GITEA_URL is required")
os.Exit(1)
}
debugLog("Gitea MCP Server starting")
debugLog("Connecting to: %s", giteaURL)
// Read JSON-RPC messages from stdin, forward to Gitea, write responses to stdout
reader := bufio.NewReader(os.Stdin)
for {
line, err := reader.ReadBytes('\n')
if err != nil {
if err == io.EOF {
debugLog("EOF received, exiting")
break
}
debugLog("Read error: %v", err)
continue
}
line = bytes.TrimSpace(line)
if len(line) == 0 {
continue
}
debugLog("Received: %s", string(line))
// Forward to Gitea's MCP endpoint
response, err := forwardToGitea(line)
if err != nil {
debugLog("Forward error: %v", err)
// Send error response
errorResp := map[string]any{
"jsonrpc": "2.0",
"id": nil,
"error": map[string]any{
"code": -32603,
"message": "Internal error",
"data": err.Error(),
},
}
writeResponse(errorResp)
continue
}
debugLog("Response: %s", string(response))
// Write response to stdout
fmt.Println(string(response))
}
}
func forwardToGitea(request []byte) ([]byte, error) {
mcpURL := giteaURL + "/api/v2/mcp"
req, err := http.NewRequest(http.MethodPost, mcpURL, bytes.NewReader(request))
if err != nil {
return nil, fmt.Errorf("create request: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Accept", "application/json")
if giteaToken != "" {
req.Header.Set("Authorization", "token "+giteaToken)
}
client := &http.Client{Timeout: 30 * time.Second}
resp, err := client.Do(req)
if err != nil {
return nil, fmt.Errorf("http request: %w", err)
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("read response: %w", err)
}
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("http status %d: %s", resp.StatusCode, string(body))
}
return body, nil
}
func writeResponse(resp any) {
data, _ := json.Marshal(resp)
fmt.Println(string(data))
}
func debugLog(format string, args ...any) {
if debug {
fmt.Fprintf(os.Stderr, "[DEBUG] "+format+"\n", args...)
}
}

2
cmd/migrate_storage.go
View File

@@ -36,7 +36,7 @@ var CmdMigrateStorage = &cli.Command{
Name: "type",
Aliases: []string{"t"},
Value: "",
Usage: "Type of stored files to copy. Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages', 'actions-log', 'actions-artifacts'",
Usage: "Type of stored files to copy. Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages', 'actions-log', 'actions-artifacts",
},
&cli.StringFlag{
Name: "storage",

14
cmd/serv.go
View File

@@ -18,7 +18,7 @@ import (
asymkey_model "code.gitea.io/gitea/models/asymkey"
git_model "code.gitea.io/gitea/models/git"
"code.gitea.io/gitea/models/perm"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/git/gitcmd"
"code.gitea.io/gitea/modules/json"
@@ -207,7 +207,7 @@ func runServ(ctx context.Context, c *cli.Command) error {
username := repoPathFields[0]
reponame := strings.TrimSuffix(repoPathFields[1], ".git") // “the-repo-name" or "the-repo-name.wiki"
if !repo_model.IsValidSSHAccessRepoName(reponame) {
if !repo.IsValidSSHAccessRepoName(reponame) {
return fail(ctx, "Invalid repo name", "Invalid repo name: %s", reponame)
}
@@ -253,12 +253,10 @@ func runServ(ctx context.Context, c *cli.Command) error {
return fail(ctx, extra.UserMsg, "ServCommand failed: %s", extra.Error)
}
// because the original repoPath maybe redirected, we need to use the returned actual repository information
if results.IsWiki {
repoPath = repo_model.RelativeWikiPath(results.OwnerName, results.RepoName)
} else {
repoPath = repo_model.RelativePath(results.OwnerName, results.RepoName)
}
// LowerCase and trim the repoPath as that's how they are stored.
// This should be done after splitting the repoPath into username and reponame
// so that username and reponame are not affected.
repoPath = strings.ToLower(results.OwnerName + "/" + results.RepoName + ".git")
// LFS SSH protocol
if verb == git.CmdVerbLfsTransfer {

17
cmd/web.go
View File

@@ -8,13 +8,14 @@ import (
"fmt"
"net"
"net/http"
"net/http/pprof"
"os"
"path/filepath"
"strconv"
"strings"
"time"
_ "net/http/pprof" // Used for debugging if enabled and a web server is running
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/graceful"
"code.gitea.io/gitea/modules/gtprof"
@@ -155,6 +156,7 @@ func serveInstall(cmd *cli.Command) error {
case <-graceful.GetManager().IsShutdown():
<-graceful.GetManager().Done()
log.Info("PID: %d Gitea Web Finished", os.Getpid())
log.GetManager().Close()
return err
default:
}
@@ -229,22 +231,17 @@ func serveInstalled(c *cli.Command) error {
err := listen(webRoutes, true)
<-graceful.GetManager().Done()
log.Info("PID: %d Gitea Web Finished", os.Getpid())
log.GetManager().Close()
return err
}
func servePprof() {
mux := http.NewServeMux()
mux.HandleFunc("/debug/pprof/", pprof.Index)
mux.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
mux.Handle("/debug/fgprof", fgprof.Handler())
// FIXME: it should use a proper context
// FIXME: it shouldn't use the global DefaultServeMux, and it should use a proper context
http.DefaultServeMux.Handle("/debug/fgprof", fgprof.Handler())
_, _, finished := process.GetManager().AddTypedContext(context.TODO(), "Web: PProf Server", process.SystemProcessType, true)
// The pprof server is for debug purpose only, it shouldn't be exposed on public network. At the moment, it's not worth introducing a configurable option for it.
log.Info("Starting pprof server on localhost:6060")
log.Info("Stopped pprof server: %v", http.ListenAndServe("localhost:6060", mux))
log.Info("Stopped pprof server: %v", http.ListenAndServe("localhost:6060", nil))
finished()
}

47
contrib/environment-to-ini/README Normal file
View File

@@ -0,0 +1,47 @@
Environment To Ini
==================
Multiple docker users have requested that the Gitea docker is changed
to permit arbitrary configuration via environment variables.
Gitea needs to use an ini file for configuration because the running
environment that starts the docker may not be the same as that used
by the hooks. An ini file also gives a good default and means that
users do not have to completely provide a full environment.
With those caveats above, this command provides a generic way of
converting suitably structured environment variables into any ini
value.
To use the command is very simple just run it and the default gitea
app.ini will be rewritten to take account of the variables provided,
however there are various options to give slightly different
behavior and these can be interrogated with the `-h` option.
The environment variables should be of the form:
GITEA__SECTION_NAME__KEY_NAME
Note, SECTION_NAME in the notation above is case-insensitive.
Environment variables are usually restricted to a reduced character
set "0-9A-Z_" - in order to allow the setting of sections with
characters outside of that set, they should be escaped as following:
"_0X2E_" for "." and "_0X2D_" for "-". The entire section and key names
can be escaped as a UTF8 byte string if necessary. E.g. to configure:
"""
...
[log.console]
COLORIZE=false
STDERR=true
...
"""
You would set the environment variables: "GITEA__LOG_0x2E_CONSOLE__COLORIZE=false"
and "GITEA__LOG_0x2E_CONSOLE__STDERR=false". Other examples can be found
on the configuration cheat sheet.
To build locally, run:
go build contrib/environment-to-ini/environment-to-ini.go

112
contrib/environment-to-ini/environment-to-ini.go Normal file
View File

@@ -0,0 +1,112 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package main
import (
"context"
"os"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli/v3"
)
func main() {
app := cli.Command{}
app.Name = "environment-to-ini"
app.Usage = "Use provided environment to update configuration ini"
app.Description = `As a helper to allow docker users to update the gitea configuration
through the environment, this command allows environment variables to
be mapped to values in the ini.
Environment variables of the form "GITEA__SECTION_NAME__KEY_NAME"
will be mapped to the ini section "[section_name]" and the key
"KEY_NAME" with the value as provided.
Environment variables of the form "GITEA__SECTION_NAME__KEY_NAME__FILE"
will be mapped to the ini section "[section_name]" and the key
"KEY_NAME" with the value loaded from the specified file.
Environment variables are usually restricted to a reduced character
set "0-9A-Z_" - in order to allow the setting of sections with
characters outside of that set, they should be escaped as following:
"_0X2E_" for ".". The entire section and key names can be escaped as
a UTF8 byte string if necessary. E.g. to configure:
"""
...
[log.console]
COLORIZE=false
STDERR=true
...
"""
You would set the environment variables: "GITEA__LOG_0x2E_CONSOLE__COLORIZE=false"
and "GITEA__LOG_0x2E_CONSOLE__STDERR=false". Other examples can be found
on the configuration cheat sheet.`
app.Flags = []cli.Flag{
&cli.StringFlag{
Name: "custom-path",
Aliases: []string{"C"},
Value: setting.CustomPath,
Usage: "Custom path file path",
},
&cli.StringFlag{
Name: "config",
Aliases: []string{"c"},
Value: setting.CustomConf,
Usage: "Custom configuration file path",
},
&cli.StringFlag{
Name: "work-path",
Aliases: []string{"w"},
Value: setting.AppWorkPath,
Usage: "Set the gitea working path",
},
&cli.StringFlag{
Name: "out",
Aliases: []string{"o"},
Value: "",
Usage: "Destination file to write to",
},
}
app.Action = runEnvironmentToIni
err := app.Run(context.Background(), os.Args)
if err != nil {
log.Fatal("Failed to run app with %s: %v", os.Args, err)
}
}
func runEnvironmentToIni(_ context.Context, c *cli.Command) error {
// the config system may change the environment variables, so get a copy first, to be used later
env := append([]string{}, os.Environ()...)
setting.InitWorkPathAndCfgProvider(os.Getenv, setting.ArgWorkPathAndCustomConf{
WorkPath: c.String("work-path"),
CustomPath: c.String("custom-path"),
CustomConf: c.String("config"),
})
cfg, err := setting.NewConfigProviderFromFile(setting.CustomConf)
if err != nil {
log.Fatal("Failed to load custom conf '%s': %v", setting.CustomConf, err)
}
changed := setting.EnvironmentToConfig(cfg, env)
// try to save the config file
destination := c.String("out")
if len(destination) == 0 {
destination = setting.CustomConf
}
if destination != setting.CustomConf || changed {
log.Info("Settings saved to: %q", destination)
err = cfg.SaveTo(destination)
if err != nil {
return err
}
}
return nil
}

6
crowdin.yml
View File

@@ -4,9 +4,9 @@ base_path: "."
base_url: "https://api.crowdin.com"
preserve_hierarchy: true
files:
- source: "/options/locale/locale_en-US.json"
translation: "/options/locale/locale_%locale%.json"
type: "json"
- source: "/options/locale/locale_en-US.ini"
translation: "/options/locale/locale_%locale%.ini"
type: "ini"
skip_untranslated_strings: true
export_only_approved: true
update_option: "update_as_unapproved"

13
custom/conf/app.example.ini
View File

@@ -503,6 +503,9 @@ INTERNAL_TOKEN =
;; Password Hash algorithm, either "argon2", "pbkdf2", "scrypt" or "bcrypt"
;PASSWORD_HASH_ALGO = pbkdf2
;;
;; Set false to allow JavaScript to read CSRF cookie
;CSRF_COOKIE_HTTP_ONLY = true
;;
;; Validate against https://haveibeenpwned.com/Passwords to see if a password has been exposed
;PASSWORD_CHECK_PWN = false
;;
@@ -564,11 +567,6 @@ ENABLED = true
;; Alternative location to specify OAuth2 authentication secret. You cannot specify both this and JWT_SECRET, and must pick one
;JWT_SECRET_URI = file:/etc/gitea/oauth2_jwt_secret
;;
;; The "issuer" claim identifies the principal that issued the JWT.
;; Gitea 1.25 makes it default to "ROOT_URL without the last slash" to follow the standard.
;; If you have old logins from before 1.25, you may want to set it to the old (non-standard) value "ROOT_URL with the last slash".
;JWT_CLAIM_ISSUER =
;;
;; Lifetime of an OAuth2 access token in seconds
;ACCESS_TOKEN_EXPIRATION_TIME = 3600
;;
@@ -730,9 +728,6 @@ LEVEL = Info
;DISABLE_CORE_PROTECT_NTFS=false
;; Disable the usage of using partial clones for git.
;DISABLE_PARTIAL_CLONE = false
;; Set the similarity threshold passed to git commands via `--find-renames=<threshold>`.
;; Default is 50%, the same as git. Must be a integer percentage between 0% and 100%.
;DIFF_RENAME_SIMILARITY_THRESHOLD = 50%
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Git Operation timeout in seconds
@@ -2334,7 +2329,7 @@ LEVEL = Info
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Resynchronize git hooks of all repositories (pre-receive, update, post-receive, proc-receive, ...)
;; Resynchronize pre-receive, update and post-receive hooks of all repositories.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;[cron.resync_all_hooks]
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

2
docker/root/usr/local/bin/environment-to-ini
View File

@@ -1,2 +0,0 @@
#!/bin/bash
exec /app/gitea/gitea config edit-ini --in-place --apply-env "$@"

2
docker/rootless/usr/local/bin/environment-to-ini
View File

@@ -1,2 +0,0 @@
#!/bin/bash
exec /app/gitea/gitea config edit-ini --in-place --apply-env "$@"

425
docs/content/doc/development/chunked-uploads.en-us.md
View File

@@ -1,425 +0,0 @@
---
date: "2024-01-08T00:00:00+00:00"
title: "Chunked Uploads API"
slug: "chunked-uploads"
sidebar_position: 50
toc: true
draft: false
menu:
sidebar:
parent: "development"
name: "Chunked Uploads"
identifier: "chunked-uploads"
weight: 50
---
# Chunked Uploads API
Gitea supports chunked uploads for large files, enabling resumable uploads that are resilient to network interruptions and timeouts. This is particularly useful for release attachments that may be hundreds of megabytes or larger.
## Overview
The chunked upload system works by:
1. Creating an upload session that tracks the upload state
2. Uploading file chunks (in any order)
3. Querying session status to resume interrupted uploads
4. Completing the session to assemble chunks into the final attachment
## API Endpoints
All endpoints require authentication via token.
### Create Upload Session
Creates a new chunked upload session for a release attachment.
```
POST /api/v1/repos/{owner}/{repo}/releases/{id}/assets/upload-session
```
**Parameters:**
| Name | Type | In | Description |
|------|------|-----|-------------|
| `owner` | string | path | Repository owner |
| `repo` | string | path | Repository name |
| `id` | integer | path | Release ID |
| `name` | string | query | **Required.** Filename for the attachment |
| `size` | integer | query | Total file size in bytes (recommended for validation) |
| `chunk_size` | integer | query | Chunk size in bytes (default: 10MB, max: 100MB) |
**Response:** `201 Created`
```json
{
"uuid": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"file_name": "my-app-v1.0.0.zip",
"file_size": 524288000,
"chunk_size": 10485760,
"chunks_expected": 50,
"expires_at": 1704844800
}
```
### Upload Chunk
Uploads a single chunk of data to an existing session.
```
PUT /api/v1/repos/{owner}/{repo}/uploads/{session_id}/chunks/{chunk_number}
```
**Parameters:**
| Name | Type | In | Description |
|------|------|-----|-------------|
| `owner` | string | path | Repository owner |
| `repo` | string | path | Repository name |
| `session_id` | string | path | Upload session UUID |
| `chunk_number` | integer | path | Chunk number (0-indexed) |
| Body | binary | body | Chunk data |
**Response:** `200 OK`
```json
{
"chunk_number": 0,
"chunks_received": 1,
"bytes_received": 10485760,
"complete": false
}
```
### Get Upload Session Status
Returns the current status of an upload session. Use this to resume interrupted uploads.
```
GET /api/v1/repos/{owner}/{repo}/uploads/{session_id}
```
**Response:** `200 OK`
```json
{
"uuid": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"file_name": "my-app-v1.0.0.zip",
"file_size": 524288000,
"chunk_size": 10485760,
"chunks_expected": 50,
"chunks_received": 25,
"bytes_received": 262144000,
"received_chunks": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24],
"status": "active",
"expires_at": 1704844800
}
```
**Status Values:**
- `active` - Session is accepting chunks
- `complete` - All chunks received, ready to finalize
- `expired` - Session has expired (default: 24 hours)
- `failed` - Upload failed
### Complete Upload Session
Assembles all uploaded chunks into the final attachment.
```
POST /api/v1/repos/{owner}/{repo}/uploads/{session_id}/complete
```
**Response:** `201 Created`
Returns the created attachment object (same format as regular attachment creation).
```json
{
"id": 123,
"name": "my-app-v1.0.0.zip",
"size": 524288000,
"download_count": 0,
"created_at": "2024-01-08T12:00:00Z",
"uuid": "b2c3d4e5-f6a7-8901-bcde-f23456789012",
"browser_download_url": "https://gitea.example.com/attachments/b2c3d4e5-f6a7-8901-bcde-f23456789012"
}
```
### Cancel Upload Session
Cancels an upload session and deletes any uploaded chunks.
```
DELETE /api/v1/repos/{owner}/{repo}/uploads/{session_id}
```
**Response:** `204 No Content`
## Usage Examples
### Bash/curl
```bash
#!/bin/bash
set -e
GITEA_URL="https://gitea.example.com"
TOKEN="your_api_token"
OWNER="myorg"
REPO="myrepo"
RELEASE_ID="1"
FILE_PATH="/path/to/large-file.zip"
CHUNK_SIZE=$((10 * 1024 * 1024)) # 10MB
FILE_NAME=$(basename "$FILE_PATH")
FILE_SIZE=$(stat -f%z "$FILE_PATH" 2>/dev/null || stat -c%s "$FILE_PATH")
echo "Uploading $FILE_NAME ($FILE_SIZE bytes)"
# 1. Create upload session
SESSION=$(curl -s -X POST \
-H "Authorization: token $TOKEN" \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/releases/$RELEASE_ID/assets/upload-session?name=$FILE_NAME&size=$FILE_SIZE&chunk_size=$CHUNK_SIZE")
SESSION_ID=$(echo "$SESSION" | jq -r '.uuid')
CHUNKS_EXPECTED=$(echo "$SESSION" | jq -r '.chunks_expected')
echo "Created session $SESSION_ID, expecting $CHUNKS_EXPECTED chunks"
# 2. Upload chunks
CHUNK_NUM=0
OFFSET=0
while [ $OFFSET -lt $FILE_SIZE ]; do
echo "Uploading chunk $CHUNK_NUM..."
dd if="$FILE_PATH" bs=$CHUNK_SIZE skip=$CHUNK_NUM count=1 2>/dev/null | \
curl -s -X PUT \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/octet-stream" \
--data-binary @- \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/uploads/$SESSION_ID/chunks/$CHUNK_NUM"
CHUNK_NUM=$((CHUNK_NUM + 1))
OFFSET=$((CHUNK_NUM * CHUNK_SIZE))
done
# 3. Complete upload
ATTACHMENT=$(curl -s -X POST \
-H "Authorization: token $TOKEN" \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/uploads/$SESSION_ID/complete")
echo "Upload complete!"
echo "$ATTACHMENT" | jq .
```
### Resuming an Interrupted Upload
```bash
#!/bin/bash
# Resume a previously started upload
SESSION_ID="a1b2c3d4-e5f6-7890-abcd-ef1234567890"
# Get session status
STATUS=$(curl -s \
-H "Authorization: token $TOKEN" \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/uploads/$SESSION_ID")
# Get list of received chunks
RECEIVED=$(echo "$STATUS" | jq -r '.received_chunks[]')
CHUNKS_EXPECTED=$(echo "$STATUS" | jq -r '.chunks_expected')
CHUNK_SIZE=$(echo "$STATUS" | jq -r '.chunk_size')
echo "Session has received chunks: $RECEIVED"
echo "Expected chunks: $CHUNKS_EXPECTED"
# Upload missing chunks
for ((i=0; i<CHUNKS_EXPECTED; i++)); do
if ! echo "$RECEIVED" | grep -q "^$i$"; then
echo "Uploading missing chunk $i..."
dd if="$FILE_PATH" bs=$CHUNK_SIZE skip=$i count=1 2>/dev/null | \
curl -s -X PUT \
-H "Authorization: token $TOKEN" \
-H "Content-Type: application/octet-stream" \
--data-binary @- \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/uploads/$SESSION_ID/chunks/$i"
fi
done
# Complete
curl -s -X POST \
-H "Authorization: token $TOKEN" \
"$GITEA_URL/api/v1/repos/$OWNER/$REPO/uploads/$SESSION_ID/complete"
```
### Python
```python
import os
import requests
from pathlib import Path
def chunked_upload(gitea_url: str, token: str, owner: str, repo: str,
release_id: int, file_path: str, chunk_size: int = 10*1024*1024):
"""Upload a large file using chunked uploads."""
headers = {"Authorization": f"token {token}"}
file_path = Path(file_path)
file_size = file_path.stat().st_size
# Create session
resp = requests.post(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/releases/{release_id}/assets/upload-session",
headers=headers,
params={
"name": file_path.name,
"size": file_size,
"chunk_size": chunk_size
}
)
resp.raise_for_status()
session = resp.json()
session_id = session["uuid"]
print(f"Created session {session_id}, expecting {session['chunks_expected']} chunks")
# Upload chunks
with open(file_path, "rb") as f:
chunk_num = 0
while True:
chunk = f.read(chunk_size)
if not chunk:
break
resp = requests.put(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}/chunks/{chunk_num}",
headers=headers,
data=chunk
)
resp.raise_for_status()
result = resp.json()
print(f"Uploaded chunk {chunk_num}, total bytes: {result['bytes_received']}")
chunk_num += 1
# Complete upload
resp = requests.post(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}/complete",
headers=headers
)
resp.raise_for_status()
return resp.json()
def resume_upload(gitea_url: str, token: str, owner: str, repo: str,
session_id: str, file_path: str):
"""Resume an interrupted upload."""
headers = {"Authorization": f"token {token}"}
# Get session status
resp = requests.get(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}",
headers=headers
)
resp.raise_for_status()
session = resp.json()
received = set(session["received_chunks"])
chunk_size = session["chunk_size"]
chunks_expected = session["chunks_expected"]
print(f"Session has {len(received)}/{chunks_expected} chunks")
# Upload missing chunks
with open(file_path, "rb") as f:
for chunk_num in range(chunks_expected):
if chunk_num in received:
f.seek(chunk_size, 1) # Skip this chunk
continue
chunk = f.read(chunk_size)
resp = requests.put(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}/chunks/{chunk_num}",
headers=headers,
data=chunk
)
resp.raise_for_status()
print(f"Uploaded missing chunk {chunk_num}")
# Complete
resp = requests.post(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}/complete",
headers=headers
)
resp.raise_for_status()
return resp.json()
```
### Parallel Uploads
Chunks can be uploaded in parallel for faster throughput:
```python
import concurrent.futures
def upload_chunk(session_id, chunk_num, chunk_data):
resp = requests.put(
f"{gitea_url}/api/v1/repos/{owner}/{repo}/uploads/{session_id}/chunks/{chunk_num}",
headers=headers,
data=chunk_data
)
resp.raise_for_status()
return chunk_num
# Read all chunks
chunks = []
with open(file_path, "rb") as f:
chunk_num = 0
while True:
chunk = f.read(chunk_size)
if not chunk:
break
chunks.append((chunk_num, chunk))
chunk_num += 1
# Upload in parallel (4 workers)
with concurrent.futures.ThreadPoolExecutor(max_workers=4) as executor:
futures = [
executor.submit(upload_chunk, session_id, num, data)
for num, data in chunks
]
for future in concurrent.futures.as_completed(futures):
print(f"Completed chunk {future.result()}")
```
## Configuration
Upload sessions have the following defaults:
| Setting | Default | Description |
|---------|---------|-------------|
| Session expiry | 24 hours | Sessions expire after this time |
| Default chunk size | 10 MB | Default size for each chunk |
| Maximum chunk size | 100 MB | Maximum allowed chunk size |
| Cleanup interval | 1 hour | How often expired sessions are cleaned up |
## Error Handling
| Status Code | Description |
|-------------|-------------|
| `400 Bad Request` | Invalid parameters or chunk data |
| `404 Not Found` | Session or release not found |
| `410 Gone` | Session has expired |
| `413 Request Entity Too Large` | File exceeds maximum attachment size |
## Best Practices
1. **Always provide file size** - This enables chunk count validation and better progress tracking
2. **Use appropriate chunk sizes** - Larger chunks (50-100MB) are more efficient for fast connections; smaller chunks (5-10MB) are better for unreliable networks
3. **Implement retry logic** - Network errors on individual chunks should trigger retries, not full upload restarts
4. **Query session status before resuming** - Always check which chunks were received before uploading more
5. **Handle expiry gracefully** - If a session expires, create a new one and start over

354
docs/phase5-ai-wiki-spec.md
View File

@@ -1,354 +0,0 @@
# Phase 5: AI-Friendly Wiki API (v2)
**Version:** 2.0
**Date:** January 2026
**Status:** IN PROGRESS
---
## Overview
Phase 5 adds a v2 Wiki API designed for AI/LLM consumption and external plugin integration. This enhances the existing wiki functionality without modifying v1 endpoints.
### Goals
1. **AI-Ready Data** - Structured responses optimized for LLM consumption
2. **Full CRUD** - Complete wiki management via API
3. **Search** - Full-text search across wiki content
4. **Relationships** - Page link graph for navigation
5. **Health Metrics** - Wiki statistics and maintenance insights
6. **Plugin-Friendly** - Enable external tools (like .NET AI plugins) to build on top
---
## V2 API Endpoints
Base URL: `/api/v2/repos/{owner}/{repo}/wiki`
### Pages CRUD
#### List All Pages
```
GET /api/v2/repos/{owner}/{repo}/wiki/pages
```
Query Parameters:
- `include_content` (bool, default: false) - Include full page content
- `page` (int) - Page number for pagination
- `limit` (int, default: 30) - Items per page
Response:
```json
{
"pages": [
{
"name": "Home",
"title": "Home",
"path": "Home.md",
"url": "/owner/repo/wiki/Home",
"word_count": 450,
"last_commit": {
"sha": "abc123",
"author": "username",
"message": "Updated home page",
"date": "2026-01-08T10:00:00Z"
},
"content": "# Home\n\nWelcome...", // if include_content=true
"content_html": "<h1>Home</h1>..." // if include_content=true
}
],
"total_count": 25,
"has_more": false
}
```
#### Get Single Page
```
GET /api/v2/repos/{owner}/{repo}/wiki/pages/{pageName}
```
Response:
```json
{
"name": "Installation",
"title": "Installation Guide",
"path": "Installation.md",
"url": "/owner/repo/wiki/Installation",
"content": "# Installation\n\n...",
"content_html": "<h1>Installation</h1>...",
"word_count": 1250,
"links_out": ["Home", "Configuration", "API-Reference"],
"links_in": ["Home", "Getting-Started"],
"sidebar": "...",
"footer": "...",
"last_commit": {
"sha": "def456",
"author": "username",
"message": "Added troubleshooting section",
"date": "2026-01-07T15:30:00Z"
},
"history_url": "/api/v2/repos/owner/repo/wiki/pages/Installation/revisions"
}
```
#### Create Page
```
POST /api/v2/repos/{owner}/{repo}/wiki/pages
```
Request:
```json
{
"name": "New-Page",
"title": "New Page Title",
"content": "# New Page\n\nContent here...",
"message": "Created new page"
}
```
Response: Same as Get Single Page
#### Update Page
```
PUT /api/v2/repos/{owner}/{repo}/wiki/pages/{pageName}
```
Request:
```json
{
"title": "Updated Title",
"content": "# Updated Content\n\n...",
"message": "Updated page content",
"rename_to": "new-page-name" // optional, to rename
}
```
Response: Same as Get Single Page
#### Delete Page
```
DELETE /api/v2/repos/{owner}/{repo}/wiki/pages/{pageName}
```
Request:
```json
{
"message": "Removed outdated page"
}
```
Response:
```json
{
"success": true
}
```
---
### Search
#### Full-Text Search
```
GET /api/v2/repos/{owner}/{repo}/wiki/search?q={query}
```
Query Parameters:
- `q` (string, required) - Search query
- `limit` (int, default: 20) - Max results
- `include_content` (bool, default: false) - Include full content
Response:
```json
{
"query": "installation docker",
"results": [
{
"name": "Docker-Setup",
"title": "Docker Setup Guide",
"snippet": "...to run the <mark>installation</mark> in <mark>Docker</mark>, use the following...",
"score": 0.95,
"word_count": 800,
"last_updated": "2026-01-05T12:00:00Z"
}
],
"total_count": 3
}
```
---
### Link Graph
#### Get Page Relationships
```
GET /api/v2/repos/{owner}/{repo}/wiki/graph
```
Response:
```json
{
"nodes": [
{"name": "Home", "word_count": 450},
{"name": "Installation", "word_count": 1250},
{"name": "Configuration", "word_count": 2100}
],
"edges": [
{"source": "Home", "target": "Installation"},
{"source": "Home", "target": "Configuration"},
{"source": "Installation", "target": "Configuration"}
]
}
```
---
### Statistics & Health
#### Wiki Statistics
```
GET /api/v2/repos/{owner}/{repo}/wiki/stats
```
Response:
```json
{
"total_pages": 25,
"total_words": 45000,
"total_commits": 142,
"last_updated": "2026-01-08T10:00:00Z",
"contributors": 5,
"health": {
"orphaned_pages": [
{"name": "Old-Notes", "word_count": 120}
],
"dead_links": [
{"page": "Home", "broken_link": "Deleted-Page"}
],
"outdated_pages": [
{"name": "Legacy-API", "last_edit": "2024-06-15T00:00:00Z", "days_old": 573}
],
"short_pages": [
{"name": "TODO", "word_count": 15}
]
},
"top_linked": [
{"name": "Home", "incoming_links": 12},
{"name": "Configuration", "incoming_links": 8}
]
}
```
---
### Revisions
#### Get Page History
```
GET /api/v2/repos/{owner}/{repo}/wiki/pages/{pageName}/revisions
```
Query Parameters:
- `page` (int) - Page number
- `limit` (int, default: 30) - Items per page
Response:
```json
{
"page_name": "Installation",
"revisions": [
{
"sha": "abc123",
"author": {
"username": "user1",
"email": "user1@example.com",
"avatar_url": "..."
},
"message": "Added troubleshooting section",
"date": "2026-01-07T15:30:00Z",
"additions": 45,
"deletions": 12
}
],
"total_count": 28
}
```
---
## Database Schema
### `wiki_index` (for full-text search)
| Column | Type | Description |
|--------|------|-------------|
| id | BIGINT | Primary key |
| repo_id | BIGINT | Repository ID |
| page_name | VARCHAR(255) | Wiki page name |
| page_path | VARCHAR(512) | Git file path |
| title | VARCHAR(255) | Page title |
| content | LONGTEXT | Full page content (for search) |
| content_hash | VARCHAR(64) | SHA256 for change detection |
| commit_sha | VARCHAR(64) | Last indexed commit |
| word_count | INT | Word count |
| links_out | TEXT | JSON array of outgoing links |
| updated_unix | BIGINT | Last update timestamp |
| created_unix | BIGINT | Creation timestamp |
**Indexes:** `(repo_id)`, `(repo_id, page_name) UNIQUE`, `FULLTEXT(title, content)`
---
## Implementation Plan
### Files to Create
**API Structs:**
- `modules/structs/repo_wiki_v2.go`
**API Router:**
- `routers/api/v2/repo/wiki.go`
**Services:**
- `services/wiki/wiki_index.go` - Search indexing
**Migration:**
- `models/migrations/v1_26/v328.go`
### Files to Modify
- `routers/api/v2/api.go` - Register wiki routes
- `models/repo/wiki_ai.go` - Simplify to just WikiIndex
---
## V2 vs V1 Comparison
| Feature | V1 | V2 |
|---------|----|----|
| Content encoding | Base64 | Plain JSON |
| HTML rendering | Separate call | Included in response |
| Word count | No | Yes |
| Link extraction | No | Yes |
| Search | No | Yes (full-text) |
| Graph | No | Yes |
| Statistics | No | Yes |
| Batch operations | No | Future |
---
## External Plugin Integration
Your .NET plugin can:
1. **Fetch all wiki content** via `GET /wiki/pages?include_content=true`
2. **Generate AI summaries** using your AI library
3. **Create/update pages** with AI-generated content
4. **Build Q&A system** by indexing content externally
5. **Analyze relationships** using the graph endpoint
The v2 API provides all the structured data needed for AI processing without building AI into Gitea itself.
---
*End of Specification*

1009
docs/testing-guide-v1.26.md
View File

File diff suppressed because it is too large Load Diff

1050
docs/wiki-v2-api-developer-guide.md
View File

File diff suppressed because it is too large Load Diff

1139
enhancements.md
View File

File diff suppressed because it is too large Load Diff

31
eslint.config.ts
View File

@@ -3,6 +3,7 @@ import comments from '@eslint-community/eslint-plugin-eslint-comments';
import github from 'eslint-plugin-github';
import globals from 'globals';
import importPlugin from 'eslint-plugin-import-x';
import noUseExtendNative from 'eslint-plugin-no-use-extend-native';
import playwright from 'eslint-plugin-playwright';
import regexp from 'eslint-plugin-regexp';
import sonarjs from 'eslint-plugin-sonarjs';
@@ -48,19 +49,24 @@ export default defineConfig([
},
linterOptions: {
reportUnusedDisableDirectives: 2,
reportUnusedInlineConfigs: 2,
},
plugins: {
'@eslint-community/eslint-comments': comments,
// @ts-expect-error
'@stylistic': stylistic,
'@typescript-eslint': typescriptPlugin.plugin,
'array-func': arrayFunc,
// @ts-expect-error -- https://github.com/un-ts/eslint-plugin-import-x/issues/203
'import-x': importPlugin,
'no-use-extend-native': noUseExtendNative,
// @ts-expect-error
regexp,
// @ts-expect-error
sonarjs,
// @ts-expect-error
unicorn,
github,
// @ts-expect-error
wc,
},
settings: {
@@ -153,7 +159,7 @@ export default defineConfig([
'@typescript-eslint/ban-tslint-comment': [0],
'@typescript-eslint/class-literal-property-style': [0],
'@typescript-eslint/class-methods-use-this': [0],
'@typescript-eslint/consistent-generic-constructors': [2, 'constructor'],
'@typescript-eslint/consistent-generic-constructors': [0],
'@typescript-eslint/consistent-indexed-object-style': [0],
'@typescript-eslint/consistent-return': [0],
'@typescript-eslint/consistent-type-assertions': [2, {assertionStyle: 'as', objectLiteralTypeAssertions: 'allow'}],
@@ -215,7 +221,7 @@ export default defineConfig([
'@typescript-eslint/no-unnecessary-condition': [0],
'@typescript-eslint/no-unnecessary-qualifier': [0],
'@typescript-eslint/no-unnecessary-template-expression': [0],
'@typescript-eslint/no-unnecessary-type-arguments': [2],
'@typescript-eslint/no-unnecessary-type-arguments': [0],
'@typescript-eslint/no-unnecessary-type-assertion': [2],
'@typescript-eslint/no-unnecessary-type-constraint': [2],
'@typescript-eslint/no-unnecessary-type-conversion': [2],
@@ -228,12 +234,10 @@ export default defineConfig([
'@typescript-eslint/no-unsafe-member-access': [0],
'@typescript-eslint/no-unsafe-return': [0],
'@typescript-eslint/no-unsafe-unary-minus': [2],
'@typescript-eslint/no-unused-expressions': [2],
'@typescript-eslint/no-unused-private-class-members': [2],
'@typescript-eslint/no-unused-expressions': [0],
'@typescript-eslint/no-unused-vars': [2, {vars: 'all', args: 'all', caughtErrors: 'all', ignoreRestSiblings: false, argsIgnorePattern: '^_', varsIgnorePattern: '^_', caughtErrorsIgnorePattern: '^_', destructuredArrayIgnorePattern: '^_'}],
'@typescript-eslint/no-use-before-define': [2, {functions: false, classes: true, variables: true, allowNamedExports: true, typedefs: false, enums: false, ignoreTypeReferences: true}],
'@typescript-eslint/no-useless-constructor': [0],
'@typescript-eslint/no-useless-default-assignment': [0], // https://github.com/typescript-eslint/typescript-eslint/issues/11847
'@typescript-eslint/no-useless-empty-export': [0],
'@typescript-eslint/no-wrapper-object-types': [2],
'@typescript-eslint/non-nullable-type-assertion-style': [0],
@@ -585,12 +589,12 @@ export default defineConfig([
'no-unreachable': [2],
'no-unsafe-finally': [2],
'no-unsafe-negation': [2],
'no-unused-expressions': [0], // handled by @typescript-eslint/no-unused-expressions
'no-unused-expressions': [2],
'no-unused-labels': [2],
'no-unused-private-class-members': [0], // handled by @typescript-eslint/no-unused-private-class-members
'no-unused-private-class-members': [2],
'no-unused-vars': [0], // handled by @typescript-eslint/no-unused-vars
'no-use-before-define': [0], // handled by @typescript-eslint/no-use-before-define
'no-useless-assignment': [2],
'no-use-extend-native/no-use-extend-native': [2],
'no-useless-backreference': [2],
'no-useless-call': [2],
'no-useless-catch': [2],
@@ -773,7 +777,6 @@ export default defineConfig([
'unicorn/no-empty-file': [2],
'unicorn/no-for-loop': [0],
'unicorn/no-hex-escape': [0],
'unicorn/no-immediate-mutation': [0],
'unicorn/no-instanceof-array': [0],
'unicorn/no-invalid-fetch-options': [2],
'unicorn/no-invalid-remove-event-listener': [2],
@@ -799,7 +802,6 @@ export default defineConfig([
'unicorn/no-unreadable-array-destructuring': [0],
'unicorn/no-unreadable-iife': [2],
'unicorn/no-unused-properties': [2],
'unicorn/no-useless-collection-argument': [2],
'unicorn/no-useless-fallback-in-spread': [2],
'unicorn/no-useless-length-check': [2],
'unicorn/no-useless-promise-resolve-reject': [2],
@@ -811,8 +813,8 @@ export default defineConfig([
'unicorn/numeric-separators-style': [0],
'unicorn/prefer-add-event-listener': [2],
'unicorn/prefer-array-find': [2],
'unicorn/prefer-array-flat': [2],
'unicorn/prefer-array-flat-map': [2],
'unicorn/prefer-array-flat': [2],
'unicorn/prefer-array-index-of': [2],
'unicorn/prefer-array-some': [2],
'unicorn/prefer-at': [0],
@@ -847,7 +849,6 @@ export default defineConfig([
'unicorn/prefer-query-selector': [2],
'unicorn/prefer-reflect-apply': [0],
'unicorn/prefer-regexp-test': [2],
'unicorn/prefer-response-static-json': [2],
'unicorn/prefer-set-has': [0],
'unicorn/prefer-set-size': [2],
'unicorn/prefer-spread': [0],
@@ -899,6 +900,7 @@ export default defineConfig([
'yoda': [2, 'never'],
},
},
// @ts-expect-error
{
...playwright.configs['flat/recommended'],
files: ['tests/e2e/**'],
@@ -914,6 +916,7 @@ export default defineConfig([
},
},
extends: [
// @ts-expect-error
vue.configs['flat/recommended'],
// @ts-expect-error
vueScopedCss.configs['flat/recommended'],
@@ -923,7 +926,6 @@ export default defineConfig([
'vue/html-closing-bracket-spacing': [2, {startTag: 'never', endTag: 'never', selfClosingTag: 'never'}],
'vue/max-attributes-per-line': [0],
'vue/singleline-html-element-content-newline': [0],
'vue/require-typed-ref': [2],
},
},
{
@@ -934,6 +936,7 @@ export default defineConfig([
},
{
files: ['**/*.test.ts', 'web_src/js/test/setup.ts'],
// @ts-expect-error - https://github.com/vitest-dev/eslint-plugin-vitest/issues/737
plugins: {vitest},
languageOptions: {globals: globals.vitest},
rules: {

30
eslint.json.config.ts
View File

@@ -1,30 +0,0 @@
import {defineConfig, globalIgnores} from 'eslint/config';
import json from '@eslint/json';
export default defineConfig([
globalIgnores([
'**/.venv',
'**/node_modules',
'**/public',
]),
{
files: ['**/*.json'],
plugins: {json},
language: 'json/json',
extends: ['json/recommended'],
},
{
files: [
'tsconfig.json',
'.devcontainer/*.json',
'.vscode/*.json',
'contrib/ide/vscode/*.json',
],
plugins: {json},
language: 'json/jsonc',
languageOptions: {
allowTrailingCommas: true,
},
extends: ['json/recommended'],
},
]);

40
flake.lock generated
View File

@@ -1,12 +1,30 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1760038930,
"narHash": "sha256-Oncbh0UmHjSlxO7ErQDM3KM0A5/Znfofj2BSzlHLeVw=",
"lastModified": 1755186698,
"narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0b4defa2584313f3b781240b29d61f6f9f7e0df3",
"rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
"type": "github"
},
"original": {
@@ -18,8 +36,24 @@
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

139
flake.nix
View File

@@ -1,94 +1,73 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs =
{ nixpkgs, ... }:
let
supportedSystems = [
"aarch64-darwin"
"aarch64-linux"
"x86_64-darwin"
"x86_64-linux"
];
forEachSupportedSystem =
f:
nixpkgs.lib.genAttrs supportedSystems (
system:
{ nixpkgs, flake-utils, ... }:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
devShells.default =
with pkgs;
let
pkgs = import nixpkgs {
inherit system;
# only bump toolchain versions here
go = go_1_25;
nodejs = nodejs_24;
python3 = python312;
pnpm = pnpm_10;
# Platform-specific dependencies
linuxOnlyInputs = lib.optionals pkgs.stdenv.isLinux [
glibc.static
];
linuxOnlyEnv = lib.optionalAttrs pkgs.stdenv.isLinux {
CFLAGS = "-I${glibc.static.dev}/include";
LDFLAGS = "-L ${glibc.static}/lib";
};
in
f { inherit pkgs; }
);
in
{
devShells = forEachSupportedSystem (
{ pkgs, ... }:
{
default =
let
inherit (pkgs) lib;
pkgs.mkShell (
{
buildInputs = [
# generic
git
git-lfs
gnumake
gnused
gnutar
gzip
zip
# only bump toolchain versions here
go = pkgs.go_1_25;
nodejs = pkgs.nodejs_24;
python3 = pkgs.python312;
pnpm = pkgs.pnpm_10;
# frontend
nodejs
pnpm
cairo
pixman
pkg-config
# Platform-specific dependencies
linuxOnlyInputs = lib.optionals pkgs.stdenv.isLinux [
pkgs.glibc.static
];
# linting
python3
uv
linuxOnlyEnv = lib.optionalAttrs pkgs.stdenv.isLinux {
CFLAGS = "-I${pkgs.glibc.static.dev}/include";
LDFLAGS = "-L ${pkgs.glibc.static}/lib";
};
in
pkgs.mkShell {
packages =
with pkgs;
[
# generic
git
git-lfs
gnumake
gnused
gnutar
gzip
zip
# backend
go
gofumpt
sqlite
]
++ linuxOnlyInputs;
# frontend
nodejs
pnpm
cairo
pixman
pkg-config
GO = "${go}/bin/go";
GOROOT = "${go}/share/go";
# linting
python3
uv
# backend
go
gofumpt
sqlite
]
++ linuxOnlyInputs;
env = {
GO = "${go}/bin/go";
GOROOT = "${go}/share/go";
TAGS = "sqlite sqlite_unlock_notify";
STATIC = "true";
}
// linuxOnlyEnv;
};
}
);
};
TAGS = "sqlite sqlite_unlock_notify";
STATIC = "true";
}
// linuxOnlyEnv
);
}
);
}

50
go.mod
View File

@@ -1,8 +1,6 @@
module code.gitea.io/gitea
go 1.25.0
toolchain go1.25.5
go 1.25.1
// rfc5280 said: "The serial number is an integer assigned by the CA to each certificate."
// But some CAs use negative serial number, just relax the check. related:
@@ -10,14 +8,15 @@ toolchain go1.25.5
godebug x509negativeserial=1
require (
code.gitea.io/actions-proto-go v0.5.0
code.gitea.io/actions-proto-go v0.4.1
code.gitea.io/gitea-vet v0.2.3
code.gitea.io/sdk/gitea v0.22.0
codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570
connectrpc.com/connect v1.18.1
gitea.com/go-chi/binding v0.0.0-20240430071103-39a851e106ed
gitea.com/go-chi/cache v0.2.1
gitea.com/go-chi/captcha v0.0.0-20240315150714-fb487f629098
gitea.com/go-chi/session v0.0.0-20251124165456-68e0254e989e
gitea.com/go-chi/session v0.0.0-20240316035857-16768d98ec96
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96
gitea.com/lunny/levelqueue v0.4.2-0.20230414023320-3c0159fe0fe4
github.com/42wim/httpsig v1.2.3
@@ -25,11 +24,10 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.0
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.2
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358
github.com/Masterminds/semver/v3 v3.4.0
github.com/ProtonMail/go-crypto v1.3.0
github.com/PuerkitoBio/goquery v1.10.3
github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.8.0
github.com/alecthomas/chroma/v2 v2.21.1
github.com/alecthomas/chroma/v2 v2.20.0
github.com/aws/aws-sdk-go-v2/credentials v1.18.10
github.com/aws/aws-sdk-go-v2/service/codecommit v1.32.2
github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb
@@ -63,7 +61,6 @@ require (
github.com/go-redsync/redsync/v4 v4.13.0
github.com/go-sql-driver/mysql v1.9.3
github.com/go-webauthn/webauthn v0.13.4
github.com/goccy/go-json v0.10.5
github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f
github.com/gogs/go-gogs-client v0.0.0-20210131175652-1d7215cd8d85
github.com/golang-jwt/jwt/v5 v5.3.0
@@ -78,6 +75,7 @@ require (
github.com/huandu/xstrings v1.5.0
github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056
github.com/jhillyerd/enmime v1.3.0
github.com/json-iterator/go v1.1.12
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
github.com/klauspost/compress v1.18.0
github.com/klauspost/cpuid/v2 v2.3.0
@@ -86,7 +84,7 @@ require (
github.com/mattn/go-isatty v0.0.20
github.com/mattn/go-sqlite3 v1.14.32
github.com/meilisearch/meilisearch-go v0.33.2
github.com/mholt/archives v0.0.0-20251009205813-e30ac6010726
github.com/mholt/archives v0.1.5-0.20251009205813-e30ac6010726
github.com/microcosm-cc/bluemonday v1.0.27
github.com/microsoft/go-mssqldb v1.9.3
github.com/minio/minio-go/v7 v7.0.95
@@ -105,8 +103,6 @@ require (
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
github.com/sassoftware/go-rpmutils v0.4.0
github.com/sergi/go-diff v1.4.0
github.com/spf13/cobra v1.8.1
github.com/spf13/viper v1.3.2
github.com/stretchr/testify v1.11.1
github.com/syndtr/goleveldb v1.0.0
github.com/tstranex/u2f v1.0.0
@@ -120,14 +116,13 @@ require (
github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
github.com/yuin/goldmark-meta v1.1.0
gitlab.com/gitlab-org/api/client-go v0.142.4
golang.org/x/crypto v0.45.0
golang.org/x/crypto v0.42.0
golang.org/x/image v0.30.0
golang.org/x/net v0.47.0
golang.org/x/net v0.44.0
golang.org/x/oauth2 v0.30.0
golang.org/x/sync v0.18.0
golang.org/x/sys v0.38.0
golang.org/x/term v0.37.0
golang.org/x/text v0.31.0
golang.org/x/sync v0.17.0
golang.org/x/sys v0.37.0
golang.org/x/text v0.30.0
google.golang.org/grpc v1.75.0
google.golang.org/protobuf v1.36.8
gopkg.in/ini.v1 v1.67.0
@@ -140,7 +135,6 @@ require (
require (
cloud.google.com/go/compute/metadata v0.8.0 // indirect
code.gitea.io/gitea-vet v0.2.3 // indirect
dario.cat/mergo v1.0.2 // indirect
filippo.io/edwards25519 v1.1.0 // indirect
git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect
@@ -206,6 +200,7 @@ require (
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-ini/ini v1.67.0 // indirect
github.com/go-webauthn/x v0.1.24 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
github.com/golang-sql/sqlexp v0.1.0 // indirect
@@ -223,15 +218,11 @@ require (
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/kevinburke/ssh_config v1.4.0 // indirect
github.com/klauspost/pgzip v1.2.6 // indirect
github.com/libdns/libdns v1.1.1 // indirect
github.com/magiconair/properties v1.8.0 // indirect
github.com/mailru/easyjson v0.9.0 // indirect
github.com/markbates/going v1.0.3 // indirect
github.com/mattn/go-colorable v0.1.14 // indirect
@@ -255,7 +246,6 @@ require (
github.com/olekukonko/ll v0.1.0 // indirect
github.com/olekukonko/tablewriter v1.0.9 // indirect
github.com/onsi/ginkgo v1.16.5 // indirect
github.com/pelletier/go-toml v1.8.1 // indirect
github.com/philhofer/fwd v1.2.0 // indirect
github.com/pierrec/lz4/v4 v4.1.22 // indirect
github.com/pjbgf/sha1cd v0.4.0 // indirect
@@ -271,9 +261,6 @@ require (
github.com/skeema/knownhosts v1.3.1 // indirect
github.com/sorairolake/lzip-go v0.3.8 // indirect
github.com/spf13/afero v1.15.0 // indirect
github.com/spf13/cast v1.3.0 // indirect
github.com/spf13/jwalterweatherman v1.0.0 // indirect
github.com/spf13/pflag v1.0.6 // indirect
github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect
github.com/tinylib/msgp v1.4.0 // indirect
github.com/unknwon/com v1.0.1 // indirect
@@ -291,10 +278,10 @@ require (
go.uber.org/zap v1.27.0 // indirect
go.uber.org/zap/exp v0.3.0 // indirect
go4.org v0.0.0-20230225012048-214862532bf5 // indirect
golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
golang.org/x/mod v0.28.0 // indirect
golang.org/x/time v0.12.0 // indirect
golang.org/x/tools v0.38.0 // indirect
golang.org/x/tools v0.37.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250826171959-ef028d996bc1 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
@@ -313,9 +300,6 @@ replace github.com/nektos/act => gitea.com/gitea/act v0.261.7-0.20251003180512-a
replace git.sr.ht/~mariusor/go-xsd-duration => gitea.com/gitea/go-xsd-duration v0.0.0-20220703122237-02e73435a078
// Use GitCaddy fork with capability support
replace code.gitea.io/actions-proto-go => git.marketally.com/gitcaddy/actions-proto-go v0.5.7
exclude github.com/gofrs/uuid v3.2.0+incompatible
exclude github.com/gofrs/uuid v4.0.0+incompatible
@@ -323,5 +307,3 @@ exclude github.com/gofrs/uuid v4.0.0+incompatible
exclude github.com/goccy/go-json v0.4.11
exclude github.com/satori/go.uuid v1.2.0
tool code.gitea.io/gitea-vet

73
go.sum
View File

@@ -16,6 +16,8 @@ cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2k
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
code.gitea.io/actions-proto-go v0.4.1 h1:l0EYhjsgpUe/1VABo2eK7zcoNX2W44WOnb0MSLrKfls=
code.gitea.io/actions-proto-go v0.4.1/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI=
code.gitea.io/gitea-vet v0.2.3/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE=
code.gitea.io/sdk/gitea v0.22.0 h1:HCKq7bX/HQ85Nw7c/HAhWgRye+vBp5nQOE8Md1+9Ef0=
@@ -29,8 +31,6 @@ dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
git.marketally.com/gitcaddy/actions-proto-go v0.5.7 h1:RUbafr3Vkw2l4WfSwa+oF+Ihakbm05W0FlAmXuQrDJc=
git.marketally.com/gitcaddy/actions-proto-go v0.5.7/go.mod h1:RPu21UoRD3zSAujoZR6LJwuVNa2uFRBveadslczCRfQ=
gitea.com/gitea/act v0.261.7-0.20251003180512-ac6e4b751763 h1:ohdxegvslDEllZmRNDqpKun6L4Oq81jNdEDtGgHEV2c=
gitea.com/gitea/act v0.261.7-0.20251003180512-ac6e4b751763/go.mod h1:Pg5C9kQY1CEA3QjthjhlrqOC/QOT5NyWNjOjRHw23Ok=
gitea.com/gitea/go-xsd-duration v0.0.0-20220703122237-02e73435a078 h1:BAFmdZpRW7zMQZQDClaCWobRj9uL1MR3MzpCVJvc5s4=
@@ -41,8 +41,8 @@ gitea.com/go-chi/cache v0.2.1 h1:bfAPkvXlbcZxPCpcmDVCWoHgiBSBmZN/QosnZvEC0+g=
gitea.com/go-chi/cache v0.2.1/go.mod h1:Qic0HZ8hOHW62ETGbonpwz8WYypj9NieU9659wFUJ8Q=
gitea.com/go-chi/captcha v0.0.0-20240315150714-fb487f629098 h1:p2ki+WK0cIeNQuqjR98IP2KZQKRzJJiV7aTeMAFwaWo=
gitea.com/go-chi/captcha v0.0.0-20240315150714-fb487f629098/go.mod h1:LjzIOHlRemuUyO7WR12fmm18VZIlCAaOt9L3yKw40pk=
gitea.com/go-chi/session v0.0.0-20251124165456-68e0254e989e h1:4bugwPyGMLvblEm3pZ8fZProSPVxE4l0UXF2Kv6IJoY=
gitea.com/go-chi/session v0.0.0-20251124165456-68e0254e989e/go.mod h1:KDvcfMUoXfATPHs2mbMoXFTXT45/FAFAS39waz9tPk0=
gitea.com/go-chi/session v0.0.0-20240316035857-16768d98ec96 h1:IFDiMBObsP6CZIRaDLd54SR6zPYAffPXiXck5Xslu0Q=
gitea.com/go-chi/session v0.0.0-20240316035857-16768d98ec96/go.mod h1:0iEpFKnwO5dG0aF98O4eq6FMsAiXkNBaDIlUOlq4BtM=
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96 h1:+wWBi6Qfruqu7xJgjOIrKVQGiLUZdpKYCZewJ4clqhw=
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96/go.mod h1:VyMQP6ue6MKHM8UsOXfNfuMKD0oSAWZdXVcpHIN2yaY=
gitea.com/lunny/levelqueue v0.4.2-0.20230414023320-3c0159fe0fe4 h1:IFT+hup2xejHqdhS7keYWioqfmxdnfblFDTGoOwcZ+o=
@@ -78,8 +78,6 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym
github.com/DataDog/zstd v1.5.7 h1:ybO8RBeh29qrxIhCA9E8gKY6xfONU9T6G6aP9DTKfLE=
github.com/DataDog/zstd v1.5.7/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0=
github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM=
github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
@@ -100,11 +98,11 @@ github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.8.0/go.mod h1:1HmmMEVsr+0R
github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
github.com/alecthomas/chroma/v2 v2.21.1 h1:FaSDrp6N+3pphkNKU6HPCiYLgm8dbe5UXIXcoBhZSWA=
github.com/alecthomas/chroma/v2 v2.21.1/go.mod h1:NqVhfBR0lte5Ouh3DcthuUCTUpDC9cxBOfyMbMQPs3o=
github.com/alecthomas/chroma/v2 v2.20.0 h1:sfIHpxPyR07/Oylvmcai3X/exDlE8+FA820NTz+9sGw=
github.com/alecthomas/chroma/v2 v2.20.0/go.mod h1:e7tViK0xh/Nf4BYHl00ycY6rV7b8iXBksI9E359yNmA=
github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
github.com/alecthomas/repr v0.5.2 h1:SU73FTI9D1P5UNtvseffFSGmdNci/O6RsqzeXJtP0Qs=
github.com/alecthomas/repr v0.5.2/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
github.com/alecthomas/repr v0.5.1 h1:E3G4t2QbHTSNpPKBgMTln5KLkZHLOcU7r37J4pXBuIg=
github.com/alecthomas/repr v0.5.1/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7VVbI0o4wBRNQIgn917usHWOd6VAffYI=
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
github.com/andybalholm/brotli v1.2.0 h1:ukwgCxwYrmACq68yiUqwIWnGY0cTPox/M94sVwToPjQ=
@@ -247,7 +245,6 @@ github.com/couchbase/goutils v0.1.2 h1:gWr8B6XNWPIhfalHNog3qQKfGiYyh4K4VhO3P2o9B
github.com/couchbase/goutils v0.1.2/go.mod h1:h89Ek/tiOxxqjz30nPPlwZdQbdB8BwgnuBxeoUe/ViE=
github.com/couchbase/moss v0.1.0/go.mod h1:9MaHIaRuy9pvLPUJxB8sh8OrLfyDczECVL37grCIubs=
github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo=
github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
@@ -488,7 +485,6 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
@@ -498,8 +494,6 @@ github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8=
@@ -556,7 +550,6 @@ github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/libdns/libdns v1.1.1 h1:wPrHrXILoSHKWJKGd0EiAVmiJbFShguILTg9leS/P/U=
github.com/libdns/libdns v1.1.1/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
github.com/magiconair/properties v1.8.0 h1:LLgXmsheXeRoUOBOjtwPQCWIYqM/LU1ayDtDePerRcY=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4=
@@ -579,8 +572,8 @@ github.com/meilisearch/meilisearch-go v0.33.2 h1:YgsQSLYhAkRN2ias6I1KNRTjdYCN5w2
github.com/meilisearch/meilisearch-go v0.33.2/go.mod h1:6eOPcQ+OAuwXvnONlfSgfgvr7TIAWM/6OdhcVHg8cF0=
github.com/mholt/acmez/v3 v3.1.2 h1:auob8J/0FhmdClQicvJvuDavgd5ezwLBfKuYmynhYzc=
github.com/mholt/acmez/v3 v3.1.2/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
github.com/mholt/archives v0.0.0-20251009205813-e30ac6010726 h1:narluFTg20M5KBwKxedpFiSMkdjQRRNUlpY4uAsKMwk=
github.com/mholt/archives v0.0.0-20251009205813-e30ac6010726/go.mod h1:3TPMmBLPsgszL+1As5zECTuKwKvIfj6YcwWPpeTAXF4=
github.com/mholt/archives v0.1.5-0.20251009205813-e30ac6010726 h1:WVjGWXBLI1Ggm2kHzNraCGgxFhLoK6gdpPSizCdxnx0=
github.com/mholt/archives v0.1.5-0.20251009205813-e30ac6010726/go.mod h1:3TPMmBLPsgszL+1As5zECTuKwKvIfj6YcwWPpeTAXF4=
github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
github.com/microsoft/go-mssqldb v1.9.3 h1:hy4p+LDC8LIGvI3JATnLVmBOLMJbmn5X400mr5j0lPs=
@@ -648,8 +641,6 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0=
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
github.com/pelletier/go-toml v1.8.1 h1:1Nf83orprkJyknT6h7zbuEGUEjcyVlCxSUGTENmNCRM=
github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
github.com/philhofer/fwd v1.2.0 h1:e6DnBTl7vGY+Gz322/ASL4Gyp1FspeMvx1RNDoToZuM=
github.com/philhofer/fwd v1.2.0/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM=
@@ -728,18 +719,10 @@ github.com/sorairolake/lzip-go v0.3.8/go.mod h1:JcBqGMV0frlxwrsE9sMWXDjqn3EeVf0/
github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I=
github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg=
github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8=
github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk=
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/viper v1.3.2 h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M=
github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf h1:pvbZ0lM0XWPBqUKqFU8cmavspvIl9nulOYwdy6IFRRo=
github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf/go.mod h1:RJID2RhlZKId02nZ62WenDCkgHFerpIOmW0iT7GKmXM=
@@ -857,8 +840,8 @@ golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDf
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI=
golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -867,8 +850,8 @@ golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE
golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b h1:DXr+pvt3nC887026GRP39Ej11UATqWDmWuS99x26cD0=
golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b/go.mod h1:4QTo5u+SEIbbKW1RacMZq1YEfOBqeXa19JeshGi+zc4=
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw=
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.30.0 h1:jD5RhkmVAnjqaCUXfbGBrn3lpxbknfN9w2UhHHU+5B4=
@@ -895,8 +878,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -925,8 +908,8 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
golang.org/x/net v0.44.0 h1:evd8IRDyfNBMBTTY5XRF1vaZlD+EmWx6x8PkhR04H/I=
golang.org/x/net v0.44.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -949,8 +932,8 @@ golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -992,8 +975,8 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ=
golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -1004,8 +987,8 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ=
golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1019,8 +1002,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k=
golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
@@ -1056,8 +1039,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

1
main.go
View File

@@ -44,7 +44,6 @@ func main() {
}
app := cmd.NewMainApp(cmd.AppVersion{Version: Version, Extra: formatBuiltWith()})
_ = cmd.RunMainApp(app, os.Args...) // all errors should have been handled by the RunMainApp
// flush the queued logs before exiting, it is a MUST, otherwise there will be log loss
log.GetManager().Close()
}

2
models/actions/main_test.go
View File

@@ -13,8 +13,6 @@ func TestMain(m *testing.M) {
unittest.MainTest(m, &unittest.TestOptions{
FixtureFiles: []string{
"action_runner_token.yml",
"action_run.yml",
"repository.yml",
},
})
}

224
models/actions/run.go
View File

@@ -16,13 +16,13 @@ import (
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
webhook_module "code.gitea.io/gitea/modules/webhook"
"github.com/nektos/act/pkg/jobparser"
"xorm.io/builder"
)
@@ -30,7 +30,7 @@ import (
type ActionRun struct {
ID int64
Title string
RepoID int64 `xorm:"unique(repo_index) index(repo_concurrency)"`
RepoID int64 `xorm:"index unique(repo_index)"`
Repo *repo_model.Repository `xorm:"-"`
OwnerID int64 `xorm:"index"`
WorkflowID string `xorm:"index"` // the name of workflow file
@@ -49,9 +49,6 @@ type ActionRun struct {
TriggerEvent string // the trigger event defined in the `on` configuration of the triggered workflow
Status Status `xorm:"index"`
Version int `xorm:"version default 0"` // Status could be updated concomitantly, so an optimistic lock is needed
RawConcurrency string // raw concurrency
ConcurrencyGroup string `xorm:"index(repo_concurrency) NOT NULL DEFAULT ''"`
ConcurrencyCancel bool `xorm:"NOT NULL DEFAULT FALSE"`
// Started and Stopped is used for recording last run time, if rerun happened, they will be reset to 0
Started timeutil.TimeStamp
Stopped timeutil.TimeStamp
@@ -105,15 +102,6 @@ func (run *ActionRun) PrettyRef() string {
return refName.ShortName()
}
// RefTooltip return a tooltop of run's ref. For pull request, it's the title of the PR, otherwise it's the ShortName.
func (run *ActionRun) RefTooltip() string {
payload, err := run.GetPullRequestEventPayload()
if err == nil && payload != nil && payload.PullRequest != nil {
return payload.PullRequest.Title
}
return git.RefName(run.Ref).ShortName()
}
// LoadAttributes load Repo TriggerUser if not loaded
func (run *ActionRun) LoadAttributes(ctx context.Context) error {
if run == nil {
@@ -193,11 +181,9 @@ func (run *ActionRun) IsSchedule() bool {
return run.ScheduleID > 0
}
// UpdateRepoRunsNumbers updates the number of runs and closed runs of a repository.
func UpdateRepoRunsNumbers(ctx context.Context, repo *repo_model.Repository) error {
func updateRepoRunsNumbers(ctx context.Context, repo *repo_model.Repository) error {
_, err := db.GetEngine(ctx).ID(repo.ID).
NoAutoTime().
Cols("num_action_runs", "num_closed_action_runs").
SetExpr("num_action_runs",
builder.Select("count(*)").From("action_run").
Where(builder.Eq{"repo_id": repo.ID}),
@@ -252,62 +238,116 @@ func CancelPreviousJobs(ctx context.Context, repoID int64, ref, workflowID strin
return cancelledJobs, err
}
cjs, err := CancelJobs(ctx, jobs)
if err != nil {
return cancelledJobs, err
// Iterate over each job and attempt to cancel it.
for _, job := range jobs {
// Skip jobs that are already in a terminal state (completed, cancelled, etc.).
status := job.Status
if status.IsDone() {
continue
}
// If the job has no associated task (probably an error), set its status to 'Cancelled' and stop it.
if job.TaskID == 0 {
job.Status = StatusCancelled
job.Stopped = timeutil.TimeStampNow()
// Update the job's status and stopped time in the database.
n, err := UpdateRunJob(ctx, job, builder.Eq{"task_id": 0}, "status", "stopped")
if err != nil {
return cancelledJobs, err
}
// If the update affected 0 rows, it means the job has changed in the meantime, so we need to try again.
if n == 0 {
return cancelledJobs, errors.New("job has changed, try again")
}
cancelledJobs = append(cancelledJobs, job)
// Continue with the next job.
continue
}
// If the job has an associated task, try to stop the task, effectively cancelling the job.
if err := StopTask(ctx, job.TaskID, StatusCancelled); err != nil {
return cancelledJobs, err
}
cancelledJobs = append(cancelledJobs, job)
}
cancelledJobs = append(cancelledJobs, cjs...)
}
// Return nil to indicate successful cancellation of all running and waiting jobs.
return cancelledJobs, nil
}
func CancelJobs(ctx context.Context, jobs []*ActionRunJob) ([]*ActionRunJob, error) {
cancelledJobs := make([]*ActionRunJob, 0, len(jobs))
// Iterate over each job and attempt to cancel it.
for _, job := range jobs {
// Skip jobs that are already in a terminal state (completed, cancelled, etc.).
status := job.Status
if status.IsDone() {
continue
}
// If the job has no associated task (probably an error), set its status to 'Cancelled' and stop it.
if job.TaskID == 0 {
job.Status = StatusCancelled
job.Stopped = timeutil.TimeStampNow()
// Update the job's status and stopped time in the database.
n, err := UpdateRunJob(ctx, job, builder.Eq{"task_id": 0}, "status", "stopped")
if err != nil {
return cancelledJobs, err
}
// If the update affected 0 rows, it means the job has changed in the meantime
if n == 0 {
log.Error("Failed to cancel job %d because it has changed", job.ID)
continue
}
cancelledJobs = append(cancelledJobs, job)
// Continue with the next job.
continue
}
// If the job has an associated task, try to stop the task, effectively cancelling the job.
if err := StopTask(ctx, job.TaskID, StatusCancelled); err != nil {
return cancelledJobs, err
}
updatedJob, err := GetRunJobByID(ctx, job.ID)
// InsertRun inserts a run
// The title will be cut off at 255 characters if it's longer than 255 characters.
func InsertRun(ctx context.Context, run *ActionRun, jobs []*jobparser.SingleWorkflow) error {
return db.WithTx(ctx, func(ctx context.Context) error {
index, err := db.GetNextResourceIndex(ctx, "action_run_index", run.RepoID)
if err != nil {
return cancelledJobs, fmt.Errorf("get job: %w", err)
return err
}
cancelledJobs = append(cancelledJobs, updatedJob)
}
run.Index = index
run.Title = util.EllipsisDisplayString(run.Title, 255)
// Return nil to indicate successful cancellation of all running and waiting jobs.
return cancelledJobs, nil
if err := db.Insert(ctx, run); err != nil {
return err
}
if run.Repo == nil {
repo, err := repo_model.GetRepositoryByID(ctx, run.RepoID)
if err != nil {
return err
}
run.Repo = repo
}
if err := updateRepoRunsNumbers(ctx, run.Repo); err != nil {
return err
}
runJobs := make([]*ActionRunJob, 0, len(jobs))
var hasWaiting bool
for _, v := range jobs {
id, job := v.Job()
needs := job.Needs()
if err := v.SetJob(id, job.EraseNeeds()); err != nil {
return err
}
payload, _ := v.Marshal()
status := StatusWaiting
if len(needs) > 0 || run.NeedApproval {
status = StatusBlocked
} else {
hasWaiting = true
}
job.Name = util.EllipsisDisplayString(job.Name, 255)
runJobs = append(runJobs, &ActionRunJob{
RunID: run.ID,
RepoID: run.RepoID,
OwnerID: run.OwnerID,
CommitSHA: run.CommitSHA,
IsForkPullRequest: run.IsForkPullRequest,
Name: job.Name,
WorkflowPayload: payload,
JobID: id,
Needs: needs,
RunsOn: job.RunsOn(),
Status: status,
})
}
if err := db.Insert(ctx, runJobs); err != nil {
return err
}
// if there is a job in the waiting status, increase tasks version.
if hasWaiting {
if err := IncreaseTaskVersion(ctx, run.OwnerID, run.RepoID); err != nil {
return err
}
}
return nil
})
}
func GetRunByRepoAndID(ctx context.Context, repoID, runID int64) (*ActionRun, error) {
@@ -392,7 +432,7 @@ func UpdateRun(ctx context.Context, run *ActionRun, cols ...string) error {
if err = run.LoadRepo(ctx); err != nil {
return err
}
if err := UpdateRepoRunsNumbers(ctx, run.Repo); err != nil {
if err := updateRepoRunsNumbers(ctx, run.Repo); err != nil {
return err
}
}
@@ -401,59 +441,3 @@ func UpdateRun(ctx context.Context, run *ActionRun, cols ...string) error {
}
type ActionRunIndex db.ResourceIndex
func GetConcurrentRunsAndJobs(ctx context.Context, repoID int64, concurrencyGroup string, status []Status) ([]*ActionRun, []*ActionRunJob, error) {
runs, err := db.Find[ActionRun](ctx, &FindRunOptions{
RepoID: repoID,
ConcurrencyGroup: concurrencyGroup,
Status: status,
})
if err != nil {
return nil, nil, fmt.Errorf("find runs: %w", err)
}
jobs, err := db.Find[ActionRunJob](ctx, &FindRunJobOptions{
RepoID: repoID,
ConcurrencyGroup: concurrencyGroup,
Statuses: status,
})
if err != nil {
return nil, nil, fmt.Errorf("find jobs: %w", err)
}
return runs, jobs, nil
}
func CancelPreviousJobsByRunConcurrency(ctx context.Context, actionRun *ActionRun) ([]*ActionRunJob, error) {
if actionRun.ConcurrencyGroup == "" {
return nil, nil
}
var jobsToCancel []*ActionRunJob
statusFindOption := []Status{StatusWaiting, StatusBlocked}
if actionRun.ConcurrencyCancel {
statusFindOption = append(statusFindOption, StatusRunning)
}
runs, jobs, err := GetConcurrentRunsAndJobs(ctx, actionRun.RepoID, actionRun.ConcurrencyGroup, statusFindOption)
if err != nil {
return nil, fmt.Errorf("find concurrent runs and jobs: %w", err)
}
jobsToCancel = append(jobsToCancel, jobs...)
// cancel runs in the same concurrency group
for _, run := range runs {
if run.ID == actionRun.ID {
continue
}
jobs, err := db.Find[ActionRunJob](ctx, FindRunJobOptions{
RunID: run.ID,
})
if err != nil {
return nil, fmt.Errorf("find run %d jobs: %w", run.ID, err)
}
jobsToCancel = append(jobsToCancel, jobs...)
}
return CancelJobs(ctx, jobsToCancel)
}

94
models/actions/run_job.go
View File

@@ -14,7 +14,6 @@ import (
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
"github.com/nektos/act/pkg/jobparser"
"xorm.io/builder"
)
@@ -23,38 +22,23 @@ type ActionRunJob struct {
ID int64
RunID int64 `xorm:"index"`
Run *ActionRun `xorm:"-"`
RepoID int64 `xorm:"index(repo_concurrency)"`
RepoID int64 `xorm:"index"`
Repo *repo_model.Repository `xorm:"-"`
OwnerID int64 `xorm:"index"`
CommitSHA string `xorm:"index"`
IsForkPullRequest bool
Name string `xorm:"VARCHAR(255)"`
Attempt int64
// WorkflowPayload is act/jobparser.SingleWorkflow for act/jobparser.Parse
// it should contain exactly one job with global workflow fields for this model
WorkflowPayload []byte
JobID string `xorm:"VARCHAR(255)"` // job id in workflow, not job's id
Needs []string `xorm:"JSON TEXT"`
RunsOn []string `xorm:"JSON TEXT"`
TaskID int64 // the latest task of the job
Status Status `xorm:"index"`
RawConcurrency string // raw concurrency from job YAML's "concurrency" section
// IsConcurrencyEvaluated is only valid/needed when this job's RawConcurrency is not empty.
// If RawConcurrency can't be evaluated (e.g. depend on other job's outputs or have errors), this field will be false.
// If RawConcurrency has been successfully evaluated, this field will be true, ConcurrencyGroup and ConcurrencyCancel are also set.
IsConcurrencyEvaluated bool
ConcurrencyGroup string `xorm:"index(repo_concurrency) NOT NULL DEFAULT ''"` // evaluated concurrency.group
ConcurrencyCancel bool `xorm:"NOT NULL DEFAULT FALSE"` // evaluated concurrency.cancel-in-progress
Started timeutil.TimeStamp
Stopped timeutil.TimeStamp
Created timeutil.TimeStamp `xorm:"created"`
Updated timeutil.TimeStamp `xorm:"updated index"`
WorkflowPayload []byte
JobID string `xorm:"VARCHAR(255)"` // job id in workflow, not job's id
Needs []string `xorm:"JSON TEXT"`
RunsOn []string `xorm:"JSON TEXT"`
TaskID int64 // the latest task of the job
Status Status `xorm:"index"`
Started timeutil.TimeStamp
Stopped timeutil.TimeStamp
Created timeutil.TimeStamp `xorm:"created"`
Updated timeutil.TimeStamp `xorm:"updated index"`
}
func init() {
@@ -100,24 +84,6 @@ func (job *ActionRunJob) LoadAttributes(ctx context.Context) error {
return job.Run.LoadAttributes(ctx)
}
// ParseJob parses the job structure from the ActionRunJob.WorkflowPayload
func (job *ActionRunJob) ParseJob() (*jobparser.Job, error) {
// job.WorkflowPayload is a SingleWorkflow created from an ActionRun's workflow, which exactly contains this job's YAML definition.
// Ideally it shouldn't be called "Workflow", it is just a job with global workflow fields + trigger
parsedWorkflows, err := jobparser.Parse(job.WorkflowPayload)
if err != nil {
return nil, fmt.Errorf("job %d single workflow: unable to parse: %w", job.ID, err)
} else if len(parsedWorkflows) != 1 {
return nil, fmt.Errorf("job %d single workflow: not single workflow", job.ID)
}
_, workflowJob := parsedWorkflows[0].Job()
if workflowJob == nil {
// it shouldn't happen, and since the callers don't check nil, so return an error instead of nil
return nil, util.ErrorWrap(util.ErrNotExist, "job %d single workflow: payload doesn't contain a job", job.ID)
}
return workflowJob, nil
}
func GetRunJobByID(ctx context.Context, id int64) (*ActionRunJob, error) {
var job ActionRunJob
has, err := db.GetEngine(ctx).Where("id=?", id).Get(&job)
@@ -159,7 +125,7 @@ func UpdateRunJob(ctx context.Context, job *ActionRunJob, cond builder.Cond, col
return affected, nil
}
if slices.Contains(cols, "status") && job.Status.IsWaiting() {
if affected != 0 && slices.Contains(cols, "status") && job.Status.IsWaiting() {
// if the status of job changes to waiting again, increase tasks version.
if err := IncreaseTaskVersion(ctx, job.OwnerID, job.RepoID); err != nil {
return 0, err
@@ -231,39 +197,3 @@ func AggregateJobStatus(jobs []*ActionRunJob) Status {
return StatusUnknown // it shouldn't happen
}
}
func CancelPreviousJobsByJobConcurrency(ctx context.Context, job *ActionRunJob) (jobsToCancel []*ActionRunJob, _ error) {
if job.RawConcurrency == "" {
return nil, nil
}
if !job.IsConcurrencyEvaluated {
return nil, nil
}
if job.ConcurrencyGroup == "" {
return nil, nil
}
statusFindOption := []Status{StatusWaiting, StatusBlocked}
if job.ConcurrencyCancel {
statusFindOption = append(statusFindOption, StatusRunning)
}
runs, jobs, err := GetConcurrentRunsAndJobs(ctx, job.RepoID, job.ConcurrencyGroup, statusFindOption)
if err != nil {
return nil, fmt.Errorf("find concurrent runs and jobs: %w", err)
}
jobs = slices.DeleteFunc(jobs, func(j *ActionRunJob) bool { return j.ID == job.ID })
jobsToCancel = append(jobsToCancel, jobs...)
// cancel runs in the same concurrency group
for _, run := range runs {
jobs, err := db.Find[ActionRunJob](ctx, FindRunJobOptions{
RunID: run.ID,
})
if err != nil {
return nil, fmt.Errorf("find run %d jobs: %w", run.ID, err)
}
jobsToCancel = append(jobsToCancel, jobs...)
}
return CancelJobs(ctx, jobsToCancel)
}

19
models/actions/run_job_list.go
View File

@@ -69,13 +69,12 @@ func (jobs ActionJobList) LoadAttributes(ctx context.Context, withRepo bool) err
type FindRunJobOptions struct {
db.ListOptions
RunID int64
RepoID int64
OwnerID int64
CommitSHA string
Statuses []Status
UpdatedBefore timeutil.TimeStamp
ConcurrencyGroup string
RunID int64
RepoID int64
OwnerID int64
CommitSHA string
Statuses []Status
UpdatedBefore timeutil.TimeStamp
}
func (opts FindRunJobOptions) ToConds() builder.Cond {
@@ -95,12 +94,6 @@ func (opts FindRunJobOptions) ToConds() builder.Cond {
if opts.UpdatedBefore > 0 {
cond = cond.And(builder.Lt{"`action_run_job`.updated": opts.UpdatedBefore})
}
if opts.ConcurrencyGroup != "" {
if opts.RepoID == 0 {
panic("Invalid FindRunJobOptions: repo_id is required")
}
cond = cond.And(builder.Eq{"`action_run_job`.concurrency_group": opts.ConcurrencyGroup})
}
return cond
}

25
models/actions/run_list.go
View File

@@ -64,16 +64,15 @@ func (runs RunList) LoadRepos(ctx context.Context) error {
type FindRunOptions struct {
db.ListOptions
RepoID int64
OwnerID int64
WorkflowID string
Ref string // the commit/tag/… that caused this workflow
TriggerUserID int64
TriggerEvent webhook_module.HookEventType
Approved bool // not util.OptionalBool, it works only when it's true
Status []Status
ConcurrencyGroup string
CommitSHA string
RepoID int64
OwnerID int64
WorkflowID string
Ref string // the commit/tag/… that caused this workflow
TriggerUserID int64
TriggerEvent webhook_module.HookEventType
Approved bool // not util.OptionalBool, it works only when it's true
Status []Status
CommitSHA string
}
func (opts FindRunOptions) ToConds() builder.Cond {
@@ -102,12 +101,6 @@ func (opts FindRunOptions) ToConds() builder.Cond {
if opts.CommitSHA != "" {
cond = cond.And(builder.Eq{"`action_run`.commit_sha": opts.CommitSHA})
}
if len(opts.ConcurrencyGroup) > 0 {
if opts.RepoID == 0 {
panic("Invalid FindRunOptions: repo_id is required")
}
cond = cond.And(builder.Eq{"`action_run`.concurrency_group": opts.ConcurrencyGroup})
}
return cond
}

35
models/actions/run_test.go
View File

@@ -1,35 +0,0 @@
// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
import (
"testing"
"code.gitea.io/gitea/models/db"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
"github.com/stretchr/testify/assert"
)
func TestUpdateRepoRunsNumbers(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
// update the number to a wrong one, the original is 3
_, err := db.GetEngine(t.Context()).ID(4).Cols("num_closed_action_runs").Update(&repo_model.Repository{
NumClosedActionRuns: 2,
})
assert.NoError(t, err)
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
assert.Equal(t, 4, repo.NumActionRuns)
assert.Equal(t, 2, repo.NumClosedActionRuns)
// now update will correct them, only num_actionr_runs and num_closed_action_runs should be updated
err = UpdateRepoRunsNumbers(t.Context(), repo)
assert.NoError(t, err)
repo = unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
assert.Equal(t, 5, repo.NumActionRuns)
assert.Equal(t, 3, repo.NumClosedActionRuns)
}

27
models/actions/runner.go
View File

@@ -1,4 +1,4 @@
// Copyright 2021 The Gitea Authors and MarketAlly. All rights reserved.
// Copyright 2021 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
@@ -14,7 +14,6 @@ import (
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/shared/types"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/optional"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/timeutil"
@@ -62,10 +61,6 @@ type ActionRunner struct {
AgentLabels []string `xorm:"TEXT"`
// Store if this is a runner that only ever get one single job assigned
Ephemeral bool `xorm:"ephemeral NOT NULL DEFAULT false"`
// CapabilitiesJSON stores structured capability information for AI consumption
CapabilitiesJSON string `xorm:"TEXT"`
// BandwidthTestRequestedAt tracks when a bandwidth test was requested by admin
BandwidthTestRequestedAt timeutil.TimeStamp `xorm:"index"`
Created timeutil.TimeStamp `xorm:"created"`
Updated timeutil.TimeStamp `xorm:"updated"`
@@ -178,13 +173,6 @@ func (r *ActionRunner) GenerateToken() (err error) {
return err
}
// CanMatchLabels checks whether the runner's labels can match a job's "runs-on"
// See https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idruns-on
func (r *ActionRunner) CanMatchLabels(jobRunsOn []string) bool {
runnerLabelSet := container.SetOf(r.AgentLabels...)
return runnerLabelSet.Contains(jobRunsOn...) // match all labels
}
func init() {
db.RegisterModel(&ActionRunner{})
}
@@ -398,16 +386,3 @@ func UpdateWrongRepoLevelRunners(ctx context.Context) (int64, error) {
}
return result.RowsAffected()
}
// GetRunnersOfRepo returns all runners available for a repository
// This includes repo-level, owner-level, and global runners
func GetRunnersOfRepo(ctx context.Context, repoID int64) ([]*ActionRunner, error) {
opts := FindRunnerOptions{
RepoID: repoID,
WithAvailable: true,
}
var runners []*ActionRunner
err := db.GetEngine(ctx).Where(opts.ToConds()).OrderBy(opts.ToOrders()).Find(&runners)
return runners, err
}

25
models/actions/task.go
View File

@@ -13,6 +13,7 @@ import (
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unit"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/timeutil"
@@ -20,6 +21,7 @@ import (
runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
lru "github.com/hashicorp/golang-lru/v2"
"github.com/nektos/act/pkg/jobparser"
"google.golang.org/protobuf/types/known/timestamppb"
"xorm.io/builder"
)
@@ -244,7 +246,7 @@ func CreateTaskForRunner(ctx context.Context, runner *ActionRunner) (*ActionTask
var job *ActionRunJob
log.Trace("runner labels: %v", runner.AgentLabels)
for _, v := range jobs {
if runner.CanMatchLabels(v.RunsOn) {
if isSubset(runner.AgentLabels, v.RunsOn) {
job = v
break
}
@@ -276,10 +278,13 @@ func CreateTaskForRunner(ctx context.Context, runner *ActionRunner) (*ActionTask
return nil, false, err
}
workflowJob, err := job.ParseJob()
parsedWorkflows, err := jobparser.Parse(job.WorkflowPayload)
if err != nil {
return nil, false, fmt.Errorf("load job %d: %w", job.ID, err)
return nil, false, fmt.Errorf("parse workflow of job %d: %w", job.ID, err)
} else if len(parsedWorkflows) != 1 {
return nil, false, fmt.Errorf("workflow of job %d: not single workflow", job.ID)
}
_, workflowJob := parsedWorkflows[0].Job()
if _, err := e.Insert(task); err != nil {
return nil, false, err
@@ -474,6 +479,20 @@ func FindOldTasksToExpire(ctx context.Context, olderThan timeutil.TimeStamp, lim
Find(&tasks)
}
func isSubset(set, subset []string) bool {
m := make(container.Set[string], len(set))
for _, v := range set {
m.Add(v)
}
for _, v := range subset {
if !m.Contains(v) {
return false
}
}
return true
}
func convertTimestamp(timestamp *timestamppb.Timestamp) timeutil.TimeStamp {
if timestamp.GetSeconds() == 0 && timestamp.GetNanos() == 0 {
return timeutil.TimeStamp(0)

2
models/activities/notification.go
View File

@@ -386,7 +386,7 @@ func SetNotificationStatus(ctx context.Context, notificationID int64, user *user
notification.Status = status
_, err = db.GetEngine(ctx).ID(notificationID).Cols("status").Update(notification)
_, err = db.GetEngine(ctx).ID(notificationID).Update(notification)
return notification, err
}

2
models/asymkey/gpg_key_verify.go
View File

@@ -78,7 +78,7 @@ func VerifyGPGKey(ctx context.Context, ownerID int64, keyID, token, signature st
}
key.Verified = true
if _, err := db.GetEngine(ctx).ID(key.ID).Cols("verified").Update(key); err != nil {
if _, err := db.GetEngine(ctx).ID(key.ID).SetExpr("verified", true).Update(new(GPGKey)); err != nil {
return "", err
}

11
models/asymkey/ssh_key.go
View File

@@ -84,7 +84,7 @@ func addKey(ctx context.Context, key *PublicKey) (err error) {
}
// AddPublicKey adds new public key to database and authorized_keys file.
func AddPublicKey(ctx context.Context, ownerID int64, name, content string, authSourceID int64, verified bool) (*PublicKey, error) {
func AddPublicKey(ctx context.Context, ownerID int64, name, content string, authSourceID int64) (*PublicKey, error) {
log.Trace(content)
fingerprint, err := CalcFingerprint(content)
@@ -115,7 +115,6 @@ func AddPublicKey(ctx context.Context, ownerID int64, name, content string, auth
Mode: perm.AccessModeWrite,
Type: KeyTypeUser,
LoginSourceID: authSourceID,
Verified: verified,
}
if err = addKey(ctx, key); err != nil {
return nil, fmt.Errorf("addKey: %w", err)
@@ -299,7 +298,7 @@ func deleteKeysMarkedForDeletion(ctx context.Context, keys []string) (bool, erro
}
// AddPublicKeysBySource add a users public keys. Returns true if there are changes.
func AddPublicKeysBySource(ctx context.Context, usr *user_model.User, s *auth.Source, sshPublicKeys []string, verified bool) bool {
func AddPublicKeysBySource(ctx context.Context, usr *user_model.User, s *auth.Source, sshPublicKeys []string) bool {
var sshKeysNeedUpdate bool
for _, sshKey := range sshPublicKeys {
var err error
@@ -318,7 +317,7 @@ func AddPublicKeysBySource(ctx context.Context, usr *user_model.User, s *auth.So
marshalled = marshalled[:len(marshalled)-1]
sshKeyName := fmt.Sprintf("%s-%s", s.Name, ssh.FingerprintSHA256(out))
if _, err := AddPublicKey(ctx, usr.ID, sshKeyName, marshalled, s.ID, verified); err != nil {
if _, err := AddPublicKey(ctx, usr.ID, sshKeyName, marshalled, s.ID); err != nil {
if IsErrKeyAlreadyExist(err) {
log.Trace("AddPublicKeysBySource[%s]: Public SSH Key %s already exists for user", sshKeyName, usr.Name)
} else {
@@ -337,7 +336,7 @@ func AddPublicKeysBySource(ctx context.Context, usr *user_model.User, s *auth.So
}
// SynchronizePublicKeys updates a user's public keys. Returns true if there are changes.
func SynchronizePublicKeys(ctx context.Context, usr *user_model.User, s *auth.Source, sshPublicKeys []string, verified bool) bool {
func SynchronizePublicKeys(ctx context.Context, usr *user_model.User, s *auth.Source, sshPublicKeys []string) bool {
var sshKeysNeedUpdate bool
log.Trace("synchronizePublicKeys[%s]: Handling Public SSH Key synchronization for user %s", s.Name, usr.Name)
@@ -382,7 +381,7 @@ func SynchronizePublicKeys(ctx context.Context, usr *user_model.User, s *auth.So
newKeys = append(newKeys, key)
}
}
if AddPublicKeysBySource(ctx, usr, s, newKeys, verified) {
if AddPublicKeysBySource(ctx, usr, s, newKeys) {
sshKeysNeedUpdate = true
}

43
models/asymkey/ssh_key_authorized_keys.go
View File

@@ -10,7 +10,6 @@ import (
"io"
"os"
"path/filepath"
"regexp"
"strings"
"sync"
@@ -51,42 +50,12 @@ func WriteAuthorizedStringForValidKey(key *PublicKey, w io.Writer) error {
return err
}
var globalVars = sync.OnceValue(func() (ret struct {
principalRegexp *regexp.Regexp
},
) {
// principalRegexp expresses whether a principal is considered valid.
// This reverse engineers how sshd parses the authorized keys file,
// see e.g. https://github.com/openssh/openssh-portable/blob/32deb00b38b4ee2b3302f261ea1e68c04e020a08/auth2-pubkeyfile.c#L221-L256
// Any newline or # comment will be stripped when parsing, so don't allow
// those. Also, if any space or tab is present in the principal, the part
// proceeding this would be parsed as an option, so just avoid any whitespace
// altogether.
ret.principalRegexp = regexp.MustCompile(`^[^\s#]+$`)
return ret
})
func writeAuthorizedStringForKey(key *PublicKey, w io.Writer) (keyValid bool, err error) {
const tpl = AuthorizedStringCommentPrefix + "\n" + `command=%s,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict %s` + "\n"
var sshKey string
if key.Type == KeyTypePrincipal {
// TODO: actually using PublicKey to store "principal" is an abuse
if !globalVars().principalRegexp.MatchString(key.Content) {
return false, fmt.Errorf("invalid principal key: %s", key.Content)
}
sshKey = fmt.Sprintf("%s # user-%d", key.Content, key.OwnerID)
} else {
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
if err != nil {
return false, err
}
sshKeyMarshalled := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
sshKey = fmt.Sprintf("%s user-%d", sshKeyMarshalled, key.OwnerID)
const tpl = AuthorizedStringCommentPrefix + "\n" + `command=%s,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict %s %s` + "\n"
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
if err != nil {
return false, err
}
// now the key is valid, the code below could only return template/IO related errors
sbCmd := &strings.Builder{}
err = setting.SSH.AuthorizedKeysCommandTemplateTemplate.Execute(sbCmd, map[string]any{
@@ -100,7 +69,9 @@ func writeAuthorizedStringForKey(key *PublicKey, w io.Writer) (keyValid bool, er
return true, err
}
sshCommandEscaped := util.ShellEscape(sbCmd.String())
_, err = fmt.Fprintf(w, tpl, sshCommandEscaped, sshKey)
sshKeyMarshalled := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
sshKeyComment := fmt.Sprintf("user-%d", key.OwnerID)
_, err = fmt.Fprintf(w, tpl, sshCommandEscaped, sshKeyMarshalled, sshKeyComment)
return true, err
}

90
models/asymkey/ssh_key_authorized_keys_test.go
View File

@@ -1,90 +0,0 @@
// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package asymkey
import (
"strings"
"testing"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"github.com/stretchr/testify/assert"
)
func TestWriteAuthorizedStringForKey(t *testing.T) {
defer test.MockVariableValue(&setting.AppPath, "/tmp/gitea")()
defer test.MockVariableValue(&setting.CustomConf, "/tmp/app.ini")()
writeKey := func(t *testing.T, key *PublicKey) (bool, string, error) {
sb := &strings.Builder{}
valid, err := writeAuthorizedStringForKey(key, sb)
return valid, sb.String(), err
}
const validKeyContent = `ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICV0MGX/W9IvLA4FXpIuUcdDcbj5KX4syHgsTy7soVgf`
testValid := func(t *testing.T, key *PublicKey, expected string) {
valid, content, err := writeKey(t, key)
assert.True(t, valid)
assert.Equal(t, expected, content)
assert.NoError(t, err)
}
testInvalid := func(t *testing.T, key *PublicKey) {
valid, content, err := writeKey(t, key)
assert.False(t, valid)
assert.Empty(t, content)
assert.Error(t, err)
}
t.Run("PublicKey", func(t *testing.T) {
testValid(t, &PublicKey{
OwnerID: 123,
Content: validKeyContent + " any-comment",
Type: KeyTypeUser,
}, `# gitea public key
command="/tmp/gitea --config=/tmp/app.ini serv key-0",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICV0MGX/W9IvLA4FXpIuUcdDcbj5KX4syHgsTy7soVgf user-123
`)
})
t.Run("PublicKeyWithNewLine", func(t *testing.T) {
testValid(t, &PublicKey{
OwnerID: 123,
Content: validKeyContent + "\nany-more", // the new line should be ignored
Type: KeyTypeUser,
}, `# gitea public key
command="/tmp/gitea --config=/tmp/app.ini serv key-0",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICV0MGX/W9IvLA4FXpIuUcdDcbj5KX4syHgsTy7soVgf user-123
`)
})
t.Run("PublicKeyInvalid", func(t *testing.T) {
testInvalid(t, &PublicKey{
OwnerID: 123,
Content: validKeyContent + "any-more",
Type: KeyTypeUser,
})
})
t.Run("Principal", func(t *testing.T) {
testValid(t, &PublicKey{
OwnerID: 123,
Content: "any-content",
Type: KeyTypePrincipal,
}, `# gitea public key
command="/tmp/gitea --config=/tmp/app.ini serv key-0",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict any-content # user-123
`)
})
t.Run("PrincipalInvalid", func(t *testing.T) {
testInvalid(t, &PublicKey{
OwnerID: 123,
Content: "a b",
Type: KeyTypePrincipal,
})
testInvalid(t, &PublicKey{
OwnerID: 123,
Content: "a\nb",
Type: KeyTypePrincipal,
})
})
}

40
models/fixtures/action_run.yml
View File

@@ -139,43 +139,3 @@
updated: 1683636626
need_approval: 0
approved_by: 0
-
id: 804
title: "use a private action"
repo_id: 60
owner_id: 40
workflow_id: "run.yaml"
index: 189
trigger_user_id: 40
ref: "refs/heads/master"
commit_sha: "6e64b26de7ba966d01d90ecfaf5c7f14ef203e86"
event: "push"
trigger_event: "push"
is_fork_pull_request: 0
status: 1
started: 1683636528
stopped: 1683636626
created: 1683636108
updated: 1683636626
need_approval: 0
approved_by: 0
-
id: 805
title: "update actions"
repo_id: 4
owner_id: 1
workflow_id: "artifact.yaml"
index: 191
trigger_user_id: 1
ref: "refs/heads/master"
commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
event: "push"
trigger_event: "push"
is_fork_pull_request: 0
status: 5
started: 1683636528
stopped: 1683636626
created: 1683636108
updated: 1683636626
need_approval: 0
approved_by: 0

28
models/fixtures/action_run_job.yml
View File

@@ -129,31 +129,3 @@
status: 5
started: 1683636528
stopped: 1683636626
-
id: 205
run_id: 804
repo_id: 6
owner_id: 10
commit_sha: 6e64b26de7ba966d01d90ecfaf5c7f14ef203e86
is_fork_pull_request: 0
name: job_2
attempt: 1
job_id: job_2
task_id: 48
status: 1
started: 1683636528
stopped: 1683636626
-
id: 206
run_id: 805
repo_id: 4
owner_id: 1
commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
is_fork_pull_request: 0
name: job_2
attempt: 1
job_id: job_2
task_id: 56
status: 3
started: 1683636528
stopped: 1683636626

39
models/fixtures/action_task.yml
View File

@@ -177,42 +177,3 @@
log_length: 0
log_size: 0
log_expired: 0
-
id: 55
job_id: 205
attempt: 1
runner_id: 1
status: 6 # 6 is the status code for "running"
started: 1683636528
stopped: 1683636626
repo_id: 6
owner_id: 10
commit_sha: 6e64b26de7ba966d01d90ecfaf5c7f14ef203e86
is_fork_pull_request: 0
token_hash: b8d3962425466b6709b9ac51446f93260c54afe8e7b6d3686e34f991fb8a8953822b0deed86fe41a103f34bc48dbc478422b
token_salt: ERxJGHvg3I
token_last_eight: 182199eb
log_filename: collaborative-owner-test/1a/49.log
log_in_storage: 1
log_length: 707
log_size: 90179
log_expired: 0
-
id: 56
attempt: 1
runner_id: 1
status: 3 # 3 is the status code for "cancelled"
started: 1683636528
stopped: 1683636626
repo_id: 4
owner_id: 1
commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
is_fork_pull_request: 0
token_hash: 6d8ef48297195edcc8e22c70b3020eaa06c52976db67d39b4240c64a69a2cc1508825121b7b8394e48e00b1bf3718b2aaaab
token_salt: eeeeeeee
token_last_eight: eeeeeeee
log_filename: artifact-test2/2f/47.log
log_in_storage: 1
log_length: 707
log_size: 90179
log_expired: 0

24
models/fixtures/branch.yml
View File

@@ -225,27 +225,3 @@
is_deleted: false
deleted_by_id: 0
deleted_unix: 0
-
id: 27
repo_id: 1
name: 'DefaultBranch'
commit_id: '90c1019714259b24fb81711d4416ac0f18667dfa'
commit_message: 'add license'
commit_time: 1709345946
pusher_id: 1
is_deleted: false
deleted_by_id: 0
deleted_unix: 0
-
id: 28
repo_id: 1
name: 'sub-home-md-img-check'
commit_id: '4649299398e4d39a5c09eb4f534df6f1e1eb87cc'
commit_message: "Test how READMEs render images when found in a subfolder"
commit_time: 1678403550
pusher_id: 1
is_deleted: false
deleted_by_id: 0
deleted_unix: 0

14
models/fixtures/repo_unit.yml
View File

@@ -733,17 +733,3 @@
type: 3
config: "{\"IgnoreWhitespaceConflicts\":false,\"AllowMerge\":true,\"AllowRebase\":true,\"AllowRebaseMerge\":true,\"AllowSquash\":true}"
created_unix: 946684810
-
id: 111
repo_id: 3
type: 10
config: "{}"
created_unix: 946684810
-
id: 112
repo_id: 4
type: 10
config: "{}"
created_unix: 946684810

2
models/fixtures/repository.yml
View File

@@ -110,8 +110,6 @@
num_closed_milestones: 0
num_projects: 0
num_closed_projects: 1
num_action_runs: 4
num_closed_action_runs: 3
is_private: false
is_empty: false
is_archived: false

2
models/git/branch.go
View File

@@ -368,7 +368,7 @@ func RenameBranch(ctx context.Context, repo *repo_model.Repository, from, to str
}
// 1. update branch in database
if n, err := sess.Where("repo_id=? AND name=?", repo.ID, from).Cols("name").Update(&Branch{
if n, err := sess.Where("repo_id=? AND name=?", repo.ID, from).Update(&Branch{
Name: to,
}); err != nil {
return err

58
models/git/commit_status.go
View File

@@ -30,21 +30,17 @@ import (
// CommitStatus holds a single Status of a single Commit
type CommitStatus struct {
ID int64 `xorm:"pk autoincr"`
Index int64 `xorm:"INDEX UNIQUE(repo_sha_index)"`
RepoID int64 `xorm:"INDEX UNIQUE(repo_sha_index)"`
Repo *repo_model.Repository `xorm:"-"`
State commitstatus.CommitStatusState `xorm:"VARCHAR(7) NOT NULL"`
SHA string `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_sha_index)"`
// TargetURL points to the commit status page reported by a CI system
// If Gitea Actions is used, it is a relative link like "{RepoLink}/actions/runs/{RunID}/jobs{JobID}"
TargetURL string `xorm:"TEXT"`
Description string `xorm:"TEXT"`
ContextHash string `xorm:"VARCHAR(64) index"`
Context string `xorm:"TEXT"`
Creator *user_model.User `xorm:"-"`
ID int64 `xorm:"pk autoincr"`
Index int64 `xorm:"INDEX UNIQUE(repo_sha_index)"`
RepoID int64 `xorm:"INDEX UNIQUE(repo_sha_index)"`
Repo *repo_model.Repository `xorm:"-"`
State commitstatus.CommitStatusState `xorm:"VARCHAR(7) NOT NULL"`
SHA string `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_sha_index)"`
TargetURL string `xorm:"TEXT"`
Description string `xorm:"TEXT"`
ContextHash string `xorm:"VARCHAR(64) index"`
Context string `xorm:"TEXT"`
Creator *user_model.User `xorm:"-"`
CreatorID int64
CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
@@ -215,45 +211,21 @@ func (status *CommitStatus) LocaleString(lang translation.Locale) string {
// HideActionsURL set `TargetURL` to an empty string if the status comes from Gitea Actions
func (status *CommitStatus) HideActionsURL(ctx context.Context) {
if _, ok := status.cutTargetURLGiteaActionsPrefix(ctx); ok {
status.TargetURL = ""
}
}
func (status *CommitStatus) cutTargetURLGiteaActionsPrefix(ctx context.Context) (string, bool) {
if status.RepoID == 0 {
return "", false
return
}
if status.Repo == nil {
if err := status.loadRepository(ctx); err != nil {
log.Error("loadRepository: %v", err)
return "", false
return
}
}
prefix := status.Repo.Link() + "/actions"
return strings.CutPrefix(status.TargetURL, prefix)
}
// ParseGiteaActionsTargetURL parses the commit status target URL as Gitea Actions link
func (status *CommitStatus) ParseGiteaActionsTargetURL(ctx context.Context) (runID, jobID int64, ok bool) {
s, ok := status.cutTargetURLGiteaActionsPrefix(ctx)
if !ok {
return 0, 0, false
if strings.HasPrefix(status.TargetURL, prefix) {
status.TargetURL = ""
}
parts := strings.Split(s, "/") // expect: /runs/{runID}/jobs/{jobID}
if len(parts) < 5 || parts[1] != "runs" || parts[3] != "jobs" {
return 0, 0, false
}
runID, err1 := strconv.ParseInt(parts[2], 10, 64)
jobID, err2 := strconv.ParseInt(parts[4], 10, 64)
if err1 != nil || err2 != nil {
return 0, 0, false
}
return runID, jobID, true
}
// CalcCommitStatus returns commit status state via some status, the commit statues should order by id desc

31
models/git/lfs.go
View File

@@ -8,6 +8,7 @@ import (
"fmt"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/perm"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unit"
user_model "code.gitea.io/gitea/models/user"
@@ -41,6 +42,30 @@ func (err ErrLFSLockNotExist) Unwrap() error {
return util.ErrNotExist
}
// ErrLFSUnauthorizedAction represents a "LFSUnauthorizedAction" kind of error.
type ErrLFSUnauthorizedAction struct {
RepoID int64
UserName string
Mode perm.AccessMode
}
// IsErrLFSUnauthorizedAction checks if an error is a ErrLFSUnauthorizedAction.
func IsErrLFSUnauthorizedAction(err error) bool {
_, ok := err.(ErrLFSUnauthorizedAction)
return ok
}
func (err ErrLFSUnauthorizedAction) Error() string {
if err.Mode == perm.AccessModeWrite {
return fmt.Sprintf("User %s doesn't have write access for lfs lock [rid: %d]", err.UserName, err.RepoID)
}
return fmt.Sprintf("User %s doesn't have read access for lfs lock [rid: %d]", err.UserName, err.RepoID)
}
func (err ErrLFSUnauthorizedAction) Unwrap() error {
return util.ErrPermissionDenied
}
// ErrLFSLockAlreadyExist represents a "LFSLockAlreadyExist" kind of error.
type ErrLFSLockAlreadyExist struct {
RepoID int64
@@ -68,6 +93,12 @@ type ErrLFSFileLocked struct {
UserName string
}
// IsErrLFSFileLocked checks if an error is a ErrLFSFileLocked.
func IsErrLFSFileLocked(err error) bool {
_, ok := err.(ErrLFSFileLocked)
return ok
}
func (err ErrLFSFileLocked) Error() string {
return fmt.Sprintf("File is lfs locked [repo: %d, locked by: %s, path: %s]", err.RepoID, err.UserName, err.Path)
}

30
models/git/lfs_lock.go
View File

@@ -11,7 +11,10 @@ import (
"time"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/perm"
access_model "code.gitea.io/gitea/models/perm/access"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unit"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
@@ -68,6 +71,10 @@ func (l *LFSLock) LoadOwner(ctx context.Context) error {
// CreateLFSLock creates a new lock.
func CreateLFSLock(ctx context.Context, repo *repo_model.Repository, lock *LFSLock) (*LFSLock, error) {
return db.WithTx2(ctx, func(ctx context.Context) (*LFSLock, error) {
if err := CheckLFSAccessForRepo(ctx, lock.OwnerID, repo, perm.AccessModeWrite); err != nil {
return nil, err
}
lock.Path = util.PathJoinRel(lock.Path)
lock.RepoID = repo.ID
@@ -158,6 +165,10 @@ func DeleteLFSLockByID(ctx context.Context, id int64, repo *repo_model.Repositor
return nil, err
}
if err := CheckLFSAccessForRepo(ctx, u.ID, repo, perm.AccessModeWrite); err != nil {
return nil, err
}
if !force && u.ID != lock.OwnerID {
return nil, errors.New("user doesn't own lock and force flag is not set")
}
@@ -169,3 +180,22 @@ func DeleteLFSLockByID(ctx context.Context, id int64, repo *repo_model.Repositor
return lock, nil
})
}
// CheckLFSAccessForRepo check needed access mode base on action
func CheckLFSAccessForRepo(ctx context.Context, ownerID int64, repo *repo_model.Repository, mode perm.AccessMode) error {
if ownerID == 0 {
return ErrLFSUnauthorizedAction{repo.ID, "undefined", mode}
}
u, err := user_model.GetUserByID(ctx, ownerID)
if err != nil {
return err
}
perm, err := access_model.GetUserRepoPermission(ctx, repo, u)
if err != nil {
return err
}
if !perm.CanAccess(mode, unit.TypeCode) {
return ErrLFSUnauthorizedAction{repo.ID, u.DisplayName(), mode}
}
return nil
}

Some files were not shown because too many files have changed in this diff Show More