This PR contains the following updates:
| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |
🔧 This Pull Request updates lock files to use the latest dependency versions.
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4yNi4wIiwidXBkYXRlZEluVmVyIjoiNDAuMjYuMCIsInRhcmdldEJyYW5jaCI6ImZvcmdlam8iLCJsYWJlbHMiOlsiZGVwZW5kZW5jeS11cGdyYWRlIiwidGVzdC9ub3QtbmVlZGVkIl19-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7961
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
The primary goal is to balance having the editor work as expected by developers (with Tab key affecting indentation) while also not impeding keyboard navigation.
* Tab indents, Shift+Tab unindents, but only when that indent would be valid. E.g. moving existing list items down or up one level.
* Indenting a selection always works.
* When an "invalid" indent is attempted, nothing happens and a toast is shown with a hint to press again to leave the editor.
* Attempting the same action again allows the textarea lose focus by allowing the browser's default key handler.
* Pressing Esc also loses focus immediately.
* No tab handling happens until the text editor has been interacted with (other than just having been focused).
* Changing indentation in block quotes adds or removes quote levels instead.
Screenshot of the toast being shown:
a6287d29-4ce0-4977-aae8-ef1aff2ac89f
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6813
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
Followup to https://codeberg.org/forgejo/forgejo/pulls/4760
* some refactoring
* move rules out of repo.css to a new module
* simplify selectors by omitting .list: it is now only used to style the list itself, they're still precise enough in scope of .user-cards
* apply wrap/ellipsis to cards' content. Done via CSS to avoid spamming gt-ellipsis in the template
* prevent cards with long content from taking horizontal space from other cards
* prevent such cards from causing horizontal overflow on mobile
* prevent varying card height, it doesn't look good even with text wrapping
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6799
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
- While doing cross-compiling of Forgejo (with CGO enabled) it was noticed that besides compiling sqlite3, github.com/DataDog/zstd (a CGO wrapper around the reference zstd library) took a long time to compile. Upon investigating why this library was included in the first place I concluded that this library is not even used and compiling this package is a waste of time and CPU cycles.
- https://github.com/sassoftware/go-rpmutils is the library that uses the CGO zstd library, and would use it the pure Go variant (https://github.com/klauspost/compress/zstd) if CGO is enabled (which is the default). It uses zstd to uncompress the payload of a RPM packages. This is a operation that Forgejo does not use in the slightest, hence being unused code.
- It is not possible to force compiling the pure Go variant if CGO is enabled. Therefore forking and removing this code is the only option to avoid compiling the zstd C library. The changes made to the fork can be seen here: 2660c86d57...v1.0.0
- Via [actiongraph](https://github.com/icio/actiongraph) you can precisely see where the Go compiler is spending time, on a beefy machine the compilation takes of the zstd C library takes ~40s. For reference compiling the sqlite3 C library takes ~50s.
- The forgejo binary (build via `make backend`) reduced its size by 835776 bytes (0.8 MiB).
TL;DR forked library to remove unused code to avoid Go spending a considerable amount of time compiling the reference zstd library that in the end is never used.
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/7953): <!--number 7953 --><!--line 0 --><!--description cmVwbGFjZSBnby1ycG11dGlscyBsaWJyYXJ5IHdpdGggb3VyIG93bg==-->replace go-rpmutils library with our own<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7953
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
On slower CI hardware test `TestSSHPushMirror/Normal/Check_mirrored_content ` may throw an error like
```
=== TestSSHPushMirror/Normal/Check_known_host_keys (tests/integration/mirror_push_test.go:312)
--- FAIL: TestSSHPushMirror (5.38s)
testlogger.go:405: 2025/05/12 15:48:41 ...les/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /src/forgejo/tests/gitea-lfs-meta
testlogger.go:405: 2025/05/12 15:48:42 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user/login for test-mock:12345, 200 OK in 4.6ms @ auth/auth.go:145(auth.SignIn)
testlogger.go:405: 2025/05/12 15:48:42 ...eb/routing/logger.go:102:func1() [I] router: completed POST /user/login for test-mock:12345, 303 See Other in 14.8ms @ auth/auth.go:179(auth.SignInPost)
testlogger.go:405: 2025/05/12 15:48:42 ...odels/user/avatar.go:59:GenerateRandomAvatar() [I] New random avatar created: 2
testlogger.go:405: 2025/05/12 15:48:42 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user2/repo2/settings for test-mock:12345, 200 OK in 53.9ms @ setting/setting.go:300(setting.Settings)
--- FAIL: TestSSHPushMirror/Normal (2.81s)
--- FAIL: TestSSHPushMirror/Normal/Check_mirrored_content (2.26s)
testlogger.go:405: 2025/05/12 15:48:43 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user2/repo2 for test-mock:12345, 200 OK in 89.1ms @ repo/view.go:798(repo.Home)
testlogger.go:405: 2025/05/12 15:48:43 ...eb/routing/logger.go:102:func1() [I] router: completed GET /api/internal/serv/command/10000/user2/push-mirror-test?mode=2&verb=git-receive-pack for 127.0.0.1:0, 200 OK in 5.2ms @ private/serv.go:79(private.ServCommand)
testlogger.go:405: 2025/05/12 15:48:43 ...eb/routing/logger.go:102:func1() [I] router: completed POST /api/internal/hook/pre-receive/user2/push-mirror-test for 127.0.0.1:0, 200 OK in 10.0ms @ private/hook_pre_receive.go:178(private.HookPreReceive)
mirror_push_test.go:304:
Error Trace: /src/forgejo/tests/integration/integration_test.go:564
/src/forgejo/tests/integration/integration_test.go:228
/src/forgejo/tests/integration/mirror_push_test.go:304
/usr/lib/go-1.24/src/runtime/asm_amd64.s:1700
Error: Not equal:
expected: 200
actual : 303
Test: TestSSHPushMirror/Normal/Check_mirrored_content
Messages: Request: GET /user2/push-mirror-test
mirror_push_test.go:304: Response: <a href="/user2/push-mirror-test">See Other</a>.
testlogger.go:405: 2025/05/12 15:48:44 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user2/push-mirror-test for test-mock:12345, 303 See Other in 34.7ms @ repo/view.go:798(repo.Home)
testlogger.go:405: 2025/05/12 15:48:44 ...eb/routing/logger.go:102:func1() [I] router: completed POST /api/internal/hook/post-receive/user2/push-mirror-test for 127.0.0.1:0, 200 OK in 304.3ms @ private/hook_post_receive.go:35(private.HookPostReceive)
testlogger.go:405: 2025/05/12 15:48:44 ...eb/routing/logger.go:102:func1() [I] router: completed POST /api/internal/ssh/10000/update/10000 for 127.0.0.1:0, 200 OK in 6.6ms @ private/key.go:16(private.UpdatePublicKeyInRepo)
testlogger.go:405: 2025/05/12 15:48:45 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user2/push-mirror-test for test-mock:12345, 200 OK in 121.0ms @ repo/view.go:798(repo.Home)
```
because it does not allow temporary 303 responses while waiting in `assert.Eventually` for repo to be updated.
Fixes: 03508b33a8
Author-Change-Id: IB#1160889
Signed-off-by: Pawel Boguslawski <pawel.boguslawski@ib.pl>
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7852
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: pboguslawski <pboguslawski@noreply.codeberg.org>
Co-committed-by: pboguslawski <pboguslawski@noreply.codeberg.org>
This has been introduced in the cherry-picked commit from https://github.com/go-gitea/gitea/pull/34072
To me, adding this seems to be a bug as it forces a hard stop to any overflow nested within a markup div.
Why should it be removed again?
Because otherwise (wide) markdown tables might look super odd because the column breaking/wrapping logic is strange (likely related to the "anywhere" strategy being used).
- [Example of current state with `overflow-wrap`](https://codefloe.com/devxy/helm-rdepot/src/branch/main/charts/rdepot)
- [Example with `overflow-wrap` being removed](https://codefloe.com/devxy/helm-rdepot/src/branch/main/charts/rdepot)
| Current | Patched |
|---------|---------|
|  |  |
The initial change in Gitea was motivated to resolve issues of content overflow caused by the expandable file list tree view they introduced lately. However, this seem to have caused the whole README to overflow in their case, which doesn't apply to Forgejo.
When removing this in Forgejo, only large markdown content (i.e. tables) are allowed to overflow. The whole README div will not overflow (I tested this with an extreme markdown table case).
These tables are then horizontally scrollable, similar to how GitHub handles this.
If the expandable tree view is going to be added to Forgejo, this should then be handled entirely differently. This specific change is not a solution.
I've also checked other value settings to `overflow-wrap` but none had any or any desirable effect.
I did not check all other possible CSS-related options for overflow*, but this might as well be a different task per se.
For the reasons outlined above, I am quite certain this change should be reverted (again).
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7945
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
Show a message about list being empty, so the page doesn't look broken-ish empty.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7947
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
- They have been marked as deprecated since 2023 and adequate warnings have been given about this method being deprecated, remove it for Forgejo v12.
- For clarity: the reason they are deprecated is that these methods allow authentication material to be given via a URL query. This results in the authentication material being logged, which is undesired behavior.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7924
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
Hello all, I am finally taking the time to follow-up on #6277 to get this implemented :)
## Checklist
### Tests
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
<!--start release-notes-assistant-->
## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Bug fixes
- [PR](https://codeberg.org/forgejo/forgejo/pulls/7930): <!--number 7930 --><!--line 0 --><!--description QWRkIGVycm9yIHJlcG9ydGluZyB0byBQUnMgd2l0aCBpbnZhbGlkIHdvcmtmbG93cw==-->Add error reporting to PRs with invalid workflows<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7930
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>
Co-committed-by: Antonin Delpeuch <antonin@delpeuch.eu>
The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829
Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
If the environment variable FORGEJO_VERSION is set and already contains $(GITEA_COMPATIBILITY), it must not be append again.
This particular use case occurs when a pull request is tested in https://code.forgejo.org/forgejo/end-to-end. It sets the version at
796a32d6c1/lib/build.sh (L39)
which is drawn from a file generated at
6c6035bc49/.forgejo/cascading-pr-end-to-end (L33)
The version is generated from a checkout of the PR which leads to
something like:
```
$ make show-version-full
12.0.0-dev-307-6c6035bc49+gitea-1.22.0
```
## Testing
```
git clone https://codeberg.org/forgejo/forgejo
cd forgejo
export FORGEJO_VERSION=$(make show-version-full)
test "$FORGEJO_VERSION" = "$(make show-version-full)" || echo FAIL!
```
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7933
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Antonin Delpeuch <wetneb@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
Added a new option to reindex only a select repository.
The option is present under `[REPO_LINK]/settings` > Administrator Settings
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7896
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Lucas <sclu1034@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@beocode.eu>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
- Use mock helper functions, instead of home-brew solutions.
- Disable cron jobs that are not important to be run during integration tests and might even interfere.
- Avoid sleeping unnecessary, if there's some requirement then sleep or retry until that requirement is met.
- Avoid trying to deliver webhooks that will always result in a failure.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7917
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
Problem: Only data from the past 365 days (31536000s) is loaded.
However, on the activity heatmap, there are 53 cols, each is 7 rows, so squares for at most 371 days (32054400s) are on the heatmap.
This results in a few blank squares on the very left side, despite activity.
Solution: Simply changing 31536000s (365d) to 32054400s (371d) to load all the needed activity.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7893
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Granular9241 <granular9241@noreply.codeberg.org>
Co-committed-by: Granular9241 <granular9241@noreply.codeberg.org>
Resolves: #7341
Previously, the Create Repository button was only enabled if a user was able to create a repo in their own namespace. However, if they had reached the global repo limit, but were stlll able to create a repo in an org, the button would still be disabled.
In this pull request, the create repo form now:
1. Behaves like it always did previously if the user has not reached the repo limit.
2. If the User has reached the repo limit, and they are unable to create a repo in any of their orgs (or they have no orgs), the create repo form is displayed as:
3. If the User has reached the repo limit, and the **limit is greater than zero**, an alert appears at the top of the form, and they are only allowed to choose from the orgs that they are allowed to create repos in:
4. If the User has reached the repo limit, and the **limit is equal to zero**, no alert is displayed, as no user can create repos on that instance, and they are only allowed to choose from the orgs that they are allowed to create repos in:
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7402
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Ryan Lerch <rlerch@redhat.com>
Co-committed-by: Ryan Lerch <rlerch@redhat.com>
Careful removal of unused classes and rules from editable CSS. One class was used once in the UI and could have been easily replaced, others were only used in a devtest page.
Removed completely:
* pink
* olive
* violet
* background
Removed partially:
* blue
Some of them are also present in generated Fomantic code, but it's not possible to remove them easily here.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7898
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
- `change-id` is a commit header set by [jj-vcs](https://jj-vcs.github.io/jj/). Modify the commit parser to consider this header to be a valid header, this in turn fixes the signature validation on git commits that contain this header.
- Resolvesforgejo/forgejo#7836
- Added unit test.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7884
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- Chromium would unselect the text if some text is written in another element, so temporarily store the range and restore after this writing has happened.
- Resolvesforgejo/forgejo#7841
- No E2E test, there is already a test case that perfectly matches the reproduce steps of this bug, however Chromium does not produce consistent behavior on this case.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7883
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
- `testPatch` is a function that is called to test a pull request and determine the state of the pull request. Checking for merge conflicts, check if the diff is empty and if the pull request modifies any protected files.
- The checking for merge conflict and if the diff is empty used git commands that relied on a working tree to correctly functions. Forgejo store repositories in a bare format which do not contain a working tree. This means that a temporary copy was created every time a pull request had to be re-checked and for large repositories involving quite some I/O interaction.
- This patch adjusts those codepaths to instead use newer Git plumbing commands that work without requiring a work tree and can thus be used directly on the bare repository. The merge conflict is now done via [`git-merge-tree(1)`](https://git-scm.com/docs/git-merge-tree/) and checking if the diff is empty is done via [`git-diff-tree(1)`](https://git-scm.com/docs/git-diff-tree).
- If the function is called to test a patch where the head and base repository are not the same, then [Git alternate](https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefalternateobjectdatabaseaalternateobjectdatabase) is used to make the head commit available in the base repository, this done on a per git command basis via the `GIT_ALTERNATE_OBJECT_DIRECTORIES` environment.
- As far as I can understand the documentation and the existing code, there's no edge case that the new code cannot handle. It also results in a cleaner codepath, as the existing code did a lot of checking and merging in a more traditional approach that required a lot of (parsing) code, while the new code offloads this to git and has a trivial parser of the output.
- Resolvesforgejo/forgejo#7701
- Added exhaustive integration testing.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7727
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
Closes#7842
Currently mobile devices add autocapitalization & autocorrect to input fields with type `text`. In login form it can either be username or email address.
There's currently no testing. This is only trivial change
Co-authored-by: Jolly Good <1671375+good-lly@users.noreply.github.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7872
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Jolly_Good <jolly_good@noreply.codeberg.org>
Co-committed-by: Jolly_Good <jolly_good@noreply.codeberg.org>
