WIP: DCS main into Gitea Main (for diff)#380
Open
richmahn wants to merge 1623 commits intomain-giteafrom
Open
Conversation
…t style (#36876) Hey, I bumped Go to 1.26.1 and fixed a couple of things I ran into while poking around. ### Changes - Bump go.mod from 1.26.0 to 1.26.1 (security patch) - Bump golangci-lint from v2.10.1 to v2.11.2 - Run make tidy, fmt, lint-go --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Add `--concurrency 2` to all ESLint invocations in the Makefile. ESLint v9 supports multi-threaded linting via worker threads. Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
This PR migrates the web Actions run/job routes from index-based `runIndex` or `jobIndex` to database IDs. **⚠️ BREAKING⚠️ **: Existing saved links/bookmarks that use the old index-based URLs will no longer resolve after this change. Improvements of this change: - Previously, `jobIndex` depended on list order, making it hard to locate a specific job. Using `jobID` provides stable addressing. - Web routes now align with API, which already use IDs. - Behavior is closer to GitHub, which exposes run/job IDs in URLs. - Provides a cleaner base for future features without relying on list order. - #36388 this PR improves the support for reusable workflows. If a job uses a reusable workflow, it may contain multiple child jobs, which makes relying on job index to locate a job much more complicated --------- Signed-off-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Fixes: go-gitea/gitea#36580 Bug is caused by abuse of float layout, convert layout to flex to fix it. There are more float abuses, but this shouldn't cause any other regressions. Before: <img width="939" height="165" alt="Screenshot 2026-02-12 at 06 22 45" src="https://github.com/user-attachments/assets/3e0aea82-d31e-4f4f-97d1-903b9f34de8d" /> After: <img width="961" height="191" alt="image" src="https://github.com/user-attachments/assets/b8fa64dc-594f-46a6-87e4-c20475e7d1e8" /> --------- Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Add CLAUDE.md with fork management docs for AI-assisted merges - Add dcs-customizations.md registry of all 127 modified files - Fix all DCS comment marker typos (Customiations, Customizaitons, etc.) - Move struct fields to end of structs in org.go, user.go with block delimiters - Extract 28 template partials into templates/dcs/ reducing inline modifications - Extract route registration into dcs/routes.go (API + web) - Net reduction: 89 insertions, 342 deletions from modified Gitea files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add `SetDefaultValues()` call to ensure PageSize is bounded, preventing potential excessive memory allocation from unbounded pagination parameters. Fixes CodeQL alert [#188](https://github.com/go-gitea/gitea/security/code-scanning/188). All other 49 open alerts were false-positives and are dismissed with appropriate comments. Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Brings all DCS (Door43 Content Service) customizations into a fresh main branch based on upstream/main. Includes: - Door43Metadata models, services, and API endpoints - Catalog search and management system - Healthcheck dashboard and validation - Scripture Burrito archive support - DCS template partials extracted to templates/dcs/ - DCS route registration extracted to routers/*/dcs/routes.go - CLAUDE.md and dcs-customizations.md for AI-assisted merge docs - Compilation fixes for upstream API changes (markup.Renderer, git command builder API, repo_model.ArchiveType, int64 pagination) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the `@github/relative-time-element` npm dependency with a vendored, simplified implementation. - Support 24h format rendering [PR 329](github/relative-time-element#329) - Enable `::selection` styling in Firefox [PR 341](github/relative-time-element#341) - Remove timezone from tooltips (It's always local timezone) - Clean up previous `title` workaround in tippy - Remove unused features - Use native `Intl.DurationFormat` with fallback for older browsers, remove dead polyfill - Add MIT license header to vendored file - Add unit tests - Add dedicated devtest page for all component variants --------- Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude claude-opus-4-6 20250630 <noreply@anthropic.com>
Adds a new service that converts Resource Container (RC) repositories to Scripture Burrito (SB) format and pushes the result to a "main" branch. Conversion is triggered three ways: - Automatically via notification hooks when a release is created/updated - Manually via the admin dashboard "Convert RC to Scripture Burrito" button - Via CLI command: gitea convertrc2sb [--owner X --repo Y] Qualifying repos must have: MetadataType="rc", DefaultBranch="master", and a topic of "tc-create", "tc-ready", "pushing2sb", or "rc2sb". New files: - services/convertrc2sb/convertrc2sb.go (core conversion logic) - services/convertrc2sb/convertrc2sb_notifier.go (notification hooks) - cmd/convertrc2sb.go (CLI command) Modified files: - cmd/main.go, routers/init.go (wire up new service) - services/cron/tasks_dcs.go, tasks_basic.go (cron task registration) - templates/admin/dashboard.tmpl (admin button) - options/locale/locale_en-US.ini (locale string) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Several notification handlers (ChangeDefaultBranch, SyncPushCommits, MigrateRepository, TransferRepository, ForkRepository, RenameRepository) were passing the HTTP request context directly to goroutines. When the HTTP response completes, the request context is cancelled, which could kill the goroutine before ProcessDoor43MetadataForRepo finishes. Fix: use graceful.GetManager().ShutdownContext() for all goroutine-based handlers, matching the pattern already used by PushCommits. Also fixed a missing err argument in the ChangeDefaultBranch log.Error call. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: wxiaoguang <2114189+wxiaoguang@users.noreply.github.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <115237+silverwind@users.noreply.github.com>
This PR adds an External ID Claim Name configuration field to the OIDC auth source. When set, Gitea uses the specified JWT claim as the user's `ExternalID` instead of the default `sub` claim. This PR fixes the bug when migrating from Azure AD V2 to OIDC. When an admin migrates the same auth source to OIDC, goth's `openidConnect` provider defaults to using the `sub` claim as `UserID`. However, Azure AD's `sub` is a pairwise identifier: > `sub`: The subject is a pairwise identifier and is unique to an application ID. If a single user signs into two different apps using two different client IDs, those apps receive two different values for the subject claim. https://learn.microsoft.com/en-us/entra/identity-platform/id-token-claims-reference#payload-claims As a result, every existing user appears as a new account after migration. To fix this issue, Gitea should use `oid` claim for `UserID`. > `oid`: This ID uniquely identifies the user across applications - two different applications signing in the same user receives the same value in the oid claim. Note: The `oid` claim is not included in Azure AD tokens by default. The `profile` scope must be added to the Scopes field of the auth source.
Fix #37228. Using NicolasCARPi/dropzone as short-term solution
Fixes #37242 Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
The Gitea SDK's hashicorp/go-version library cannot parse DCS version strings like '1.25.7+dcs+2-g4f5ce5854b' because they contain multiple '+' characters (only one '+' is allowed in build metadata). Two-part fix: 1. version.go: Normalize the API-reported version by replacing any second '+' with '.' so remote clients can parse it (e.g., '1.25.7+dcs+2-g4f5ce5854b' -> '1.25.7+dcs.2-g4f5ce5854b'). 2. gitea_downloader.go: Handle ErrUnknownVersion from NewClient as a warning rather than a fatal error. The SDK was designed to return both the client and this error so callers can choose to proceed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- dcs.go: fix alignment whitespace on Door43PreviewURL field - topic.go (api + web): convert DCS import-block markers to end-of-line style (gitea-fmt rejects block comments inside import groups) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: wxiaoguang <2114189+wxiaoguang@users.noreply.github.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
- Add pagination and keyword search to the teams list page - 5 teams shown at most in the overview page Fixes: #34482 Fixes: #36602 Fixes: #37084 Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Animesh Kumar <83393501+kmranimesh@users.noreply.github.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
1. Make sure OmitEmail won't panic 2. SSH principal keys are not for signing or authentication
Resolves all conflicts between dcs-base-v1.25 customizations and upstream v1.26 changes. Key resolutions: - auth.go: Take HEAD ErrAsUserAuthMessage, globalVars removed in v1.26 - csv.go: Use HEAD FileNamePatterns() with DCS tsv exclusion - structs: Merge HEAD new fields with DCS additions - Templates: Integrate DCS partials with v1.26 structural changes - index.ts: Add DCS feature imports from deleted index-domready.ts - locale JSON: Add DCS-specific keys for metadata/healthcheck UI - .gitignore: Add public/assets/img/webpack to gitignore Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Use `golangci-lint fmt` to format code, replacing the previous custom formatter tool. https://github.com/daixiang0/gci is used to order the imports. `make fmt` performs ~13% faster while consuming ~57% less cpu while formatting for me. `GOFUMPT_PACKAGE` is gone because it's using the builtin package from golangci-lint. Co-authored-by: Claude (claude-opus-4-6) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Patterns starting with "/" (e.g. /docs/.*\.md) never matched because git returns relative paths without a leading slash. Strip the leading "/" before compiling the regex since the ^...$ anchoring already provides root-relative semantics. Fixes: #28107 Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Introduces a frontend external-render framework that runs renderer plugins inside an `iframe` (loaded via `srcdoc` to keep the CSP `sandbox` directive working without origin-related console noise), and migrates the 3D viewer and OpenAPI/Swagger renderers onto it. PDF and asciicast paths are refactored to share the same `data-render-name` mechanism. Adds e2e coverage for 3D, PDF, asciicast and OpenAPI render paths, plus a regression for the `RefTypeNameSubURL` double-escape on non-ASCII branch names. Signed-off-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fixes GHSA-3xc5-wrhm-f963 (credential exposure on HTTP redirects). --- This PR was written with the help of Claude Opus 4.6 Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
# Conflicts: # models/repo/release.go # modules/git/error.go # modules/markup/tsv/tsv.go # options/locale/locale_en-US.json # routers/web/repo/compare.go # services/repository/sbarchiver/archiver.go # templates/repo/diff/box.tmpl # templates/repo/editor/edit.tmpl # templates/repo/release/list.tmpl # templates/repo/settings/options.tmpl # templates/repo/view_content.tmpl # web_src/js/index-domready.ts
# Conflicts: # templates/repo/editor/edit.tmpl # templates/repo/view_file.tmpl # templates/swagger/openapi-viewer.tmpl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.