changelog for 1.15.0 (#16760)

* changelog for 1.15.0

* Slight rename of GPG feature

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>

.drone.yml

@@ -84,7 +84,7 @@ steps:
 
   - name: build-backend-no-gcc
     pull: always
-    image: golang:1.15 # this step is kept as the lowest version of golang that we support
+    image: golang:1.16 # this step is kept as the lowest version of golang that we support
     environment:
       GO111MODULE: on
       GOPROXY: off

CHANGELOG.md

@@ -4,51 +4,7 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 
-## [1.15.0-rc3](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc3) - 2021-08-06
-
-* BREAKING
-  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
-* SECURITY
-  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
-  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
-  * Don't show private user's repo in explore view (#16550) (#16554)
-  * Update node tar dependency to 6.1.6 (#16622) (#16623)
-* API
-  * Swagger AccessToken fixes (#16574) (#16597)
-  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
-* BUGFIXES
-  * Restore Accessibility for Dropdown (#16576) (#16617)
-  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
-  * Fix table alignment in markdown (#16596) (#16602)
-  * Fix 500 on first wiki page (#16586) (#16598)
-  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
-  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
-  * Handle too long PR titles correctly (#16517) (#16549)
-  * Fix data race in bleve indexer (#16474) (#16509)
-  * Restore CORS on git smart http protocol (#16496) (#16506)
-  * Fix race in log (#16490) (#16505)
-  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
-  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
-  * Update notification table with only latest data (#16445) (#16469)
-  * Revert to use alpine 3.13 (#16451) (#16452)
-  * Fix crash following ldap authentication update (#16447) (#16448)
-  * Fix direct creation of external users on admin page (partial #16612) (#16613)
-  * Prevent 500 on draft releases without tag (#16634) (#16636)
-
-## [1.15.0-rc2](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc2) - 2021-07-22
-
-* BUGFIXES
-  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
-  * Fix data race in bleve indexer (#16474) (#16509)
-  * Restore CORS on git smart http protocol (#16496) (#16506)
-  * Fix race in log (#16490) (#16505)
-  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
-  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
-  * Update notification table with only latest data (#16445) (#16469)
-  * Revert to use alpine 3.13 to fix multiple seccomp related issues with Docker <20 (#16451) (#16452)
-  * Fix crash following ldap authentication update (#16447) (#16448)
-
-## [1.15.0-rc1](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc1) - 2021-07-15
+## [1.15.0](https://github.com/go-gitea/gitea/releases/tag/v1.15.0) - 2021-08-21
 
 * BREAKING
   * Make app.ini permissions more restrictive (#16266)
@@ -63,9 +19,15 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Move (custom) assets into subpath `/assets` (#15219)
   * Use level config in log section when sub log section not set level (#15176)
   * Links in markdown should be absolute to the repository not the server (#15088)
+  * Upgrade to the latest version of golang-jwt (#16590) (#16606)
+  * Set minimum supported version of go to 1.16 (#16710)
 * SECURITY
   * Encrypt LDAP bind password in db with SECRET_KEY (#15547)
   * Remove random password in Dockerfiles (#15362)
+  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
+  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
+  * Don't show private user's repo in explore view (#16550) (#16554)
+  * Update node tar dependency to 6.1.6 (#16622) (#16623)
 * FEATURES
   * Update Go-Git to take advantage of LargeObjectThreshold (#16316)
   * Support custom mime type mapping for text files (#16304)
@@ -86,7 +48,7 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add LFS Migration and Mirror (#14726)
   * Improve notifications for WIP draft PR's (#14663)
   * Disable Stars config option (#14653)
-  * Add option to provide signature for a token to verify key ownership (#14054)
+  * GPG Key Ownership verification with Signed Token (#14054)
   * OAuth2 auto-register (#5123)
 * API
   * Return updated repository when changing repository using API (#16420)
@@ -106,6 +68,8 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add Active and ProhibitLogin to API (#15689)
   * Add Location, Website and Description to API (#15675)
   * Expose resolver via API (#15167)
+  * Swagger AccessToken fixes (#16574) (#16597)
+  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
 * ENHANCEMENTS
   * Support HTTP/2 in Let's Encrypt (#16371)
   * Introduce NotifySubjectType (#16320)
@@ -231,6 +195,41 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
   * Add code block highlight to orgmode back (#14222)
   * Remove User.GetOrganizations() (#14032)
+  * Restore Accessibility for Dropdown (#16576) (#16617)
+  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
+  * Fix table alignment in markdown (#16596) (#16602)
+  * Fix 500 on first wiki page (#16586) (#16598)
+  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
+  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
+  * Handle too long PR titles correctly (#16517) (#16549)
+  * Fix data race in bleve indexer (#16474) (#16509)
+  * Restore CORS on git smart http protocol (#16496) (#16506)
+  * Fix race in log (#16490) (#16505)
+  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
+  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
+  * Update notification table with only latest data (#16445) (#16469)
+  * Fix crash following ldap authentication update (#16447) (#16448)
+  * Fix direct creation of external users on admin page (partial #16612) (#16613)
+  * Prevent 500 on draft releases without tag (#16634) (#16636)
+  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
+  * Fix data race in bleve indexer (#16474) (#16509)
+  * Restore CORS on git smart http protocol (#16496) (#16506)
+  * Fix race in log (#16490) (#16505)
+  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
+  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
+  * Update notification table with only latest data (#16445) (#16469)
+  * Fix crash following ldap authentication update (#16447) (#16448)
+  * Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
+  * Fix direct creation of external users on admin page (#16613)
+  * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
+  * Fix NPE in fuzzer (#16680) (#16682)
+  * Set issue_index when finishing migration (#16685) (#16687)
+  * Skip patch download when no patch file exists (#16356) (#16681)
+  * Ensure empty lines are copiable and final new line too (#16678) (#16692)
+  * Fix wrong user in OpenID response (#16736) (#16741)
+  * Do not use thin scrollbars on Firefox (#16738) (#16745)
+  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
+  * Keep attachments on tasklist update (#16750) (#16757)
 * TESTING
   * Bump `postgres` and `mysql` versions (#15710)
   * Add tests for clone from wiki (#15513)
@@ -241,7 +240,6 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
   * Fix mirror_lfs source string in en-US locale (#15369)
 * BUILD
   * Upgrade xorm to v1.1.1 (#16339)
-  * Alpine 3.14 released (#16170)
   * Disable legal comments in esbuild (#15929)
   * Switch to Node 16 to build fronted  (#15804)
   * Use esbuild to minify CSS (#15756)

Makefile

@@ -25,7 +25,7 @@ HAS_GO = $(shell hash $(GO) > /dev/null 2>&1 && echo "GO" || echo "NOGO" )
 COMMA := ,
 
 XGO_VERSION := go-1.16.x
-MIN_GO_VERSION := 001015000
+MIN_GO_VERSION := 001016000
 MIN_NODE_VERSION := 012017000
 
 DOCKER_IMAGE ?= gitea/gitea
@@ -200,7 +200,7 @@ help:
 go-check:
 	$(eval GO_VERSION := $(shell printf "%03d%03d%03d" $(shell $(GO) version | grep -Eo '[0-9]+\.[0-9.]+' | tr '.' ' ');))
 	@if [ "$(GO_VERSION)" -lt "$(MIN_GO_VERSION)" ]; then \
-		echo "Gitea requires Go 1.15 or greater to build. You can get it at https://golang.org/dl/"; \
+		echo "Gitea requires Go 1.16 or greater to build. You can get it at https://golang.org/dl/"; \
 		exit 1; \
 	fi
 

docs/config.yaml

@@ -19,7 +19,7 @@ params:
   author: The Gitea Authors
   website: https://docs.gitea.io
   version: 1.14.6
-  minGoVersion: 1.15
+  minGoVersion: 1.16
   goVersion: 1.16
   minNodeVersion: 12.17
 

go.mod

@@ -10,7 +10,7 @@ require (
 	gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e
 	gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e
 	gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee
-	gitea.com/lunny/levelqueue v0.4.0
+	gitea.com/lunny/levelqueue v0.4.1
 	github.com/Microsoft/go-winio v0.5.0 // indirect
 	github.com/NYTimes/gziphandler v1.1.1
 	github.com/ProtonMail/go-crypto v0.0.0-20210705153151-cc34b1f6908b // indirect

go.sum

@@ -49,8 +49,8 @@ gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e h1:YjaQU6XFicdhPN+Ml
 gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e/go.mod h1:nfA7JaGv3hbGQ1ktdhAsZhdS84qKffI8NMlHr+Opsog=
 gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee h1:9U6HuKUBt/cGK6T/64dEuz0r7Yp97WAAEJvXHDlY3ws=
 gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee/go.mod h1:Ozg8IchVNb/Udg+ui39iHRYqVHSvf3C99ixdpLR8Vu0=
-gitea.com/lunny/levelqueue v0.4.0 h1:v+bCR1lwLTBpZMshguWNhGIFLkUj+R04pgaU3TcJFS8=
-gitea.com/lunny/levelqueue v0.4.0/go.mod h1:HBqmLbz56JWpfEGG0prskAV97ATNRoj5LDmPicD22hU=
+gitea.com/lunny/levelqueue v0.4.1 h1:RZ+AFx5gBsZuyqCvofhAkPQ9uaVDPJnsULoJZIYaJNw=
+gitea.com/lunny/levelqueue v0.4.1/go.mod h1:HBqmLbz56JWpfEGG0prskAV97ATNRoj5LDmPicD22hU=
 gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
 gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
 github.com/6543/go-version v1.3.1 h1:HvOp+Telns7HWJ2Xo/05YXQSB2bE0WmVgbHqwMPZT4U=

models/fixtures/oauth2_grant.yml

@@ -5,3 +5,19 @@
   scope: "openid profile"
   created_unix: 1546869730
   updated_unix: 1546869730
+
+- id: 2
+  user_id: 3
+  application_id: 1
+  counter: 1
+  scope: "openid"
+  created_unix: 1546869730
+  updated_unix: 1546869730
+
+- id: 3
+  user_id: 5
+  application_id: 1
+  counter: 1
+  scope: "openid profile email"
+  created_unix: 1546869730
+  updated_unix: 1546869730

models/issue.go

@@ -982,6 +982,31 @@ func newIssue(e *xorm.Session, doer *User, opts NewIssueOptions) (err error) {
 	return opts.Issue.addCrossReferences(e, doer, false)
 }
 
+// RecalculateIssueIndexForRepo create issue_index for repo if not exist and
+// update it based on highest index of existing issues assigned to a repo
+func RecalculateIssueIndexForRepo(repoID int64) error {
+	sess := x.NewSession()
+	defer sess.Close()
+	if err := sess.Begin(); err != nil {
+		return err
+	}
+
+	if err := upsertResourceIndex(sess, "issue_index", repoID); err != nil {
+		return err
+	}
+
+	var max int64
+	if _, err := sess.Select(" MAX(`index`)").Table("issue").Where("repo_id=?", repoID).Get(&max); err != nil {
+		return err
+	}
+
+	if _, err := sess.Exec("UPDATE `issue_index` SET max_index=? WHERE group_id=?", max, repoID); err != nil {
+		return err
+	}
+
+	return sess.Commit()
+}
+
 // NewIssue creates new issue with labels for repository.
 func NewIssue(repo *Repository, issue *Issue, labelIDs []int64, uuids []string) (err error) {
 	idx, err := GetNextResourceIndex("issue_index", repo.ID)

models/migrations/migrations.go

@@ -590,11 +590,26 @@ func recreateTable(sess *xorm.Session, bean interface{}) error {
 			return err
 		}
 
+		if err := sess.Table(tempTableName).DropIndexes(bean); err != nil {
+			log.Error("Unable to drop indexes on temporary table %s. Error: %v", tempTableName, err)
+			return err
+		}
+
 		// SQLite and MySQL will move all the constraints from the temporary table to the new table
 		if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE `%s` RENAME TO `%s`", tempTableName, tableName)); err != nil {
 			log.Error("Unable to rename %s to %s. Error: %v", tempTableName, tableName, err)
 			return err
 		}
+
+		if err := sess.Table(tableName).CreateIndexes(bean); err != nil {
+			log.Error("Unable to recreate indexes on table %s. Error: %v", tableName, err)
+			return err
+		}
+
+		if err := sess.Table(tableName).CreateUniques(bean); err != nil {
+			log.Error("Unable to recreate uniques on table %s. Error: %v", tableName, err)
+			return err
+		}
 	case setting.Database.UsePostgreSQL:
 		var originalSequences []string
 		type sequenceData struct {
@@ -836,7 +851,7 @@ func dropTableColumns(sess *xorm.Session, tableName string, columnNames ...strin
 			}
 			cols += "`" + strings.ToLower(col) + "`"
 		}
-		sql := fmt.Sprintf("SELECT Name FROM SYS.DEFAULT_CONSTRAINTS WHERE PARENT_OBJECT_ID = OBJECT_ID('%[1]s') AND PARENT_COLUMN_ID IN (SELECT column_id FROM sys.columns WHERE lower(NAME) IN (%[2]s) AND object_id = OBJECT_ID('%[1]s'))",
+		sql := fmt.Sprintf("SELECT Name FROM sys.default_constraints WHERE parent_object_id = OBJECT_ID('%[1]s') AND parent_column_id IN (SELECT column_id FROM sys.columns WHERE LOWER(name) IN (%[2]s) AND object_id = OBJECT_ID('%[1]s'))",
 			tableName, strings.ReplaceAll(cols, "`", "'"))
 		constraints := make([]string, 0)
 		if err := sess.SQL(sql).Find(&constraints); err != nil {
@@ -847,17 +862,14 @@ func dropTableColumns(sess *xorm.Session, tableName string, columnNames ...strin
 				return fmt.Errorf("Drop table `%s` default constraint `%s`: %v", tableName, constraint, err)
 			}
 		}
-		sql = fmt.Sprintf("SELECT DISTINCT Name FROM SYS.INDEXES INNER JOIN SYS.INDEX_COLUMNS ON INDEXES.INDEX_ID = INDEX_COLUMNS.INDEX_ID AND INDEXES.OBJECT_ID = INDEX_COLUMNS.OBJECT_ID WHERE INDEXES.OBJECT_ID = OBJECT_ID('%[1]s') AND INDEX_COLUMNS.COLUMN_ID IN (SELECT column_id FROM sys.columns WHERE lower(NAME) IN (%[2]s) AND object_id = OBJECT_ID('%[1]s'))",
+		sql = fmt.Sprintf("SELECT DISTINCT Name FROM sys.indexes INNER JOIN sys.index_columns ON indexes.index_id = index_columns.index_id AND indexes.object_id = index_columns.object_id WHERE indexes.object_id = OBJECT_ID('%[1]s') AND index_columns.column_id IN (SELECT column_id FROM sys.columns WHERE LOWER(name) IN (%[2]s) AND object_id = OBJECT_ID('%[1]s'))",
 			tableName, strings.ReplaceAll(cols, "`", "'"))
 		constraints = make([]string, 0)
 		if err := sess.SQL(sql).Find(&constraints); err != nil {
 			return fmt.Errorf("Find constraints: %v", err)
 		}
 		for _, constraint := range constraints {
-			if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE `%s` DROP CONSTRAINT IF EXISTS `%s`", tableName, constraint)); err != nil {
-				return fmt.Errorf("Drop table `%s` index constraint `%s`: %v", tableName, constraint, err)
-			}
-			if _, err := sess.Exec(fmt.Sprintf("DROP INDEX IF EXISTS `%[2]s` ON `%[1]s`", tableName, constraint)); err != nil {
+			if _, err := sess.Exec(fmt.Sprintf("DROP INDEX `%[2]s` ON `%[1]s`", tableName, constraint)); err != nil {
 				return fmt.Errorf("Drop index `%[2]s` on `%[1]s`: %v", tableName, constraint, err)
 			}
 		}

modules/git/notes_gogit.go

@@ -36,6 +36,9 @@ func GetNote(ctx context.Context, repo *Repository, commitID string, note *Note)
 			remainingCommitID = remainingCommitID[2:]
 		}
 		if err != nil {
+			if err == object.ErrDirectoryNotFound {
+				return ErrNotExist{ID: remainingCommitID, RelPath: path}
+			}
 			return err
 		}
 	}

modules/git/notes_test.go

@@ -39,3 +39,15 @@ func TestGetNestedNotes(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, []byte("Note 1"), note.Message)
 }
+
+func TestGetNonExistentNotes(t *testing.T) {
+	bareRepo1Path := filepath.Join(testReposDir, "repo1_bare")
+	bareRepo1, err := OpenRepository(bareRepo1Path)
+	assert.NoError(t, err)
+	defer bareRepo1.Close()
+
+	note := Note{}
+	err = GetNote(context.Background(), bareRepo1, "non_existent_sha", &note)
+	assert.Error(t, err)
+	assert.IsType(t, ErrNotExist{}, err)
+}

modules/highlight/highlight.go

@@ -166,6 +166,11 @@ func File(numLines int, fileName string, code []byte) map[int]string {
 	}
 
 	htmlw.Flush()
+	finalNewLine := false
+	if len(code) > 0 {
+		finalNewLine = code[len(code)-1] == '\n'
+	}
+
 	m := make(map[int]string, numLines)
 	for k, v := range strings.SplitN(htmlbuf.String(), "\n", numLines) {
 		line := k + 1
@@ -173,9 +178,17 @@ func File(numLines int, fileName string, code []byte) map[int]string {
 		//need to keep lines that are only \n so copy/paste works properly in browser
 		if content == "" {
 			content = "\n"
+		} else if content == `</span><span class="w">` {
+			content += "\n</span>"
 		}
+		content = strings.TrimSuffix(content, `<span class="w">`)
+		content = strings.TrimPrefix(content, `</span>`)
 		m[line] = content
 	}
+	if finalNewLine {
+		m[numLines+1] = "<span class=\"w\">\n</span>"
+	}
+
 	return m
 }
 

modules/highlight/highlight_test.go

@@ -0,0 +1,103 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package highlight
+
+import (
+	"reflect"
+	"testing"
+
+	"code.gitea.io/gitea/modules/setting"
+	"gopkg.in/ini.v1"
+)
+
+func TestFile(t *testing.T) {
+	setting.Cfg = ini.Empty()
+	tests := []struct {
+		name     string
+		numLines int
+		fileName string
+		code     string
+		want     map[int]string
+	}{
+		{
+			name:     ".drone.yml",
+			numLines: 12,
+			fileName: ".drone.yml",
+			code: `kind: pipeline
+name: default
+
+steps:
+- name: test
+	image: golang:1.13
+	environment:
+		GOPROXY: https://goproxy.cn
+	commands:
+	- go get -u
+	- go build -v
+	- go test -v -race -coverprofile=coverage.txt -covermode=atomic
+`,
+			want: map[int]string{
+				1: `<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l">pipeline</span>`,
+				2: `<span class="w"></span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">default</span>`,
+				3: `<span class="w">
+</span>`,
+				4: `<span class="w"></span><span class="nt">steps</span><span class="p">:</span>`,
+				5: `<span class="w"></span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">test</span>`,
+				6: `<span class="w">	</span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l">golang:1.13</span>`,
+				7: `<span class="w">	</span><span class="nt">environment</span><span class="p">:</span>`,
+				8: `<span class="w"></span><span class="w">		</span><span class="nt">GOPROXY</span><span class="p">:</span><span class="w"> </span><span class="l">https://goproxy.cn</span>`,
+				9: `<span class="w">	</span><span class="nt">commands</span><span class="p">:</span>`,
+				10: `<span class="w"></span><span class="w">	</span>- <span class="l">go get -u</span>`,
+				11: `<span class="w">	</span>- <span class="l">go build -v</span>`,
+				12: `<span class="w">	</span>- <span class="l">go test -v -race -coverprofile=coverage.txt -covermode=atomic</span><span class="w">
+</span>`,
+				13: `<span class="w">
+</span>`,
+			},
+		},
+		{
+			name:     ".drone.yml - trailing space",
+			numLines: 13,
+			fileName: ".drone.yml",
+			code: `kind: pipeline
+name: default  ` + `
+
+steps:
+- name: test
+	image: golang:1.13
+	environment:
+		GOPROXY: https://goproxy.cn
+	commands:
+	- go get -u
+	- go build -v
+	- go test -v -race -coverprofile=coverage.txt -covermode=atomic
+	`,
+			want: map[int]string{
+				1: `<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l">pipeline</span>`,
+				2: `<span class="w"></span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">default  </span>`,
+				3: `<span class="w">
+</span>`,
+				4: `<span class="w"></span><span class="nt">steps</span><span class="p">:</span>`,
+				5: `<span class="w"></span>- <span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">test</span>`,
+				6: `<span class="w">	</span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l">golang:1.13</span>`,
+				7: `<span class="w">	</span><span class="nt">environment</span><span class="p">:</span>`,
+				8: `<span class="w"></span><span class="w">		</span><span class="nt">GOPROXY</span><span class="p">:</span><span class="w"> </span><span class="l">https://goproxy.cn</span>`,
+				9: `<span class="w">	</span><span class="nt">commands</span><span class="p">:</span>`,
+				10: `<span class="w"></span><span class="w">	</span>- <span class="l">go get -u</span>`,
+				11: `<span class="w">	</span>- <span class="l">go build -v</span>`,
+				12: `<span class="w">	</span>- <span class="l">go test -v -race -coverprofile=coverage.txt -covermode=atomic</span>`,
+				13: `<span class="w">	</span>`,
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := File(tt.numLines, tt.fileName, []byte(tt.code)); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("File() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

modules/markup/html.go

@@ -778,7 +778,7 @@ func fullIssuePatternProcessor(ctx *RenderContext, node *html.Node) {
 
 		// extract repo and org name from matched link like
 		// http://localhost:3000/gituser/myrepo/issues/1
-		linkParts := strings.Split(path.Clean(link), "/")
+		linkParts := strings.Split(link, "/")
 		matchOrg := linkParts[len(linkParts)-4]
 		matchRepo := linkParts[len(linkParts)-3]
 

modules/markup/html_test.go

@@ -5,6 +5,7 @@
 package markup_test
 
 import (
+	"io"
 	"strings"
 	"testing"
 
@@ -526,3 +527,18 @@ func BenchmarkEmojiPostprocess(b *testing.B) {
 		assert.NoError(b, err)
 	}
 }
+
+func TestFuzz(t *testing.T) {
+	s := "t/l/issues/8#/../../a"
+	renderContext := RenderContext{
+		URLPrefix: "https://example.com/go-gitea/gitea",
+		Metas: map[string]string{
+			"user": "go-gitea",
+			"repo": "gitea",
+		},
+	}
+
+	err := PostProcess(&renderContext, strings.NewReader(s), io.Discard)
+
+	assert.NoError(t, err)
+}

modules/migrations/gitea_uploader.go

@@ -555,6 +555,9 @@ func (g *GiteaLocalUploader) newPullRequest(pr *base.PullRequest) (*models.PullR
 
 	// download patch file
 	err := func() error {
+		if pr.PatchURL == "" {
+			return nil
+		}
 		// pr.PatchURL maybe a local file
 		ret, err := uri.Open(pr.PatchURL)
 		if err != nil {
@@ -871,6 +874,11 @@ func (g *GiteaLocalUploader) Finish() error {
 		return ErrRepoNotCreated
 	}
 
+	// update issue_index
+	if err := models.RecalculateIssueIndexForRepo(g.repo.ID); err != nil {
+		return err
+	}
+
 	g.repo.Status = models.RepositoryReady
 	return models.UpdateRepositoryCols(g.repo, "status")
 }

options/locale/locale_cs-CZ.ini

@@ -1248,8 +1248,8 @@ issues.dependency.remove=Odstranit
 issues.dependency.remove_info=Odstranit tuto závislost
 issues.dependency.added_dependency=`přidal(a) novou závislost %s`
 issues.dependency.removed_dependency=`odstranil(a) závislost %s`
-issues.dependency.issue_closing_blockedby=Uzavření tohoto požadavku na natažení je blokováno následujícími úkoly
-issues.dependency.pr_closing_blockedby=Uzavření tohoto úkolu je blokováno následujícími úkoly
+issues.dependency.pr_closing_blockedby=Uzavření tohoto požadavku na natažení je blokováno následujícími úkoly
+issues.dependency.issue_closing_blockedby=Uzavření tohoto úkolu je blokováno následujícími úkoly
 issues.dependency.issue_close_blocks=Tento úkol blokuje uzavření následujících úkolů
 issues.dependency.pr_close_blocks=Tento požadavek na natažení blokuje uzavření následujících úkolů
 issues.dependency.issue_close_blocked=Musíte zavřít všechny úkoly, které blokují tento úkol, aby jej bylo možné zavřít.

options/locale/locale_de-DE.ini

@@ -1326,8 +1326,8 @@ issues.dependency.remove=Entfernen
 issues.dependency.remove_info=Abhängigkeit löschen
 issues.dependency.added_dependency=`hat eine neue Abhängigkeit %s hinzugefügt`
 issues.dependency.removed_dependency=`hat eine Abhängigkeit %s entfernt`
-issues.dependency.issue_closing_blockedby=Das Schließen dieses Pull-Requests wird von den folgenden Issues blockiert
-issues.dependency.pr_closing_blockedby=Das Schließen dieses Issues wird von den folgenden Issues blockiert
+issues.dependency.pr_closing_blockedby=Das Schließen dieses Pull-Requests wird von den folgenden Issues blockiert
+issues.dependency.issue_closing_blockedby=Das Schließen dieses Issues wird von den folgenden Issues blockiert
 issues.dependency.issue_close_blocks=Dieses Issue blockiert die Schließung der folgenden Issues
 issues.dependency.pr_close_blocks=Dieser Pull-Request blockiert die Schließung der folgenden Issues
 issues.dependency.issue_close_blocked=Du musst alle Issues, die dieses Issue blockieren, schließen, bevor du es schließen kannst.

options/locale/locale_en-US.ini

@@ -1326,8 +1326,8 @@ issues.dependency.remove = Remove
 issues.dependency.remove_info = Remove this dependency
 issues.dependency.added_dependency = `added a new dependency %s`
 issues.dependency.removed_dependency = `removed a dependency %s`
-issues.dependency.issue_closing_blockedby = Closing this pull request is blocked by the following issues
-issues.dependency.pr_closing_blockedby = Closing this issue is blocked by the following issues
+issues.dependency.pr_closing_blockedby = Closing this pull request is blocked by the following issues
+issues.dependency.issue_closing_blockedby = Closing this issue is blocked by the following issues
 issues.dependency.issue_close_blocks = This issue blocks closing of the following issues
 issues.dependency.pr_close_blocks = This pull request blocks closing of the following issues
 issues.dependency.issue_close_blocked = You need to close all issues blocking this issue before you can close it.

options/locale/locale_es-ES.ini

@@ -1326,8 +1326,8 @@ issues.dependency.remove=Eliminar
 issues.dependency.remove_info=Eliminar esta dependencia
 issues.dependency.added_dependency=`añadida una nueva dependencia %s`
 issues.dependency.removed_dependency=`eliminada una dependencia %s`
-issues.dependency.issue_closing_blockedby=Cerrar este pull request está bloqueado por las siguientes issues
-issues.dependency.pr_closing_blockedby=Cierre de esta incidencia es bloqueado por las siguientes incidencias
+issues.dependency.pr_closing_blockedby=Cerrar este pull request está bloqueado por las siguientes issues
+issues.dependency.issue_closing_blockedby=Cierre de esta incidencia es bloqueado por las siguientes incidencias
 issues.dependency.issue_close_blocks=Esta incidencia bloquea el cierre de las siguientes incidencias
 issues.dependency.pr_close_blocks=Este pull request bloquea el cierre de las siguientes incidencias
 issues.dependency.issue_close_blocked=Necesita cerrar todos las incidencias que bloquean esta incidencia antes de que se puede cerrar.

options/locale/locale_fa-IR.ini

@@ -1070,8 +1070,8 @@ issues.dependency.remove=حذف/ساقط کردن
 issues.dependency.remove_info=حذف این وابستگی
 issues.dependency.added_dependency=`%s یک مخزن جدید اضافه کرد`
 issues.dependency.removed_dependency=`%s یک وابستگی را حذف کرد`
-issues.dependency.issue_closing_blockedby=بستن این تقاضای واکشی وسط موضوعات زیر رد/ مسدود شده است
-issues.dependency.pr_closing_blockedby=بستن این موضوع وسط موضوعات زیر رد/ مسدود شده است
+issues.dependency.pr_closing_blockedby=بستن این تقاضای واکشی وسط موضوعات زیر رد/ مسدود شده است
+issues.dependency.issue_closing_blockedby=بستن این موضوع وسط موضوعات زیر رد/ مسدود شده است
 issues.dependency.issue_close_blocks=این مسئله با توجه به موضوعات مطرح شده مسدود شده است
 issues.dependency.pr_close_blocks=این تقاضای واکشی با توجه به موضوعات مطرح شده مسدود شده است
 issues.dependency.issue_close_blocked=شما نیاز به بستن تمامی مسائل مسدود شده مسئله قبل بستن آن هستید.

options/locale/locale_fr-FR.ini

@@ -1277,8 +1277,8 @@ issues.dependency.remove=Supprimer
 issues.dependency.remove_info=Supprimer cette dépendance
 issues.dependency.added_dependency=`a ajouté une nouvelle dépendance %s`
 issues.dependency.removed_dependency=`a supprimé une dépendance %s`
-issues.dependency.issue_closing_blockedby=La clôture de cette demande d'ajout est bloquée par les tickets suivants
-issues.dependency.pr_closing_blockedby=La clôture de ce ticket est bloquée par les tickets suivants
+issues.dependency.pr_closing_blockedby=La clôture de cette demande d'ajout est bloquée par les tickets suivants
+issues.dependency.issue_closing_blockedby=La clôture de ce ticket est bloquée par les tickets suivants
 issues.dependency.issue_close_blocks=Cette demande d'ajout empêche la clôture des tickets suivants
 issues.dependency.pr_close_blocks=Cette demande d'ajout empêche la clôture des tickets suivants
 issues.dependency.issue_close_blocked=Vous devez fermer tous les tickets qui bloquent ce ticket avant de pouvoir le fermer.

options/locale/locale_it-IT.ini

@@ -1179,8 +1179,8 @@ issues.dependency.remove=Rimuovi
 issues.dependency.remove_info=Rimuovi questa dipendenza
 issues.dependency.added_dependency=`ha aggiunto una nuova dipendenza %s`
 issues.dependency.removed_dependency=`ha rimosso una dipendenza %s`
-issues.dependency.issue_closing_blockedby=La chiusura di questa richiesta pull è bloccata per i seguenti problemi
-issues.dependency.pr_closing_blockedby=La chiusura di questo problema è bloccata per i seguenti problemi
+issues.dependency.pr_closing_blockedby=La chiusura di questa richiesta pull è bloccata per i seguenti problemi
+issues.dependency.issue_closing_blockedby=La chiusura di questo problema è bloccata per i seguenti problemi
 issues.dependency.issue_close_blocks=Questo problema impedisce la chiusura dei seguenti problemi
 issues.dependency.pr_close_blocks=Questa richiesta di pull impedisce la chiusura dei seguenti problemi
 issues.dependency.issue_close_blocked=Devi chiudere tutte le anomalie che bloiccano questo problema prima di chiudelo.

options/locale/locale_ja-JP.ini

@@ -1312,8 +1312,8 @@ issues.dependency.remove=削除
 issues.dependency.remove_info=この依存関係を削除
 issues.dependency.added_dependency=`が新しい依存関係を追加 %s`
 issues.dependency.removed_dependency=`が依存関係を削除 %s`
-issues.dependency.issue_closing_blockedby=このプルリクエストのクローズは、これらの課題によりブロックされています
-issues.dependency.pr_closing_blockedby=この課題のクローズは、これらの課題によりブロックされています
+issues.dependency.pr_closing_blockedby=このプルリクエストのクローズは、これらの課題によりブロックされています
+issues.dependency.issue_closing_blockedby=この課題のクローズは、これらの課題によりブロックされています
 issues.dependency.issue_close_blocks=この課題は、これらの課題のクローズをブロックしています
 issues.dependency.pr_close_blocks=このプルリクエストは、これらの課題のクローズをブロックしています
 issues.dependency.issue_close_blocked=この課題をクローズするには、ブロックしている課題をすべてクローズする必要があります。

options/locale/locale_lv-LV.ini

@@ -1326,8 +1326,8 @@ issues.dependency.remove=Noņemt
 issues.dependency.remove_info=Noņemt šo atkarību
 issues.dependency.added_dependency=`pievienoja jaunu atkarību %s`
 issues.dependency.removed_dependency=`noņema atkarību %s`
-issues.dependency.issue_closing_blockedby=Šī izmaiņu pieprasījuma sapludināšanu bloķē sekojošas problēmas
-issues.dependency.pr_closing_blockedby=Šīs problēmas aizvēršanu bloķē sekojošas problēmas
+issues.dependency.pr_closing_blockedby=Šī izmaiņu pieprasījuma sapludināšanu bloķē sekojošas problēmas
+issues.dependency.issue_closing_blockedby=Šīs problēmas aizvēršanu bloķē sekojošas problēmas
 issues.dependency.issue_close_blocks=Šī problēma bloķē sekojošu problēmu aizvēršanu
 issues.dependency.pr_close_blocks=Šis izmaiņu pieprasījums bloķē sekojošu problēmu aizvēršanu
 issues.dependency.issue_close_blocked=Nepieciešams aizvērt visas problēmas, kas bloķē šo problēmu, lai to varētu aizērt.

options/locale/locale_ml-IN.ini

@@ -738,8 +738,8 @@ issues.deleted_milestone=`(ഇല്ലാതാക്കി)`
 issues.filter_type.all_issues=എല്ലാ ഇഷ്യൂകളും
 issues.label_open_issues=%d തുറന്നനിലയിലുള്ള ഇഷ്യൂകള്‍
 issues.label_deletion_desc=ഒരു ലേബൽ ഇല്ലാതാക്കിയാല്‍, അതു് നിയുകതമാക്കിയ എല്ലാ ഇഷ്യൂകളില്‍ നിന്നും നീക്കംചെയ്യും. തുടരട്ടെ?
-issues.dependency.issue_closing_blockedby=ഈ ലയന അഭ്യര്‍ത്ഥന അടയ്‌ക്കുന്നത് ഇനിപ്പറയുന്ന ഇഷ്യൂകള്‍ തടയുന്നു്
-issues.dependency.pr_closing_blockedby=ഈ ഇഷ്യു അടയ്‌ക്കുന്നത് ഇനിപ്പറയുന്ന ലയന അഭ്യര്‍ത്ഥന തടയുന്നു്
+issues.dependency.pr_closing_blockedby=ഈ ലയന അഭ്യര്‍ത്ഥന അടയ്‌ക്കുന്നത് ഇനിപ്പറയുന്ന ഇഷ്യൂകള്‍ തടയുന്നു്
+issues.dependency.issue_closing_blockedby=ഈ ഇഷ്യു അടയ്‌ക്കുന്നത് ഇനിപ്പറയുന്ന ലയന അഭ്യര്‍ത്ഥന തടയുന്നു്
 issues.dependency.issue_close_blocks=ഈ ഇഷ്യു അടയ്‌ക്കുന്നത് ഇനിപ്പറയുന്ന ഇഷ്യൂകള്‍ തടയുന്നു്
 issues.dependency.pr_close_blocks=ഈ ഇഷ്യൂകള്‍ അടയ്‌ക്കുന്നത് ഈ ലയന അഭ്യര്‍ത്ഥന തടയുന്നു്
 issues.dependency.issue_close_blocked=ഈ ഇഷ്യൂ അടയ്‌ക്കുന്നതിന് മുമ്പ് ഇതിനെ തടയുന്ന എല്ലാ ഇഷ്യൂകളും നിങ്ങൾ അടയ്‌ക്കേണ്ടതുണ്ട്.

options/locale/locale_nl-NL.ini

@@ -1168,8 +1168,8 @@ issues.dependency.remove=Verwijder
 issues.dependency.remove_info=Verwijder afhankelijkheid
 issues.dependency.added_dependency=`voegde een nieuwe afhankelijkheid %s toe `
 issues.dependency.removed_dependency=`verwijderde een afhankelijkheid %s`
-issues.dependency.issue_closing_blockedby=Het sluiten van deze pull-aanvraag is geblokkeerd door de volgende kwesties
-issues.dependency.pr_closing_blockedby=Het sluiten van deze kwestie is geblokkeerd door de volgende kwesties
+issues.dependency.pr_closing_blockedby=Het sluiten van deze pull-aanvraag is geblokkeerd door de volgende kwesties
+issues.dependency.issue_closing_blockedby=Het sluiten van deze kwestie is geblokkeerd door de volgende kwesties
 issues.dependency.issue_close_blocks=Deze kwestie blokkeert het sluiten van de volgende kwesties
 issues.dependency.pr_close_blocks=Deze pull-aanvraag blokkeert het sluiten van de volgende kwesties
 issues.dependency.issue_close_blocked=Je moet alle kwesties die deze kwestie blokkeren sluiten voordat je deze kan sluiten.

options/locale/locale_pl-PL.ini

@@ -1092,8 +1092,8 @@ issues.dependency.remove=Usuń
 issues.dependency.remove_info=Usuń tę zależność
 issues.dependency.added_dependency=`dodał nową zależność %s`
 issues.dependency.removed_dependency=`usunął zależność %s`
-issues.dependency.issue_closing_blockedby=Zamknięcie tego Pull Requesta jest blokowane przez następujące zgłoszenia
-issues.dependency.pr_closing_blockedby=Zamknięcie tego zgłoszenia jest blokowane przez następujące zgłoszenia
+issues.dependency.pr_closing_blockedby=Zamknięcie tego Pull Requesta jest blokowane przez następujące zgłoszenia
+issues.dependency.issue_closing_blockedby=Zamknięcie tego zgłoszenia jest blokowane przez następujące zgłoszenia
 issues.dependency.issue_close_blocks=To zgłoszenie blokuje zamknięcie następujących zgłoszeń
 issues.dependency.pr_close_blocks=Ten Pull Request blokuje zamknięcie następujących zgłoszeń
 issues.dependency.issue_close_blocked=Musisz zamknąć wszystkie zgłoszenia blokujące to zgłoszenie zanim je zamkniesz.

options/locale/locale_pt-BR.ini

@@ -1186,8 +1186,8 @@ issues.dependency.add=Adicione…
 issues.dependency.cancel=Cancelar
 issues.dependency.remove=Remover
 issues.dependency.remove_info=Remover esta dependência
-issues.dependency.issue_closing_blockedby=Fechamento deste pull request está bloqueado pelas seguintes issues
-issues.dependency.pr_closing_blockedby=Fechamento desta issue está bloqueado pelas seguintes issues
+issues.dependency.pr_closing_blockedby=Fechamento deste pull request está bloqueado pelas seguintes issues
+issues.dependency.issue_closing_blockedby=Fechamento desta issue está bloqueado pelas seguintes issues
 issues.dependency.issue_close_blocks=Esta issue bloqueia o fechamento das seguintes issues
 issues.dependency.pr_close_blocks=Este pull request bloqueia o fechamento das seguintes issues
 issues.dependency.issue_close_blocked=Você precisa fechar todas as issues que bloqueiam esta issue antes de poder fechá-la.

options/locale/locale_pt-PT.ini

@@ -1326,8 +1326,8 @@ issues.dependency.remove=Remover
 issues.dependency.remove_info=Remover esta dependência
 issues.dependency.added_dependency=`adicionou uma nova dependência %s`
 issues.dependency.removed_dependency=`removeu uma dependência %s`
-issues.dependency.issue_closing_blockedby=O encerramento deste pedido de integração está bloqueado pelas seguintes questões
-issues.dependency.pr_closing_blockedby=O encerramento desta questão está bloqueado pelas seguintes questões
+issues.dependency.pr_closing_blockedby=O encerramento deste pedido de integração está bloqueado pelas seguintes questões
+issues.dependency.issue_closing_blockedby=O encerramento desta questão está bloqueado pelas seguintes questões
 issues.dependency.issue_close_blocks=Esta questão bloqueia o encerramento das seguintes questões
 issues.dependency.pr_close_blocks=Este pedido de integração bloqueia o encerramento das seguintes questões
 issues.dependency.issue_close_blocked=Tem que encerrar todas as questões que bloqueiam esta questão antes de a poder encerrar.

options/locale/locale_ru-RU.ini

@@ -1324,8 +1324,8 @@ issues.dependency.remove=Удалить
 issues.dependency.remove_info=Удалить эту зависимость
 issues.dependency.added_dependency=`добавить новую зависимость %s`
 issues.dependency.removed_dependency=`убрал зависимость %s`
-issues.dependency.issue_closing_blockedby=Закрытие этого запроса на слияние невозможно до закрытия следующих задач
-issues.dependency.pr_closing_blockedby=Закрытие этой задачи блокируется следующими задачами
+issues.dependency.pr_closing_blockedby=Закрытие этого запроса на слияние невозможно до закрытия следующих задач
+issues.dependency.issue_closing_blockedby=Закрытие этой задачи блокируется следующими задачами
 issues.dependency.issue_close_blocks=Эта задача блокирует закрытие следующих задач
 issues.dependency.pr_close_blocks=Этот запрос на слияние блокирует закрытие следующих задач
 issues.dependency.issue_close_blocked=Вам необходимо закрыть все задачи, блокирующие эту задачу, прежде чем вы сможете её закрыть.

options/locale/locale_sv-SE.ini

@@ -1121,8 +1121,8 @@ issues.dependency.remove=Ta bort
 issues.dependency.remove_info=Ta bort detta beroende
 issues.dependency.added_dependency=`lade till ett nytt beroende %s`
 issues.dependency.removed_dependency=`tog bort ett beroende %s`
-issues.dependency.issue_closing_blockedby=En stängning av denna pull-förfrågan blockeras av följande ärenden
-issues.dependency.pr_closing_blockedby=En stängning av ärendet blockeras av följande ärenden
+issues.dependency.pr_closing_blockedby=En stängning av denna pull-förfrågan blockeras av följande ärenden
+issues.dependency.issue_closing_blockedby=En stängning av ärendet blockeras av följande ärenden
 issues.dependency.issue_close_blocks=Detta ärende blockerar en stängning av följande ärenden
 issues.dependency.pr_close_blocks=Denna pull-förfrågan blockerar stängning av följande ärenden
 issues.dependency.issue_close_blocked=Du måste stänga alla ärenden som blockerar det här ärendet innan du kan stänga det.

options/locale/locale_tr-TR.ini

@@ -1252,8 +1252,8 @@ issues.dependency.remove=Kaldır
 issues.dependency.remove_info=Bu bağımlılığı kaldır
 issues.dependency.added_dependency=`yeni bir %s bağımlılığı eklendi`
 issues.dependency.removed_dependency=`bir %s bağımlılığı kaldırıldı`
-issues.dependency.issue_closing_blockedby=Bu değişiklik isteğinin kapatılması aşağıdaki konular nedeniyle engelleniyor
-issues.dependency.pr_closing_blockedby=Bu konunun kapatılması aşağıdaki konular tarafından engelleniyor
+issues.dependency.pr_closing_blockedby=Bu değişiklik isteğinin kapatılması aşağıdaki konular nedeniyle engelleniyor
+issues.dependency.issue_closing_blockedby=Bu konunun kapatılması aşağıdaki konular tarafından engelleniyor
 issues.dependency.issue_close_blocks=Bu konu aşağıdaki konuların kapatılmasını engelliyor
 issues.dependency.pr_close_blocks=Bu değişiklik isteği aşağıdaki sorunların kapatılmasını engelliyor
 issues.dependency.issue_close_blocked=Kapatmadan önce bu konuyu engelleyen tüm konuları kapatmanız gerekir.

options/locale/locale_uk-UA.ini

@@ -1306,8 +1306,8 @@ issues.dependency.remove=Видалити
 issues.dependency.remove_info=Видалити цю залежність
 issues.dependency.added_dependency=`додав нову залежність %s`
 issues.dependency.removed_dependency=`видалив залежність %s`
-issues.dependency.issue_closing_blockedby=Закриття цього запиту на злиття заблокує наступні проблеми
-issues.dependency.pr_closing_blockedby=Закриття цієї проблеми заблокує наступні проблеми
+issues.dependency.pr_closing_blockedby=Закриття цього запиту на злиття заблокує наступні проблеми
+issues.dependency.issue_closing_blockedby=Закриття цієї проблеми заблокує наступні проблеми
 issues.dependency.issue_close_blocks=Ця проблема блокує закриття залежних проблем
 issues.dependency.pr_close_blocks=Цей пулл-реквест блокує закриття залежних проблем
 issues.dependency.issue_close_blocked=Вам потрібно закрити всі проблеми, що блокують цю проблему, перед її закриттям.

options/locale/locale_zh-CN.ini

@@ -1322,8 +1322,8 @@ issues.dependency.remove=删除
 issues.dependency.remove_info=删除此依赖项
 issues.dependency.added_dependency=`添加了一个新的依赖项 %s`
 issues.dependency.removed_dependency=`移除了一个依赖项 %s`
-issues.dependency.issue_closing_blockedby=以下工单阻止了关闭此合并请求
-issues.dependency.pr_closing_blockedby=以下工单阻止了关闭此工单
+issues.dependency.pr_closing_blockedby=以下工单阻止了关闭此合并请求
+issues.dependency.issue_closing_blockedby=以下工单阻止了关闭此工单
 issues.dependency.issue_close_blocks=此工单阻止了以下工单的关闭
 issues.dependency.pr_close_blocks=此合并请求阻止以下工单的关闭
 issues.dependency.issue_close_blocked=您需要关闭所有阻止此工单的工单, 然后才能关闭它。

options/locale/locale_zh-TW.ini

@@ -1311,8 +1311,8 @@ issues.dependency.remove=移除
 issues.dependency.remove_info=移除此先決條件
 issues.dependency.added_dependency=`加入了新的先決條件 %s`
 issues.dependency.removed_dependency=`移除了先決條件 %s`
-issues.dependency.issue_closing_blockedby=此合併請求被下列問題阻擋而無法關閉
-issues.dependency.pr_closing_blockedby=此問題被下列問題阻擋而無法關閉
+issues.dependency.pr_closing_blockedby=此合併請求被下列問題阻擋而無法關閉
+issues.dependency.issue_closing_blockedby=此問題被下列問題阻擋而無法關閉
 issues.dependency.issue_close_blocks=因為此問題的阻擋，下列問題無法被關閉
 issues.dependency.pr_close_blocks=因為此合併請求的阻擋，下列問題無法被關閉
 issues.dependency.issue_close_blocked=在您關閉此問題以前，您必須先關閉所有阻擋它的問題。

routers/private/hook.go

@@ -392,11 +392,6 @@ func HookPreReceive(ctx *gitea_context.PrivateContext) {
 				})
 				return
 			}
-		} else {
-			log.Error("Unexpected ref: %s", refFullName)
-			ctx.JSON(http.StatusInternalServerError, private.Response{
-				Err: fmt.Sprintf("Unexpected ref: %s", refFullName),
-			})
 		}
 	}
 

routers/web/repo/issue.go

@@ -1728,10 +1728,12 @@ func UpdateIssueContent(ctx *context.Context) {
 		return
 	}
 
-	files := ctx.QueryStrings("files[]")
-	if err := updateAttachments(issue, files); err != nil {
-		ctx.ServerError("UpdateAttachments", err)
-		return
+	// when update the request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates
+	if !ctx.QueryBool("ignore_attachments") {
+		if err := updateAttachments(issue, ctx.QueryStrings("files[]")); err != nil {
+			ctx.ServerError("UpdateAttachments", err)
+			return
+		}
 	}
 
 	content, err := markdown.RenderString(&markup.RenderContext{
@@ -2128,13 +2130,6 @@ func UpdateCommentContent(ctx *context.Context) {
 		return
 	}
 
-	if comment.Type == models.CommentTypeComment {
-		if err := comment.LoadAttachments(); err != nil {
-			ctx.ServerError("LoadAttachments", err)
-			return
-		}
-	}
-
 	if !ctx.IsSigned || (ctx.User.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) {
 		ctx.Error(http.StatusForbidden)
 		return
@@ -2156,10 +2151,19 @@ func UpdateCommentContent(ctx *context.Context) {
 		return
 	}
 
-	files := ctx.QueryStrings("files[]")
-	if err := updateAttachments(comment, files); err != nil {
-		ctx.ServerError("UpdateAttachments", err)
-		return
+	if comment.Type == models.CommentTypeComment {
+		if err := comment.LoadAttachments(); err != nil {
+			ctx.ServerError("LoadAttachments", err)
+			return
+		}
+	}
+
+	// when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates
+	if !ctx.QueryBool("ignore_attachments") {
+		if err := updateAttachments(comment, ctx.QueryStrings("files[]")); err != nil {
+			ctx.ServerError("UpdateAttachments", err)
+			return
+		}
 	}
 
 	content, err := markdown.RenderString(&markup.RenderContext{

routers/web/user/oauth.go

@@ -187,7 +187,7 @@ func newAccessTokenResponse(grant *models.OAuth2Grant, signingKey oauth2.JWTSign
 				ErrorDescription: "cannot find application",
 			}
 		}
-		err = app.LoadUser()
+		user, err := models.GetUserByID(grant.UserID)
 		if err != nil {
 			if models.IsErrUserNotExist(err) {
 				return nil, &AccessTokenError{
@@ -212,17 +212,17 @@ func newAccessTokenResponse(grant *models.OAuth2Grant, signingKey oauth2.JWTSign
 			Nonce: grant.Nonce,
 		}
 		if grant.ScopeContains("profile") {
-			idToken.Name = app.User.FullName
-			idToken.PreferredUsername = app.User.Name
-			idToken.Profile = app.User.HTMLURL()
-			idToken.Picture = app.User.AvatarLink()
-			idToken.Website = app.User.Website
-			idToken.Locale = app.User.Language
-			idToken.UpdatedAt = app.User.UpdatedUnix
+			idToken.Name = user.FullName
+			idToken.PreferredUsername = user.Name
+			idToken.Profile = user.HTMLURL()
+			idToken.Picture = user.AvatarLink()
+			idToken.Website = user.Website
+			idToken.Locale = user.Language
+			idToken.UpdatedAt = user.UpdatedUnix
 		}
 		if grant.ScopeContains("email") {
-			idToken.Email = app.User.Email
-			idToken.EmailVerified = app.User.IsActive
+			idToken.Email = user.Email
+			idToken.EmailVerified = user.IsActive
 		}
 
 		signedIDToken, err = idToken.SignToken(signingKey)

routers/web/user/oauth_test.go

@@ -0,0 +1,75 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package user
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/auth/oauth2"
+
+	"github.com/golang-jwt/jwt"
+	"github.com/stretchr/testify/assert"
+)
+
+func createAndParseToken(t *testing.T, grant *models.OAuth2Grant) *models.OIDCToken {
+	signingKey, err := oauth2.CreateJWTSingingKey("HS256", make([]byte, 32))
+	assert.NoError(t, err)
+	assert.NotNil(t, signingKey)
+	oauth2.DefaultSigningKey = signingKey
+
+	response, terr := newAccessTokenResponse(grant, signingKey)
+	assert.Nil(t, terr)
+	assert.NotNil(t, response)
+
+	parsedToken, err := jwt.ParseWithClaims(response.IDToken, &models.OIDCToken{}, func(token *jwt.Token) (interface{}, error) {
+		assert.NotNil(t, token.Method)
+		assert.Equal(t, signingKey.SigningMethod().Alg(), token.Method.Alg())
+		return signingKey.VerifyKey(), nil
+	})
+	assert.NoError(t, err)
+	assert.True(t, parsedToken.Valid)
+
+	oidcToken, ok := parsedToken.Claims.(*models.OIDCToken)
+	assert.True(t, ok)
+	assert.NotNil(t, oidcToken)
+
+	return oidcToken
+}
+
+func TestNewAccessTokenResponse_OIDCToken(t *testing.T) {
+	assert.NoError(t, models.PrepareTestDatabase())
+
+	grants, err := models.GetOAuth2GrantsByUserID(3)
+	assert.NoError(t, err)
+	assert.Len(t, grants, 1)
+
+	// Scopes: openid
+	oidcToken := createAndParseToken(t, grants[0])
+	assert.Empty(t, oidcToken.Name)
+	assert.Empty(t, oidcToken.PreferredUsername)
+	assert.Empty(t, oidcToken.Profile)
+	assert.Empty(t, oidcToken.Picture)
+	assert.Empty(t, oidcToken.Website)
+	assert.Empty(t, oidcToken.UpdatedAt)
+	assert.Empty(t, oidcToken.Email)
+	assert.False(t, oidcToken.EmailVerified)
+
+	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 5}).(*models.User)
+	grants, err = models.GetOAuth2GrantsByUserID(user.ID)
+	assert.NoError(t, err)
+	assert.Len(t, grants, 1)
+
+	// Scopes: openid profile email
+	oidcToken = createAndParseToken(t, grants[0])
+	assert.Equal(t, user.FullName, oidcToken.Name)
+	assert.Equal(t, user.Name, oidcToken.PreferredUsername)
+	assert.Equal(t, user.HTMLURL(), oidcToken.Profile)
+	assert.Equal(t, user.AvatarLink(), oidcToken.Picture)
+	assert.Equal(t, user.Website, oidcToken.Website)
+	assert.Equal(t, user.UpdatedUnix, oidcToken.UpdatedAt)
+	assert.Equal(t, user.Email, oidcToken.Email)
+	assert.Equal(t, user.IsActive, oidcToken.EmailVerified)
+}

tools/fuzz.go

@@ -12,6 +12,7 @@ import (
 
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/markup/markdown"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 // Contains fuzzing functions executed by
@@ -32,6 +33,7 @@ var (
 )
 
 func FuzzMarkdownRenderRaw(data []byte) int {
+	setting.AppURL = "http://localhost:3000/"
 	err := markdown.RenderRaw(&renderContext, bytes.NewReader(data), io.Discard)
 	if err != nil {
 		return 0
@@ -40,6 +42,7 @@ func FuzzMarkdownRenderRaw(data []byte) int {
 }
 
 func FuzzMarkupPostProcess(data []byte) int {
+	setting.AppURL = "http://localhost:3000/"
 	err := markup.PostProcess(&renderContext, bytes.NewReader(data), io.Discard)
 	if err != nil {
 		return 0

vendor/gitea.com/lunny/levelqueue/queue.go

@@ -21,8 +21,8 @@ const (
 // Queue defines a queue struct
 type Queue struct {
 	db                *leveldb.DB
-	highLock          sync.Mutex
-	lowLock           sync.Mutex
+	lowLock           sync.Mutex // If you are locking both high and low locks, lock the low lock before the high lock
+	highLock          sync.Mutex // If you are locking both high and low locks, lock the low lock before the high lock
 	low               int64
 	high              int64
 	lowKey            []byte
@@ -295,10 +295,10 @@ func (queue *Queue) LHandle(h func([]byte) error) error {
 
 // Close closes the queue (and the underlying db is set to closeUnderlyingDB)
 func (queue *Queue) Close() error {
-	queue.highLock.Lock()
 	queue.lowLock.Lock()
-	defer queue.highLock.Unlock()
+	queue.highLock.Lock()
 	defer queue.lowLock.Unlock()
+	defer queue.highLock.Unlock()
 
 	if !queue.closeUnderlyingDB {
 		queue.db = nil

vendor/modules.txt

@@ -25,7 +25,7 @@ gitea.com/go-chi/session/couchbase
 gitea.com/go-chi/session/memcache
 gitea.com/go-chi/session/mysql
 gitea.com/go-chi/session/postgres
-# gitea.com/lunny/levelqueue v0.4.0
+# gitea.com/lunny/levelqueue v0.4.1
 ## explicit
 gitea.com/lunny/levelqueue
 # github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c

web_src/js/index.js

@@ -1984,7 +1984,9 @@ function initAdmin() {
           $('#password').attr('required', 'required');
         }
       } else {
-        $('#user_name').attr('disabled', 'disabled');
+        if ($('.admin.edit.user').length > 0) {
+          $('#user_name').attr('disabled', 'disabled');
+        }
         $('#login_name').attr('required', 'required');
         $('.non-local').show();
         $('.local').hide();

web_src/js/markup/tasklist.js

@@ -46,9 +46,10 @@ export function initMarkupTasklist() {
           const {updateUrl, context} = editContentZone.dataset;
 
           await $.post(updateUrl, {
+            ignore_attachments: true,
             _csrf: window.config.csrf,
             content: newContent,
-            context,
+            context
           });
 
           rawContent.textContent = newContent;

web_src/less/_base.less

@@ -175,7 +175,6 @@ details summary > * {
 }
 
 * {
-  scrollbar-width: thin;
   scrollbar-color: var(--color-primary) transparent;
   caret-color: var(--color-caret);
 }