target go1.12

* Changelog for 1.9.3

* Fix ref to 8071

* Correct punctuation

Co-Authored-By: techknowlogick <matti@mdranta.net>

.drone.yml

@@ -362,7 +362,7 @@ steps:
 
   - name: static
     pull: always
-    image: techknowlogick/xgo:latest
+    image: techknowlogick/xgo:go-1.12.x
     commands:
       - export PATH=$PATH:$GOPATH/bin
       - make generate
@@ -463,7 +463,7 @@ steps:
 
   - name: static
     pull: always
-    image: techknowlogick/xgo:latest
+    image: techknowlogick/xgo:go-1.12.x
     commands:
       - export PATH=$PATH:$GOPATH/bin
       - make generate
@@ -558,7 +558,7 @@ steps:
 
 ---
 kind: pipeline
-name: docker
+name: docker-linux-amd64
 
 platform:
   os: linux
@@ -594,6 +594,7 @@ steps:
     settings:
       dry_run: true
       repo: gitea/gitea
+      tags: linux-amd64
     when:
       event:
         - pull_request
@@ -603,6 +604,7 @@ steps:
     image: plugins/docker:linux-amd64
     settings:
       auto_tag: true
+      auto_tag_suffix: linux-amd64
       repo: gitea/gitea
       password:
         from_secret: docker_password
@@ -613,6 +615,97 @@ steps:
         exclude:
         - pull_request
 
+
+
+---
+kind: pipeline
+name: docker-linux-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+depends_on:
+  - testing
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  - "refs/pull/**"
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+    when:
+      event:
+        exclude:
+          - pull_request
+
+  - name: dryrun
+    pull: always
+    image: plugins/docker:linux-arm64
+    settings:
+      dry_run: true
+      repo: gitea/gitea
+      tags: linux-arm64
+    when:
+      event:
+        - pull_request
+
+  - name: publish
+    pull: always
+    image: plugins/docker:linux-arm64
+    settings:
+      auto_tag: true
+      auto_tag_suffix: linux-arm64
+      repo: gitea/gitea
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+    when:
+      event:
+        exclude:
+        - pull_request
+
+---
+kind: pipeline
+name: docker-manifest
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+  - name: manifest
+    pull: always
+    image: plugins/manifest
+    settings:
+      auto_tag: true
+      ignore_missing: true
+      spec: docker/manifest.tmpl
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+
+depends_on:
+  - docker-linux-amd64
+  - docker-linux-arm64
+
 ---
 kind: pipeline
 name: notify
@@ -635,7 +728,9 @@ depends_on:
   - translations
   - release-version
   - release-master
-  - docker
+  - docker-linux-amd64
+  - docker-linux-arm64
+  - docker-manifest
   - docs
 
 steps:

CHANGELOG.md

@@ -4,6 +4,35 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 
+## [1.9.3](https://github.com/go-gitea/gitea/releases/tag/v1.9.3) - 2019-09-06
+* BUGFIXES
+  * Fix go get from a private repository with Go 1.13 (#8100)
+  * Strict name matching for Repository.GetTagID() (#8082)
+  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
+  * Add change title notification for issues (#8064)
+  * Run CORS handler first for /api routes (#7967) (#8053)
+  * Evaluate emojis in commit messages in list view (#8044)
+  * Fix failed to synchronize tags to releases for repository (#7990) (#7994)
+  * Fix adding default Telegram webhook (#7972) (#7992)
+  * Abort synchronization from LDAP source if there is some error (#7965)
+  * Fix deformed emoji in commit message (#8071)
+* ENHANCEMENT
+  * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)
+
+## [1.9.2](https://github.com/go-gitea/gitea/releases/tag/v1.9.2) - 2019-08-22
+* BUGFIXES
+  * Fix wrong sender when send slack webhook (#7918) (#7924)
+  * Upload support text/plain; charset=utf8 (#7899)
+  * Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
+  * Fix non existent milestone with 500 error (#7867) (#7873)
+* SECURITY
+  * Fix No PGP signature on 1.9.1 tag (#7874)
+  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
+* ENHANCEMENT
+  * Fix pull creation with empty changes (#7920) (#7926)
+* BUILD
+  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)
+
 ## [1.9.1](https://github.com/go-gitea/gitea/releases/tag/v1.9.1) - 2019-08-14
 * BREAKING
   * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)

docker/manifest.tmpl

@@ -0,0 +1,19 @@
+image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+{{/if}}
+manifests:
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8

integrations/api_repo_lfs_locks_test.go

@@ -104,8 +104,11 @@ func TestAPILFSLocksLogged(t *testing.T) {
 		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks", test.repo.FullName()), map[string]string{"path": test.path})
 		req.Header.Set("Accept", "application/vnd.git-lfs+json")
 		req.Header.Set("Content-Type", "application/vnd.git-lfs+json")
-		session.MakeRequest(t, req, test.httpResult)
+		resp := session.MakeRequest(t, req, test.httpResult)
 		if len(test.addTime) > 0 {
+			var lfsLock api.LFSLockResponse
+			DecodeJSON(t, resp, &lfsLock)
+			assert.EqualValues(t, lfsLock.Lock.LockedAt.Format(time.RFC3339), lfsLock.Lock.LockedAt.Format(time.RFC3339Nano)) //locked at should be rounded to second
 			for _, id := range test.addTime {
 				resultsTests[id].locksTimes = append(resultsTests[id].locksTimes, time.Now())
 			}
@@ -124,6 +127,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 		for i, lock := range lfsLocks.Locks {
 			assert.EqualValues(t, test.locksOwners[i].DisplayName(), lock.Owner.Name)
 			assert.WithinDuration(t, test.locksTimes[i], lock.LockedAt, 3*time.Second)
+			assert.EqualValues(t, lock.LockedAt.Format(time.RFC3339), lock.LockedAt.Format(time.RFC3339Nano)) //locked at should be rounded to second
 		}
 
 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks/verify", test.repo.FullName()), map[string]string{})

integrations/pull_status_test.go

@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"net/url"
 	"path"
+	"strings"
 	"testing"
 
 	"code.gitea.io/gitea/models"
@@ -93,3 +94,28 @@ func TestPullCreate_CommitStatus(t *testing.T) {
 		}
 	})
 }
+
+func TestPullCreate_EmptyChangesWithCommits(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		session := loginUser(t, "user1")
+		testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
+		testEditFileToNewBranch(t, session, "user1", "repo1", "master", "status1", "README.md", "status1")
+		testEditFileToNewBranch(t, session, "user1", "repo1", "status1", "status1", "README.md", "# repo1\n\nDescription for repo1")
+
+		url := path.Join("user1", "repo1", "compare", "master...status1")
+		req := NewRequestWithValues(t, "POST", url,
+			map[string]string{
+				"_csrf": GetCSRF(t, session, url),
+				"title": "pull request from status1",
+			},
+		)
+		session.MakeRequest(t, req, http.StatusFound)
+
+		req = NewRequest(t, "GET", "/user1/repo1/pulls/1")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		doc := NewHTMLParser(t, resp.Body)
+
+		text := strings.TrimSpace(doc.doc.Find(".item.text.green").Text())
+		assert.EqualValues(t, "This pull request can be merged automatically.", text)
+	})
+}

models/lfs_lock.go

@@ -56,7 +56,7 @@ func (l *LFSLock) APIFormat() *api.LFSLock {
 	return &api.LFSLock{
 		ID:       strconv.FormatInt(l.ID, 10),
 		Path:     l.Path,
-		LockedAt: l.Created,
+		LockedAt: l.Created.Round(time.Second),
 		Owner: &api.LFSLockOwner{
 			Name: l.Owner.DisplayName(),
 		},

models/pull.go

@@ -598,7 +598,7 @@ func (pr *PullRequest) testPatch(e Engine) (err error) {
 	if err != nil {
 		for i := range patchConflicts {
 			if strings.Contains(stderr, patchConflicts[i]) {
-				log.Trace("PullRequest[%d].testPatch (apply): has conflict", pr.ID)
+				log.Trace("PullRequest[%d].testPatch (apply): has conflict: %s", pr.ID, stderr)
 				const prefix = "error: patch failed:"
 				pr.Status = PullRequestStatusConflict
 				pr.ConflictedFiles = make([]string, 0, 5)
@@ -661,13 +661,16 @@ func NewPullRequest(repo *Repository, pull *Issue, labelIDs []int64, uuids []str
 	}
 
 	pr.Index = pull.Index
-	if err = repo.savePatch(sess, pr.Index, patch); err != nil {
-		return fmt.Errorf("SavePatch: %v", err)
-	}
-
 	pr.BaseRepo = repo
-	if err = pr.testPatch(sess); err != nil {
-		return fmt.Errorf("testPatch: %v", err)
+	pr.Status = PullRequestStatusChecking
+	if len(patch) > 0 {
+		if err = repo.savePatch(sess, pr.Index, patch); err != nil {
+			return fmt.Errorf("SavePatch: %v", err)
+		}
+
+		if err = pr.testPatch(sess); err != nil {
+			return fmt.Errorf("testPatch: %v", err)
+		}
 	}
 	// No conflict appears after test means mergeable.
 	if pr.Status == PullRequestStatusChecking {

models/release.go

@@ -409,7 +409,7 @@ func UpdateRelease(doer *User, gitRepo *git.Repository, rel *Release, attachment
 		Action:     api.HookReleaseUpdated,
 		Release:    rel.APIFormat(),
 		Repository: rel.Repo.APIFormat(mode),
-		Sender:     rel.Publisher.APIFormat(),
+		Sender:     doer.APIFormat(),
 	}); err1 != nil {
 		log.Error("PrepareWebhooks: %v", err)
 	} else {
@@ -420,7 +420,7 @@ func UpdateRelease(doer *User, gitRepo *git.Repository, rel *Release, attachment
 }
 
 // DeleteReleaseByID deletes a release and corresponding Git tag by given ID.
-func DeleteReleaseByID(id int64, u *User, delTag bool) error {
+func DeleteReleaseByID(id int64, doer *User, delTag bool) error {
 	rel, err := GetReleaseByID(id)
 	if err != nil {
 		return fmt.Errorf("GetReleaseByID: %v", err)
@@ -459,12 +459,12 @@ func DeleteReleaseByID(id int64, u *User, delTag bool) error {
 		return fmt.Errorf("LoadAttributes: %v", err)
 	}
 
-	mode, _ := AccessLevel(u, rel.Repo)
+	mode, _ := AccessLevel(doer, rel.Repo)
 	if err := PrepareWebhooks(rel.Repo, HookEventRelease, &api.ReleasePayload{
 		Action:     api.HookReleaseDeleted,
 		Release:    rel.APIFormat(),
 		Repository: rel.Repo.APIFormat(mode),
-		Sender:     rel.Publisher.APIFormat(),
+		Sender:     doer.APIFormat(),
 	}); err != nil {
 		log.Error("PrepareWebhooks: %v", err)
 	} else {

models/user.go

@@ -1645,7 +1645,12 @@ func SyncExternalUsers() {
 				return
 			}
 
-			sr := s.LDAP().SearchEntries()
+			sr, err := s.LDAP().SearchEntries()
+			if err != nil {
+				log.Error("SyncExternalUsers LDAP source failure [%s], skipped", s.Name)
+				continue
+			}
+
 			for _, su := range sr {
 				if len(su.Username) == 0 {
 					continue

modules/auth/ldap/ldap.go

@@ -308,12 +308,12 @@ func (ls *Source) UsePagedSearch() bool {
 }
 
 // SearchEntries : search an LDAP source for all users matching userFilter
-func (ls *Source) SearchEntries() []*SearchResult {
+func (ls *Source) SearchEntries() ([]*SearchResult, error) {
 	l, err := dial(ls)
 	if err != nil {
 		log.Error("LDAP Connect error, %s:%v", ls.Host, err)
 		ls.Enabled = false
-		return nil
+		return nil, err
 	}
 	defer l.Close()
 
@@ -321,7 +321,7 @@ func (ls *Source) SearchEntries() []*SearchResult {
 		err := l.Bind(ls.BindDN, ls.BindPassword)
 		if err != nil {
 			log.Debug("Failed to bind as BindDN[%s]: %v", ls.BindDN, err)
-			return nil
+			return nil, err
 		}
 		log.Trace("Bound as BindDN %s", ls.BindDN)
 	} else {
@@ -350,7 +350,7 @@ func (ls *Source) SearchEntries() []*SearchResult {
 	}
 	if err != nil {
 		log.Error("LDAP Search failed unexpectedly! (%v)", err)
-		return nil
+		return nil, err
 	}
 
 	result := make([]*SearchResult, len(sr.Entries))
@@ -368,5 +368,5 @@ func (ls *Source) SearchEntries() []*SearchResult {
 		}
 	}
 
-	return result
+	return result, nil
 }

modules/context/context.go

@@ -249,6 +249,19 @@ func Contexter() macaron.Handler {
 		if ctx.Query("go-get") == "1" {
 			ownerName := c.Params(":username")
 			repoName := c.Params(":reponame")
+			trimmedRepoName := strings.TrimSuffix(repoName, ".git")
+
+			if ownerName == "" || trimmedRepoName == "" {
+				_, _ = c.Write([]byte(`<!doctype html>
+<html>
+	<body>
+		invalid import path
+	</body>
+</html>
+`))
+				c.WriteHeader(400)
+				return
+			}
 			branchName := "master"
 
 			repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
@@ -276,7 +289,7 @@ func Contexter() macaron.Handler {
 	</body>
 </html>
 `, map[string]string{
-				"GoGetImport":    ComposeGoGetImport(ownerName, strings.TrimSuffix(repoName, ".git")),
+				"GoGetImport":    ComposeGoGetImport(ownerName, trimmedRepoName),
 				"CloneLink":      models.ComposeHTTPSCloneURL(ownerName, repoName),
 				"GoDocDirectory": prefix + "{/dir}",
 				"GoDocFile":      prefix + "{/dir}/{file}#L{line}",

modules/context/repo.go

@@ -201,10 +201,14 @@ func ComposeGoGetImport(owner, repo string) string {
 // .netrc file.
 func EarlyResponseForGoGetMeta(ctx *Context) {
 	username := ctx.Params(":username")
-	reponame := ctx.Params(":reponame")
+	reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")
+	if username == "" || reponame == "" {
+		ctx.PlainText(400, []byte("invalid repository path"))
+		return
+	}
 	ctx.PlainText(200, []byte(com.Expand(`<meta name="go-import" content="{GoGetImport} git {CloneLink}">`,
 		map[string]string{
-			"GoGetImport": ComposeGoGetImport(username, strings.TrimSuffix(reponame, ".git")),
+			"GoGetImport": ComposeGoGetImport(username, reponame),
 			"CloneLink":   models.ComposeHTTPSCloneURL(username, reponame),
 		})))
 }

modules/git/repo_tag.go

@@ -153,15 +153,18 @@ func (repo *Repository) GetTagNameBySHA(sha string) (string, error) {
 
 // GetTagID returns the object ID for a tag (annotated tags have both an object SHA AND a commit SHA)
 func (repo *Repository) GetTagID(name string) (string, error) {
-	stdout, err := NewCommand("show-ref", "--", name).RunInDir(repo.Path)
+	stdout, err := NewCommand("show-ref", "--tags", "--", name).RunInDir(repo.Path)
 	if err != nil {
 		return "", err
 	}
-	fields := strings.Fields(stdout)
-	if len(fields) != 2 {
-		return "", ErrNotExist{ID: name}
+	// Make sure exact match is used: "v1" != "release/v1"
+	for _, line := range strings.Split(stdout, "\n") {
+		fields := strings.Fields(line)
+		if len(fields) == 2 && fields[1] == "refs/tags/"+name {
+			return fields[0], nil
+		}
 	}
-	return fields[0], nil
+	return "", ErrNotExist{ID: name}
 }
 
 // GetTag returns a Git tag by given name.

modules/git/repo_tag_test.go

@@ -62,6 +62,16 @@ func TestRepository_GetTag(t *testing.T) {
 	assert.NotEqual(t, aTagID, aTag.Object.String())
 	assert.EqualValues(t, aTagCommitID, aTag.Object.String())
 	assert.EqualValues(t, "tag", aTag.Type)
+
+	rTagCommitID := "8006ff9adbf0cb94da7dad9e537e53817f9fa5c0"
+	rTagName := "release/" + lTagName
+	bareRepo1.CreateTag(rTagName, rTagCommitID)
+	rTagID, err := bareRepo1.GetTagID(rTagName)
+	assert.NoError(t, err)
+	assert.EqualValues(t, rTagCommitID, rTagID)
+	oTagID, err := bareRepo1.GetTagID(lTagName)
+	assert.NoError(t, err)
+	assert.EqualValues(t, lTagCommitID, oTagID)
 }
 
 func TestRepository_GetAnnotatedTag(t *testing.T) {

modules/pull/merge.go

@@ -299,8 +299,7 @@ func getDiffTree(repoPath, baseBranch, headBranch string) (string, error) {
 	getDiffTreeFromBranch := func(repoPath, baseBranch, headBranch string) (string, error) {
 		var outbuf, errbuf strings.Builder
 		// Compute the diff-tree for sparse-checkout
-		// The branch argument must be enclosed with double-quotes ("") in case it contains slashes (e.g "feature/test")
-		if err := git.NewCommand("diff-tree", "--no-commit-id", "--name-only", "-r", "--root", baseBranch, headBranch).RunInDirPipeline(repoPath, &outbuf, &errbuf); err != nil {
+		if err := git.NewCommand("diff-tree", "--no-commit-id", "--name-only", "-r", "--root", baseBranch, headBranch, "--").RunInDirPipeline(repoPath, &outbuf, &errbuf); err != nil {
 			return "", fmt.Errorf("git diff-tree [%s base:%s head:%s]: %s", repoPath, baseBranch, headBranch, errbuf.String())
 		}
 		return outbuf.String(), nil

public/css/index.css

@@ -668,6 +668,7 @@ footer .ui.left,footer .ui.right{line-height:40px}
 .repository .diff-file-box .code-diff-split tbody tr td:nth-child(4){border-left-width:1px;border-left-style:solid}
 .repository .diff-file-box.file-content{clear:right}
 .repository .diff-file-box.file-content img{max-width:100%;padding:5px 5px 0 5px}
+.repository .diff-file-box.file-content img.emoji{padding:0}
 .repository .code-view{overflow:auto;overflow-x:auto;overflow-y:hidden}
 .repository .repo-search-result{padding-top:10px;padding-bottom:10px}
 .repository .repo-search-result .lines-num a{color:inherit}

public/less/_repository.less

@@ -1544,6 +1544,9 @@
                 max-width: 100%;
                 padding: 5px 5px 0 5px;
             }
+            img.emoji {
+                padding: 0;
+            }
 
             clear: right;
         }

routers/api/v1/api.go

@@ -74,7 +74,6 @@ import (
 	"code.gitea.io/gitea/routers/api/v1/user"
 
 	"github.com/go-macaron/binding"
-	"github.com/go-macaron/cors"
 	macaron "gopkg.in/macaron.v1"
 )
 
@@ -501,12 +500,6 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Get("/swagger", misc.Swagger) //Render V1 by default
 	}
 
-	var handlers []macaron.Handler
-	if setting.EnableCORS {
-		handlers = append(handlers, cors.CORS(setting.CORSConfig))
-	}
-	handlers = append(handlers, securityHeaders(), context.APIContexter(), sudo())
-
 	m.Group("/v1", func() {
 		// Miscellaneous
 		if setting.API.EnableSwagger {
@@ -852,7 +845,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Group("/topics", func() {
 			m.Get("/search", repo.TopicSearch)
 		})
-	}, handlers...)
+	}, securityHeaders(), context.APIContexter(), sudo())
 }
 
 func securityHeaders() macaron.Handler {

routers/api/v1/repo/release_attachment.go

@@ -183,7 +183,8 @@ func CreateReleaseAttachment(ctx *context.APIContext) {
 	allowed := false
 	for _, t := range allowedTypes {
 		t := strings.Trim(t, " ")
-		if t == "*/*" || t == fileType {
+		if t == "*/*" || t == fileType ||
+			strings.HasPrefix(fileType, t+";") {
 			allowed = true
 			break
 		}

routers/repo/attachment.go

@@ -48,7 +48,8 @@ func UploadAttachment(ctx *context.Context) {
 	allowed := false
 	for _, t := range allowedTypes {
 		t := strings.Trim(t, " ")
-		if t == "*/*" || t == fileType {
+		if t == "*/*" || t == fileType ||
+			strings.HasPrefix(fileType, t+";") {
 			allowed = true
 			break
 		}

routers/repo/editor.go

@@ -628,7 +628,8 @@ func UploadFileToServer(ctx *context.Context) {
 		allowed := false
 		for _, t := range setting.Repository.Upload.AllowedTypes {
 			t := strings.Trim(t, " ")
-			if t == "*/*" || t == fileType {
+			if t == "*/*" || t == fileType ||
+				strings.HasPrefix(fileType, t+";") {
 				allowed = true
 				break
 			}

routers/repo/issue.go

@@ -1047,11 +1047,14 @@ func UpdateIssueTitle(ctx *context.Context) {
 		return
 	}
 
+	oldTitle := issue.Title
 	if err := issue.ChangeTitle(ctx.User, title); err != nil {
 		ctx.ServerError("ChangeTitle", err)
 		return
 	}
 
+	notification.NotifyIssueChangeTitle(ctx.User, issue, oldTitle)
+
 	ctx.JSON(200, map[string]interface{}{
 		"title": issue.Title,
 	})

routers/repo/milestone.go

@@ -253,6 +253,11 @@ func MilestoneIssuesAndPulls(ctx *context.Context) {
 	milestoneID := ctx.ParamsInt64(":id")
 	milestone, err := models.GetMilestoneByID(milestoneID)
 	if err != nil {
+		if models.IsErrMilestoneNotExist(err) {
+			ctx.NotFound("GetMilestoneByID", err)
+			return
+		}
+
 		ctx.ServerError("GetMilestoneByID", err)
 		return
 	}

routers/routes/routes.go

@@ -38,6 +38,7 @@ import (
 	"github.com/go-macaron/binding"
 	"github.com/go-macaron/cache"
 	"github.com/go-macaron/captcha"
+	"github.com/go-macaron/cors"
 	"github.com/go-macaron/csrf"
 	"github.com/go-macaron/i18n"
 	"github.com/go-macaron/session"
@@ -440,6 +441,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
 			m.Post("/discord/new", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksNewPost)
 			m.Post("/dingtalk/new", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksNewPost)
+			m.Post("/telegram/new", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksNewPost)
 			m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost)
 			m.Get("/:id", repo.WebHooksEdit)
 			m.Post("/gitea/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
@@ -447,6 +449,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
 			m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost)
 			m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost)
+			m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost)
 			m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost)
 		})
 
@@ -945,9 +948,14 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Get("/swagger.v1.json", templates.JSONRenderer(), routers.SwaggerV1Json)
 	}
 
+	var handlers []macaron.Handler
+	if setting.EnableCORS {
+		handlers = append(handlers, cors.CORS(setting.CORSConfig))
+	}
+	handlers = append(handlers, ignSignIn)
 	m.Group("/api", func() {
 		apiv1.RegisterRoutes(m)
-	}, ignSignIn)
+	}, handlers...)
 
 	m.Group("/api/internal", func() {
 		// package name internal is ideal but Golang is not allowed, so we use private as package name.

templates/admin/hook_new.tmpl

@@ -20,6 +20,8 @@
 					<img class="img-13" src="{{AppSubUrl}}/img/discord.png">
 				{{else if eq .HookType "dingtalk"}}
 					<img class="img-13" src="{{AppSubUrl}}/img/dingtalk.ico">
+				{{else if eq .HookType "telegram"}}
+					<img class="img-13" src="{{AppSubUrl}}/img/telegram.png">
 				{{else if eq .HookType "msteams"}}
 					<img class="img-13" src="{{AppSubUrl}}/img/msteams.png">
 				{{end}}
@@ -31,6 +33,7 @@
 			{{template "repo/settings/webhook/slack" .}}
 			{{template "repo/settings/webhook/discord" .}}
 			{{template "repo/settings/webhook/dingtalk" .}}
+			{{template "repo/settings/webhook/telegram" .}}
 			{{template "repo/settings/webhook/msteams" .}}
 		</div>
 

templates/repo/blame.tmpl

@@ -9,12 +9,12 @@
 			<div class="eight wide right aligned column">
                 <div class="ui right file-actions">
                     <div class="ui buttons">
+                        <a class="ui button" href="{{EscapePound $.RawFileLink}}">{{.i18n.Tr "repo.file_raw"}}</a>
                         {{if not .IsViewCommit}}
                             <a class="ui button" href="{{.RepoLink}}/src/commit/{{.CommitID}}/{{EscapePound .TreePath}}">{{.i18n.Tr "repo.file_permalink"}}</a>
                         {{end}}
                         <a class="ui button" href="{{.RepoLink}}/src/{{EscapePound .BranchNameSubURL}}/{{EscapePound .TreePath}}">{{.i18n.Tr "repo.normal_view"}}</a>
                         <a class="ui button" href="{{.RepoLink}}/commits/{{EscapePound .BranchNameSubURL}}/{{EscapePound .TreePath}}">{{.i18n.Tr "repo.file_history"}}</a>
-                        <a class="ui button" href="{{EscapePound $.RawFileLink}}">{{.i18n.Tr "repo.file_raw"}}</a>
                     </div>
                     {{if .Repository.CanEnableEditor}}
                         {{if .CanEditFile}}

templates/repo/view_list.tmpl

@@ -81,8 +81,8 @@
 						</span>
 					</td>
 				{{end}}
-				<td class="message has-emoji">
-					<span class="truncate">
+				<td class="message">
+					<span class="truncate has-emoji">
 						<a href="{{$.RepoLink}}/commit/{{$commit.ID}}" title="{{$commit.Summary}}">{{$commit.Summary}}</a>
 					</span>
 				</td>