pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2019Q1]: pkgsrc/www/gitea Pullup ticket #5947 - requested by nia
details: https://anonhg.NetBSD.org/pkgsrc/rev/c5d4b6a391f6
branches: pkgsrc-2019Q1
changeset: 334019:c5d4b6a391f6
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Sun Apr 28 16:41:30 2019 +0000
description:
Pullup ticket #5947 - requested by nia
www/gitea: security fix
Revisions pulled up:
- www/gitea/Makefile 1.2
- www/gitea/PLIST 1.2
- www/gitea/distinfo 1.2
- www/gitea/options.mk 1.2
---
Module Name: pkgsrc
Committed By: nia
Date: Tue Apr 23 06:04:41 UTC 2019
Modified Files:
pkgsrc/www/gitea: Makefile PLIST distinfo options.mk
Log Message:
gitea: Update to 1.8.0
Changes from 1.7.5:
SECURITY
Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
Resolve 2FA bypass on API (#6676) (#6674)
Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
BREAKING
Add "ghost" and "notifications" to list of reserved user names. (#6208)
Change sqlite DB path default to data directory (#6198)
Adds MustChangePassword to user create/edit API (#6193)
Disable redirect for i18n (#5910)
Releases API paging (#5831)
Allow Macaron to be set to log through to gitea.log (#5667)
Don't close issues via commits on non-default branch (#5622)
FEATURE
Add regenerate secret feature for oauth2 (#6291)
Expose issue stopwatch toggling via API (#5970)
Add other session providers (#5963)
Pull request conflict files detection (#5951)
Integrate OAuth2 Provider (#5378)
Implement "conversation lock" for issue comments (#5073)
Feature: Archive repos (#5009)
Discord Oauth2 support (#4476)
Allow to set organization visibility (public, internal, private) (#1763)
Added URL mapping for Release attachments like on github.com (#1707)
ENHANCEMENT
Add support for client basic auth for exchanging access tokens (#6293)
Add ability to sort issues by due date (#6206) (#6244)
Style tweaks to issue selection (#6196)
Increase Username and Orgname MaxSize 35 -> 40 (#6178)
Coverage profile with multiple packages (#6167)
Split setting.go to multiple files (#6154)
Allow labels to contain emoji (#6063)
Disable git fsck for mirrored repos by default (#6018)
Add default time out for git operations (#6015)
Split setting.go as multiple files (#6014)
Make dashboard navbar and footer full-width (#6013)
Add lang specific font stacks for CJK (#6007)
Fix header menu misalignment (#6002)
Enhance closed PR and Issue status in the list (#6000)
Make navbar full width (#5998)
Add option to close issues via commit on a non master branch (#5992)
Support n as a line highlight prefix (#5987)
Search for org repos (#3031) (#5986)
Minor UI tweaks (#5980)
Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
Dashboard tweaks (#5974)
Fixes for repo topic editor (#5971)
Display the branch name in the commit view (#5950)
handle milestone events for issues and PR (#5947)
Add label names as filter in issue search api (#5946)
Repo header tweaks (#5945)
Better support for long repo names (#5932)
Fix wrapping long code lines (#5927)
Change GPG Validation colors and remove inline CSS (#5404) (#5896)
Fix "pulls.blocked_by_approvals" text (#5879)
Rename reject to 'request changes' (#5858)
Move input fields to add members to a team and repos to a team (#5853)
Config option to disable automatic repo watching (#5852)
New Issue ?body= query (#5851)
Add API to list tags (#5850)
Pagination for git tree API (#5838)
Add InternalTokenURI to load InternalToken from an external file (#5812)
Allow markdown files to read from the LFS (#5787)
Add the ability to use multiple labels as filters (#5786)
Adjust log settings when a user is not found. (#5771)
Log IP of failed ssh connection (#5766)
Moved defaults in defaults.go to setting.go (#5764)
Make DB connect more robust (#5738)
Add Default Pull Request Title (#5735)
Refactor repo.isBare to repo.isEmpty #5629 (#5714)
Add flag to skip repository dumping (#5695)
Prioritize "readme.md" (#5691)
Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
Allow for user specific themes (#5668)
Display branch name in delete branch confirmation modal. (#5654)
New API routes added (#5594)
Refactor notification for indexer (#5111)
Refactor mail notification (#5110)
Show email if the authenticated user owns the profile page being requested for (#4981)
Optimize pulls merging (#4921)
Sort Repositories widget by most recently updated (#3963) (#4599)
Allow markdown table to scroll (#4401)
Automatically clear stopwatch on merging a PR (#4327)
Add the Owner Name to differentiate when merging (#3807)
Add title attributes to all items in the repo list viewer (#6258) (#6650)
BUGFIXES
Fix dropdown icon padding (#6651) (#6654)
Fix wrong GPG expire date (#6643) (#6644)
Fix forking an empty repository (#6637) (#6653)
Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
Properly escape on the redirect from the web editor (#6657) (#6667)
Allow resend of confirmation email when logged in (#6482) (#6486)
Fix mail notification when close/reopen issue (#6581) (#6588)
Change API commit summary to full message (#6591) (#6592)
Add option to disable refresh token invalidation (#6584) (#6587)
Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
Fix new repo alignment (#6583) (#6585)
Prevent server 500 on compare branches with no common history (#6555) (#6558)
Properly escape release attachment URL (#6512) (#6523)
Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
Disable benchmarking during tag events on DroneIO (#6365) (#6366)
Make sure units of a team are returned (#6379) (#6381)
Don't Unescape redirect_to cookie value (#6399) (#6401)
Fix dump table name error and add some test for dump database (#6394) (#6402)
Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
Display correct error for invalid mirror interval (#6414) (#6429)
Clean up ref name rules (#6437) (#6439)
Fix Hook & HookList in Swagger (#6432) (#6440)
Change order that PostProcess Processors are run (#6445) (#6447)
Clean up various use of escape/unescape functions for URL generation (#6334)
Return 409 when creating repo if it already exists. (#6330)
Add same changes from issues page to milestone->issues page (#6328)
Fix ParsePatch function to work with quoted diff --git strings (#6323)
Fix reported issue in repo description (#6306)
Use url.PathEscape to escape the branchname (#6304)
Add robots.txt as reserved username (#6272)
Replace linkRegex with xurls library (#6261)
Remove visitLinksForShortLinks features (#6257)
Add unit types to repo action URL to correctly show 404 when archived (#6247)
Check organization visibility before everything else (#6234) (#6235)
Prevent double-close of issues (#6233)
Override xorm type mapping for U2F counter (#6232)
Add isAdmin to user API response (#6231)
Update git vendor to fix wrong release commit id and add migrations (#6224)
Fix fork button (#6223)
Fix renames over redirects (#6216)
Fix display dashboard even if require to change password (#6214)
Create a repo redirect when transferring ownership (#6210) (#6211)
Fix issue update race condition (#6194)
Fix bug when migrate repository 500 when repo is existed (#6188)
Fix scrollbar always present on page body (#6177)
Fix bug when set indexer as db and add tests (#6173)
Modify linkRegex to require http|https (#6171)
Fix bug user could change private repository to public when force private enabled. (#6156)
Fix admin list user/org API (#6143)
Make repo creation for API similar to UI (#6142)
Make document body a flexbox (#6139)
Refactor issue indexer, add some testing and fix a bug (#6131)
Load Issue attributes for API call (#6122)
Fix bug when update owner team then visit team's repo return 404 (#6119)
Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
Show private organization for admin, fix #6111 (#6112)
Fix prohibit login check on authorization (#6106)
Move to ldap.v3 to fix #5928 (#6105)
Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
Make sure labels are actually returned (#6053)
Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
After deleting a repo on admin panel, UI should remember the last sort type (#6033)
Default create repository on organisation on its dashboard (#6026)
Swagger: Remove spaces in MergePullRequestOption enum (#6016)
Fix metrics auth token detection (#6006)
Fix repo header issues (#5995)
Fix bug when deleting a linked account will removed all (#5989)
Make organization dropdown scrollable when using mouse wheel (#5988)
Fix empty ssh key importing in ldap (#5984)
Admin config page mailertype setting option update (#5973)
Fix redirect loop during forced password change (#5965)
Show user who created the repository instead of the organisation in action feed (#5948)
Remove all CommitStatus when a repo is deleted (#5940)
Fix ssh deploy and user key constraints (#1357) (#5939)
Fix log output (#5938)
Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
Fix compare button (#5929)
Fix bug when read public repo lfs file (#5912)
Only allow local login if password is non-empty (#5906)
Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
Provide better panic handling (#5902)
Respect value of REQUIRE_SIGNIN_VIEW (#5901)
Show a 404 not a 500 if a repo does not exist (#5900)
Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
Correct footer height if screen-width is to small (fixes #5878) (#5889)
In gitea serv switch off console logger to fix #5866 (#5887)
Don't allow pull requests to be created on an archived repository (#5883)
Support reviews on a deleted file path (#5880)
Fix compare button on upstream repo leading to 404 (#5877)
Fix null pointer on not logged in attempt to Sudo (#5872)
Fix new release creation API to allow empty target (#5870)
Fix an error while adding a dependency via UI. (#5862)
Fix failing migration v67 (#5849)
Fix delete correct temp directory (#5839)
Make sure .git/info is created before generating .git/info/sparse-che? (#5825)
Fix topics saving internal error and disable for archived repos (#5821)
Fix TLS errors when using acme/autocert for local connections (#5820)
When creating new repository fsck option should be enabled (#5817)
Request for public keys only if LDAP attribute is set (#5816)
Fix serving of raw wiki files other than .md (#5814)
Fix migration 78 error mssql (#5791)
Disallow empty titles (#5785)
Fix the v78 migration script (#5776)
Ensure valid git author names passed in signatures (#5774)
Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
Fixing PostgreSQL dump creation (#5747)
Add proper CORS preflight origin validation (#5740)
Disable auto-migrate in docker container (#5730)
In basic auth check for tokens before call UserSignIn (#5725)
Pooled and buffered gzip implementation (#5722)
Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
Keep file permissions during database migration (#5707)
Use correct value for "MSpan Structures Obtained" #4742 (#5706)
Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
Update xorm to fix issue #5659 and #5651 (#5680)
Fix public will not be reused as public key after deleting as deploy key (#5671)
When redirecting, clean the path (#5669)
Don't list an issue on its own dependency list UI. (#5658)
Fix commit page showing status for current default branch (#5649) (#5650)
Only count users own actions for heatmap contributions (#5647)
Fix sqlite deadlock when assigning to a PR (#5640)
Refactor issue indexer (#5363)
TESTING
Run benchmark at tag to track performances (#6035)
Add test environment for MySQL8 (#5234)
BUILD
Use go 1.12 for tests and deprecate go 1.9 (#6186)
Makefile changes for Windows and easier development (#6103)
Update bleve dependency to latest master revision (#6100)
Switch to more recent build of xgo (#6070)
Add autoprefixer to css build (#6029)
Update the version of less (#6010)
Make log mailer for testing (#5893)
DOCS
Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
update default value of --must-change-password cli flag (#6032)
Update and expand information about building Gitea (#6019)
Update U2F Section of app.ini.sample (#5994)
Update swagger for release API pagination (#5841)
Added docs for the tree api (#5834)
MISC
Add single commit API support (#5843)
Add missing GET teams endpoints (#5382)
Migrate database if app.ini found (#5290)
Changes from 1.7.4:
SECURITY
Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
BUGFIXES
Allow resend of confirmation email when logged in (#6482) (#6487)
diffstat:
www/gitea/Makefile | 10 +++++-----
www/gitea/PLIST | 24 +++++++++++++++++++++---
www/gitea/distinfo | 10 +++++-----
www/gitea/options.mk | 5 +++--
4 files changed, 34 insertions(+), 15 deletions(-)
diffs (162 lines):
diff -r ab2d132b17b4 -r c5d4b6a391f6 www/gitea/Makefile
--- a/www/gitea/Makefile Sun Apr 28 16:14:29 2019 +0000
+++ b/www/gitea/Makefile Sun Apr 28 16:41:30 2019 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.1 2019/03/24 21:34:23 nia Exp $
+# $NetBSD: Makefile,v 1.1.2.1 2019/04/28 16:41:30 bsiegert Exp $
-DISTNAME= gitea-1.7.4
+DISTNAME= gitea-1.8.0
MASTER_SITES= ${MASTER_SITE_GITHUB:=go-gitea/}
CATEGORIES= www
GITHUB_TAG= v${PKGVERSION_NOREV}
@@ -13,8 +13,10 @@
GO_DIST_BASE= ${DISTNAME}
GO_SRCPATH= code.gitea.io/gitea
+.include "options.mk"
+
.if !empty(GO_TAGS)
-GO_BUILD_PATTERN+= -tags ${GO_TAGS}
+GO_BUILD_PATTERN+= -tags "${GO_TAGS}"
.endif
GO_BUILD_PATTERN+= ${GO_SRCPATH}
@@ -86,8 +88,6 @@
post-install:
${INSTALL_DATA} ${WRKDIR}/app.ini.sample ${DESTDIR}${EGDIR}
-.include "options.mk"
-
.include "../../www/go-gohtml/buildlink3.mk"
.include "../../lang/go/go-package.mk"
.include "../../mk/bsd.pkg.mk"
diff -r ab2d132b17b4 -r c5d4b6a391f6 www/gitea/PLIST
--- a/www/gitea/PLIST Sun Apr 28 16:14:29 2019 +0000
+++ b/www/gitea/PLIST Sun Apr 28 16:41:30 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1 2019/03/24 21:34:23 nia Exp $
+@comment $NetBSD: PLIST,v 1.1.2.1 2019/04/28 16:41:30 bsiegert Exp $
sbin/gitea
share/examples/gitea/app.ini.sample
share/gitea/options/gitignore/Actionscript
@@ -576,6 +576,7 @@
share/gitea/options/locale/locale_sv-SE.ini
share/gitea/options/locale/locale_tr-TR.ini
share/gitea/options/locale/locale_uk-UA.ini
+share/gitea/options/locale/locale_vi-VN.ini
share/gitea/options/locale/locale_zh-CN.ini
share/gitea/options/locale/locale_zh-HK.ini
share/gitea/options/locale/locale_zh-TW.ini
@@ -585,6 +586,7 @@
share/gitea/public/img/404.png
share/gitea/public/img/500.png
share/gitea/public/img/auth/bitbucket.png
+share/gitea/public/img/auth/discord.png
share/gitea/public/img/auth/dropbox.png
share/gitea/public/img/auth/facebook.png
share/gitea/public/img/auth/github.png
@@ -637,6 +639,18 @@
share/gitea/public/vendor/assets/font-awesome/fonts/fontawesome-webfont.ttf
share/gitea/public/vendor/assets/font-awesome/fonts/fontawesome-webfont.woff
share/gitea/public/vendor/assets/font-awesome/fonts/fontawesome-webfont.woff2
+share/gitea/public/vendor/assets/lato-fonts/lato-bold.eot
+share/gitea/public/vendor/assets/lato-fonts/lato-bold.woff
+share/gitea/public/vendor/assets/lato-fonts/lato-bold.woff2
+share/gitea/public/vendor/assets/lato-fonts/lato-bolditalic.eot
+share/gitea/public/vendor/assets/lato-fonts/lato-bolditalic.woff
+share/gitea/public/vendor/assets/lato-fonts/lato-bolditalic.woff2
+share/gitea/public/vendor/assets/lato-fonts/lato-italic.eot
+share/gitea/public/vendor/assets/lato-fonts/lato-italic.woff
+share/gitea/public/vendor/assets/lato-fonts/lato-italic.woff2
+share/gitea/public/vendor/assets/lato-fonts/lato-regular.eot
+share/gitea/public/vendor/assets/lato-fonts/lato-regular.woff
+share/gitea/public/vendor/assets/lato-fonts/lato-regular.woff2
share/gitea/public/vendor/assets/lato-fonts/lato-v14-latin-700.eot
share/gitea/public/vendor/assets/lato-fonts/lato-v14-latin-700.svg
share/gitea/public/vendor/assets/lato-fonts/lato-v14-latin-700.ttf
@@ -1855,7 +1869,6 @@
share/gitea/public/vendor/plugins/emojify/images/zap.png
share/gitea/public/vendor/plugins/emojify/images/zero.png
share/gitea/public/vendor/plugins/emojify/images/zzz.png
-share/gitea/public/vendor/plugins/es6-promise/es6-promise.auto.min.js
share/gitea/public/vendor/plugins/gitgraph/LICENSE
share/gitea/public/vendor/plugins/gitgraph/gitgraph.css
share/gitea/public/vendor/plugins/gitgraph/gitgraph.js
@@ -1967,6 +1980,7 @@
share/gitea/public/vendor/plugins/pdfjs/web/viewer.css
share/gitea/public/vendor/plugins/pdfjs/web/viewer.html
share/gitea/public/vendor/plugins/pdfjs/web/viewer.js
+share/gitea/public/vendor/plugins/promise-polyfill/polyfill.min.js
share/gitea/public/vendor/plugins/semantic/LICENSE
share/gitea/public/vendor/plugins/semantic/semantic.min.css
share/gitea/public/vendor/plugins/semantic/semantic.min.js
@@ -2079,7 +2093,6 @@
share/gitea/templates/pwa/manifest_json.tmpl
share/gitea/templates/pwa/serviceworker_js.tmpl
share/gitea/templates/repo/activity.tmpl
-share/gitea/templates/repo/bare.tmpl
share/gitea/templates/repo/branch/list.tmpl
share/gitea/templates/repo/branch_dropdown.tmpl
share/gitea/templates/repo/commit_status.tmpl
@@ -2100,6 +2113,7 @@
share/gitea/templates/repo/editor/diff_preview.tmpl
share/gitea/templates/repo/editor/edit.tmpl
share/gitea/templates/repo/editor/upload.tmpl
+share/gitea/templates/repo/empty.tmpl
share/gitea/templates/repo/forks.tmpl
share/gitea/templates/repo/graph.tmpl
share/gitea/templates/repo/header.tmpl
@@ -2171,6 +2185,8 @@
share/gitea/templates/user/auth/change_passwd_inner.tmpl
share/gitea/templates/user/auth/finalize_openid.tmpl
share/gitea/templates/user/auth/forgot_passwd.tmpl
+share/gitea/templates/user/auth/grant.tmpl
+share/gitea/templates/user/auth/grant_error.tmpl
share/gitea/templates/user/auth/link_account.tmpl
share/gitea/templates/user/auth/prohibit_login.tmpl
share/gitea/templates/user/auth/reset_passwd.tmpl
@@ -2198,6 +2214,8 @@
share/gitea/templates/user/profile.tmpl
share/gitea/templates/user/settings/account.tmpl
share/gitea/templates/user/settings/applications.tmpl
+share/gitea/templates/user/settings/applications_oauth2.tmpl
+share/gitea/templates/user/settings/applications_oauth2_edit.tmpl
share/gitea/templates/user/settings/keys.tmpl
share/gitea/templates/user/settings/keys_gpg.tmpl
share/gitea/templates/user/settings/keys_ssh.tmpl
diff -r ab2d132b17b4 -r c5d4b6a391f6 www/gitea/distinfo
--- a/www/gitea/distinfo Sun Apr 28 16:14:29 2019 +0000
+++ b/www/gitea/distinfo Sun Apr 28 16:41:30 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.1 2019/03/24 21:34:23 nia Exp $
+$NetBSD: distinfo,v 1.1.2.1 2019/04/28 16:41:30 bsiegert Exp $
-SHA1 (gitea-1.7.4.tar.gz) = 4ab63c49530407414fa5bcad19341e84288e8944
-RMD160 (gitea-1.7.4.tar.gz) = b90c2a9e89cdc1b2833821b75683fa9f0d8f03ac
-SHA512 (gitea-1.7.4.tar.gz) = eede6d410529b1facf65061256e48fee7d459aa12d8c55346d3ad78004a45b7bf667536979fe92270a85901102fd9cddb8183490e16f912b742e799ca912e370
-Size (gitea-1.7.4.tar.gz) = 20858340 bytes
+SHA1 (gitea-1.8.0.tar.gz) = 508213ca48042ad34aac7fc55d62426d4bd3dd29
+RMD160 (gitea-1.8.0.tar.gz) = 6f766c8c34bce085fb108e1ab03f9f087cb89471
+SHA512 (gitea-1.8.0.tar.gz) = eebbe2f77ed2e4c3562f48a6fa647e6f2a0492c5b6ea4f13542a5ef82e94a357a8d53897aa013107b5f735d2aff9d719893b5724de44831c43998c2e9c6e78d7
+Size (gitea-1.8.0.tar.gz) = 24268907 bytes
SHA1 (patch-vendor_github.com_edsrzf_mmap-go_mmap.go) = fb6036fca52ad3ecf779080849a015fee640aba5
SHA1 (patch-vendor_github.com_edsrzf_mmap-go_mmap__solaris.go) = f4341dfab2b452f926353350ce861aa75e3e47f9
SHA1 (patch-vendor_github.com_edsrzf_mmap-go_mmap__sys.go) = 4e6121157bbd4072feaca297c081efa49379a57c
diff -r ab2d132b17b4 -r c5d4b6a391f6 www/gitea/options.mk
--- a/www/gitea/options.mk Sun Apr 28 16:14:29 2019 +0000
+++ b/www/gitea/options.mk Sun Apr 28 16:41:30 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.1 2019/03/24 21:34:23 nia Exp $
+# $NetBSD: options.mk,v 1.1.2.1 2019/04/28 16:41:30 bsiegert Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.gitea
PKG_SUPPORTED_OPTIONS= sqlite
@@ -7,5 +7,6 @@
.include "../../mk/bsd.options.mk"
.if !empty(PKG_OPTIONS:Msqlite)
-GO_TAGS+= sqlite
+GO_TAGS+= sqlite sqlite_unlock_notify
+.include "../../databases/sqlite3/buildlink3.mk"
.endif
Home |
Main Index |
Thread Index |
Old Index