Merge branch 'main' into walkgitlog-colon

Author: jolheiser

.drone.yml

@@ -149,7 +149,7 @@ rules:
   jquery/no-global-eval: [2]
   jquery/no-grep: [2]
   jquery/no-has: [2]
-  jquery/no-hide: [0]
+  jquery/no-hide: [2]
   jquery/no-html: [0]
   jquery/no-in-array: [2]
   jquery/no-is-array: [2]
@@ -166,13 +166,13 @@ rules:
   jquery/no-proxy: [2]
   jquery/no-ready: [0]
   jquery/no-serialize: [2]
-  jquery/no-show: [0]
+  jquery/no-show: [2]
   jquery/no-size: [2]
   jquery/no-sizzle: [0]
   jquery/no-slide: [0]
   jquery/no-submit: [0]
   jquery/no-text: [0]
-  jquery/no-toggle: [0]
+  jquery/no-toggle: [2]
   jquery/no-trigger: [0]
   jquery/no-trim: [2]
   jquery/no-val: [0]

.eslintrc.yaml

@@ -1,9 +1,9 @@
-<!--
-
+<!-- start tips --> 
 Please check the following:
-
-1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for bug fixes.
-2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md
-3. Describe what your pull request does and which issue you're targeting (if any)
-
--->  
+1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for backports.
+2. Make sure you have read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md .
+3. Describe what your pull request does and which issue you're targeting (if any).
+4. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
+5. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
+6. Delete all these tips before posting.
+<!-- end tips -->

.github/pull_request_template.md

@@ -10,9 +10,12 @@ tasks:
   - name: Run backend
     command: |
       gp sync-await setup
-      mkdir -p custom/conf/
-      echo -e "[server]\nROOT_URL=$(gp url 3000)/" > custom/conf/app.ini
-      echo -e "\n[database]\nDB_TYPE = sqlite3\nPATH = $GITPOD_REPO_ROOT/data/gitea.db" >> custom/conf/app.ini
+      if [ ! -f custom/conf/app.ini ]
+      then
+        mkdir -p custom/conf/
+        echo -e "[server]\nROOT_URL=$(gp url 3000)/" > custom/conf/app.ini
+        echo -e "\n[database]\nDB_TYPE = sqlite3\nPATH = $GITPOD_REPO_ROOT/data/gitea.db" >> custom/conf/app.ini
+      fi
       export TAGS="sqlite sqlite_unlock_notify"
       make watch-backend
   - name: Run frontend

.gitpod.yml

@@ -1,44 +1,137 @@
-extends: stylelint-config-standard
-
 plugins:
   - stylelint-declaration-strict-value
 
+ignoreFiles:
+  - "**/*.go"
+
 overrides:
-  - files: ["**/*.less"]
-    customSyntax: postcss-less
-  - files: ["**/*.less"]
-    rules:
-      scale-unlimited/declaration-strict-value: [color, {
-        ignoreValues: /^(inherit|transparent|unset|initial)$/
-      }]
   - files: ["**/chroma/*", "**/codemirror/*", "**/standalone/*", "**/console/*"]
     rules:
       scale-unlimited/declaration-strict-value: null
+  - files: ["**/chroma/*", "**/codemirror/*"]
+    rules:
+      block-no-empty: null
 
 rules:
   alpha-value-notation: null
+  annotation-no-unknown: true
+  at-rule-allowed-list: null
+  at-rule-disallowed-list: null
   at-rule-empty-line-before: null
-  block-closing-brace-empty-line-before: null
+  at-rule-no-unknown: true
+  at-rule-no-vendor-prefix: true
+  at-rule-property-required-list: null
+  block-no-empty: true
   color-function-notation: null
+  color-hex-alpha: null
   color-hex-length: null
+  color-named: null
+  color-no-hex: null
+  color-no-invalid-hex: true
   comment-empty-line-before: null
+  comment-no-empty: true
+  comment-pattern: null
+  comment-whitespace-inside: null
+  comment-word-disallowed-list: null
+  custom-media-pattern: null
+  custom-property-empty-line-before: null
+  custom-property-no-missing-var-function: true
+  custom-property-pattern: null
+  declaration-block-no-duplicate-custom-properties: true
+  declaration-block-no-duplicate-properties: [true, {ignore: [consecutive-duplicates-with-different-values]}]
   declaration-block-no-redundant-longhand-properties: null
+  declaration-block-no-shorthand-property-overrides: null
   declaration-block-single-line-max-declarations: null
   declaration-empty-line-before: null
+  declaration-no-important: null
+  declaration-property-max-values: null
+  declaration-property-unit-allowed-list: null
+  declaration-property-unit-disallowed-list: null
+  declaration-property-value-allowed-list: null
+  declaration-property-value-disallowed-list: null
+  declaration-property-value-no-unknown: true
+  font-family-name-quotes: always-where-recommended
+  font-family-no-duplicate-names: true
+  font-family-no-missing-generic-family-keyword: true
+  font-weight-notation: null
+  function-allowed-list: null
+  function-calc-no-unspaced-operator: true
+  function-disallowed-list: null
+  function-linear-gradient-no-nonstandard-direction: true
+  function-name-case: lower
   function-no-unknown: null
+  function-url-no-scheme-relative: null
+  function-url-quotes: always
+  function-url-scheme-allowed-list: null
+  function-url-scheme-disallowed-list: null
   hue-degree-notation: null
   import-notation: string
-  indentation: 2
-  max-line-length: null
+  keyframe-block-no-duplicate-selectors: true
+  keyframe-declaration-no-important: true
+  keyframe-selector-notation: null
+  keyframes-name-pattern: null
+  length-zero-no-unit: true
+  max-nesting-depth: null
+  media-feature-name-allowed-list: null
+  media-feature-name-disallowed-list: null
+  media-feature-name-no-unknown: true
+  media-feature-name-no-vendor-prefix: true
+  media-feature-name-unit-allowed-list: null
+  media-feature-name-value-allowed-list: null
+  media-feature-range-notation: null
+  named-grid-areas-no-invalid: true
   no-descending-specificity: null
+  no-duplicate-at-import-rules: true
+  no-duplicate-selectors: true
+  no-empty-source: true
+  no-invalid-double-slash-comments: true
   no-invalid-position-at-import-rule: null
-  number-leading-zero: never
+  no-irregular-whitespace: true
+  no-unknown-animations: null
   number-max-precision: null
+  property-allowed-list: null
+  property-disallowed-list: null
+  property-no-unknown: true
   property-no-vendor-prefix: null
   rule-empty-line-before: null
+  rule-selector-property-disallowed-list: null
+  scale-unlimited/declaration-strict-value: [color, {ignoreValues: /^(inherit|transparent|unset|initial|currentcolor)$/}]
+  selector-attribute-name-disallowed-list: null
+  selector-attribute-operator-allowed-list: null
+  selector-attribute-operator-disallowed-list: null
+  selector-attribute-quotes: always
   selector-class-pattern: null
+  selector-combinator-allowed-list: null
+  selector-combinator-disallowed-list: null
+  selector-disallowed-list: null
   selector-id-pattern: null
+  selector-max-attribute: null
+  selector-max-class: null
+  selector-max-combinators: null
+  selector-max-compound-selectors: null
+  selector-max-id: null
+  selector-max-pseudo-class: null
+  selector-max-specificity: null
+  selector-max-type: null
+  selector-max-universal: null
+  selector-nested-pattern: null
+  selector-no-qualifying-type: null
+  selector-no-vendor-prefix: true
+  selector-not-notation: null
+  selector-pseudo-class-allowed-list: null
+  selector-pseudo-class-disallowed-list: null
+  selector-pseudo-class-no-unknown: true
+  selector-pseudo-element-allowed-list: null
   selector-pseudo-element-colon-notation: double
+  selector-pseudo-element-disallowed-list: null
+  selector-pseudo-element-no-unknown: true
+  selector-type-case: lower
+  selector-type-no-unknown: [true, {ignore: [custom-elements]}]
   shorthand-property-no-redundant-values: true
-  string-quotes: null
-  value-no-vendor-prefix: null
+  string-no-newline: true
+  time-min-milliseconds: null
+  unit-allowed-list: null
+  unit-disallowed-list: null
+  unit-no-unknown: true
+  value-keyword-case: null
+  value-no-vendor-prefix: [true, {ignoreValues: [box, inline-box]}]

.stylelintrc.yaml

@@ -4,6 +4,56 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 
+## [1.18.5](https://github.com/go-gitea/gitea/releases/tag/v1.18.5) - 2023-02-21
+
+* ENHANCEMENTS
+  * Hide 2FA status from other members in organization members list (#22999) (#23023)
+* BUGFIXES
+  * Add force_merge to merge request and fix checking mergable (#23010) (#23032)
+  * Use `--message=%s` for git commit message (#23028) (#23029)
+  * Render access log template as text instead of HTML (#23013) (#23025)
+  * Fix the Manually Merged form (#23015) (#23017)
+  * Use beforeCommit instead of baseCommit (#22949) (#22996)
+  * Display attachments of review comment when comment content is blank (#23035) (#23046)
+  * Return empty url for submodule tree entries (#23043) (#23048)
+
+## [1.18.4](https://github.com/go-gitea/gitea/releases/tag/1.18.4) - 2023-02-20
+
+* SECURITY
+  * Provide the ability to set password hash algorithm parameters (#22942) (#22943)
+  * Add command to bulk set must-change-password (#22823) (#22928)
+* ENHANCEMENTS
+  * Use import of OCI structs (#22765) (#22805)
+  * Fix color of tertiary button on dark theme (#22739) (#22744)
+  * Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642)
+* BUGFIXES
+  * Notify on container image create (#22806) (#22965)
+  * Fix blame view missing lines (#22826) (#22929)
+  * Fix incorrect role labels for migrated issues and comments (#22914) (#22923)
+  * Fix PR file tree folders no longer collapsing (#22864) (#22872)
+  * Escape filename when assemble URL (#22850) (#22871)
+  * Fix isAllowed of escapeStreamer (#22814) (#22837)
+  * Load issue before accessing index in merge message (#22822) (#22830)
+  * Improve trace logging for pulls and processes (#22633) (#22812)
+  * Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794)
+  * Add default user visibility to cli command "admin user create" (#22750) (#22760)
+  * Escape path for the file list (#22741) (#22757)
+  * Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721)
+  * Add missing close bracket in imagediff (#22710) (#22712)
+  * Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707)
+  * Fix line spacing for plaintext previews (#22699) (#22701)
+  * Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698)
+  * Fix README TOC links (#22577) (#22677)
+  * Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658)
+  * Improve checkIfPRContentChanged (#22611) (#22644)
+  * Prevent duplicate labels when importing more than 99 (#22591) (#22598)
+  * Don't return duplicated users who can create org repo (#22560) (#22562)
+* BUILD
+  * Upgrade golangcilint to v1.51.0 (#22764)
+* MISC
+  * Use proxy for pull mirror (#22771) (#22772)
+  * Use `--index-url` in PyPi description (#22620) (#22636)
+
 ## [1.18.3](https://github.com/go-gitea/gitea/releases/tag/v1.18.3) - 2023-01-23
 
 * SECURITY

CHANGELOG.md

@@ -0,0 +1,96 @@
+# Gitea Community Code of Conduct
+
+## About
+
+Online communities include people from many different backgrounds. The Gitea contributors are committed to providing a friendly, safe and welcoming environment for all, regardless of gender identity and expression, sexual orientation, disabilities, neurodiversity, physical appearance, body size, ethnicity, nationality, race, age, religion, or similar personal characteristics.
+
+The first goal of the Code of Conduct is to specify a baseline standard of behavior so that people with different social values and communication styles can talk about Gitea effectively, productively, and respectfully.
+
+The second goal is to provide a mechanism for resolving conflicts in the community when they arise.
+
+The third goal of the Code of Conduct is to make our community welcoming to people from different backgrounds. Diversity is critical to the project; for Gitea to be successful, it needs contributors and users from all backgrounds.
+
+We believe that healthy debate and disagreement are essential to a healthy project and community. However, it is never ok to be disrespectful. We value diverse opinions, but we value respectful behavior more.
+
+## Community values
+
+These are the values to which people in the Gitea community should aspire.
+
+- **Be friendly and welcoming.**
+- **Be patient.**
+  - Remember that people have varying communication styles and that not everyone is using their native language. (Meaning and tone can be lost in translation.)
+- **Be thoughtful.**
+  - Productive communication requires effort. Think about how your words will be interpreted.
+  - Remember that sometimes it is best to refrain entirely from commenting.
+- **Be respectful.**
+  - In particular, respect differences of opinion.
+- **Be charitable.**
+  - Interpret the arguments of others in good faith, do not seek to disagree.
+  - When we do disagree, try to understand why.
+- **Be constructive.**
+  - Avoid derailing: stay on topic; if you want to talk about something else, start a new conversation.
+  - Avoid unconstructive criticism: don't merely decry the current state of affairs; offer—or at least solicit—suggestions as to how things may be improved.
+  - Avoid snarking (pithy, unproductive, sniping comments)
+  - Avoid discussing potentially offensive or sensitive issues; this all too often leads to unnecessary conflict.
+  - Avoid microaggressions (brief and commonplace verbal, behavioral and environmental indignities that communicate hostile, derogatory or negative slights and insults to a person or group).
+- **Be responsible.**
+  - What you say and do matters. Take responsibility for your words and actions, including their consequences, whether intended or otherwise.
+
+People are complicated. You should expect to be misunderstood and to misunderstand others; when this inevitably occurs, resist the urge to be defensive or assign blame. Try not to take offense where no offense was intended. Give people the benefit of the doubt. Even if the intent was to provoke, do not rise to it. It is the responsibility of all parties to de-escalate conflict when it arises.
+
+## Code of Conduct
+
+### Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+### Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others’ private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
+
+### Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject: comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, as well as to ban (temporarily or permanently) any contributor for behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+### Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+This Code of Conduct also applies outside the project spaces when the Project Stewards have a reasonable belief that an individual’s behavior may have a negative impact on the project or its community.
+
+### Conflict Resolution
+
+We do not believe that all conflict is bad; healthy debate and disagreement often yield positive results. However, it is never okay to be disrespectful or to engage in behavior that violates the project’s code of conduct.
+
+If you see someone violating the code of conduct, you are encouraged to address the behavior directly with those involved. Many issues can be resolved quickly and easily, and this gives people more control over the outcome of their dispute. If you are unable to resolve the matter for any reason, or if the behavior is threatening or harassing, report it. We are dedicated to providing an environment where participants feel welcome and safe.
+
+Reports should be directed to the Gitea Project Stewards at conduct@gitea.com. It is the Project Stewards’ duty to receive and address reported violations of the code of conduct. They will then work with a committee consisting of representatives from the technical-oversight-committee.
+
+We will investigate every complaint, but you may not receive a direct response. We will use our discretion in determining when and how to follow up on reported incidents, which may range from not taking action to permanent expulsion from the project and project-sponsored spaces. Under normal circumstances, we will notify the accused of the report and provide them an opportunity to discuss it before any action is taken. If there is a consensus between maintainers that such an endeavor would be useless (i.e. in case of an obvious spammer), we reserve the right to take action without notifying the accused first. The identity of the reporter will be omitted from the details of the report supplied to the accused. In potentially harmful situations, such as ongoing harassment or threats to anyone’s safety, we may take action without notice.
+
+### Attribution
+
+This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+## Summary
+
+- Treat everyone with respect and kindness.
+- Be thoughtful in how you communicate.
+- Don’t be destructive or inflammatory.
+- If you encounter an issue, please mail conduct@gitea.com.

CODE_OF_CONDUCT.md

@@ -299,9 +299,7 @@ known as the release freeze. All the feature pull requests should be
 merged before feature freeze. And, during the frozen period, a corresponding
 release branch is open for fixes backported from main branch. Release candidates
 are made during this period for user testing to
-obtain a final version that is maintained in this branch. A release is
-maintained by issuing patch releases to only correct critical problems
-such as crashes or security issues.
+obtain a final version that is maintained in this branch.
 
 Major release cycles are seasonal. They always begin on the 25th and end on
 the 24th (i.e., the 25th of December to March 24th).
@@ -311,6 +309,16 @@ for the previous version. For example, if the latest, published release is
 v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are
 still possible.
 
+The previous release gets fixes for:
+
+- Security issues
+- Critical bugs
+- Regressions
+- Build issues
+- Necessary enhancements (including necessary UI/UX fixes)
+
+The backported fixes should avoid breaking downgrade between minor releases as much as possible.
+
 ## Maintainers
 
 To make sure every PR is checked, we have [team