Merge remote-tracking branch 'origin/main' into migration-credentials

Author: noerw

contrib/systemd/gitea.service

@@ -3,14 +3,23 @@ Description=Gitea (Git with a cup of tea)
 After=syslog.target
 After=network.target
 ###
-# Don't forget to add the database service requirements
+# Don't forget to add the database service dependencies
 ###
 #
-#Requires=mysql.service
-#Requires=mariadb.service
-#Requires=postgresql.service
-#Requires=memcached.service
-#Requires=redis.service
+#Wants=mysql.service
+#After=mysql.service
+#
+#Wants=mariadb.service
+#After=mariadb.service
+#
+#Wants=postgresql.service
+#After=postgresql.service
+#
+#Wants=memcached.service
+#After=memcached.service
+#
+#Wants=redis.service
+#After=redis.service
 #
 ###
 # If using socket activation for main http/s

docs/content/doc/developers/api-usage.en-us.md

@@ -40,8 +40,42 @@ better understand this by looking at the code -- as of this writing,
 Gitea parses queries and headers to find the token in
 [modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
 
-You can create an API key token via your Gitea installation's web interface:
-`Settings | Applications | Generate New Token`.
+## Generating and listing API tokens
+
+A new token can be generated with a `POST` request to
+`/users/:name/tokens`.
+
+Note that `/users/:name/tokens` is a special endpoint and requires you
+to authenticate using `BasicAuth` and a password, as follows:
+
+
+```sh
+$ curl -XPOST -H "Content-Type: application/json"  -k -d '{"name":"test"}' -u username:password https://gitea.your.host/api/v1/users/<username>/tokens
+{"id":1,"name":"test","sha1":"9fcb1158165773dd010fca5f0cf7174316c3e37d","token_last_eight":"16c3e37d"}
+```
+
+The ``sha1`` (the token) is only returned once and is not stored in
+plain-text.  It will not be displayed when listing tokens with a `GET`
+request; e.g.
+
+```sh
+$ curl --request GET --url https://yourusername:[email protected]/api/v1/users/<username>/tokens
+[{"name":"test","sha1":"","token_last_eight:"........":},{"name":"dev","sha1":"","token_last_eight":"........"}]
+```
+
+To use the API with basic authentication with two factor authentication
+enabled, you'll need to send an additional header that contains the one
+time password (6 digitrotating token).
+An example of the header is `X-Gitea-OTP: 123456` where `123456`
+is where you'd place the code from your authenticator.
+Here is how the request would look like in curl:
+
+```sh
+$ curl -H "X-Gitea-OTP: 123456" --request GET --url https://yourusername:[email protected]/api/v1/users/yourusername/tokens
+```
+
+You can also create an API key token via your Gitea installation's web
+interface: `Settings | Applications | Generate New Token`.
 
 ## OAuth2 Provider
 
@@ -82,26 +116,6 @@ or on
 The OpenAPI document is at:
 `https://gitea.your.host/swagger.v1.json`
 
-## Listing your issued tokens via the API
-
-As mentioned in
-[#3842](https://github.com/go-gitea/gitea/issues/3842#issuecomment-397743346),
-`/users/:name/tokens` is special and requires you to authenticate
-using BasicAuth, as follows:
-
-### Using basic authentication:
-
-```sh
-$ curl --request GET --url https://yourusername:[email protected]/api/v1/users/yourusername/tokens
-[{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]
-```
-
-As of v1.8.0 of Gitea, if using basic authentication with the API and your user has two factor authentication enabled, you'll need to send an additional header that contains the one time password (6 digit rotating token). An example of the header is `X-Gitea-OTP: 123456` where `123456` is where you'd place the code from your authenticator. Here is how the request would look like in curl:
-
-```sh
-$ curl -H "X-Gitea-OTP: 123456" --request GET --url https://yourusername:[email protected]/api/v1/users/yourusername/tokens
-```
-
 ## Sudo
 
 The API allows admin users to sudo API requests as another user. Simply add either a `sudo=` parameter or `Sudo:` request header with the username of the user to sudo.

models/admin.go

@@ -114,6 +114,11 @@ func DeleteNotice(id int64) error {
 
 // DeleteNotices deletes all notices with ID from start to end (inclusive).
 func DeleteNotices(start, end int64) error {
+	if start == 0 && end == 0 {
+		_, err := x.Exec("DELETE FROM notice")
+		return err
+	}
+
 	sess := x.Where("id >= ?", start)
 	if end > 0 {
 		sess.And("id <= ?", end)

modules/git/command.go

@@ -124,12 +124,18 @@ func (c *Command) RunInDirTimeoutEnvFullPipelineFunc(env []string, timeout time.
 
 	cmd := exec.CommandContext(ctx, c.name, c.args...)
 	if env == nil {
-		cmd.Env = append(os.Environ(), fmt.Sprintf("LC_ALL=%s", DefaultLocale))
+		cmd.Env = os.Environ()
 	} else {
 		cmd.Env = env
-		cmd.Env = append(cmd.Env, fmt.Sprintf("LC_ALL=%s", DefaultLocale))
 	}
 
+	cmd.Env = append(
+		cmd.Env,
+		fmt.Sprintf("LC_ALL=%s", DefaultLocale),
+		// avoid prompting for credentials interactively, supported since git v2.3
+		"GIT_TERMINAL_PROMPT=0",
+	)
+
 	// TODO: verify if this is still needed in golang 1.15
 	if goVersionLessThan115 {
 		cmd.Env = append(cmd.Env, "GODEBUG=asyncpreemptoff=1")

options/locale/locale_en-US.ini

@@ -1550,6 +1550,7 @@ settings.email_notifications.disable = Disable Email Notifications
 settings.email_notifications.submit = Set Email Preference
 settings.site = Website
 settings.update_settings = Update Settings
+settings.branches.update_default_branch = Update Default Branch
 settings.advanced_settings = Advanced Settings
 settings.wiki_desc = Enable Repository Wiki
 settings.use_internal_wiki = Use Built-In Wiki

options/locale/locale_ja-JP.ini

@@ -1285,6 +1285,8 @@ issues.review.resolved_by=がこの会話を解決済みにしました
 issues.assignee.error=予期しないエラーにより、一部の担当者を追加できませんでした。
 issues.reference_issue.body=内容
 
+compare.compare_base=基準
+compare.compare_head=比較
 
 pulls.desc=プルリクエストとコードレビューの有効化。
 pulls.new=新しいプルリクエスト
@@ -1547,6 +1549,7 @@ settings.email_notifications.disable=メール通知無効
 settings.email_notifications.submit=メール設定を保存
 settings.site=Webサイト
 settings.update_settings=設定を更新
+settings.branches.update_default_branch=デフォルトブランチを更新
 settings.advanced_settings=拡張設定
 settings.wiki_desc=Wikiを有効にする
 settings.use_internal_wiki=ビルトインのWikiを使用する
@@ -1887,6 +1890,7 @@ diff.file_image_width=幅
 diff.file_image_height=高さ
 diff.file_byte_size=サイズ
 diff.file_suppressed=ファイル差分が大きすぎるため省略します
+diff.file_suppressed_line_too_long=長すぎる行があるためファイル差分は表示されません
 diff.too_many_files=変更されたファイルが多すぎるため、一部のファイルは表示されません
 diff.comment.placeholder=コメントを残す
 diff.comment.markdown_info=Markdownによる書式設定をサポートしています。
@@ -2309,6 +2313,7 @@ auths.allowed_domains_helper=すべてのドメインを許可する場合は空
 auths.enable_tls=TLS暗号化を有効にする
 auths.skip_tls_verify=TLS検証を省略
 auths.pam_service_name=PAMサービス名
+auths.pam_email_domain=PAM メールドメイン名 (オプション)
 auths.oauth2_provider=OAuth2プロバイダー
 auths.oauth2_icon_url=アイコンのURL
 auths.oauth2_clientID=クライアントID (キー)
@@ -2408,6 +2413,7 @@ config.db_path=パス
 config.service_config=サービス設定
 config.register_email_confirm=登録にはメールによる確認が必要
 config.disable_register=セルフ登録無効
+config.allow_only_internal_registration=Gitea上での登録のみを許可
 config.allow_only_external_registration=外部サービスを使用した登録のみを許可
 config.enable_openid_signup=OpenIDを使ったセルフ登録有効
 config.enable_openid_signin=OpenIDを使ったサインイン有効