* Use AJAX for notifications table
Signed-off-by: Andrew Thornton <art27@cantab.net>

* move to separate js
Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate golangci-lint
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add autoupdating notification count
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix wipeall
Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate tests
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try hidden
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try hide and hidden
Signed-off-by: Andrew Thornton <art27@cantab.net>

* More auto-update improvements

Only run checker on pages that have a count
Change starting checker to 10s with a back-off to 60s if there is no change
Signed-off-by: Andrew Thornton <art27@cantab.net>

* string comparison!
Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @silverwind
Signed-off-by: Andrew Thornton <art27@cantab.net>

* add configurability as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add documentation as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use CSRF header not query
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Further JS improvements

Fix @etzelia update notification table request
Fix @silverwind comments
Co-Authored-By: silverwind <me@silverwind.io>
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Simplify the notification count fns
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>

Some OAuth2 providers return quite large structured tokens >32767 bytes.
Gitea currently has a fixed maximum of 32767 bytes for these and
unfortunately due to the convoluted nature of the dependent libraries the
error returned is rather opaque.

Here we manage the error a little better - detecting the rather opaque
github.com/gorilla/securecookie.errEncodedValueTooLong and converting
it to a more readable error.

Further we provide a configurable option to increase the maximum size of
the provided OAuth2 tokens.

Fix #9907
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

enable ENABLE_HARD_LINE_BREAK by default

This matches GitHub's rendering.

Fix #11155

Replace references to cron.update_migration_post_id with cron.update_migration_poster_id in docs (#11068)

Across several files, references to cron.update_migration_post_id are made, although the actual setting is called cron.update_migration_poster_id according to modules/setting/cron.go (https://github.com/go-gitea/gitea/blob/10e2f291442fdc7efc31c02f5ffcba79a36db9ac/modules/setting/cron.go#L54

).
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>

* Add description of SSL_MODE values

* Apply suggestions from @guillep2k

Rewording suggestions
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>

* Add more logging in the LFS server

Adds more logging in the LFS server and stops sending internal server
error information to the client

* Add LFS Lock cursor implementation

* Simplify Claims in LFS and remove the float64 casts
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>

* Make PR message on pushes configurable

* Make fmt
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add max-file-size to LFS

* Update modules/lfs/server.go

* As per @silverwind
Co-Authored-By: silverwind <me@silverwind.io>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Move langauge detection to separate module to be more reusable

Add option to disable vendored file exclusion from file search

Allways show all language stats for search

Fixes #10274.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* Issue search support elasticsearch

* Fix lint

* Add indexer name on app.ini

* add a warnning on SearchIssuesByKeyword

* improve code

* Upgrade levelqueue to version 0.2.0

This adds functionality for Unique Queues

* Add UniqueQueue interface and functions to create them

* Add UniqueQueue implementations

* Move TestPullRequests over to use UniqueQueue

* Reduce code duplication

* Add bytefifos

* Ensure invalid types are logged

* Fix close race in PersistableChannelQueue Shutdown

* Cache last commit to accelerate the repository directory page visit

* Default use default cache configuration

* add tests for last commit cache

* Simplify last commit cache

* Revert Enabled back

* Change the last commit cache default ttl to 8760h

* Fix test

* Allow archive prefix setting

* Update copyright

* Update copyright

* Add support for database schema

* Require setting search_path for the db user

* Add schema setting to admin/config.tmpl

* Use a schema different from default for psql tests

* Update postgres scripts to use custom schema

* Update to xorm/core 0.7.3 and xorm/xorm c37aff9b3a

* Fix migration test
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* Make CertFile and KeyFile relative to CustomPath

The current code will absolute CertFile and KeyFile against the current working directory. This is quite unexpected for users. This code makes relative paths absolute against the CustomPath.

Fix #4196

* Improve error reporting when reading certificates

* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Delay printing hook statuses until after 1 second

* Move to a 5s delay, wrapped writer structure and add config

* Update cmd/hook.go

* Apply suggestions from code review

* Update cmd/hook.go
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>

* Queue: Add generic graceful queues with settings

* Queue & Setting: Add worker pool implementation

* Queue: Add worker settings

* Queue: Make resizing worker pools

* Queue: Add name variable to queues

* Queue: Add monitoring

* Queue: Improve logging

* Issues: Gracefulise the issues indexer

Remove the old now unused specific queues

* Task: Move to generic queue and gracefulise

* Issues: Standardise the issues indexer queue settings

* Fix test

* Queue: Allow Redis to connect to unix

* Prevent deadlock during early shutdown of issue indexer

* Add MaxWorker settings to queues

* Merge branch 'master' into graceful-queues

* Update modules/indexer/issues/indexer.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update modules/indexer/issues/indexer.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update modules/queue/queue_channel.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update modules/queue/queue_disk.go

* Update modules/queue/queue_disk_channel.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Rename queue.Description to queue.ManagedQueue as per @guillep2k

* Cancel pool workers when removed

* Remove dependency on queue from setting

* Update modules/queue/queue_redis.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* As per @guillep2k add mutex locks on shutdown/terminate

* move unlocking out of setInternal

* Add warning if number of workers < 0

* Small changes as per @guillep2k

* No redis host specified not found

* Clean up documentation for queues

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

* Update modules/indexer/issues/indexer_test.go

* Ensure that persistable channel queue is added to manager

* Rename QUEUE_NAME REDIS_QUEUE_NAME

* Revert "Rename QUEUE_NAME REDIS_QUEUE_NAME"

This reverts commit 1f83b4fc9b9dabda186257b38c265fe7012f90df.
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* Add a /user/login landing page option

* Add test case for login landing page

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Use Req.URL.RequestURI() to cope with FCGI urls

* Add debug logging statement when forbidden in internal API.

Create a /milestones endpoint which basically serves as a dashboard view for milestones, very similar to the /issues or /pulls page.

Closes #8232

* Move SignMerge to PullRequest

* Add approved signing mode

* As per @guillep2k comment

* Refactor
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add push-create to SSH serv
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Cannot push for another user unless admin
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Get owner in case admin pushes for another user
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Set new repo ID in result
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update to service and use new org perms
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move pushCreateRepo to services
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix import order
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Changes for @guillep2k

* Check owner (not user) in SSH
* Add basic tests for created repos (private, not empty)
Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Default NO_REPLY_ADDRESS to DOMAIN

The default NO_REPLY_ADDRESS was previously noreply.example.org
This PR changes this to default to the default DOMAIN for gitea.

* Change default to noreply.%(DOMAIN)s

* Change default to "noreply" + Domain

* FCGI: Allow FCGI over unix sockets

* fixup! FCGI: Allow FCGI over unix sockets

* Support custom sanitization policy

Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: #9054
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Document new sanitization configuration

 - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Dro...

Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092)

* Only show part of members on orgnization dashboard and add paging for orgnization members page

* fix test

* fix typo

* add [ui] Reactions

* move contend check from form to go functions

* use else if

* check if reaction is allowed only on react
(so previous custom reaction can be still removed)

* use $.AllowedReactions in templates

* use ctx.Flash.Error

* use it there too

* add redirection

* back to server error
because a wrong reaction is a template issue ...

* add emoji list link

* add docs entry

* small wording nit
suggestions from @jolheiser - thx

* same reactions as github

* fix PR reactions

* handle error so template JS could check

* Add Integrations Test

* add REACTIONS setting to cheat-sheet doc page

* Add USE_SERVICE_WORKER setting

This will be very useful setting for anyone doing frontend work.

Fixes: https://github.com/go-gitea/gitea/issues/9044

* prevent potential syntax error on old browsers

* Graceful Shutdown for windows and others

Restructures modules/graceful, adding shutdown for windows, removing and
replacing the old minwinsvc code.

Creates a new waitGroup - terminate which allows for goroutines to
finish up after the shutdown of the servers.

Shutdown and terminate hooks are added for goroutines.

* Remove unused functions - these can be added in a different PR

* Add startup timeout functionality

* Document STARTUP_TIMEOUT

* Fix doc example for asciidoc

* Update config-cheat-sheet.en-us.md

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add retry for migration http/https requests

* give the more suitable name for retry configuraion items

* fix docs and lint

* Only use retryDownloader when setting > 1

* Enforce Gitea environment for pushes

* Update custom/conf/app.ini.sample
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

ALLOW_ONLY_EXTERNAL_REGISTRATION was missed off the cheat sheet. This PR adds it.

Fix #8180

* Add support for AUTO_WATCH_ON_CHANGES and AUTO_WATCH_ON_CLONE

* Update models/repo_watch.go
Co-Authored-By: Lauris BH <lauris@nix.lv>

* Round up changes suggested by lafriks

* Added changes suggested from automated tests

* Updated deleteUser to take RepoWatchModeDont into account, corrected inverted DefaultWatchOnClone and DefaultWatchOnChanges behaviour, updated and added tests.

* Reinsert import "github.com/Unknwon/com" on http.go

* Add migration for new column `watch`.`mode`

* Remove serv code

* Remove WATCH_ON_CLONE; use hooks, add integrations

* Renamed watch_test.go to repo_watch_test.go

* Correct fmt

* Add missing EOL

* Correct name of test function

* Reword cheat and ini descriptions

* Add update to migration to ensure column value

* Clarify comment
Co-Authored-By: zeripath <art27@cantab.net>

* Simplify if condition

* Webhook support custom proxy

* Add glob support on webhook proxy host rules

* fix app.ini.sample

* improve code and app.ini.sample

* update cheetsheet about added webhook options

* in progress changes for #7405, added ability to add cross-repo dependencies

* removed unused repolink var

* fixed query that was breaking ci tests; fixed check in issue dependency add so that the id of the issue and dependency is checked rather than the indexes

* reverted removal of string in local files becasue these are done via crowdin, not updated manually

* removed 'Select("issue.*")' from getBlockedByDependencies and getBlockingDependencies based on comments in PR review

* changed getBlockedByDependencies and getBlockingDependencies to use a more xorm-like query, also updated the sidebar as a result

* simplified the getBlockingDependencies and getBlockedByDependencies methods; changed the sidebar to show the dependencies in a different format where you can see the name of the repository

* made some changes to the issue view in the dependencies (issue name on top, repo full name on separate line). Change view of issue in the dependency search results (also showing the full repo name on separate line)

* replace call to FindUserAccessibleRepoIDs with SearchRepositoryByName. The former was hardcoded to use isPrivate = false on the repo search, but this code needed it to be true. The SearchRepositoryByName method is used more in the code including on the user's dashboard

* some more tweaks to the layout of the issues when showing dependencies and in the search box when you add new dependencies

* added Name to the RepositoryMeta struct

* updated swagger doc

* fixed total count for link header on SearchIssues

* fixed indentation

* fixed aligment of remove icon on dependencies in issue sidebar

* removed unnecessary nil check (unnecessary because issue.loadRepo is called prior to this block)

* reverting .css change, somehow missed or forgot that less is used

* updated less file and generated css; updated sidebar template with styles to line up delete and issue index

* added ordering to the blocked by/depends on queries

* fixed sorting in issue dependency search and the depends on/blocks views to show issues from the current repo first, then by created date descending; added a "all cross repository dependencies" setting to allow this feature to be turned off, if turned off, the issue dependency search will work the way it did before (restricted to the current repository)

* re-applied my swagger changes after merge

* fixed split string condition in issue search

* changed ALLOW_CROSS_REPOSITORY_DEPENDENCIES description to sound more global than just the issue dependency search; returning 400 in the cross repo issue search api method if not enabled; fixed bug where the issue count did not respect the state parameter

* when adding a dependency to an issue, added a check to make sure the issue and dependency are in the same repo if cross repo dependencies is not enabled

* updated sortIssuesSession call in PullRequests, another commit moved this method from pull.go to pull_list.go so I had to re-apply my change here

* fixed incorrect setting of user id parameter in search repos call

* Add settings for CloseKeywords and ReopenKeywords

* Fix and improve tests

* Use sync.Once() for initialization

* Fix unintended exported function