Replace webpack with Vite 8 as the frontend bundler. Frontend build is
around 3-4 times faster than before. Will work on all platforms
including riscv64 (via wasm).
`iife.js` is a classic render-blocking script in `<head>` (handles web
components/early DOM setup). `index.js` is loaded as a `type="module"`
script in the footer. All other JS chunks are also module scripts
(supported in all browsers since 2018).
Entry filenames are content-hashed (e.g. `index.C6Z2MRVQ.js`) and
resolved at runtime via the Vite manifest, eliminating the `?v=` cache
busting (which was unreliable in some scenarios like vscode dev build).
Replaces: https://github.com/go-gitea/gitea/pull/36896
Fixes: https://github.com/go-gitea/gitea/issues/17793
Signed-off-by: silverwind <me@silverwind.io>
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Enable Docker BuildKit layer caching for the dry-run and nightly
container build workflows using GHCR registry cache.
- **Dry-run** (`pull-docker-dryrun.yml`): adds `cache-from`, read-only,
PRs can't write cache
- **Nightly** (`release-nightly.yml`): adds `cache-from` and `cache-to`
to both read and write cach
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Replace the e2e tests initialization with a simple bash script,
removing the previous Go harness.
- `make test-e2e` is the single entry point. It always starts a fully
isolated ephemeral Gitea instance with its own temp directory, SQLite
database, and config — no interference with the developer's running
instance.
- A separate `gitea-e2e` binary is built via `EXECUTABLE_E2E` using
`TEST_TAGS` (auto-includes sqlite with `CGO_ENABLED=1`), keeping the
developer's regular `gitea` binary untouched.
- No more split into database-specific e2e tests. Test timeouts are
strict, can be relaxed later if needed.
- Simplified and streamlined the playwright config and test files.
- Remove all output generation of playwright and all references to
visual testing.
- Tests run on Chrome locally, Chrome + Firefox on CI.
- Simplified CI workflow — visible separate steps for frontend, backend,
and test execution.
- All exported env vars use `GITEA_TEST_E2E_*` prefix.
- Use `GITEA_TEST_E2E_FLAGS` to pass flags to playwright, e.g.
`GITEA_TEST_E2E_FLAGS="--ui" make test-e2e` for UI mode or
`GITEA_TEST_E2E_FLAGS="--headed" make test-e2e` for headed mode.
- Use `GITEA_TEST_E2E_DEBUG=1 make test-e2e` to show Gitea server
output.
---------
Signed-off-by: silverwind <me@silverwind.io>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This simplifies the Makefile by removing the whole-file wrapping that
creates a tempdir introduced by
https://github.com/go-gitea/gitea/pull/11126. REPO_TEST_DIR is removed
as well.
Also clean up a lot of legacy code: unnecessary XSS test, incorrect test
env init, unused "_old_uid" hack, etc
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
- Update all JS deps
- Enable a few more stylelint stylistic rules and fix issues
- Remove knip, it raised another false-positive, this tool is not worth
it when you have to babysit it like that
- Exclude @eslint/json from updating as it requires unreleased eslint 10
([ref](https://github.com/eslint/json/issues/207))
- Update labeler config for new eslint filenames
- Adjust `make help` output
- Add type checking in `stylelint.config.ts`
- Update JS and PY dependencies
- Workaround https://github.com/stylelint/stylelint/issues/8893 by
moving the stylint config file to JS
- Regenerate SVGs
- Bump to python 3.14 in devcontainer and actions
- Verified `@github/text-expander-element`
- Removed obsolete type stub
Bumps
[appleboy/git-push-action](https://github.com/appleboy/git-push-action)
from 1.0.0 to 1.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/appleboy/git-push-action/releases">appleboy/git-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.0</h2>
<h2>Changelog</h2>
<h3>Features</h3>
<ul>
<li>2722561d2c158e67f0e4b908bda83937e53bbdd4: feat: add options for
insecure SSL and SSH version selection (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Others</h3>
<ul>
<li>2c87d5bacd46972f72523394e67af39825081037: style: standardize YAML
quoting and update input descriptions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>66a962f89a56024b2a36de61fe65ba6b9994be15: fix: rename drone-git-push
env vars and update default version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>e37f17de403a8b0b59184d852be6b7a7e017d376: chore: mark all
directories as safe in global git configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Refactor</h3>
<ul>
<li>7bdda76242d8f6b40576a039a2d2233c43b7661e: refactor: refactor GitHub
Action to use Bash instead of Docker (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>4873de66e7bed19267cc8cd66959005c42d41cc7: refactor: simplify stdout
capturing by removing legacy logic (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>d1c361f2d2e128593b5dfeb3c2d9a5c6a1af7128: ci: run Docker actions as
nobody and inject GITHUB_WORKSPACE (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>fdf995de1284df95f38a3d99275eb38537eb05a4: ci: simplify Docker action
environment variable configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>8e938ac7df8937d595e4c4fcf345139339a34819: ci: update
GITHUB_WORKSPACE to use /github/home path (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>3b2c8661652360dbf1afe1b319a49dbb739c39f1: docs: migrate to composite
GitHub Action and standardize env vars (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h2>v1.1.0</h2>
<h2>Changelog</h2>
<h3>Features</h3>
<ul>
<li>28a54bbef16233cbea6f9fe39f318a4f055cd749: feat: add mirror input
support to GitHub Action configuration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>a63ac675f748ad297929b6d9688f94939fbe3dea: fix: fix spelling of
'force' option in git push actions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>ee39884535468c8b6f101c0980aec38a61bc6c8b: chore(readme): refactor
codebase and update dependencies (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>94fb0c0d87ba52affdcb2daf8505a0e7f086f205: chore: bump drone-git-push
base image to version 1.2.0 (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>a939634b19fa88f0d4c853f4b604a4df5549911d: chore: pin Drone Git Push
image to a specific version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>0a16d15bfdca306c84a299db735f248e9d408bb3: ci: improve CI workflow
for semantic version releases (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>1807bf9a1b801f99799e4e2a64ca1c6b11301fc3: ci: automate maintenance
and enhance repository security (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>f39abba130277d16a141588c1b4c194a8f0b4636: build: run container as
non-root user for enhanced security (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>ed86ac596a332db5353062d7cbdf24d61554f5f1: ci: update CI workflows to
trigger on main branch (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>cd8de7f6c86b1390f0108011580b6c9845b9f5df: build: eliminate
"nobody" user references from Dockerfile (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>7465fee0c6ac1466048408a99c52598be9abf00f: ci: update CI workflow to
use newer actions/checkout version (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>b9d4e07212dd711b7e57352e5b6172038ab20f6e: build: simplify Docker
build by removing entrypoint.sh chmod step (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>14d3003b72ea485bf8707bfbef4926eca78cc341: build: upgrade CI pipeline
to latest drone-git-push base image (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>378ab1be62cfbae4111d3bbbec417d5b2e97134d: docs: clarify and
standardize input and action descriptions (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>4c679526c0d1910c6e058a82fdde978d5cd8c0c2: docs: revamp documentation
with expanded features and usage examples (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>61f29e5108e85fa252a0556c08ec87f0c425f1b2: docs: document GitHub
Action integration and Claude Code guidelines (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>a7ef8abff3f71345b67dc056ac3d7b2d006efa42: docs: add Trivy security
scan badge to documentation (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/appleboy/git-push-action/commit/3b2c8661652360dbf1afe1b319a49dbb739c39f1"><code>3b2c866</code></a>
docs: migrate to composite GitHub Action and standardize env vars</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/4873de66e7bed19267cc8cd66959005c42d41cc7"><code>4873de6</code></a>
refactor: simplify stdout capturing by removing legacy logic</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/2c87d5bacd46972f72523394e67af39825081037"><code>2c87d5b</code></a>
style: standardize YAML quoting and update input descriptions</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/2722561d2c158e67f0e4b908bda83937e53bbdd4"><code>2722561</code></a>
feat: add options for insecure SSL and SSH version selection</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/66a962f89a56024b2a36de61fe65ba6b9994be15"><code>66a962f</code></a>
fix: rename drone-git-push env vars and update default version</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/7bdda76242d8f6b40576a039a2d2233c43b7661e"><code>7bdda76</code></a>
refactor: refactor GitHub Action to use Bash instead of Docker</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/8e938ac7df8937d595e4c4fcf345139339a34819"><code>8e938ac</code></a>
ci: update GITHUB_WORKSPACE to use /github/home path</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/e37f17de403a8b0b59184d852be6b7a7e017d376"><code>e37f17d</code></a>
chore: mark all directories as safe in global git configuration</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/fdf995de1284df95f38a3d99275eb38537eb05a4"><code>fdf995d</code></a>
ci: simplify Docker action environment variable configuration</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/d1c361f2d2e128593b5dfeb3c2d9a5c6a1af7128"><code>d1c361f</code></a>
ci: run Docker actions as nobody and inject GITHUB_WORKSPACE</li>
<li>Additional commits viewable in <a
href="https://github.com/appleboy/git-push-action/compare/v1.0.0...v1.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[appleboy/git-push-action](https://github.com/appleboy/git-push-action)
from 0.0.3 to 1.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/appleboy/git-push-action/releases">appleboy/git-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.0</h2>
<h2>Changelog</h2>
<h3>Enhancements</h3>
<ul>
<li>50ae8aaf06c6fc08b3d13da3aa03deb50d970125: chore(docker): improve
overall system performance and API integration (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Build process updates</h3>
<ul>
<li>feea2e25baaa5ea24a9689a8af03f229ec1dd1a2: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>5d65d1094eb0415898554ba83c4f3196778f9a85: ci: improve testing
workflow and API usage (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>b31dd8d6e7ba1e80a96a4772d8c4290fe7bac0ce: build: update base image
in Dockerfile (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>fc585cfea49d10c08f8009f674c05961a0934647: ci(goreleaser): implement
automated release process with GoReleaser (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
<li>b1e5e3d76ccb4afd43bc0859672a6f9113fa0458: ci(test): optimize CI
workflow and test configurations (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>8f1f45876617e5d74085a38164c421be39f099b3: docs(readme): refactor
codebase and improve test coverage (<a
href="https://github.com/appleboy"><code>@appleboy</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/appleboy/git-push-action/commit/b1e5e3d76ccb4afd43bc0859672a6f9113fa0458"><code>b1e5e3d</code></a>
ci(test): optimize CI workflow and test configurations</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/8f1f45876617e5d74085a38164c421be39f099b3"><code>8f1f458</code></a>
docs(readme): refactor codebase and improve test coverage</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/fc585cfea49d10c08f8009f674c05961a0934647"><code>fc585cf</code></a>
ci(goreleaser): implement automated release process with GoReleaser</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/50ae8aaf06c6fc08b3d13da3aa03deb50d970125"><code>50ae8aa</code></a>
chore(docker): improve overall system performance and API
integration</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/b31dd8d6e7ba1e80a96a4772d8c4290fe7bac0ce"><code>b31dd8d</code></a>
build: update base image in Dockerfile</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/5d65d1094eb0415898554ba83c4f3196778f9a85"><code>5d65d10</code></a>
ci: improve testing workflow and API usage</li>
<li><a
href="https://github.com/appleboy/git-push-action/commit/feea2e25baaa5ea24a9689a8af03f229ec1dd1a2"><code>feea2e2</code></a>
ci: improve testing workflow and API usage</li>
<li>See full diff in <a
href="https://github.com/appleboy/git-push-action/compare/v0.0.3...v1.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
add mount cache directives to container builds, which speeds up local
builds bypassing node and go package download entirely on second build
and caching go compilation.
drop job level split on regular/rootless, which allows to reuse the
previously made stage for rootless, skipping duplicate builds in CI.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
See https://github.com/actions/setup-node/releases/tag/v5.0.0
Caching is now enabled by default when `packageManager` is present in
package.json, and we have that. `cache-dependency-path` is unneccesary
because the action will automatically detect it.
As per https://github.com/bitnami/containers/issues/83267, my
understanding is that the `docker.io/bitnami` images will be deleted on
September 29.
To prevent this failure mode, use the images on the `bitnamilegacy` org
instead which are snapshots from when they stopped updating them.
Long-term, we should replace these images with official ones.
postgres 12 is end of life since 6 months. 13 and above are still
supported but I think it's overall better if we test a more recent
version of postgres because that's what new users will be running on.
Ref: https://endoflife.date/postgresql
This PR will cross-publish the release, rc, and nightly images from
`docker.io` to `ghcr.io` as docker hub has imposed rate-limiting
Signed-off-by: Allen Conlon <software@conlon.dev>
blevesearch is skipped because it causes errors
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
`go vet` implicitely runs as part of `go test`, but we already have
`make lint-go-vet`, so we were essentially running it twice. This should
hopefully make `go test` slightly faster.
Ref: https://pkg.go.dev/cmd/go#hdr-Test_packages
> As part of building a test binary, go test runs go vet
silverwind