When multiple workflows are triggered by a single event (e.g. a
pull_request with several matching workflow files), each InsertRun
transaction acquires an X-lock on the repository row via
UpdateRepoRunsNumbers and an index lock on action_run. Two concurrent
transactions can deadlock when each holds one lock and waits for the
other. InnoDB kills the lighter transaction, but handleWorkflows only
logged the error and silently dropped the workflow run — making it
appear as though pull_request events were never fired.
This was the root cause of API-created PRs appearing to not trigger
Actions workflows: the notification pipeline was correct, but the DB
insert was lost to an unretried deadlock.
The fix wraps PrepareRunAndInsert in a retry loop (up to 3 attempts
with exponential backoff) that detects deadlock errors across MySQL,
PostgreSQL, and SQLite. On deadlock, the rolled-back run fields are
reset before the next attempt.
Also adds db.IsErrDeadlock() for cross-engine deadlock detection and
unit tests for the same.
Closes#220
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Allow C++, .NET, version numbers (2.0.1) in wiki filenames.
Clean up isolated plus signs that appear between hyphens.
Examples:
- C++ vs C# -> C++-vs-C.md
- .NET Guide -> .NET-Guide.md
- version 2.0.1 -> version-2.0.1-release.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New wiki page titles are now sanitized before creating the git file:
- Spaces and special characters replaced with hyphens
- Consecutive hyphens collapsed to single hyphen
- Leading/trailing hyphens trimmed
Examples:
- "My Page Name" -> "My-Page-Name"
- "API & Docs (v2)" -> "API-Docs-v2"
- "100% Complete!!" -> "100-Complete"
Only affects NEW pages. Existing wiki pages with legacy filenames
(spaces, URL encoding) continue to work — the read path is unchanged.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a Require2FA toggle to organization settings. When enabled,
org members without 2FA are redirected to the security settings
page with a warning flash message.
Changes:
- New Require2FA field on User model (migration v333)
- Org settings UI checkbox with shield-lock icon
- Check2FARequirement middleware on member-required org routes
- UpdateOptions extended with Require2FA field
Closes#208
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When a user signs in, sends notifications with username, IP address,
user agent, and timestamp. Notifications go through:
- Email to the user's registered address
- ntfy push to the configured topic
Enabled by default, configurable via app.ini:
[login_notification]
ENABLED = true
The notification fires asynchronously (goroutine) so it doesn't
block the login redirect. Hooks into handleSignInFull which is the
single choke point for all auth methods (password, 2FA, OAuth).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Help link added to footer right-links (next to API and Licenses)
- Login logo (login-logo.png) now shown on the signin page, not just
the home page. Hidden via onerror when not uploaded.
- Landing page is set to 'login' so home.tmpl never renders — the
logo needed to be on signin_inner.tmpl instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The help link was wrapped in {{if not .IsSigned}} which hid it for
logged-in users. Removed the condition so it's always visible.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
octicon-dashboard doesn't exist in Gitea's SVG set, causing the
icon to render as raw text. octicon-meter is the equivalent gauge icon.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Changed details.toggleable-item summary from justify-content:
space-between to gap + margin-left: auto on the chevron. Added
.flex-container-nav .item rule to force left alignment on all
menu items including standalone links.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The compiled CSS bundle doesn't pick up the flexcontainer.css change.
Use inline style with !important on the menu container to override
Fomantic UI's default center alignment.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fomantic UI's vertical menu centers text by default. Added
text-align: left to .flex-container-nav menu items so all
admin sidebar entries align consistently.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Each release attachment now gets its own .sha256 checksum file
(e.g. asset.zip.sha256) instead of a single checksums.sha256 manifest.
Old .sha256 files are cleaned up before regenerating.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Each branding image row now has a Reset button when custom image exists
- Reset removes the custom file, reverting to built-in default
- All admin sidebar menu items now have octicon icons
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Help URL: knowledge base / documentation link
- Support URL: ticket system / email for user support
Both saved to app.ini and applied in-memory immediately.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jmiller
Jonathan Miller