gitea

mirror of https://github.com/go-gitea/gitea.git synced 2026-06-17 19:10:22 +03:00

Files

T

History

bircni 9e84deb969 fix: Various sec fixes 2 (#38108 )

- Enforce repository token scope on RSS/Atom feed endpoints so a PAT
without repo scope can no longer read private repo commit data.
- Block HTTP redirects during repository migration clones to prevent
SSRF reaching internal addresses via an attacker-controlled redirect.
- Redact the notification subject after repo access is revoked so
private issue/PR metadata is no longer leaked through the notification
API.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

2026-06-17 06:50:25 +02:00

actions

feat(actions)!: improve support for reusable workflows (#37478 )

2026-05-30 08:31:14 +02:00

analyze

Fix incorrect vendored detections (#36508 )

2026-02-01 10:35:51 +00:00

assetfs

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

auth

test: speed up two tests (#37905 )

2026-05-31 03:33:13 +00:00

avatar

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

badge

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

base

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

cache

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

cachegroup

Cache GPG keys, emails and users when list commits (#34086 )

2025-04-09 16:34:38 +00:00

charset

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

commitstatus

Update Combine method to treat warnings as failures and adjust tests (#37048 )

2026-03-31 17:22:18 +00:00

consts

feat(ssh): auto generate additional ssh keys (#33974 )

2026-06-08 18:18:58 +00:00

container

Refactor sidebar assignee&milestone&project selectors (#32465 )

2024-11-11 04:07:54 +08:00

csv

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

dump

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

emoji

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

eventsource

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

fileicon

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

generate

feat(ssh): auto generate additional ssh keys (#33974 )

2026-06-08 18:18:58 +00:00

git

fix: Various sec fixes 2 (#38108 )

2026-06-17 06:50:25 +02:00

gitrepo

fix: git cmd (#38084 )

2026-06-12 07:35:59 +02:00

glob

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

globallock

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

graceful

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

gtprof

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

hcaptcha

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

highlight

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

hostmatcher

fix(hostmatcher): block reserved IP ranges from external/private filters (#38039 )

2026-06-10 10:03:36 +02:00

htmlutil

feat(web): Add Jupyter Notebook (.ipynb) Rendering Support (#37433 )

2026-06-14 15:52:37 +02:00

httpcache

fix: remove "no-transfrom" from the cache-control header (#37985 )

2026-06-04 00:12:02 +08:00

httplib

fix: remove "no-transfrom" from the cache-control header (#37985 )

2026-06-04 00:12:02 +08:00

indexer

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

issue/template

enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866 )

2026-05-29 01:12:11 +00:00

json

Fix corrupted JSON caused by goccy library (#37214 )

2026-04-14 14:00:20 +00:00

label

enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866 )

2026-05-29 01:12:11 +00:00

lfs

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

lfstransfer

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

log

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

markup

chore: center info message for unsupported jupyter notebook versions (#38114 )

2026-06-15 10:29:41 +08:00

mcaptcha

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

metrics

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

migration

enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866 )

2026-05-29 01:12:11 +00:00

nosql

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

optional

enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866 )

2026-05-29 01:12:11 +00:00

options

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

packages

fix(packages): validate module version in goproxy ParsePackage (#38104 )

2026-06-15 19:14:14 +02:00

paginator

feat(ui): add "follow rename" to file commit history list (#34994 )

2026-06-03 17:40:38 +00:00

pprof

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

private

fix: git push hook post receive (#38089 )

2026-06-13 04:43:25 +00:00

process

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

proxy

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

proxyprotocol

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

public

fix(frontend): resolve Vite assets by manifest source path (#37836 )

2026-05-28 06:14:52 +00:00

queue

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

recaptcha

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

references

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

regexplru

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repository

fix: git push hook post receive (#38089 )

2026-06-13 04:43:25 +00:00

reqctx

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

secret

Upgrade golangci-lint to v1.64.5 (#33654 )

2025-02-21 00:05:40 +08:00

session

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

setting

fix: csp regressions (#38047 )

2026-06-12 08:36:05 +08:00

sitemap

chore: fix form string abuse (#38106 )

2026-06-14 18:26:22 +00:00

ssh

feat(ssh): auto generate additional ssh keys (#33974 )

2026-06-08 18:18:58 +00:00

storage

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

structs

feat(org): add team visibility so org members can discover teams (#37680 )

2026-06-14 19:07:25 +00:00

svg

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

system

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tailmsg

Support performance trace (#32973 )

2025-01-21 18:57:07 +00:00

tempdir

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

templates

feat: Add avatar stacks (#37594 )

2026-06-08 17:16:22 +00:00

test

feat(web): Add Jupyter Notebook (.ipynb) Rendering Support (#37433 )

2026-06-14 15:52:37 +02:00

testlogger

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

timeutil

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

translation

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

turnstile

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

typesniffer

Feature non-zipped actions artifacts (action v7) (#36786 )

2026-03-26 00:37:48 +08:00

updatechecker

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

uri

…

user

Refactor older tests to use testify (#33140 )

2025-01-09 09:21:47 +08:00

util

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

validation

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

web

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

webhook

actions: report commit status for pull_request_review events (#36589 )

2026-02-20 16:12:22 +00:00

zstd

chore(deps): upgrade zstd seekable package (#37988 )

2026-06-04 13:38:56 +00:00