mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-07-13 04:58:46 +00:00
- fix: prevent stored XSS in user display name on Actions page - fix: LFS locks must belong to the intended repo, port from Gitea - fix: prevent unauthorized access to draft releases via API - fix: prevent writes to OpenID visibility which may affect other users - fix: prevent viewing private PRs that are linked to public issues on public projects Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/13001 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Beowulf <beowulf@beocode.eu> |
||
|---|---|---|
| .. | ||
| fixtures | ||
| activitypub.go | ||
| avatar.go | ||
| avatar_test.go | ||
| badge.go | ||
| block.go | ||
| block_test.go | ||
| email_address.go | ||
| email_address_test.go | ||
| error.go | ||
| external_login_user.go | ||
| federated_user.go | ||
| federated_user_follower.go | ||
| federated_user_follower_test.go | ||
| federated_user_test.go | ||
| follow.go | ||
| follow_test.go | ||
| list.go | ||
| main_test.go | ||
| moderation.go | ||
| moderation_test.go | ||
| must_change_password.go | ||
| openid.go | ||
| openid_test.go | ||
| redirect.go | ||
| search.go | ||
| setting.go | ||
| setting_keys.go | ||
| setting_test.go | ||
| user.go | ||
| user_repository.go | ||
| user_system.go | ||
| user_test.go | ||
| user_update.go | ||