summaryrefslogtreecommitdiffstats
path: root/release-notes (follow)
Commit message (Collapse)AuthorAgeFilesLines
* chore(release-notes): notes for the week 2025-02 weekly cherry pickEarl Warren2025-01-051-0/+1
|
* add release notesoliverpool2025-01-011-0/+1
|
* chore(release-notes): notes for the week 2024-51 weekly cherry pickEarl Warren2024-12-151-0/+4
|
* chore(release-notes): notes for the week 2024-50 weekly cherry pickEarl Warren2024-12-081-0/+1
|
* chore(release-notes): notes for the week 2024-49 weekly cherry pickEarl Warren2024-12-031-0/+1
|
* chore(release-notes): notes for the week 2024-48 weekly cherry pickEarl Warren2024-11-241-0/+4
|
* chore(release-notes): notes for the week 2024-47 weekly cherry pickEarl Warren2024-11-181-0/+8
|
* chore(release-notes): notes for the week 2024-46 weekly cherry pickEarl Warren2024-11-161-0/+1
|
* chore(release-notes): 15 November 2024 security fixesEarl Warren2024-11-151-0/+8
|
* Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> ↵Earl Warren2024-11-061-0/+6
|\ | | | | | | | | | | | | forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5789 Reviewed-by: Gusted <gusted@noreply.codeberg.org>
| * chore(release-notes): notes for the week 2024-45 weekly cherry pickGergely Nagy2024-11-051-0/+6
| |
* | Merge pull request 'feat: add partial quoting' (#5677) from ↵Gusted2024-11-051-0/+1
|\ \ | |/ |/| | | | | | | | | | | gusted/forgejo-partial-qouting into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5677 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Reviewed-by: Otto <otto@codeberg.org>
| * feat: Add partial quotingGusted2024-10-261-0/+1
| | | | | | | | | | | | | | | | | | | | - If you select a portion of the comment, `Quote reply` will not only quote that portion and not copy paste the whole text as it previously did. This is achieved by using the `@github/quote-selection` package. - There's preprocessing to ensure Forgejo-flavored markdown syntax is preserved. - e2e test added. - Resolves #1342
* | chore(release-notes): related pull requests workflow fixesEarl Warren2024-11-041-0/+3
| |
* | chore(release-notes): Update dependency mermaid to v11.4.0Earl Warren2024-10-311-0/+2
| |
* | Merge pull request '[gitea] week 2024-44 cherry pick (gitea/main -> ↵Earl Warren2024-10-291-0/+3
|\ \ | | | | | | | | | | | | | | | | | | forgejo)' (#5714) from algernon/wcp/2024-44 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5714 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
| * | chore(release-notes): notes for the week 2024-44 weekly cherry pickGergely Nagy2024-10-271-0/+3
| |/
* | Merge pull request 'use constant time check for internal token' (#5719) from ↵Earl Warren2024-10-281-0/+1
|\ \ | | | | | | | | | | | | | | | | | | earl-warren/forgejo:wip-timing into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5719 Reviewed-by: 0ko <0ko@noreply.codeberg.org>
| * | fix(sec): use constant time check for internal tokenGusted2024-10-281-0/+1
| |/
* / security: add permission check to 'delete branch after merge'Gusted2024-10-281-0/+1
|/ | | | | | | | - Add a permission check that the doer has write permissions to the head repository if the the 'delete branch after merge' is enabled when merging a pull request. - Unify the checks in the web and API router to `DeleteBranchAfterMerge`. - Added integration tests.
* chore(release-notes): notes for week 2024-43 weekly cherry pickGergely Nagy2024-10-221-0/+5
| | | | Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
* Merge pull request '[gitea] week 2024-42 cherry pick (gitea/main -> ↵Earl Warren2024-10-191-0/+1
|\ | | | | | | | | | | | | forgejo)' (#5543) from earl-warren/wcp/2024-42 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5543 Reviewed-by: Gusted <gusted@noreply.codeberg.org>
| * chore(release-notes): weekly cherry-pick week 2024-42Earl Warren2024-10-131-0/+1
| |
* | chore(release-notes): Update module github.com/go-enry/go-enry/v2 to v2.9.1Earl Warren2024-10-181-0/+2
|/
* chore(release-note): Fix bug when a token is given public onlyEarl Warren2024-10-101-0/+1
|
* Merge pull request '[gitea] week 2024-41 cherry pick (gitea/main -> ↵Earl Warren2024-10-091-0/+3
|\ | | | | | | | | | | | | forgejo)' (#5477) from earl-warren/wcp/2024-41 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5477 Reviewed-by: Otto <otto@codeberg.org>
| * chore(release-notes): weekly cherry-pick week 2024-41Earl Warren2024-10-061-0/+3
| |
* | [Feat]Add link to show all Issues/PullRequests (#4125)JakobDev2024-10-091-0/+1
|/ | | | | | | | | | | | | | | | | | | | The Issue and PullRequest list has 3 states: - open: This lists all open Issues/PullRequests - closed: This lists all closed Issues/PullRequests - all: This lists all open and closed Issues/PullRequests If you want to get to the all state, you need to click Open while in open state or Closed while in closed state, which is very unintuitive. This PR adss a third button to get to this state. ![grafik](/attachments/4ff59e4c-e318-40f0-80ba-f921ce098919) I'm not sure if the eye icon fits well, but I couldn't find a better one. Tests will be added once #4124 is merged. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4125 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: JakobDev <jakobdev@gmx.de> Co-committed-by: JakobDev <jakobdev@gmx.de>
* chore(release-notes): Update dependency mermaid to v11.3.0Earl Warren2024-10-041-0/+1
|
* chore(release-notes): weekly cherry-pick week 2024-40Earl Warren2024-09-291-0/+3
|
* chore(release-notes): weekly cherry-pick week 2024-39Earl Warren2024-09-271-0/+5
|
* [gitea] week 2024-38 cherry pick (gitea/main -> forgejo) (release notes)Earl Warren2024-09-201-0/+3
|
* chore(release-notes): Update dependency mermaid v11.2.0Earl Warren2024-09-141-0/+3
|
* chore(release-notes): weekly cherry-pick week 2024-36Earl Warren2024-09-011-0/+2
|
* [SEC] Ensure propagation of API scopes for Conan and Container authenticationGusted2024-08-281-0/+1
| | | | | | | | | | | | | | | - The Conan and Container packages use a different type of authentication. It first authenticates via the regular way (api tokens or user:password, handled via `auth.Basic`) and then generates a JWT token that is used by the package software (such as Docker) to do the action they wanted to do. This JWT token didn't properly propagate the API scopes that the token was generated for, and thus could lead to a 'scope escalation' within the Conan and Container packages, read access to write access. - Store the API scope in the JWT token, so it can be propagated on subsequent calls that uses that JWT token. - Integration test added. - Resolves #5128
* Merge pull request '[gitea] week 2024-35 cherry pick (gitea/main -> ↵Earl Warren2024-08-271-0/+2
|\ | | | | | | | | | | | | forgejo)' (#5109) from algernon/wcp/2024-35 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5109 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
| * chore(release-notes): weekly cherry-pick week 2024-35Gergely Nagy2024-08-261-0/+2
| | | | | | | | Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
* | chore(release-notes): Update module github.com/go-enry/go-enry/v2 to v2.8.9Earl Warren2024-08-261-0/+2
| |
* | Merge pull request '[CHORE] Move to new sessioner library' (#5090) from ↵Earl Warren2024-08-261-0/+1
|\ \ | |/ |/| | | | | | | | | | | gusted/forgejo-sessioner-fork into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5090 Reviewed-by: Otto <otto@codeberg.org> Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
| * [CHORE] Move to new sessioner libraryGusted2024-08-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Moves to a fork of gitea.com/go-chi/session that removed support for couchbase (and ledis, but that was never made available in Forgejo) along with other code improvements. https://code.forgejo.org/go-chi/session/compare/f8ce6775954417f3270aafd573d3e4e448a44bad..main - The rationale for removing Couchbase is quite simple. Its not licensed under FOSS license (https://www.couchbase.com/blog/couchbase-adopts-bsl-license/) and therefore cannot be tested by Forgejo and shouldn't be supported. This is a similair vein to the removal of MSSQL support (https://codeberg.org/forgejo/discussions/issues/122) - A additional benefit is that this reduces the Forgejo binary by ~600Kb.
* | Merge pull request 'Allow pushmirror to use publickey authentication' ↵Gusted2024-08-241-0/+1
|\ \ | | | | | | | | | | | | | | | | | | (#4819) from ironmagma/forgejo:publickey-auth-push-mirror into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4819 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
| * | [FEAT] Allow pushmirror to use publickey authenticationPhilip Peterson2024-08-221-0/+1
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Continuation of https://github.com/go-gitea/gitea/pull/18835 (by @Gusted, so it's fine to change copyright holder to Forgejo). - Add the option to use SSH for push mirrors, this would allow for the deploy keys feature to be used and not require tokens to be used which cannot be limited to a specific repository. The private key is stored encrypted (via the `keying` module) on the database and NEVER given to the user, to avoid accidental exposure and misuse. - CAVEAT: This does require the `ssh` binary to be present, which may not be available in containerized environments, this could be solved by adding a SSH client into forgejo itself and use the forgejo binary as SSH command, but should be done in another PR. - CAVEAT: Mirroring of LFS content is not supported, this would require the previous stated problem to be solved due to LFS authentication (an attempt was made at forgejo/forgejo#2544). - Integration test added. - Resolves #4416
* | chore(release-notes): workflow_dispatch parsing error fixEarl Warren2024-08-231-0/+1
| |
* | Forgejo v9.0 is GPLv3+Twenty Panda2024-08-221-0/+1
|/ | | | | | | | * display Forgejo license first * do not send go-license in a loop because Gitea & Forgejo have different licenses Refs: https://codeberg.org/forgejo/governance/src/commit/62ac0cc3347888a65f026a446bc53de8c301402b/AGREEMENTS.md
* Merge pull request '[gitea] week 2024-34 cherry pick (gitea/main -> ↵Earl Warren2024-08-201-0/+4
|\ | | | | | | | | | | | | forgejo)' (#4998) from earl-warren/wcp/2024-34 into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4998 Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
| * chore(release-notes): weekly cherry-pick week 2024-34Earl Warren2024-08-191-0/+4
| |
* | [BUG] Don't fire notification for comment of pending reviewGusted2024-08-181-0/+1
|/ | | | | | | | | | | | | - When a comment was updated or deleted and was part of an pending/ongoing review, it would have triggered a notification, such as a webhook. - This patch checks if the comment is part of a pending review and then does not fire a notification and, in the case of updating a comment, does not save the content history because this is not necessary if it is still a "draft" comment given it is a pending comment (there is no need to see my embarrassing typos). - Adds integration tests. - Resolves https://codeberg.org/forgejo/forgejo/issues/4368
* Merge pull request 'Revert "Prevent allow/reject reviews on merged/closed ↵Otto2024-08-141-0/+1
|\ | | | | | | | | | | | | | | PRs"' (#4907) from caesar/forgejo:revert-no-closed-pr-review into forgejo Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4907 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Reviewed-by: Otto <otto@codeberg.org>
| * add release notesCaesar Schinas2024-08-131-0/+1
| |
* | chore(release-notes): weekly cherry-pick week 2024-33Earl Warren2024-08-131-0/+2
| |
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-30 20:42:12 +0100