forgejo

mirror of https://codeberg.org/forgejo/forgejo synced 2025-10-18 23:10:42 +02:00

History

forgejo-backport-action 6636550157 [v12.0/forgejo] fix: Actions workflows triggered by comments or labels to pull requests may access secrets (#9025 ) Backport: https://codeberg.org/forgejo/forgejo/pulls/9003 This avoids issue_comment events on pull requests to get that flag set and subsequently not get access to secrets. ### Tests - I added test coverage for Go changes... - [x] in their respective `_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. <!--start release-notes-assistant--> ## Release notes <!--URL:https://codeberg.org/forgejo/forgejo--> - Bug fixes - [PR](https://codeberg.org/forgejo/forgejo/pulls/9003): <!--number 9003 --><!--line 0 --><!--description QWN0aW9ucyB3b3JrZmxvd3MgdHJpZ2dlcmVkIGJ5IGNvbW1lbnRzIG9yIGxhYmVscyB0byBwdWxsIHJlcXVlc3RzIG1heSBhY2Nlc3Mgc2VjcmV0cw==-->Actions workflows triggered by comments or labels to pull requests may access secrets<!--description--> <!--end release-notes-assistant--> Co-authored-by: BtbN <btbn@btbn.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9025 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>		2025-08-25 21:50:02 +02:00
..
TestServiceActions_startTask	[v12.0/forgejo] a corrupted Forgejo Actions scheduled workflow is disabled (#8944 )	2025-08-19 01:43:43 +02:00
auth.go
auth_test.go
cleanup.go
cleanup_test.go
clear_tasks.go
commit_status.go
context.go
context_test.go
init.go
interface.go
job_emitter.go
job_emitter_test.go
job_parser.go
job_parser_test.go
main_test.go
notifier.go	[v12.0/forgejo] fix: Actions workflows triggered by comments or labels to pull requests may access secrets (#9025 )	2025-08-25 21:50:02 +02:00
notifier_helper.go	[v12.0/forgejo] fix: Actions workflows triggered by comments or labels to pull requests may access secrets (#9025 )	2025-08-25 21:50:02 +02:00
notifier_helper_test.go	[v12.0/forgejo] fix: Actions workflows triggered by comments or labels to pull requests may access secrets (#9025 )	2025-08-25 21:50:02 +02:00
rerun.go
rerun_test.go
schedule_tasks.go	[v12.0/forgejo] a corrupted Forgejo Actions scheduled workflow is disabled (#8944 )	2025-08-19 01:43:43 +02:00
schedule_tasks_test.go	[v12.0/forgejo] a corrupted Forgejo Actions scheduled workflow is disabled (#8944 )	2025-08-19 01:43:43 +02:00
task.go
variables.go
workflows.go