mirrors/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-07-02 06:36:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
forgejo/modules
History
Gusted 6591867502
[GITEA] Use restricted sanitizer for repository description 
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit a8afa4cd18)
(cherry picked from commit 0238587c51)
(cherry picked from commit a8c7bbf728)
(cherry picked from commit 80e05a8245)
(cherry picked from commit f5af5050b3)
(cherry picked from commit 608f981e55)
2023-10-16 17:25:37 +02:00
..
actions [CI] Search .forgejo/workflows first 2023-10-16 13:26:27 +02:00
activitypub More refactoring of db.DefaultContext (#27083) 2023-09-15 06:13:19 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
auth [SECURITY] default to pbkdf2 with 320,000 iterations 2023-10-16 15:50:09 +02:00
avatar Remove nfnt/resize and oliamb/cutter (#25999) 2023-07-20 19:52:42 +08:00
base Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
cache improve unit test for caching (#26185) 2023-07-27 22:24:40 +02:00
charset Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
container Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
context Add support for HEAD ref in /src/branch and /src/commit routes (#27384) (#27407) 2023-10-03 08:13:49 +00:00
contexttest Avoid double-unescaping of form value (#26853) 2023-09-01 12:01:36 +00:00
csv Refactor locale number (#24134) 2023-04-17 11:37:23 +08:00
doctor fix orphan check for deleted branch (#27310) (#27321) 2023-09-28 10:52:53 +08:00
emoji Update emoji set to Unicode 15 (#25595) 2023-06-29 16:29:48 +00:00
eventsource More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
generate Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
git Fix git 2.11 error when checking IsEmpty (#27393) (#27397) 2023-10-02 22:36:18 +02:00
gitgraph More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
graceful Allow the use of alternative net.Listener implementations by downstreams (#25855) 2023-07-24 07:18:17 +00:00
hcaptcha Consume hcaptcha and pwn deps (#22610) 2023-01-29 09:49:51 -06:00
highlight Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
hostmatcher Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
httplib Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
indexer [CI] disable meilisearch/elasticsearch test, no server yet in CI 2023-10-16 13:26:27 +02:00
issue/template Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
json Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
label Make label templates have consistent behavior and priority (#23749) 2023-04-10 16:44:02 +08:00
lfs Refactor lfs requests (#26783) 2023-09-18 08:40:50 +00:00
log Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
markup [GITEA] Use restricted sanitizer for repository description 2023-10-16 17:25:37 +02:00
mcaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
metrics Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
migration Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
paginator Use more specific test methods (#24265) 2023-04-22 17:56:27 -04:00
pprof Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
private [CLI] implement forgejo-cli 2023-10-16 13:26:27 +02:00
process Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
proxy Use proxy for pull mirror (#22771) 2023-02-11 08:39:50 +08:00
proxyprotocol Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
public Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974) 2023-07-21 12:14:20 +00:00
queue [CI] disable redis test, no redis server yet in CI 2023-10-16 13:26:27 +02:00
recaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
references Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) 2023-09-14 02:59:53 +00:00
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository Refactor system setting (#27000) (#27452) 2023-10-05 10:37:59 +00:00
secret Improve decryption failure message (#24573) 2023-05-07 19:29:43 +08:00
session Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
setting [GITEA] notifies admins on new user registration 2023-10-16 17:25:37 +02:00
sitemap Fix sitemap (#22272) 2022-12-30 23:31:00 +08:00
ssh restrict certificate type for builtin SSH server (#26789) 2023-09-01 13:45:22 +00:00
storage [CI] Forgejo Actions based CI for PR & branches 2023-10-16 13:26:27 +02:00
structs [v1.21] [FEAT] allow setting the update date on issues and comments 2023-10-16 15:50:17 +02:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
system Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
templates More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
timeutil Fix incorrect webhook time and use relative-time to display it (#24477) 2023-05-03 19:53:43 -04:00
translation Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
turnstile Add new captcha: cloudflare turnstile (#22369) 2023-02-05 15:29:03 +08:00
typesniffer Detect ogg mime-type as audio or video (#26494) 2023-08-15 10:31:25 +08:00
updatechecker Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
upload Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
uri Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
user Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
util Refactor lfs requests (#26783) 2023-09-18 08:40:50 +00:00
validation [GITEA] add option for banning dots in usernames 2023-10-16 17:25:36 +02:00
web [GITEA] add option for banning dots in usernames 2023-10-16 17:25:36 +02:00
webhook New webhook trigger for receiving Pull Request review requests (#24481) 2023-05-24 22:06:27 -04:00