ᴊᴏᴇ ᴄʜᴇɴ
441c64d7bd
markup: restrict data URI scheme to safe image MIME types ( #8174 )
...
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-10 22:26:31 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
5c67d47512
database: remove MSSQL backend support ( #8173 )
2026-02-10 18:41:31 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
94d6e53dc2
email: replace gomail with go-mail ( #8164 )
...
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-10 17:44:01 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
a1fa62b270
all: decouple API types from go-gogs-client SDK ( #8171 )
...
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-02-10 10:56:17 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
069d3535d6
chore: fix broken links to gogs.io ( #8169 )
2026-02-09 09:09:59 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
81ee883644
lfs: verify content hash and prevent object overwrite ( #8166 )
...
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
2026-02-08 17:14:12 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
3c358ede6d
all: migrate from json-iterator to encoding/json ( #8159 )
2026-02-08 00:34:36 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
48500aa2b0
all: migrate from satori/go.uuid to google/uuid ( #8161 )
2026-02-08 00:13:43 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
785157ba1f
all: migrate from nfnt/resize to golang.org/x/image/draw ( #8158 )
2026-02-08 00:08:50 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1c8016a27b
database/schemadoc: migrate to github.com/DATA-DOG/go-sqlmock ( #8157 )
2026-02-08 00:07:45 -05:00
Copilot
bf17cc6c69
Replace github.com/unknwon/com with stdlib and internal helpers ( #8148 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: Joe Chen <jc@unknwon.io >
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-05 22:08:54 -05:00
Copilot
6d56105f8f
Run modernize tool across codebase ( #8147 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: Joe Chen <jc@unknwon.io >
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
2026-02-05 21:32:09 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ea2c4093f
refactor: move main package from root to cmd/gogs ( #8139 )
...
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 23:28:48 -05:00
dependabot[bot]
7ebfb202e4
mod: bump github.com/olekukonko/tablewriter from 0.0.5 to 1.1.0 ( #8039 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 23:11:08 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ad425025e
fix(ssh): git clone via built-in SSH server hangs ( #8135 )
...
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 22:20:43 -05:00
Joe Chen
997c3c5eab
chore: take care of legacy code
2026-01-31 20:07:49 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
628216d588
security: require authentication for attachment uploads ( #8128 )
...
https://github.com/gogs/gogs/security/advisories/GHSA-fc3h-92p8-h36f
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 14:40:39 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7b7e38c880
security: prevent deletion of protected and default branches via web UI ( #8124 )
...
https://github.com/gogs/gogs/security/advisories/GHSA-2c6v-8r3v-gh6p
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 12:51:07 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
bb68c0a042
security: fix cross-repository label modification vulnerability ( #8123 )
...
https://github.com/gogs/gogs/security/advisories/GHSA-cv22-72px-f4gh
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-31 12:28:30 -05:00
Yaroslav Halchenko
3cc8e7aa6d
Fix typos throughout the codebase ( #7514 )
2026-01-30 23:03:05 -05:00
Rajat Jain
9f1499f3ab
Support comparing tags in addition to branches ( #6493 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
Co-authored-by: Claude <noreply@anthropic.com >
2026-01-30 22:45:03 -05:00
Jeff Li
77dba1b5ea
repo: fix 500 error on watchers and stargazers pages using MSSQL ( #6386 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
Co-authored-by: Claude <noreply@anthropic.com >
2026-01-30 22:24:43 -05:00
Georg Wicke-Arndt
f70f29fdb0
Show file name in browser tab title when viewing files ( #5896 )
2026-01-30 22:11:10 -05:00
Sino
87c8faaf08
Standardize HTTP status codes ( #7851 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
2026-01-30 09:27:59 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1b226ca48d
repo: improve authz for resources ( #8119 )
...
https://github.com/gogs/gogs/security/advisories/GHSA-jj5m-h57j-5gv7
2026-01-29 20:56:09 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
e3bb4165dc
database: impersonate pure-Go SQLite driver as the old "sqlite3" ( #8118 )
2026-01-29 14:49:36 -05:00
pikomonde
df3d945a2c
config: validate and print warnings for invalid options ( #7705 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
2026-01-28 11:36:03 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ae41bab5f2
repo: always list tree entries with verbatim ( #8116 )
...
Co-authored-by: Ali <alicse3@gmail.com >
2026-01-28 10:11:30 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
2316b09eaf
database: fully switch over to pure-Go SQLite driver ( #8115 )
2026-01-27 22:45:50 -05:00
Copilot
3477bbac0e
Add ED25519 test coverage and refactor SSH key parsing tests ( #8107 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com >
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-27 14:04:12 -05:00
Copilot
1cdeef2ce8
Replace tool.IsMaliciousPath with pathutil.Clean and move IsSameSite to urlutil ( #8106 )
2026-01-23 21:13:27 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
26ef07f60d
repo: validate Git server hook name for editing ( #8103 )
2026-01-23 09:40:36 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ca59e76a53
api: verify write access to update repo content ( #8102 )
2026-01-23 09:19:11 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
27f1250d00
api: verify owner access to delete repos ( #8101 )
2026-01-22 22:52:57 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
560f92ec5f
two_factor: verify recovery code ownership upon using ( #8100 )
2026-01-22 22:30:27 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1bbc36149a
wiki: sanitize old wiki page name when editing ( #8099 )
2026-01-22 11:00:27 -05:00
Copilot
4ee706b2bf
chore: replace pkg/errors with cockroachdb/errors ( #8098 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com >
2026-01-22 08:20:53 -05:00
Copilot
ae59787ff5
chore: remove internal/database/errors package ( #8096 )
2026-01-22 07:17:34 -05:00
Copilot
389ec54b2c
chore: rename osutil.IsExist to osutil.Exist ( #8097 )
2026-01-21 22:22:07 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
5544212adb
wiki: auto-detect default branch ( #8094 )
2026-01-20 23:38:10 -05:00
deepsource-autofix[bot]
8e08450182
style: format code with Go fmt and Gofumpt ( #8092 )
2026-01-19 14:54:13 -05:00
Shivam Kumar
beeeb64969
repo: check directory existence before creation ( #8091 )
...
Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io >
2026-01-19 14:36:38 -05:00
Mukaiu
3ef71a43d9
api: fix nil pointer dereference when listing user repos ( #8069 )
...
Co-authored-by: Joe Chen <jc@unknwon.io >
2026-01-18 21:01:03 -05:00
Shivam Kumar
b7010084b7
auth: support redirecting to custom URL upon sign out ( #8089 )
...
Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io >
2026-01-16 15:44:26 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
59e9fa191b
chore: remove all MIT license file headers ( #8083 )
...
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
2026-01-08 19:32:15 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
553707f3fd
repository: reject any updates that has symlink in path hierarchy ( #8082 )
...
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-01-08 14:22:04 -05:00
Copilot
04cc48339f
chore: update Go version from 1.24 to 1.25 in CI and related files ( #8066 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com >
Co-authored-by: Joe Chen <jc@unknwon.io >
2025-12-03 20:11:14 -05:00
Neptunium93
3666718ec5
repo: fix potential null pointer dereference in mirror sync ( #8065 )
2025-12-03 18:04:42 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
79cc921892
conf: enable value mapping from env vars ( #8057 )
2025-11-23 20:59:52 -05:00
Joe Chen
591810e405
web_editor: prohibit CRUD to symbolic files ( #7981 )
...
Fixes
[GHSA-wj44-9vcg-wjq7](https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7 )
---------
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
2025-06-08 18:28:28 -04:00