Nemcio/Gogs
1
0
Fork 0
mirror of https://github.com/gogs/gogs.git synced 2026-01-17 12:52:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,089 Commits 11 Branches 84 Tags
d940e692ec58abd45e648c054d7dfd88909034ec
Commit Graph

6089 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Chen
d940e692ec chore: fix up links and add CTA in README 
[skip ci]
 2025-06-18 09:46:51 -04:00
Joe Chen
7fc19d094c chore: update dev_release_patch_version.md 
[skip ci]
 2025-06-08 23:13:35 -04:00
Joe Chen
4e3bf27fe2 chore: update dev_release_patch_version.md 
[skip ci]
 2025-06-08 21:30:40 -04:00
Joe Chen
16b8b0974e chore: update dev_release_patch_version 
[skip ci]
 2025-06-08 21:23:46 -04:00
Joe Chen
f004b5b472 CHANGELOG: cut entries for 0.13.3 (#7983) 
[skip ci]
 2025-06-08 18:53:03 -04:00
Joe Chen
591810e405 web_editor: prohibit CRUD to symbolic files (#7981) 
Fixes
[GHSA-wj44-9vcg-wjq7](https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7)

---------

Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
 2025-06-08 18:28:28 -04:00
Joe Chen
3c2112215f ci: only run Docker job for the main repository (#7980) 2025-06-08 17:19:48 -04:00
dependabot[bot]
9db5c30c36 mod: bump github.com/pquerna/otp from 1.3.0 to 1.5.0 (#7972) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-01 12:58:19 -04:00
dependabot[bot]
49f4d4312b mod: bump github.com/niklasfasching/go-org from 1.7.0 to 1.8.0 (#7978) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-01 12:50:52 -04:00
dependabot[bot]
0cf12eccae mod: bump modernc.org/sqlite from 1.37.0 to 1.37.1 (#7977) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-01 12:50:32 -04:00
dependabot[bot]
495c38825a mod: bump gorm.io/driver/postgres from 1.5.11 to 1.6.0 (#7973) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-06-01 11:56:55 -04:00
dependabot[bot]
60b912ddda mod: bump golang.org/x/net from 0.39.0 to 0.40.0 (#7975) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-01 11:42:13 -04:00
Edoardo Ottavianelli
4d6a0ebaac security: patch for Stored XSS in PDF renderer (#7966) 2025-05-16 15:49:58 -04:00
dependabot[bot]
54fa465da5 mod: bump github.com/go-ldap/ldap/v3 from 3.4.10 to 3.4.11 (#7960) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-01 13:02:00 -04:00
dependabot[bot]
54cd8fd160 mod: bump golang.org/x/net from 0.36.0 to 0.38.0 (#7946) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-04-16 08:48:37 -04:00
dependabot[bot]
7abc81c4d2 mod: bump github.com/prometheus/client_golang from 1.21.0 to 1.21.1 (#7949) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 13:10:30 -04:00
dependabot[bot]
493834861d mod: bump golang.org/x/text from 0.22.0 to 0.23.0 (#7950) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 13:00:41 -04:00
dependabot[bot]
9a539393bd mod: bump github.com/editorconfig/editorconfig-core-go/v2 (#7948) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-14 18:05:48 -04:00
dependabot[bot]
139ea3ce7d mod: bump modernc.org/sqlite from 1.36.0 to 1.37.0 (#7947) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-04-14 18:00:07 -04:00
dependabot[bot]
4acaaac85a mod: bump golang.org/x/net from 0.34.0 to 0.36.0 (#7935) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 23:27:10 -05:00
dependabot[bot]
e93ced2163 mod: bump modernc.org/sqlite from 1.34.5 to 1.36.0 (#7929) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 23:18:23 -05:00
dependabot[bot]
9672b6dd6c mod: bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#7931) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 23:11:43 -05:00
dependabot[bot]
7a12c8418e mod: bump golang.org/x/text from 0.21.0 to 0.22.0 (#7933) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 23:11:08 -05:00
Joe Chen
2208f17e8e chore: update Trivy scan config (#7934) 2025-03-04 23:07:09 -05:00
宋子桓🌈
46a84fdad5 email: fix unable to override templates in custom directory (#7905) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-02-12 21:52:18 -05:00
dependabot[bot]
9c80e6d922 mod: bump modernc.org/sqlite from 1.34.4 to 1.34.5 (#7906) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-01 23:24:18 -05:00
dependabot[bot]
3a952bd248 mod: bump golang.org/x/net from 0.33.0 to 0.34.0 (#7908) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-01 23:22:49 -05:00
Joe Chen
96d5d622b8 ci: update GitHub Actions version for Code QL 2025-01-01 19:46:13 -05:00
MarcUs7i
b59e943aa6 Set timeout to explicit 0 in gogs.js (#7890) 
## Describe the pull request

A simple fix in public/js/gogs.js making bug upload not result in a
timeout (added just one line)

Link to the issue: closes https://github.com/gogs/gogs/issues/6149

## Test plan

- Set the max_size of `attachment` to a high number

```toml
[release.attachment]
ENABLED          = true
ALLOWED_TYPES    = */*
MAX_SIZE         = 512
MAX_FILES        = 20
```

- Upload a file to releases


![image](https://github.com/user-attachments/assets/8cf29c73-c8ec-42a3-9660-681a583b577a)

It doesn't randomly timeout!
 2025-01-01 19:41:24 -05:00
dependabot[bot]
371a6092de mod: bump modernc.org/sqlite from 1.34.1 to 1.34.4 (#7893) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-01 11:18:34 -05:00
dependabot[bot]
e6896eb393 mod: bump gorm.io/driver/postgres from 1.5.7 to 1.5.11 (#7895) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-01-01 11:11:51 -05:00
dependabot[bot]
6c04a1ce7c mod: bump github.com/go-ldap/ldap/v3 from 3.4.8 to 3.4.10 (#7894) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-01 10:37:55 -05:00
Martin
6bdbb88fb8 gogs.service: Remove syslog.target (#7681) 
Remove syslog.target from service file, this target hasn't existed for
over a decade.


6aa8d43ade/NEWS (L72-L73)
 2024-12-26 11:55:46 -05:00
ngn
6b4e8668a1 Adding '|' to the releases page (#7631) 
Adding '|' to the releases page `templates/repo/release/list.tmpl` 

i changed this:

![2023-12-22_16-41_1](https://github.com/gogs/gogs/assets/78868991/3d0f8572-b4de-458d-8bf2-dcd030c67757)
to this:

![2023-12-22_16-41](https://github.com/gogs/gogs/assets/78868991/43e2fe58-1019-40f5-b2fb-d011d1145be4)
(yes)
 2024-12-26 11:15:44 -05:00
Joe Chen
d8f562b6ad docs: remove dev/release directory (#7884) 
[skip ci]
 2024-12-23 13:26:07 -05:00
Joe Chen
f1e64008fb cmd: always build with "cert" subcommand (#7883) 2024-12-23 12:10:43 -05:00
Joe Chen
cfde357824 release: pull back 0.13.1 and move CHANGELOG entries to 0.13.2 (#7881) 2024-12-23 10:56:57 -05:00
Joe Chen
3459f8df49 Dockerfile: fix up outdated s6-svscan path (#7880) 
## Describe the pull request

Link to the issue: https://github.com/gogs/gogs/issues/7864
 2024-12-23 10:53:40 -05:00
Joe Chen
c0332ff856 release: update templates (#7877) 
[skip ci]
 2024-12-22 21:44:17 -05:00
Joe Chen
e1042e7d47 release: cut CHANGELOG entries for 0.13.1 (#7874) 
Part of https://github.com/gogs/gogs/issues/7873

[skip ci]
 2024-12-22 17:50:59 -05:00
Joe Chen
76831d0d06 dep: update github.com/gogs/git-module to v1.8.4 (#7872) 
## Describe the pull request

Fixes
https://github.com/gogs/gogs/security/advisories/GHSA-m27m-h5gj-wwmg by
including https://github.com/gogs/git-module/pull/110
 2024-12-22 16:37:51 -05:00
Joe Chen
68b3c8f339 repo: ignore unintended Git options for diff preview (#7871) 
## Describe the pull request

Fixes
https://github.com/gogs/gogs/security/advisories/GHSA-9pp6-wq8c-3w2c
 2024-12-22 15:59:03 -05:00
Joe Chen
77a4a945ae repo: prevent preview and delete files in .git directories (#7870) 
## Describe the pull request

Fixes
https://github.com/gogs/gogs/security/advisories/GHSA-ccqv-43vm-4f3w
 2024-12-22 15:24:18 -05:00
Joe Chen
b09f317aa0 database: lock mock properly to avoid data race in tests (#7869) 
Fixes tests data race found in
https://github.com/gogs/gogs/actions/runs/12457230279/job/34771555537
 2024-12-22 15:09:42 -05:00
Joe Chen
009a1855aa ssh: make env command a passthrough (#7868) 
## Describe the pull request

Fixes
https://github.com/gogs/gogs/security/advisories/GHSA-vm62-9jw3-c8w3
 2024-12-22 14:56:31 -05:00
Alexandre Jacquin
fb7812b194 Fix s6-svscan path in Dockerfile (#7867) 
Related to #7864

## Describe the pull request

Fix the path of the s6-svscan binary path in the Dockerfile. As
mentionned in the issue, it is probably to the alpine base image change
(from `3.17` to `3.21`).

Link to the issue:
https://github.com/gogs/gogs/issues/7864#issuecomment-2558323928

Credit to @cryptovaltt

## Test plan

Build the image and check if the application can be ran. E.g.:

```bash
docker build -t gogs:working-7864 -f Dockerfile .
docker run --name=gogs -p 10022:22 -p 10880:3000 -v gogs:working-7864 --rm
```
 2024-12-22 10:53:00 -05:00
Joe Chen
00bd6081a5 chore: minor fixup on README (#7866) 
[skip ci]
 2024-12-21 10:58:38 -05:00
Joe Chen
5326b4113a chore: update minimum Go version to 1.23.4 (#7865) 2024-12-21 10:48:17 -05:00
Joe Chen
7adac94f1e Dockerfile: update base image to alpine3.21 and enable trivy scan (#7863) 
## Describe the pull request

Link to the issue: fixes https://github.com/gogs/gogs/issues/6674
 2024-12-20 22:33:46 -05:00
Joe Chen
c5dff8cdad chore: update vulnerability report and patch policy 
[skip ci]
 2024-12-16 19:05:53 -05:00