Commit graph

19193 commits

Author SHA1 Message Date
Earl Warren
4c4e27cbd6 Merge pull request '[v7.0/forgejo] fix: 15 November 2024 security fixes batch' (#5976) from earl-warren/forgejo:wip-v7.0-security-15-11 into v7.0/forgejo
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5976
2024-11-15 12:00:23 +00:00
Earl Warren
579560bd72
chore(release-notes): 15 November 2024 security fixes 2024-11-15 12:10:02 +01:00
Gusted
16419b6fc3
fix: disallow basic authorization when security keys are enrolled
- This unifies the security behavior of enrolling security keys with
enrolling TOTP as a 2FA method. When TOTP is enrolled, you cannot use
basic authorization (user:password) to make API request on behalf of the
user, this is now also the case when you enroll security keys.
- The usage of access tokens are the only method to make API requests on
behalf of the user when a 2FA method is enrolled for the user.
- Integration test added.

(cherry picked from commit e6bbecb02d)
2024-11-15 12:02:14 +01:00
Gusted
b770282d45
fix: extend forgejo_auth_token table
- Add a `purpose` column, this allows the `forgejo_auth_token` table to
be used by other parts of Forgejo, while still enjoying the
no-compromise architecture.
- Remove the 'roll your own crypto' time limited code functions and
migrate them to the `forgejo_auth_token` table. This migration ensures
generated codes can only be used for their purpose and ensure they are
invalidated after their usage by deleting it from the database, this
also should help making auditing of the security code easier, as we're
no longer trying to stuff a lot of data into a HMAC construction.
-Helper functions are rewritten to ensure a safe-by-design approach to
these tokens.
- Add the `forgejo_auth_token` to dbconsistency doctor and add it to the
`deleteUser` function.
- TODO: Add cron job to delete expired authorization tokens.
- Unit and integration tests added.

(cherry picked from commit 1ce33aa38d)

v7: Removed migration - XORM can handle this case automatically without migration.

assert.Equal(t, `doesnotexist@example.com`, msgs[0].To) in tests
because v7 does not include the user name to the recipient.
2024-11-15 12:02:14 +01:00
Gusted
5b53a150c0
Improve usage of HMAC output for mailer tokens
- If the incoming mail feature is enabled, tokens are being sent with
outgoing mails. These tokens contains information about what type of
action is allow with such token (such as replying to a certain issue
ID), to verify these tokens the code uses the HMAC-SHA256 construction.
- The output of the HMAC is truncated to 80 bits, because this is
recommended by RFC2104, but RFC2104 actually doesn't recommend this. It
recommends, if truncation should need to take place, it should use
max(80, hash_len/2) of the leftmost bits. For HMAC-SHA256 this works out
to 128 bits instead of the currently used 80 bits.
- Update to token version 2 and disallow any usage of token version 1,
token version 2 are generated with 128 bits of HMAC output.
- Add test to verify the deprecation of token version 1 and a general
MAC check test.

(cherry picked from commit 9508aa7713)
2024-11-15 12:02:09 +01:00
Gusted
3a197f7de2
fix: strict matching of allowed content for sanitizer
- _Simply_ add `^$` to regexp that didn't had it yet, this avoids any
content being allowed that simply had the allowed content as a
substring.
- Fix file-preview regex to have `$` instead of `*`.

(cherry picked from commit 7067cc7da4)

v7: added fix for ref-issue, this is already fixed in forgejo branch but
not backported as it was part of a feature.
2024-11-15 11:59:35 +01:00
Gusted
c2284d871f
fix: anomynous users code search for private/limited user's repository
- Consider private/limited users in the `AccessibleRepositoryCondition`
query, previously this only considered private/limited organization.
This limits the ability for anomynous users to do code search on
private/limited user's repository
- Unit test added.

(cherry picked from commit b70196653f)
2024-11-15 11:59:22 +01:00
Gusted
eb066a472c
fix: require code permissions for branch feed
- The RSS and atom feed for branches exposes details about the code, it
therefore should be guarded by the requirement that the doer has access
to the code of that repository.
- Added integration testing.

(cherry picked from commit 3e3ef76808)
2024-11-15 11:59:08 +01:00
Gusted
7480b6072f
fix: don't show private forks in forks list
- If a repository is forked to a private or limited user/organization,
the fork should not be visible in the list of forks depending on the
doer requesting the list of forks.
- Added integration testing for web and API route.

(cherry picked from commit 061abe6004)
2024-11-15 11:58:58 +01:00
Gusted
656351d028
fix: add ID check for updating push mirror interval
- Ensure that the specified push mirror ID belongs to the requested
repository, otherwise it is possible to modify the intervals of the push
mirrors that do not belong to the requested repository.
- Integration test added.

(cherry picked from commit 786dfc7fb8)
2024-11-15 11:58:37 +01:00
Earl Warren
4ada4bc828 Merge pull request '[v7.0/forgejo] chore(ci): ROLE forgejo-coding & forgejo-testing' (#5953) from earl-warren/forgejo:wip-v7.0-testing-only into v7.0/forgejo
Some checks failed
Integration tests for the release process / release-simulation (push) Has been cancelled
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5953
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-14 11:12:35 +00:00
Earl Warren
91ff7f3324
chore(ci): ROLE forgejo-coding & forgejo-testing (part two)
When the CI vars.ROLE is forgejo-coding, it is assumed to be the
repository where collaborative coding happens,
i.e. https://codeberg.org/forgejo/forgejo

When the CI vars.ROLE is forgejo-testing, it is assumed that only codebase
testing is to be run and no other tests such as release build
integration, label constraints, backporting etc.

(cherry picked from commit 068558accd)

Conflicts:
	.forgejo/workflows/testing.yml
  e2e was in .forgejo/workflows/e2e.yml
  and some tests did not exist in v7.0
2024-11-14 10:21:29 +01:00
Earl Warren
900307a3ed
chore(ci): ROLE forgejo-coding & forgejo-testing
When the CI vars.ROLE is forgejo-coding, it is assumed to be the
repository where collaborative coding happens,
i.e. https://codeberg.org/forgejo/forgejo

When the CI vars.ROLE is forgejo-testing, it is assumed that only codebase
testing is to be run and no other tests such as release build
integration, label constraints, backporting etc.

(cherry picked from commit f82840f1ea)

Conflicts:
	.forgejo/workflows/merge-requirements.yml
	.forgejo/workflows/release-notes-assistant-milestones.yml
	.forgejo/workflows/release-notes-assistant.yml
  did not exist back in v7.0
2024-11-14 10:19:49 +01:00
Earl Warren
6ca9686054 Merge pull request '[v7.0/forgejo] chore(release): also copy the release to code.forgejo.org' (#5938) from earl-warren/forgejo:wip-v7.0-mirror into v7.0/forgejo
Some checks are pending
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5938
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-13 18:45:09 +00:00
Earl Warren
c565439eb9
chore(ci): trigger a mirror when a release is publish
Notify https://code.forgejo.org/forgejo/forgejo that a new release was
published by setting the trigger label to
https://code.forgejo.org/forgejo/forgejo/issues/5.

It is only ever useful when a stable release is published, the
experimental releases are not mirrored. But it is triggered in all
cases. This will waste a few mirror check daily, when experimental
releases are built. This is an improvement compared to the current
situation where mirrors are checked hourly:

* Instead of being checked 24 times per day it will be down to less
  than 5
* The mirror happens immediately after the release is published
  instead of waiting for the next run of the cron job.

If a mirror operation is in progress, as evidenced by the presence of
the trigger label on the issure, it means two releases are being
published. Wait up to 1h for the mirror to complete and remove the
trigger label.

(cherry picked from commit 7492330721)

Conflicts:
	.forgejo/workflows/publish-release.yml
  trivial context conflict
2024-11-13 18:03:45 +01:00
Otto
b94044407f Merge pull request '[v7.0/forgejo] chore(renovate): only run if renovate workflow changed' (#5860) from bp-v7.0/forgejo-2eeb2fc into v7.0/forgejo
Some checks failed
testing / test-unit (push) Has been cancelled
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5860
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-08 12:58:01 +00:00
Michael Kriese
2cba5eadb1 chore(renovate): only run if renovate workflow changed
(cherry picked from commit 2eeb2fcd35)
2024-11-08 12:42:50 +00:00
Renovate Bot
a2d5560782 Update dependency happy-dom to v15 [SECURITY] (v7.0/forgejo) (#5853)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
2024-11-08 09:44:46 +00:00
Earl Warren
2148397813 Merge pull request '[v7.0/forgejo] chore(ci): notify the k8s cluster about experimental releases [skip ci]' (#5808) from earl-warren/forgejo:wip-v7.0-next-digest into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5808
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-11-04 14:14:57 +00:00
Earl Warren
b81dfaf2b3
chore(ci): the k8s cluster uses the root container
v7.next.forgejo.org is legacy and was created with a root container
image as an exception.

https://code.forgejo.org/infrastructure/k8s-cluster/issues/30#issuecomment-17221
2024-11-04 14:46:00 +01:00
Earl Warren
305ec55b10
[v7.0/forgejo] chore(ci): notify the k8s cluster about experimental releases
This is in preparation of the migration of the v*.next.forgejo.org
instances currently managed at https://code.forgejo.org/infrastructure/k8s

The key difference is that the former system relies on ad-hoc scripts
and creates one k8s cluster for each instance, sharing nothing between
them.

The newer k8s cluster is used for all and requires significantly less
ad-hoc tooling.

See also:

* https://code.forgejo.org/infrastructure/next-digest
* https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/k8s.md#updating-v-next-forgejo-org

(cherry picked from commit dab156b452)
2024-11-04 14:37:59 +01:00
Earl Warren
ec3321a02d Merge pull request 'Update dependency mermaid to v10.9.3 [SECURITY] (v7.0/forgejo)' (#5725) from renovate/v7.0/forgejo-npm-mermaid-vulnerability into v7.0/forgejo
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5725
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-28 07:59:16 +00:00
Earl Warren
20848116a6 Merge pull request '[v7.0/forgejo] use constant time check for internal token' (#5723) from bp-v7.0/forgejo-53231ba into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5723
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-28 07:21:14 +00:00
Renovate Bot
23dc779f94 Update dependency mermaid to v10.9.3 [SECURITY] 2024-10-28 06:28:51 +00:00
Gusted
1f40efc60b fix(sec): use constant time check for internal token
(cherry picked from commit 53231bad61)
2024-10-28 06:17:16 +00:00
Earl Warren
cc343f27e9 Merge pull request '[v7.0/forgejo] add permission check to 'delete branch after merge'' (#5720) from earl-warren/forgejo:wip-v7.0-delete-branch into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5720
2024-10-28 06:15:56 +00:00
Gusted
5488ec7d96
security: add permission check to 'delete branch after merge'
- Add a permission check that the doer has write permissions to the head
repository if the the 'delete branch after merge' is enabled when
merging a pull request.
- Unify the checks in the web and API router to `DeleteBranchAfterMerge`.
- Added integration tests.

(cherry picked from commit 266e0b2ce9)

Conflicts:
	tests/integration/pull_merge_test.go
  trivial context conflict
2024-10-28 06:32:10 +01:00
0ko
d9d434217f Merge pull request 'Translation backports to v7' (#5401) from 0ko/forgejo:i18n-backport-20240926-v7 into v7.0/forgejo
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5401
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-09-27 12:46:28 +00:00
Codeberg Translate
80f501c9ad [v7.0/forgejo] i18n: update of translations from Codeberg Translate
Backport: https://codeberg.org/forgejo/forgejo/pulls/5309.

Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Outbreak2096 <Outbreak2096@users.noreply.translate.codeberg.org>
Co-authored-by: aleksi <aleksi@users.noreply.translate.codeberg.org>
Co-authored-by: Vaclovas Intas <Gateway_31@protonmail.com>
Co-authored-by: toasterbirb <toasterbirb@users.noreply.translate.codeberg.org>
Co-authored-by: Salif Mehmed <mail@salif.eu>
Co-authored-by: Zughy <Zughy@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5309
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>

(cherry picked from commit 6d57cbe5c8)
(cherry picked from commit 9791010feb)
2024-09-26 22:39:12 +05:00
Codeberg Translate
698b9e3766 [v7.0/forgejo] i18n: update of translations from Codeberg Translate
Backport: https://codeberg.org/forgejo/forgejo/pulls/5231.

Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Co-authored-by: xtex <xtexchooser@duck.com>
Co-authored-by: emansije <emansije@users.noreply.translate.codeberg.org>
Co-authored-by: Monti <contact@montidaproot.xyz>
Co-authored-by: muhaaliss <muhaaliss@users.noreply.translate.codeberg.org>
Co-authored-by: EssGeeEich <EssGeeEich@users.noreply.translate.codeberg.org>
Co-authored-by: Zughy <Zughy@users.noreply.translate.codeberg.org>
Co-authored-by: Marco Ciampa <ciampix@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5231
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>

(cherry picked from commit 2d3fc00d02)
(cherry picked from commit 884b5aab8b)
2024-09-26 22:36:58 +05:00
Codeberg Translate
7d994178c4 [v7.0/forgejo] i18n: update of translations from Codeberg Translate
Backport: https://codeberg.org/forgejo/forgejo/pulls/5182.

Co-authored-by: Vaclovas Intas <Gateway_31@protonmail.com>
Co-authored-by: Monti <contact@montidaproot.xyz>
Co-authored-by: sclu1034 <sclu1034@users.noreply.translate.codeberg.org>
Co-authored-by: Dirk <Dirk@users.noreply.translate.codeberg.org>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5182
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>

(cherry picked from commit fb4a8b24cc)
(cherry picked from commit 1fc2e1f02d)
2024-09-26 22:36:04 +05:00
Earl Warren
a12e0308da Merge pull request 'Update dependency go to v1.22.7 (v7.0/forgejo)' (#5241) from renovate/v7.0/forgejo-patch-golang-packages into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5241
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-09-06 22:52:38 +00:00
Earl Warren
7644435aed Merge pull request '[v7.0/forgejo] replace v-html with v-text in branch search inputbox for XSS protection' (#5246) from bp-v7.0/forgejo-bb8796b into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5246
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-09-06 11:15:13 +00:00
Lunny Xiao
bb811ee28a fix: replace v-html with v-text in branch search inputbox
Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
(cherry picked from commit 7eef261c3ebf9bfe37fe0dceb51bde9a79bbaf17)
(cherry picked from commit bb8796b3be)
2024-09-06 10:38:00 +00:00
Renovate Bot
a0c1c1fdc7 Update dependency go to v1.22.7 2024-09-06 05:18:52 +00:00
Earl Warren
367ccad622 Merge pull request 'Update dependency webpack to v5.94.0 [SECURITY] (v7.0/forgejo)' (#5201) from renovate/v7.0/forgejo-npm-webpack-vulnerability into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5201
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-09-03 08:36:50 +00:00
Renovate Bot
af756c76a7 Update dependency webpack to v5.94.0 [SECURITY] 2024-09-02 06:22:11 +00:00
0ko
08e37d130a Merge pull request '[v7.0/forgejo] i18n: update of translations from Codeberg Translate' (#5181) from bp-v7.0/forgejo-b73fd55 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5181
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-08-30 19:06:38 +00:00
Codeberg Translate
fa7fffdeef i18n: update of translations from Codeberg Translate (#5070)
Translations update from [Codeberg Translate](https://translate.codeberg.org) for [Forgejo/forgejo](https://translate.codeberg.org/projects/forgejo/forgejo/).

Current translation status:

![Weblate translation status](https://translate.codeberg.org/widget/forgejo/forgejo/horizontal-auto.svg)

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Localization
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/5070): <!--number 5070 --><!--line 0 --><!--description aTE4bjogdXBkYXRlIG9mIHRyYW5zbGF0aW9ucyBmcm9tIENvZGViZXJnIFRyYW5zbGF0ZQ==-->i18n: update of translations from Codeberg Translate<!--description-->
<!--end release-notes-assistant-->

Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Co-authored-by: Xinayder <Xinayder@users.noreply.translate.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Kita Ikuyo <searinminecraft@courvix.com>
Co-authored-by: Fjuro <fjuro@alius.cz>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: hugoalh <hugoalh@users.noreply.translate.codeberg.org>
Co-authored-by: Outbreak2096 <Outbreak2096@users.noreply.translate.codeberg.org>
Co-authored-by: Eryk Michalak <gnu.ewm@protonmail.com>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: hankskyjames777 <hankskyjames777@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5070
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
(cherry picked from commit 45198cef64)
(cherry picked from commit b73fd55374)
2024-08-30 18:28:49 +00:00
Earl Warren
47cd797dd3 Merge pull request '[gitea] week 2024-35-v7.0 cherry pick (release/v1.22 -> v7.0/forgejo)' (#5113) from earl-warren/wcp/2024-35-v7.0 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5113
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-28 10:30:46 +00:00
Gusted
41f7faf4fe Merge pull request '[v7.0/forgejo] [SEC] Ensure propagation of API scopes for Conan and Container authentication' (#5150) from bp-v7.0/forgejo-5a871f6 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5150
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-28 09:55:33 +00:00
Gusted
ce10ec2878 [SEC] Ensure propagation of API scopes for Conan and Container authentication
- The Conan and Container packages use a different type of
authentication. It first authenticates via the regular way (api tokens
or user:password, handled via `auth.Basic`) and then generates a JWT
token that is used by the package software (such as Docker) to do the
action they wanted to do. This JWT token didn't properly propagate the
API scopes that the token was generated for, and thus could lead to a
'scope escalation' within the Conan and Container packages, read
access to write access.
- Store the API scope in the JWT token, so it can be propagated on
subsequent calls that uses that JWT token.
- Integration test added.
- Resolves #5128

(cherry picked from commit 5a871f6095)
2024-08-28 08:44:58 +00:00
Otto
619fe48af7 Merge pull request 'Backports of #4889 and #4984 to v7' (#5138) from 0ko/forgejo:i18n-backport-20240827-v7 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5138
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-27 17:36:59 +00:00
Earl Warren
4b5f4ec788 Merge pull request '[v7.0/forgejo] fix: correct doctor commands and rename to forgejo' (#5134) from bp-v7.0/forgejo-94af0e5 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5134
Reviewed-by: Otto <otto@codeberg.org>
2024-08-27 06:13:36 +00:00
Codeberg Translate
250bf845bd [v7.0/forgejo] i18n: update of translations from Codeberg Translate
Backport: #4984.

Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Co-authored-by: qui <qui@users.noreply.translate.codeberg.org>
Co-authored-by: hahahahacker2009 <hahahahacker2009@users.noreply.translate.codeberg.org>
Co-authored-by: Fjuro <fjuro@alius.cz>
Co-authored-by: Outbreak2096 <Outbreak2096@users.noreply.translate.codeberg.org>
Co-authored-by: Wuzzy <Wuzzy@users.noreply.translate.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: fnetX <otto@codeberg.org>
Co-authored-by: Panagiotis \"Ivory\" Vasilopoulos <git@n0toose.net>
Co-authored-by: emansije <emansije@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4984
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
(cherry picked from commit d30be160c9)
(cherry picked from commit 619f2faf98)
2024-08-27 08:29:22 +05:00
0ko
7191018661 [v7.0/forgejo] i18n: update of translations from Codeberg Translate
Backport: #4889.

Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Co-authored-by: Outbreak2096 <Outbreak2096@users.noreply.translate.codeberg.org>
Co-authored-by: Panagiotis \"Ivory\" Vasilopoulos <git@n0toose.net>
Co-authored-by: dragon <dragon@users.noreply.translate.codeberg.org>
Co-authored-by: hoovad <hoovad@users.noreply.translate.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: hankskyjames777 <hankskyjames777@users.noreply.translate.codeberg.org>
Co-authored-by: emansije <emansije@users.noreply.translate.codeberg.org>
Co-authored-by: hugoalh <hugoalh@users.noreply.translate.codeberg.org>
Co-authored-by: zub <zub@users.noreply.translate.codeberg.org>
Co-authored-by: Fjuro <fjuro@alius.cz>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Kita Ikuyo <searinminecraft@courvix.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4889
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
(cherry picked from commit 17fa75074d)
(cherry picked from commit c13d13f7cc)
2024-08-27 08:27:23 +05:00
Otto Richter
402cf29da6 fix: correct doctor commands and rename to forgejo
The syntax is `doctor check --run` , see https://forgejo.org/docs/latest/admin/command-line/#doctor

(cherry picked from commit 94af0e53e5)
2024-08-27 01:44:00 +00:00
Earl Warren
5df3029bf2
chore(release-notes): weekly cherry-pick week 2024-35-v7.0 2024-08-25 17:49:20 +02:00
Giteabot
bf07064e40
add CfTurnstileSitekey context data to all captcha templates (#31874) (#31876)
Backport #31874 by @bohde

In the OpenID flows, the "CfTurnstileSitekey" wasn't populated, which
caused those flows to fail if using Turnstile as the Captcha
implementation.

This adds the missing context variables, allowing Turnstile to be used
in the OpenID flows.

Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
(cherry picked from commit 0affb5c775280622b277bba2223c01968bafa8b7)
2024-08-25 17:41:08 +02:00
Otto
3dbe5be281 Merge pull request '[PORT] Fix overflow for images on project cards (gitea#31683)' (#5033) from gusted/forgejo-bp-5029-v7 into v7.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5033
Reviewed-by: Otto <otto@codeberg.org>
2024-08-20 21:35:23 +00:00