peter/go-gitea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6,430 Commits 12 Branches 32 Tags 139 MiB
4a6466cca5
Commit Graph

6430 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugo Landau
4a6466cca5
Remove environment variable parsing from SSH server 
This removes the environment variable parsing code from the SSH server,
which never worked in the first place. Since environment variable
passing doesn't appear to be necessary for the built-in SSH server to
work properly, it's removed to reduce attack surface rather than fixing
it.

The current code processes (untrusted) input in a buggy manner and
passes it to a process invocation which doesn't actually do anything. I
don't *think* this is an exploitable vulnerability but I haven't looked
at it in detail, and it wouldn't really surprise me if it was.

Closes #1935, an alternative proposal which which partially fixes the
environment variable handling but ultimately still leaves it broken.

Signed-off-by: Hugo Landau <hlandau@devever.net>
 2018-06-17 23:14:23 +01:00
Jonas Franz
85414d8b75 Show second line by using >= 1 instead of > 1 (#4251) 
Signed-off-by: Jonas Franz <info@jonasfranz.software>
 2018-06-15 10:07:48 -04:00
GiteaBot
3aafa0400e [skip ci] Updated translations via Crowdin 2018-06-15 12:43:56 +00:00
Antoine GIRARD
23ba5c870f markup: escape short wiki link (#4091) 2018-06-15 20:42:49 +08:00
GiteaBot
c919b07a53 [skip ci] Updated translations via Crowdin 2018-06-15 07:48:26 +00:00
stevegt
a7aaacb633 fix CreateIssueCommentOption reference (#4239) 
* fixes a warning remaining from #4010 and #4220
 2018-06-15 15:47:13 +08:00
GiteaBot
a75f251195 [skip ci] Updated translations via Crowdin 2018-06-15 03:43:54 +00:00
David Schneiderbauer
adba2ad609 fix not respecting landing page setting (#4209) 
* fix not respecting landing page setting

* fmt

* add landing page test
 2018-06-15 11:42:46 +08:00
Antoine GIRARD
6efdcaed86 Fix swagger security parts (#4236) 2018-06-12 19:23:00 -04:00
Lauris BH
2b8c0bb5e2 Delete reactions added to issues and comments when deleting repository (#4232) 2018-06-12 13:02:51 -04:00
Lunny Xiao
406031d3cc fix bug when deleting a release (#4207) 2018-06-12 12:44:17 -04:00
Antoine GIRARD
908e8942cc Fix swagger errors (#4220) 
Fix all the resting errors to have a valid swagger file.

They are still some warnings but nothing blocking.

Doing so I found that some request still misses son parameters for some POST/PUT/PATCH request. This means the a client generated from the swagger file will not work completely. 

Fix #4088 by activating validation in drone
Should fix #4010.
 2018-06-12 22:59:22 +08:00
harry
0ba165e2ea Improve wiki content width. (#4195) 2018-06-12 14:27:18 +03:00
GiteaBot
0ea18698af [skip ci] Updated translations via Crowdin 2018-06-12 10:36:20 +00:00
Alexey Terentyev
7b773bd49f Fixed drone command in readme (#4222) 
Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
 2018-06-12 13:34:56 +03:00
GiteaBot
37359aee68 [skip ci] Updated translations via Crowdin 2018-06-11 22:55:33 +00:00
Lunny Xiao
da898d4066 fix delete comment bug (#4216) 2018-06-11 18:54:30 -04:00
GiteaBot
508092a248 [skip ci] Updated translations via Crowdin 2018-06-11 07:13:54 +00:00
BNolet
3da0d437e9 Fixed spelling + clarity (#4213) 
Message given when password was too short was incorrectly spelled and was not clear enough.
 2018-06-11 03:12:38 -04:00
GiteaBot
e3b77f92c1 [skip ci] Updated translations via Crowdin 2018-06-10 18:43:21 +00:00
nickolas360
2bb73fe12c HTML-escape text READMEs (#4192) 2018-06-10 21:42:16 +03:00
David Schneiderbauer
af57d6ab8a undo #3142 because processes don't use the util.Timestamp (#4203) 2018-06-10 09:48:45 +08:00
Fluf
f54626df0b Add config path as an optional flag when changing pass via CLI (#4184) 2018-06-09 18:35:14 -04:00
Fluf
9033eaeec1 Only show "You cannot fork a repository you own" when needed (#4130) 2018-06-09 16:51:10 -04:00
GiteaBot
ef0bc57ae7 [skip ci] Updated translations via Crowdin 2018-06-09 19:16:38 +00:00
Jesse Lucas
47f59589c5 Update backup and restore doc usage (#4165) 
Edit example of `./gitea dump` to include -c option to pass app.ini

Signed-off-by: Jesse Lucas <jesse@jesselucas.com>
 2018-06-09 15:16:16 -04:00
Antoine GIRARD
048468560f Add security advice to contrib guide (#4187) 
* Improve contributing guidelines for security
 2018-06-09 12:03:23 -04:00
GiteaBot
8786c15221 [skip ci] Updated translations via Crowdin 2018-06-09 00:14:00 +00:00
Ben Yanke
512678a5a3 Move Screenshots to Bottom (#4128) 
The 'above the fold' space is very important, it seems possibly wasted with screenshots which aren't legible without enlarging.

This is a proposal to move them down.
 2018-06-08 20:13:41 -04:00
Lunny Xiao
ed51aa9c92 improve backup document and add zh-cn backup document (#4145) 2018-06-08 19:47:51 -04:00
GiteaBot
d41084c54a [skip ci] Updated translations via Crowdin 2018-06-08 18:10:06 +00:00
Christopher Medlin
b5f61f1d15 Improve logging for e-mail and OpenID already in use errors (#4174) 2018-06-08 14:09:10 -04:00
GiteaBot
3fbba2553a [skip ci] Updated translations via Crowdin 2018-06-08 01:24:38 +00:00
Fluf
c9c5d164d5 Add myself as a maintainer (#4172) 2018-06-08 09:23:39 +08:00
Lauris BH
a89d6253e0 Show only needed values in database configuration section depending on type (#4164) 2018-06-06 18:13:42 -05:00
GiteaBot
e5fd43c231 [skip ci] Updated translations via Crowdin 2018-06-06 14:04:02 +00:00
Barbossa
83d956ce6b Fix typo (#4151) 
Fix incorrect tmpl in oauth when we have a custom authorize url. The tmpl will append an additional character "v" every time we save the settings.
 2018-06-06 22:02:37 +08:00
techknowlogick
fa3ceb610d Fix link in HTTPS doc (#4135) 2018-06-05 17:36:15 +03:00
GiteaBot
25b1a8099b [skip ci] Updated translations via Crowdin 2018-06-05 13:26:26 +00:00
David Schneiderbauer
1a6c97be9c update debian binary information (#4132) 2018-06-05 09:24:52 -04:00
GiteaBot
2fcd9b69b7 [skip ci] Updated translations via Crowdin 2018-06-05 07:39:40 +00:00
Lauris BH
1aee261aae More detailed documentation on how to set up from binary (#4121) 
* More detailed documentation on how to set up from binary
Also change recommended file locations
 2018-06-04 22:02:04 -04:00
techknowlogick
6400d8a3cb 1.4.2 changelog (#4124) 2018-06-05 03:56:29 +03:00
AJ ONeal
0b718535b6 Add pronunciation to README.md (#4123) 2018-06-04 20:15:32 -04:00
Daniel Peukert
b9be49cd96 Minor 'Installation with Docker' docs page fix (#4122) 2018-06-05 02:08:56 +03:00
Marcin Kuźmiński
809babb562 Update comparison.en-us.md with RhodeCode Community edition (#4112) 
Added RhodeCode Community edition into comparison page
 2018-06-04 15:01:35 -04:00
Inon S
1bcabb8b1e Removed unnecessary line referencing LFS struct (#4113) 
https://github.com/go-gitea/gitea/pull/4035#issuecomment-394286204

@ohwgiles points out that the config section should, in fact, still be in accordance with the "server" struct, which contains the "LFS" struct. I should just remove the line
```
sec = Cfg.Section("LFS")
```
 2018-06-04 21:07:42 +03:00
GiteaBot
d62bc3362b [skip ci] Updated translations via Crowdin 2018-06-04 05:35:46 +00:00
Bwko
1f877f8c87 Add tag check to release draft creation (#3729) 2018-06-04 08:34:44 +03:00
Jonas Franz
fb1daad13d Add how-to for enabling HTTPS (#4101) 
Signed-off-by: Jonas Franz <info@jonasfranz.de>
 2018-06-03 09:55:23 +08:00