See also the [dedicated blog post](https://forgejo.org/2025-02-release-v10-0-1/).

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Security bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6845): <!--number 6845 --><!--line 0 --><!--description Zml4KHNlYyk6IEZvcmdlam8gQWN0aW9ucyB3ZWIgcm91dGVz-->Verify the ID of Forgejo Actions web endpoints belongs to the repository to prevent the deletion of runners or variables or the modification of variables. [Read more in the dedicated blog post](https://forgejo.org/2025-02-release-v10-0-1/).<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6846): <!--number 6846 --><!--line 0 --><!--description Zml4KHNlYyk6IHBlcm1pc3Npb24gY2hlY2sgZm9yIHByb2plY3QgaXNzdWU=-->Enforce permissions on publicly available user or organizations projects to not leak information from issues and pull requests that belong to private repositories. [Read more in the dedicated blog post](https://forgejo.org/2025-02-release-v10-0-1/).<!--description-->
- Bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6674) ([backported](https://codeberg.org/forgejo/forgejo/pulls/6679)): <!--number 6679 --><!--line 0 --><!--description Zml4OiBsb2FkIHNldHRpbmdzIGZvciB2YWxpZCB1c2VyIGFuZCBlbWFpbCBjaGVjaw==-->fix: load settings for valid user and email check<!--description-->
- Included for completeness but not worth a release note
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6693): <!--number 6693 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kga2F0ZXggdG8gdjAuMTYuMjEgW1NFQ1VSSVRZXSAodjcuMC9mb3JnZWpvKQ==-->Update dependency katex to v0.16.21 [SECURITY] (v7.0/forgejo)<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6655) ([backported](https://codeberg.org/forgejo/forgejo/pulls/6669)): <!--number 6669 --><!--line 0 --><!--description Y2hvcmUoc2VjdXJpdHkpOiB1cGRhdGUgc2VjdXJpdHkudHh0IHdpdGggbmV3IGV4cGlyYXRpb24gZGF0ZQ==-->chore(security): update security.txt with new expiration date<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6501): <!--number 6501 --><!--line 0 --><!--description Y2hvcmU6IHJlbW92ZSBpbGxlZ2FsIGdpdCB1c2FnZQ==-->chore: remove illegal git usage<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6483): <!--number 6483 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvLWdpdC9nby1naXQvdjUgdG8gdjUuMTMuMSAodjcuMC9mb3JnZWpvKQ==-->Update module github.com/go-git/go-git/v5 to v5.13.1 (v7.0/forgejo)<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6324) ([backported](https://codeberg.org/forgejo/forgejo/pulls/6325)): <!--number 6325 --><!--line 0 --><!--description Y2hvcmUocmVsZWFzZSk6IGxpbmsgdG8gdGhlIHN0YW5kYWxvbmUgcmVsZWFzZSBub3RlcyBmaWxl-->chore(release): link to the standalone release notes file<!--description-->
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/6317): <!--number 6317 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnb2xhbmcub3JnL3gvbmV0IHRvIHYwLjMzLjAgKHY3LjAvZm9yZ2Vqbyk=-->Update module golang.org/x/net to v0.33.0 (v7.0/forgejo)<!--description-->
<!--end release-notes-assistant-->