web/forgejo
8
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-02-22 19:35:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
forgejo/templates
History
Earl Warren 913e3b536e
fix(sec): permission check for project issue 
- Do an access check when loading issues for a project board, currently
this is not done and exposes the title, labels and existence of a
private issue that the viewer of the project board may not have access
to.
- The number of issues cannot be calculated in a efficient manner
and stored in the database because their number may vary depending on
the visibility of the repositories participating in the project. The
previous implementation used the pre-calculated numbers stored in each
project, which did not reflect that potential variation.
- The code is derived from https://github.com/go-gitea/gitea/pull/22865

(cherry picked from commit 2193afaeb9954a5778f5a47aafd0e6fbbf48d000)
2025-02-05 22:05:22 +00:00
..
admin Fix some URLs whose sub-path is missing (#31289) 2024-06-09 12:05:43 +02:00
api/packages/pypi Update templates/api/packages/pypi/simple.tmpl 2024-04-12 22:23:58 +00:00
base Migrate gt-hidden to tw-hidden (#30046) 2024-03-30 07:17:29 +01:00
custom [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
devtest Fix some URLs whose sub-path is missing (#31289) 2024-06-09 12:05:43 +02:00
explore Rename repo_updated to repo_updated_v7 to prevent regressions (#4117) 2024-06-14 13:26:46 +00:00
mail Rename Str2html to SanitizeHTML and clarify its behavior (followup) (take 2) 2024-05-13 18:38:48 +00:00
org [BUG] Fix mobile UI for organisation creation 2024-07-08 18:48:58 +00:00
package Fix: Name conan remote forgejo 2024-07-12 13:28:14 +00:00
projects fix(sec): permission check for project issue 2025-02-05 22:05:22 +00:00
repo Show lock owner instead of repo owner on LFS setting page (#31788) (#31817) 2024-08-18 07:01:03 +02:00
shared Optimize runner-tags layout to enhance visual experience (#31258) (#31263) 2024-06-09 11:57:05 +02:00
status Migrate margin and padding helpers to tailwind (#30043) 2024-03-30 07:17:29 +01:00
swagger [SWAGGER] Make it consistent with reality 2024-06-19 06:40:17 +00:00
user [UI] Fix scoped-access-token 2024-07-24 21:35:59 +00:00
webhook [FEAT] sourcehut webhooks 2024-04-05 19:36:04 +00:00
home.tmpl Migrate margin and padding helpers to tailwind (#30043) 2024-03-30 07:17:29 +01:00
install.tmpl Fix some UI problems (install) (#30854) 2024-05-16 13:22:15 +00:00
post-install.tmpl [BRANDING] Custom loading animation for Forgejo 2024-02-05 16:02:13 +01:00