web/forgejo
8
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-02-23 03:45:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
forgejo/routers
History
Gusted b1b635c1d9
fix(sec): permission check for project issue 
- Do an access check when loading issues for a project column, currently
this is not done and exposes the title, labels and existence of a
private issue that the viewer of the project board may not have access
to.
- The number of issues cannot be calculated in a efficient manner
and stored in the database because their number may vary depending on
the visibility of the repositories participating in the project. The
previous implementation used the pre-calculated numbers stored in each
project, which did not reflect that potential variation.
- The code is derived from https://github.com/go-gitea/gitea/pull/22865
2025-02-08 07:22:10 +00:00
..
api Inclusion of rename organization api (#33303) 2025-02-02 12:01:58 +01:00
common feat: add limited execution tracing support 2025-01-05 04:07:49 +01:00
install [CHORE] Move to new sessioner library 2024-08-25 03:47:08 +02:00
private [CHORE] Use forked binding library 2024-11-05 22:47:34 +01:00
utils [PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167) 2024-04-15 13:03:08 +00:00
web fix(sec): permission check for project issue 2025-02-08 07:22:10 +00:00
init.go Revert "Open telemetry integration (#3972)" 2024-08-07 11:22:43 +02:00