mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-02-23 11:55:48 -05:00
97f743a89e
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6857 Reviewed-by: Emily <emilylange@noreply.codeberg.org> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
10 KiB
10 KiB
See also the dedicated blog post.
Release notes
- Security bug fixes
- PR: Verify the ID of Forgejo Actions web endpoints belongs to the repository to prevent the deletion of runners or variables or the modification of variables. Read more in the dedicated blog post.
- PR: Enforce permissions on publicly available user or organizations projects to not leak information from issues and pull requests that belong to private repositories. Read more in the dedicated blog post.
- User Interface bug fixes
- PR (backported): fix(ui): display verified icon for default gpg key
- Localization
- Bug fixes
- PR (backported): fix: load settings for valid user and email check
- PR (backported): Teach the doctor to remove orphaned two_factor with
forgejo doctor check --run check-db-consistency --fix. Such rows may contain invalid data and block the migration to v10 with a message such asfailed: AesDecrypt invalid decrypted base64 string: illegal base64 data at input byte 0. - PR (backported): fix: listing tokens must not require basic auth
- Included for completeness but not worth a release note
- PR (backported): fix: avoid y-axis clipping for branch name
- PR (backported): ci: fix go version check
- PR (backported): chore(i18n): lint errors
- PR (backported): fix: make author search case insenstive
- PR (backported): fix(ui): add triangle down octicon to code search options dropdown
- PR (backported): Set explore pages to configurable default sort
- PR (backported): Disable autofocus on the dashboard repository search box
- PR (backported): fix inline file preview for files with encoded URL, fix #5069
- PR (backported): fix: check for webauthn in 2fa user search
- PR (backported): fix: disallow blame on directories
- PR (backported): fix(i18n): add forgotten translatable string
- PR (backported): fix: render issue titles consistently
- PR: chore: consistent docker image and action references
- PR: Update dependency katex to v0.16.21 [SECURITY] (v10.0/forgejo)
- PR (backported): Fix inline file preview for rendered files
- PR (backported): fix: add non allowed domain translation
- PR (backported): chore(security): update security.txt with new expiration date
- PR: Update dependency go to v1.23.5 (v10.0/forgejo)
- PR (backported): fix(ui): prevent overflow of branch selector in commit graph
- PR (backported): Fix mention and emoji expansion & Improve leaving list completion
- PR (backported): Hide git note add button for commit, if commit already has a note
- PR (backported): fix: Reset content of comment edit field on cancel
- PR (backported): fix: reduce noise for the v303 migration
- PR (backported): tests(e2e): Various fixes to visual testing
- PR (backported): Refactor e2e tests to simplify authentication setup