github-forks
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Projects Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release/v1.23
main
release/v1.22
release/v1.21
release/v1.20
release/v1.19
release/v1.18
release/v1.17
release/v1.16
release/v1.15
release/v1.14
release/v1.13
release/v1.12
release/v1.11
release/v1.10
release/v1.9
release/v1.8
v1.23.4
v1.23.3
v1.23.2
v1.23.1
v1.23.0
v1.23.0-rc0
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.22.0-rc1
v1.21.11
v1.22.0-rc0
v1.21.10
v1.21.9
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.20.6
v1.21.1
v1.21.0
v1.21.0-rc2
v1.21.0-rc1
v1.20.5
v1.22.0-dev
v1.21.0-rc0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.4
v1.21.0-dev
v1.20.0-rc2
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.19.0-rc1
v1.20.0-dev
v1.19.0-rc0
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.4
v1.18.0-rc1
v1.19.0-dev
v1.18.0-rc0
v1.17.3
v1.17.2
v1.17.1
v1.17.0
v1.17.0-rc2
v1.16.9
v1.17.0-rc1
v1.18.0-dev
v1.16.8
v1.16.7
v1.16.6
v1.16.5
v1.16.4
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.11
v1.17.0-dev
v1.16.0-rc1
v1.15.10
v1.15.9
v1.15.8
v1.15.7
v1.15.6
v1.15.5
v1.15.4
v1.15.3
v1.15.2
v1.15.1
v1.14.7
v1.15.0
v1.15.0-rc3
v1.14.6
v1.15.0-rc2
v1.14.5
v1.16.0-dev
v1.15.0-rc1
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.7
v1.14.0-rc2
v1.13.6
v1.13.5
v1.14.0-rc1
v1.15.0-dev
v1.13.4
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.6
v1.13.0-rc2
v1.14.0-dev
v1.13.0-rc1
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.11.8
v1.12.0
v1.11.7
v1.12.0-rc2
v1.11.6
v1.12.0-rc1
v1.13.0-dev
v1.11.5
v1.11.4
v1.11.3
v1.10.6
v1.12.0-dev
v1.11.2
v1.10.5
v1.11.1
v1.10.4
v1.11.0
v1.11.0-rc2
v1.10.3
v1.11.0-rc1
v1.10.2
v1.10.1
v1.10.0
v1.9.6
v1.9.5
v1.10.0-rc2
v1.11.0-dev
v1.10.0-rc1
v1.9.4
v1.9.3
v1.9.2
v1.9.0
v1.9.0-rc2
v1.10.0-dev
v1.9.0-rc1
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.8.0-rc3
v1.7.6
v1.8.0-rc2
v1.7.5
v1.8.0-rc1
v1.9.0-dev
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.7.0-rc3
v1.6.4
v1.7.0-rc2
v1.6.3
v1.7.0-rc1
v1.7.0-dev
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc2
v1.5.3
v1.6.0-rc1
v1.6.0-dev
v1.5.2
v1.5.1
v1.5.0
v1.5.0-rc2
v1.5.0-rc1
v1.5.0-dev
v1.4.3
v1.4.1
v1.4.0
v1.4.0-rc3
v1.4.0-rc2
v1.3.3
v1.4.0-rc1
v1.3.2
v1.3.1
v1.3.0
v1.3.0-rc2
v1.3.0-rc1
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.2.0-rc2
v1.1.4
v1.2.0-rc1
v1.1.3
v1.1.1
v1.1.0
v1.0.2
v0.9.99
v1.0.0
v1.0.1
v1.1.2
v1.2.0-rc3
v1.20.0-rc0
v1.20.0-rc1
v1.23.0-dev
v1.24.0-dev
v1.4.2
v1.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bbd14769cd'
${ noResults }
gitea/modules
History
Shivaram Lingamneni 2f1cb1d289
fix OIDC introspection authentication (#31632) 
See discussion on #31561 for some background.

The introspect endpoint was using the OIDC token itself for
authentication. This fixes it to use basic authentication with the
client ID and secret instead:

* Applications with a valid client ID and secret should be able to
  successfully introspect an invalid token, receiving a 200 response
  with JSON data that indicates the token is invalid
* Requests with an invalid client ID and secret should not be able
  to introspect, even if the token itself is valid

Unlike #31561 (which just future-proofed the current behavior against
future changes to `DISABLE_QUERY_AUTH_TOKEN`), this is a potential
compatibility break (some introspection requests without valid client
IDs that would previously succeed will now fail). Affected deployments
must begin sending a valid HTTP basic authentication header with their
introspection requests, with the username set to a valid client ID and
the password set to the corresponding client secret.
 		7 months ago
..
actions Resolve lint for unused parameter and unnecessary type arguments (#30750) 10 months ago
activitypub Upgrade to golangci-lint@v1.55.0 (#27756) 1 year ago
analyze Rename code_langauge.go to code_language.go (#26377) 2 years ago
assetfs Use `Set[Type]` instead of `map[Type]bool/struct{}`. (#26804) 2 years ago
auth Add Passkey login support (#31504) 8 months ago
avatar Use `crypto/sha256` (#29386) 1 year ago
badge Implement actions badge svgs (#28102) 1 year ago
base fix OIDC introspection authentication (#31632) 7 months ago
cache Add cache test for admins (#31265) 8 months ago
charset Render embedded code preview by permlink in markdown (#30234) 11 months ago
container Allow disabling authentication related user features (#31535) 8 months ago
csv Render embedded code preview by permlink in markdown (#30234) 11 months ago
dump Refactor "dump" sub-command (#30240) 11 months ago
emoji Update emoji set to Unicode 15 (#25595) 2 years ago
eventsource Final round of `db.DefaultContext` refactor (#27587) 1 year ago
generate Refactor JWT secret generating & decoding code (#29172) 1 year ago
git Fix slow patch checking with commits that add or remove many files (#31548) 8 months ago
gitgraph More `db.DefaultContext` refactor (#27265) 1 year ago
gitrepo Use repo as of renderctx's member rather than a repoPath on metas (#29222) 9 months ago
graceful Remove unused error in graceful manager (#29871) 11 months ago
hcaptcha Consume hcaptcha and pwn deps (#22610) 2 years ago
highlight Add option to disable ambiguous unicode characters detection (#28454) 1 year ago
hostmatcher Support allowed hosts for webhook to work with proxy (#27655) 1 year ago
html Refactor backend SVG package and add tests (#26335) 2 years ago
httpcache Also match weakly validated ETags (#28957) 1 year ago
httplib Fix duplicate sub-path for avatars (#31365) 9 months ago
indexer Allow searching issues by ID (#31479) 7 months ago
issue/template Issue Templates: add option to have dropdown printed list (#31577) 8 months ago
json Replace `interface{}` with `any` (#25686) 2 years ago
label Make label templates have consistent behavior and priority (#23749) 2 years ago
lfs Support legacy _links LFS batch responses (#31513) 8 months ago
log Add some tests to clarify the "must-change-password" behavior (#30693) 10 months ago
markup Fix markdown preview $$ support (#31514) 8 months ago
mcaptcha Implement FSFE REUSE for golang files (#21840) 2 years ago
metrics Rename project board -> column to make the UI less confusing (#30170) 9 months ago
migration Refactor locale&string&template related code (#29165) 1 year ago
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2 years ago
optional Resolve lint for unused parameter and unnecessary type arguments (#30750) 10 months ago
options Use a general approach to access custom/static/builtin assets (#24022) 2 years ago
packages Extract and display readme and comments for Composer packages (#30927) 9 months ago
paginator Use more specific test methods (#24265) 2 years ago
pprof Implement FSFE REUSE for golang files (#21840) 2 years ago
private Move database operations of merging a pull request to post receive hook and add a transaction (#30805) 10 months ago
process Update misspell to 0.5.1 and add `misspellings.csv` (#30573) 10 months ago
proxy Use proxy for pull mirror (#22771) 2 years ago
proxyprotocol Implement FSFE REUSE for golang files (#21840) 2 years ago
public Refactor CORS handler (#28587) 1 year ago
queue Fix queue test (#30646) 10 months ago
recaptcha Implement FSFE REUSE for golang files (#21840) 2 years ago
references Refactor to use UnsafeStringToBytes (#31358) 9 months ago
regexplru Upgrade go dependencies (#25819) 2 years ago
repository Fix adopt repository has empty object name in database (#31333) 9 months ago
secret Use `crypto/sha256` (#29386) 1 year ago
session Improve oauth2 client "preferred username field" logic and the error handling (#30622) 10 months ago
setting Add option to change mail from user display name (#31528) 8 months ago
sitemap Fix sitemap (#22272) 2 years ago
ssh Remove SSH workaround (#27893) 1 year ago
storage Enable `unparam` linter (#31277) 9 months ago
structs add skip secondary authorization option for public oauth2 clients (#31454) 7 months ago
svg Refactor markdown attention render (#29984) 11 months ago
sync Implement FSFE REUSE for golang files (#21840) 2 years ago
system Refactor to use UnsafeStringToBytes (#31358) 9 months ago
templates Refactor names (#31405) 8 months ago
test Remove sub-path from container registry realm (#31293) 9 months ago
testlogger Replace `interface{}` with `any` (#25686) 2 years ago
timeutil Refactor "dump" sub-command (#30240) 11 months ago
translation Render embedded code preview by permlink in markdown (#30234) 11 months ago
turnstile Add new captcha: cloudflare turnstile (#22369) 2 years ago
typesniffer Detect ogg mime-type as audio or video (#26494) 2 years ago
updatechecker Replace more db.DefaultContext (#27628) 1 year ago
uri Implement FSFE REUSE for golang files (#21840) 2 years ago
user Implement FSFE REUSE for golang files (#21840) 2 years ago
util Refactor to use UnsafeStringToBytes (#31358) 9 months ago
validation Check blocklist for emails when adding them to account (#26812) 2 years ago
web Refactor names (#31405) 8 months ago
webhook Fix schedule tasks bugs (#28691) 1 year ago