Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-24 18:56:11 +01:00
forgejo/services
Gusted e6bbecb02d
fix: disallow basic authorization when security keys are enrolled
- This unifies the security behavior of enrolling security keys with
enrolling TOTP as a 2FA method. When TOTP is enrolled, you cannot use
basic authorization (user:password) to make API request on behalf of the
user, this is now also the case when you enroll security keys.
- The usage of access tokens are the only method to make API requests on
behalf of the user when a 2FA method is enrolled for the user.
- Integration test added.
2024-11-15 10:59:36 +01:00
..
actions fix: Actions PR workflows must update the commit status 2024-11-04 11:27:14 +01:00
agit fix(agit): run full pr checks on force-push 2024-08-12 09:00:41 +02:00
asymkey tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
attachment tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
auth fix: disallow basic authorization when security keys are enrolled 2024-11-15 10:59:36 +01:00
automerge Add branch auto deletion for scheduled PRs 2024-10-31 03:49:15 +01:00
context fix: extend forgejo_auth_token table 2024-11-15 10:59:36 +01:00
contexttest [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
convert tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
cron Clear up old Actions logs (#31735) 2024-08-04 18:24:10 +02:00
doctor fix: extend forgejo_auth_token table 2024-11-15 10:59:36 +01:00
externalaccount allow synchronizing user status from OAuth2 login providers (#31572) 2024-07-22 15:44:13 +02:00
f3 feat: upgrade F3 to v3.7.0 2024-08-18 19:39:20 +02:00
federation feat: access ActivityPub client through interfaces to facilitate mocking in unit tests (#4853) 2024-08-07 05:45:24 +00:00
feed tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forgejo tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forms [FEAT] Trim spaces from repository name 2024-11-05 23:13:17 +01:00
gitdiff improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
indexer Update issue indexer after merging a PR (#30715) 2024-05-12 20:03:10 +02:00
issue [PORT] Fix code owners will not be mentioned when a pull request comes from a forked repository (gitea#30476) 2024-11-09 00:46:48 +01:00
lfs Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
mailer Improve usage of HMAC output for mailer tokens 2024-11-15 10:59:36 +01:00
markup Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
migrations Merge pull request 'test: enable gitea migration tests' (#5817) from viceice/test/migrations/gitea into forgejo 2024-11-05 10:55:30 +00:00
mirror [PORT] Fix git error handling (gitea#32401) 2024-11-03 16:47:44 +01:00
notify Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
org Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
packages Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
pull tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
release tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
remote Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
repository test: fix test linting 2024-11-11 12:44:36 +01:00
secrets Refactor deletion (#28610) 2023-12-25 21:25:29 +01:00
shared/automerge create "shared" package to workaround import loop issues 2024-10-31 03:49:14 +01:00
task feat(quota): Quota enforcement 2024-08-02 11:10:34 +02:00
uinotification Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
user fix: extend forgejo_auth_token table 2024-11-15 10:59:36 +01:00
webhook [CHORE] Use forked binding library 2024-11-05 22:47:34 +01:00
wiki git-grep: support regexp 2024-09-16 16:20:40 +02:00