foster/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-21 12:44:49 -05:00
Code Issues Wiki Activity
forgejo/release-notes-published/7.0.8.md
Earl Warren 8dbd2da593
chore(release-notes): keep release notes in release-notes-published 
As of Forgejo 8.0.1 the release notes were only available in the
description of the corresponding milestone which is problematic for:

- searching
- safekeeping

The release-notes-published directory is created to remedy those problems:

- a copy of all those release notes from the milestones descriptions
  is added.
- a reference is added to the RELEASE-NOTES.md file which will no
  longer be used.
- a symbolic link to the RELEASE-NOTES.md is added for completeness.
- the release process will be updated to populate release-notes-published.

The RELEASE-NOTES.md file is kept where it is because it is referenced
by a number of URLs.

The release-notes directory would have been a better name but it is
already used for in flight release notes waiting for the next
release. Renaming this directory or changing it is rather involved.
2024-12-05 17:46:14 +01:00

3.5 KiB
Raw Permalink Blame History

This is a security release. See the documentation for more information on the upgrade procedure.

  • Security bug fixes The scope of application tokens was not verified when writing containers or Conan packages. This is of no consequence when the user associated with the application token does not have write access to packages. If the user has write access to packages, such a token can be used to write containers and Conan packages. An application token that was used to write containers or Conan packages without the package:write scope will now fail with an unauthorized error. It must be re-created to include the package:write scope.
  • User Interface bug fixes
  • Bug fixes
    • PR (backported): The scope of application tokens is not verified when writing containers or Conan packages.
    • PR (backported): Run full PR checks on AGit push.
    • PR (backported): - commit When a repository is adopted, its object format is not set in the database.
    • PR (backported): - commit During a migration from bitbucket, LFS downloads fail.
  • Localization