1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-27 13:39:19 -05:00
forgejo/modules
singuliere a036507204
gitconfig: set safe.directory = * (#19870)
Allow git push to work when networked file systems with mixed
ownership are used with Gitea docker images >= 1.16.6 or Gitea
binaries running alongside git versions published after 04/2022.

There are circumstances independent of Gitea (networked file systems
with various permission systems) by which the git repositories managed
by Gitea may have mixed owners. It is not a behavior that Gitea have
control over nor is it a problem as long as the permissions for Gitea to
operate are correct. Gitea instances have been operating under these
conditions for a number of years.

It is detected as a potential security risk ( see
GHSA-vw2c-22j4-2fh2
) by the most recent git versions. However, Gitea always runs git
commands with a current directory matching the repository on
which it operates. That makes Gitea immune from this security problem
and it is safe to ignore the mixed owner permission check.

This gitconfig modification is done on a file dedicated to the user
exclusively used by Gitea.

Fixes: #19455

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-06-17 06:49:38 +01:00
..
activitypub format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
analyze Simplify IsVendor (#19626) 2022-05-06 10:12:30 +01:00
appstate Use a struct as test options (#19393) 2022-04-14 21:58:21 +08:00
auth Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
avatar Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
base Prettify number of issues (#17760) 2022-06-12 20:08:23 +08:00
cache Update go-chi/cache to utilize Ping() (#19719) 2022-05-15 20:43:27 +02:00
charset Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) 2022-05-21 14:06:24 +01:00
container Move reaction to models/issues/ (#19264) 2022-03-31 17:20:39 +08:00
context Remove tab/TabName usage where it's not needed (#19973) 2022-06-15 23:05:32 +08:00
convert Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
csv Allow render HTML with css/js external links (#19017) 2022-06-16 11:33:23 +08:00
doctor Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
emoji format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
eventsource Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
generate Use base32 for 2FA scratch token (#18384) 2022-01-26 12:10:10 +08:00
git gitconfig: set safe.directory = * (#19870) 2022-06-17 06:49:38 +01:00
gitgraph Move some code into models/git (#19879) 2022-06-12 23:51:54 +08:00
graceful Fix signal loop in graceful manager (#19943) 2022-06-12 21:50:18 +08:00
hcaptcha hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
highlight Fix copy/paste of empty lines (#19798) 2022-06-10 21:45:28 +08:00
hostmatcher Support hostname:port to pass host matcher's check #19543 (#19543) 2022-04-29 01:39:50 +08:00
httpcache Set the LastModified header for raw files (#18356) 2022-05-09 17:54:51 +02:00
httplib refactor httplib (#18338) 2022-01-19 19:31:39 -05:00
indexer Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
json Refactor legacy unknwon/com package, improve golangci lint (#19284) 2022-04-01 16:47:50 +08:00
lfs Move some code into models/git (#19879) 2022-06-12 23:51:54 +08:00
log Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581) 2022-05-03 18:03:34 +02:00
markup Remove legacy git code (ver < 2.0), fine tune markup tests (#19930) 2022-06-16 23:47:44 +08:00
metrics format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
migration Prevent NPE whilst migrating if there is a team request review (#19855) 2022-06-09 10:50:05 +08:00
nosql Remove legacy unknwon/com package (#19298) 2022-04-02 00:34:57 +08:00
notification Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
options Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
packages Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
paginator Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
password Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
pprof refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
private Add Goroutine stack inspector to admin/monitor (#19207) 2022-03-31 19:01:43 +02:00
process Set Setpgid on child git processes (#19865) 2022-06-03 15:36:18 +01:00
proxy Return nil proxy function if proxy not enabled (#16742) 2021-08-19 16:41:20 -04:00
public Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
queue Fix 64-bit atomic operations on 32-bit machines (#19531) 2022-04-27 10:32:04 -05:00
recaptcha refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
references Custom regexp external issues (#17624) 2022-06-10 13:39:53 +08:00
regexplru Custom regexp external issues (#17624) 2022-06-10 13:39:53 +08:00
repository Remove legacy git code (ver < 2.0), fine tune markup tests (#19930) 2022-06-16 23:47:44 +08:00
secret Use CryptoRandomBytes instead of CryptoRandomString (#18439) 2022-02-04 18:03:15 +01:00
session format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
setting Allow render HTML with css/js external links (#19017) 2022-06-16 11:33:23 +08:00
ssh Implement http signatures support for the API (#17565) 2022-06-05 08:16:14 +01:00
storage Add Package Registry (#16510) 2022-03-30 16:42:47 +08:00
structs Respect DefaultUserIsRestricted system default when creating new user (#19310) 2022-04-29 15:38:11 -04:00
svg Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
sync Use queue instead of memory queue in webhook send service (#19390) 2022-04-25 20:03:01 +02:00
templates Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
test Move access and repo permission to models/perm/access (#19350) 2022-05-11 12:09:36 +02:00
timeutil Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
translation Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
typesniffer Fix raw endpoint PDF file headers (#19825) 2022-05-28 18:10:14 +03:00
updatechecker format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
upload Simplify parameter types (#18006) 2021-12-20 04:41:31 +00:00
uri Prevent NPE if gitea uploader fails to open url (#18080) 2021-12-23 16:27:33 +00:00
user Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
util Prettify number of issues (#17760) 2022-06-12 20:08:23 +08:00
validation use IsLoopback (#19477) 2022-04-25 13:55:12 +08:00
web Unify repo settings & show better error (#19828) 2022-06-12 13:43:27 +08:00