forgejo/modules
Gusted 89b1723d35
[FEAT] Enable INVALIDATE_REFRESH_TOKENS
- It's possible to detect if refresh tokens are used more than once, if
it's used more than it's a indication of a replay attack and it should
invalidate the associated access token. This behavior is controlled by
the `INVALIDATE_REFRESH_TOKENS` setting.
- Altough in a normal scenario where TLS is being used, it should be
very hard to get to situation where replay attacks are being used, but
this is better safe than sorry.
- Enable `INVALIDATE_REFRESH_TOKENS` by default.
2024-07-22 20:45:13 +02:00
..
actions Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00
activitypub FIX: use proper time format (activitypub/client) (#4132) 2024-06-14 15:22:37 +00:00
analyze
assetfs
auth Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
avatar Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
base test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
cache test: remove performance sensitive test 2024-07-04 07:03:54 +02:00
charset s/Gitea/Forgejo in various log messages and comments 2024-04-21 21:26:15 +05:00
container Add container.FilterSlice function (gitea#30339) 2024-04-16 11:49:44 +02:00
csv Refactor locale&string&template related code (#29165) 2024-02-16 15:20:52 +01:00
emoji
eventsource
forgefed fix review 2024-05-29 18:31:06 +02:00
generate Port "Use general token signing secret" 2024-02-19 20:49:37 +01:00
git Fix slow patch checking with commits that add or remove many files (#31548) 2024-07-07 07:33:01 +02:00
gitgraph Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
gitrepo Move get/set default branch from git package to gitrepo package to hide repopath (#29126) 2024-03-11 23:36:59 +07:00
graceful [FIX] make pprof labels conformant with prometheus spec 2024-03-31 17:07:14 +02:00
hcaptcha
highlight Fix 2024-03-30 15:23:48 +01:00
hostmatcher
html
httpcache [BRANDING] add X-Forgejo-* headers 2024-02-05 16:02:14 +01:00
httplib Skip gzip for some well-known compressed file types (#30796) 2024-05-05 12:15:40 +01:00
indexer Fix bug filtering issues which have no project (#31337) 2024-06-16 13:42:59 +02:00
issue/template Support setting the default attribute of the issue template dropdown field (#31045) 2024-05-26 20:13:09 +02:00
json
label
lfs Support legacy _links LFS batch responses (#31513) 2024-06-29 07:56:18 +02:00
log Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
markup [BUG] Don't panic on empty blockquote 2024-07-21 01:10:20 +02:00
mcaptcha
metrics Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
migration [CHORE] Update jsonschema library to v6 2024-07-15 17:20:50 +02:00
nosql s/Gitea/Forgejo in various log messages and comments 2024-04-21 21:26:15 +05:00
optional Resolve lint for unused parameter and unnecessary type arguments (#30750) 2024-05-05 08:38:16 +01:00
options
packages Extract and display readme and comments for Composer packages (#30927) 2024-06-16 13:42:59 +02:00
paginator
pprof
private fix(hook): ignore unknown push options instead of failing 2024-07-02 21:39:01 +02:00
process Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
proxy
proxyprotocol
public
queue Revert "update redis mock" 2024-07-17 06:36:36 +02:00
recaptcha
references Refactor to use UnsafeStringToBytes (#31358) 2024-06-16 13:42:58 +02:00
regexplru
repository fix(repository): git push to an adopted repository fails 2024-06-16 19:06:06 +02:00
secret [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
session Avoid importing modules/web/middleware in modules/session (#30584) 2024-04-21 16:28:16 +02:00
setting [FEAT] Enable INVALIDATE_REFRESH_TOKENS 2024-07-22 20:45:13 +02:00
sitemap
ssh
storage test(avatar): deleting a user avatar is idempotent 2024-06-05 09:10:42 +02:00
structs Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00
svg
sync
system Refactor to use UnsafeStringToBytes (#31358) 2024-06-16 13:42:58 +02:00
templates Add slogan config (#3752) 2024-06-07 17:12:48 +00:00
test test(util): MockProtect when mocking multiple times 2024-06-02 15:24:06 +02:00
testlogger Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
timeutil Remove the time-since class (#29826) 2024-03-20 08:46:30 +01:00
translation Rename ByteSize to ReadableSize 2024-03-31 20:17:12 +05:00
turnstile
typesniffer Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
updatechecker
uri
user test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
util Refactor to use UnsafeStringToBytes (#31358) 2024-06-16 13:42:58 +02:00
validation added validation fixes 2024-05-14 08:31:34 +02:00
web Delete legacy cookie before setting new cookie (#31306) 2024-06-16 08:21:32 +02:00
webhook Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00