Mathieu Fenniak 4b83448b7d 2026-06-10 security patches (#13001) ... - fix: prevent stored XSS in user display name on Actions page - fix: LFS locks must belong to the intended repo, port from Gitea - fix: prevent unauthorized access to draft releases via API - fix: prevent writes to OpenID visibility which may affect other users - fix: prevent viewing private PRs that are linked to public issues on public projects Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/13001 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Beowulf <beowulf@beocode.eu>		2026-06-10 06:05:01 +02:00
..
e2e	feat(ui): commit view redesign for pull request page (#7948)	2026-06-02 20:12:32 +02:00
forgery	feat: adds option to force overwrite new branch for /contents route (#12663)	2026-06-06 16:45:57 +02:00
fuzz	chore: branding import path (#7337)	2025-03-27 19:40:14 +00:00
gitea-lfs-meta	Test views of LFS files (#22196)	2022-12-23 07:41:56 +08:00
gitea-repositories-meta	cleanup(tests): remove unused git hooks directories in testdata (#12824)	2026-05-31 20:24:25 +02:00
integration	2026-06-10 security patches (#13001)	2026-06-10 06:05:01 +02:00
testdata/data	add model viewer for .glb (GLTF) model in file view (#8111)	2025-06-21 14:42:35 +02:00
install.ini.tmpl	feat: replace repo based server-side hooks with centralised hooks (#10397)	2026-04-27 22:34:46 +02:00
mysql.ini.tmpl	feat: match on compound filename extensions (#11439)	2026-03-19 01:25:51 +01:00
pgsql.ini.tmpl	feat: match on compound filename extensions (#11439)	2026-03-19 01:25:51 +01:00
sqlite.ini.tmpl	feat: match on compound filename extensions (#11439)	2026-03-19 01:25:51 +01:00
test_utils.go	refactor(tests): drop the need to compile gitea binary manually (#12855)	2026-06-02 00:04:50 +02:00
unittest.ini.tmpl	feat: replace repo based server-side hooks with centralised hooks (#10397)	2026-04-27 22:34:46 +02:00