anag_factory
07ede5ed9f
- Update to 15.0.3: + fix: prevent stored XSS in user display name on Actions page + fix: LFS locks must belong to the intended repo, port from Gitea + fix: prevent unauthorized access to draft releases via API + fix: prevent writes to OpenID visibility which may affect other users + fix: prevent viewing private PRs that are linked to public issues on public projects + fix: do not migrate confidential issues and internal notes from Gitlab + fix: improve visibility of mismatched repository & package visibility + fix: display the actions trust management panel on merged and closed pull requests + fix(ui): improve contrast of checkboxes in markup + fix(ui): hide some disallowed actions that lead to 404 errors in archived repos + fix(ui): do not clip overflow in workflow dispatch menu + fix: show the actions trust management panel when runs from trusted users are pending approval + fix: always display the pull request merge box if there are actions pending approval + fix(ui): fix typo in issue sort dropdown; relevance was misnamed as relevency + fix: do not hide previous attempts without task for latest attempt + fix(ui): use URL query escaping for SSH key verification reload token link + fix(doctor): ensure the doctor runs with the same settings.AppPath as Forgejo + fix: make email token extraction case-insensitive + fix: cancel dependent jobs when rerunning jobs + fix: check quota in LFS uploads against the repository owner, not operating user + fix: load repo language for converting to api struct + fix: workflow with pull_request trigger and path filter not run when merging + fix: update statuses in phases to prevent out of order updates from stalling workflows + fix: return 404 instead of 500 for non-existing SHA in commit status endpoint + fix(issue-search): single exclude query was erroneosly considered as must + fix: remove link to artefacts that have expired + fix: wipe run artifacts before rerun (forwarded request 1358689 from rrahl0) OBS-URL: https://build.opensuse.org/request/show/1358690 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/forgejo?expand=0&rev=46
SUSE Specific Notes --------------------- By default the package does not allow writing to `/etc/forgejo/conf/app.ini`. This is not a problem during normal runtime. But during the initial setup forgejo wants to write to this file. We can temporarily allow it with: ``` chown -R forgejo: /etc/forgejo/conf/ ``` If apparmor is enabled as well, we need to temporarily allow writing there as well. You can check this with: ``` ps aufxZ | grep '^forgejo' forgejo (enforce) ... ``` If it is running in apparmor use this to allow the temporary permissions: ``` echo "/etc/forgejo/conf/app.ini rwlk," >> /etc/apparmor.d/local/forgejo apparmor_parser -r /etc/apparmor.d/forgejo ``` Once the initial installation is done you can use this to restore the permissions: ``` rpm --setugids --setperms forgejo ``` And remove the line from the `/etc/apparmor.d/local/forgejo` file again and reload the profile with ``` apparmor_parser -r /etc/apparmor.d/forgejo ```