Accepting request 1165705 from home:rrahl0:branches:devel:tools:scm

- update to 1.21.10-0: * CVE-2023-45288 which permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data * Fix to not remove repository avatars when the doctor runs with --fix on the repository archives. * Detect protected branch on branch rename. * Don't delete inactive emails explicitly. * Fix user interface when a review is deleted without refreshing. * Fix paths when finding files via the web interface that were not escaped. * Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org. * Fix duplicate migrated milestones. * Fix inline math blocks can't be preceeded/followed by alphanumerical characters. OBS-URL: https://build.opensuse.org/request/show/1165705 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/forgejo?expand=0&rev=9
2024-04-05 19:02:52 +00:00 · 2024-04-05 19:02:52 +00:00 · fb22e5ed3d
commit fb22e5ed3d
parent b909a1ba9a
9 changed files with 35 additions and 18 deletions
--- a/forgejo-src-1.21.10-0.tar.gz
+++ b/forgejo-src-1.21.10-0.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:0cc21835404e40355cf7125b479efebb1fecf2cc17d018d4d54521d75943caf5
 size 58820868
--- a/forgejo-src-1.21.10-0.tar.gz.asc
+++ b/forgejo-src-1.21.10-0.tar.gz.asc
@ -0,0 +1,7 @@
 -----BEGIN PGP SIGNATURE-----
 iHUEABYIAB0WIQTrEU9ebA3CvN0YNVCkthotxZI3EAUCZg74swAKCRCkthotxZI3
 EBzXAQCmG82PVpACkS5CtOpszxURBNf5TeAeDfzJQWrT9484OQD/Xhuk00rUL+LY
 hsj8u8sFppW1AgEtM1SufLQsUeZIaAI=
 =+By3
 -----END PGP SIGNATURE-----
--- a/forgejo-src-1.21.8-0.tar.gz
+++ b/forgejo-src-1.21.8-0.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:7a7b93de246abc2ae1f078165a25e8cd336b50f3328b99af455ac9fd89cb5a7d
 size 58828827
--- a/forgejo-src-1.21.8-0.tar.gz.asc
+++ b/forgejo-src-1.21.8-0.tar.gz.asc
@ -1,7 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iHUEABYIAB0WIQTrEU9ebA3CvN0YNVCkthotxZI3EAUCZf8BtwAKCRCkthotxZI3
 EPMdAP44oMzY6PhCP0t9kNtPYlOjnFyBhD0vcPqXhhIwx4bsFQEAnhnblFyF8jv0
 FbrF4nQe/wrM96hzu+wzpFDKKTEgjAA=
 =LltT
 -----END PGP SIGNATURE-----
--- a/forgejo.changes
+++ b/forgejo.changes
@ -1,3 +1,20 @@
 -------------------------------------------------------------------
 Fri Apr  5 18:39:07 UTC 2024 - Richard Rahl <rrahl0@proton.me>
 - update to 1.21.10-0:
  * CVE-2023-45288 which permits an attacker to cause an HTTP/2 endpoint to
    read arbitrary amounts of header data
  * Fix to not remove repository avatars when the doctor runs with --fix
    on the repository archives.
  * Detect protected branch on branch rename.
  * Don't delete inactive emails explicitly.
  * Fix user interface when a review is deleted without refreshing.
  * Fix paths when finding files via the web interface that were not escaped.
  * Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org.
  * Fix duplicate migrated milestones.
  * Fix inline math blocks can't be preceeded/followed by alphanumerical
    characters.
 -------------------------------------------------------------------
 Thu Mar 28 06:58:20 UTC 2024 - Richard Rahl <rrahl0@proton.me>
--- a/forgejo.spec
+++ b/forgejo.spec
@ -16,7 +16,7 @@
 #
-%define gitea_version 1.21.8
+%define gitea_version 1.21.10
 %define forgejo_version 0
 %if 0%{?suse_version} > 1600
 # TW
--- a/node_modules.obscpio
+++ b/node_modules.obscpio
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:4ae8c774b10d0e8186ca477b17a554be49834c5b4331f77fc2e2656c674fae0d
+oid sha256:30c40ffd42989beb35187d7976c1332a890e5c6c96308c7016fe155c62d2820a
-size 265974172
+size 265974396
--- a/node_modules.spec.inc
+++ b/node_modules.spec.inc
@ -570,7 +570,7 @@ Source10568:         https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-6.
 Source10569:         https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.1.0.tgz#/jsonpath-plus-7.1.0.tgz
 Source10570:         https://registry.npmjs.org/jsonpointer/-/jsonpointer-5.0.1.tgz#/jsonpointer-5.0.1.tgz
 Source10571:         https://registry.npmjs.org/just-extend/-/just-extend-5.1.1.tgz#/just-extend-5.1.1.tgz
-Source10572:         https://registry.npmjs.org/katex/-/katex-0.16.9.tgz#/katex-0.16.9.tgz
+Source10572:         https://registry.npmjs.org/katex/-/katex-0.16.10.tgz#/katex-0.16.10.tgz
 Source10573:         https://registry.npmjs.org/keyv/-/keyv-4.5.3.tgz#/keyv-4.5.3.tgz
 Source10574:         https://registry.npmjs.org/khroma/-/khroma-2.0.0.tgz#/khroma-2.0.0.tgz
 Source10575:         https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz#/kind-of-6.0.3.tgz
--- a/package-lock.json
+++ b/package-lock.json
@ -27,7 +27,7 @@
        "escape-goat": "4.0.0",
        "fast-glob": "3.3.1",
        "jquery": "3.7.1",
-        "katex": "0.16.9",
+        "katex": "0.16.10",
        "license-checker-webpack-plugin": "0.2.1",
        "lightningcss-loader": "2.1.0",
        "mermaid": "10.6.1",
@ -6726,9 +6726,9 @@
      "integrity": "sha512-b+z6yF1d4EOyDgylzQo5IminlUmzSeqR1hs/bzjBNjuGras4FXq/6TrzjxfN0j+TmI0ltJzTNlqXUMCniciwKQ=="
    },
    "node_modules/katex": {
-      "version": "0.16.9",
+      "version": "0.16.10",
-      "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.9.tgz",
+      "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.10.tgz",
-      "integrity": "sha512-fsSYjWS0EEOwvy81j3vRA8TEAhQhKiqO+FQaKWp0m39qwOzHVBgAUBIXWj1pB+O2W3fIpNa6Y9KSKCVbfPhyAQ==",
+      "integrity": "sha512-ZiqaC04tp2O5utMsl2TEZTXxa6WSC4yo0fv5ML++D3QZv/vx2Mct0mTlRx3O+uUkjfuAgOkzsCmq5MiUEsDDdA==",
      "funding": [
        "https://opencollective.com/katex",
        "https://github.com/sponsors/katex"