* Forgejo generates a token which is used to authenticate web endpoints that
are only meant to be used internally, for instance when the SSH daemon is
used to push a commit with Git. The verification of this token was not done
in constant time and was susceptible to timing attacks.
* Because of a missing permission check, the branch used to propose a pull
request to a repository can always be deleted by the user performing the merge.
* Fix boolean inputs in workflow_dispatch
* package arch database not updating when uploading "any" architecture
* correct SQL query for active issues
* specify default value for EXPLORE_DEFAULT_SORT.
* fix: Add recentupdated as recognized sort option
* Update dependency mermaid to v11.3.0 (v9.0/forgejo)
* Always update expiration time when creating an artifact
* Update scheduled tasks even if changes are pushed by "ActionsUser"
* Fix disable 2fa bug
* i18n: update of translations from Codeberg Translate
* fix: make branch protection work for new branches
* link to security policy in security.txt
* fix: don't show truncated comments in RSS/Atom feeds
* fix: typo on releases for source code downloads
* Revert "add gap between branch dropdown and PR button"
* fix: Don't double escape delete branch text
* fix: Add server logging for OAuth server errors
* forgejo-cli is now a symlink and cannot be used for sanity checks
* fix: correct documentation for non 200 responses in swagger
- forgejo is since 9.0.0 GPL-3.0-or-later
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/forgejo?expand=0&rev=43
