gitea

Commit Graph

Author	SHA1	Message	Date
Gusted	aa23f477b7	Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439 ) - Switch to use `CryptoRandomBytes` instead of `CryptoRandomString`, OAuth's secrets are copied pasted and don't need to avoid dubious characters etc. - `CryptoRandomBytes` gives ![2^256 = 1.15 * 10^77](https://render.githubusercontent.com/render/math?math=2^256%20=%201.15%20\cdot%2010^77) `CryptoRandomString` gives ![62^44 = 7.33 * 10^78](https://render.githubusercontent.com/render/math?math=62^44%20=%207.33%20\cdot%2010^78) possible states. - Add a prefix, such that code scanners can easily grep these in source code. - 32 Bytes + prefix	3 years ago
wxiaoguang	49dd906753	Use base32 for 2FA scratch token (#18384 ) * Use base32 for 2FA scratch token * rename Secure* to Crypto*, add comments	3 years ago
Gusted	ff2fd08228	Simplify parameter types (#18006 ) Remove repeated type declarations in function definitions.	3 years ago
luzpaz	e0296b6a6d	Fix various documentation, user-facing, and source comment typos (#16367 ) * Fix various doc, user-facing, and source comment typos Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`	3 years ago
silverwind	1e6fa57acb	Use single shared random string generation function (#15741 ) * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com>	4 years ago
silverwind	cda44750cb	Attachments: Add extension support, allow all types for releases (#12465 ) * Attachments: Add extension support, allow all types for releases - Add support for file extensions, matching the `accept` attribute of `<input type="file">` - Add support for type wildcard mime types, e.g. `image/` - Create repository.release.ALLOWED_TYPES setting (default unrestricted) - Change default for attachment.ALLOWED_TYPES to a list of extensions - Split out POST /attachments into two endpoints for issue/pr and releases to prevent circumvention of allowed types check Fixes: https://github.com/go-gitea/gitea/pull/10172 Fixes: https://github.com/go-gitea/gitea/issues/7266 Fixes: https://github.com/go-gitea/gitea/pull/12460 Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers rename function * extract GET routes out of RepoMustNotBeArchived Co-authored-by: Lauris BH <lauris@nix.lv>	4 years ago
Jonas Franz	e777c6bdc6	Integrate OAuth2 Provider (#5378 )	6 years ago

7 Commits (f92b7a633179332053f9fe78190a045637e5ee99)