No description
Find a file
Gusted 4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
.devcontainer Update ghcr.io/devcontainers/features/git-lfs Docker tag to v1.2.1 2024-06-20 00:01:42 +00:00
.forgejo fix(release-notes-assistant): upgrade to always insert a newline 2024-07-23 13:53:46 +02:00
assets Merge pull request '[CHORE] Use github.com/ProtonMail/go-crypto' (#4506) from gusted/proton-openpgp into forgejo 2024-07-15 16:49:05 +00:00
build
cmd feat(cli): add --keep-labels flag to forgejo actions register (#4610) 2024-07-22 07:33:45 +00:00
contrib Lock file maintenance 2024-07-01 00:03:45 +00:00
custom/conf Add option to change mail from user display name (#31528) 2024-07-22 15:44:13 +02:00
docker
models [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
modules Merge pull request '[gitea] week 2024-30 cherry pick (gitea/main -> forgejo)' (#4607) from algernon/wcp/2024-30 into forgejo 2024-07-23 16:01:28 +00:00
options [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
public Improvements to English locale (#4453) 2024-07-12 11:58:50 +00:00
release-notes [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
releases/images
routers [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
services [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
templates [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
tests [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
tools Add lint-go-gopls (#30729) 2024-06-09 11:13:39 +02:00
web_src Merge pull request '[gitea] week 2024-30 cherry pick (gitea/main -> forgejo)' (#4607) from algernon/wcp/2024-30 into forgejo 2024-07-23 16:01:28 +00:00
.air.toml Reduce air verbosity (#31417) 2024-06-23 12:30:09 +02:00
.deadcode-out [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
.dockerignore
.editorconfig fixed indentation style in editorconfig for go.mod 2024-05-14 00:24:18 +02:00
.eslintrc.yaml add built js files to eslint ignore (#30737) 2024-05-05 08:22:50 +01:00
.gitattributes
.gitignore
.gitmodules
.gitpod.yml Remove sqlite-viewer and using database client (#31223) 2024-06-09 11:13:39 +02:00
.golangci.yml test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
.ignore
.markdownlint.yaml
.npmrc
.release-notes-assistant.yaml fix(release-notes-assistant): upgrade to always insert a newline 2024-07-23 13:53:46 +02:00
.spectral.yaml
.yamllint.yaml
BSDmakefile
build.go
CODEOWNERS
CONTRIBUTING.md
DCO
Dockerfile Fix deprecated Dockerfile ENV format (#31450) 2024-06-23 13:20:40 +02:00
Dockerfile.rootless Fix deprecated Dockerfile ENV format (#31450) 2024-06-23 13:20:40 +02:00
flake.lock Fix update flake (#31626) 2024-07-14 11:35:15 +02:00
flake.nix Fix update flake (#31626) 2024-07-14 11:35:15 +02:00
go.mod Update module xorm.io/xorm to v1.3.9 2024-07-21 16:03:40 +00:00
go.sum Update module xorm.io/xorm to v1.3.9 2024-07-21 16:03:40 +00:00
LICENSE
main.go
Makefile Update renovate to v37.438.2 2024-07-22 00:04:06 +00:00
package-lock.json Merge pull request '[CHORE] Add playwright eslint plugin' (#4631) from gusted/playwright-eslint into forgejo 2024-07-23 06:02:12 +00:00
package.json Merge pull request '[CHORE] Add playwright eslint plugin' (#4631) from gusted/playwright-eslint into forgejo 2024-07-23 06:02:12 +00:00
playwright.config.js
poetry.lock Lock file maintenance 2024-07-01 00:03:45 +00:00
poetry.toml
pyproject.toml Enable poetry non-package mode (#31282) 2024-06-09 16:04:57 +02:00
README.md [skip ci] IGNORE (#4106) 2024-06-11 16:06:50 +00:00
release-notes-assistant.sh tests: update the PR description with the release notes draft 2024-07-23 09:27:43 +02:00
RELEASE-NOTES.md docs(release-notes): 8.0.0 (#4483) 2024-07-16 14:05:56 +00:00
renovate.json chore(renovate): group x/tools/* upgrade 2024-07-09 07:23:22 +02:00
stylelint.config.js Merge pull request 'Port "Enable declaration-block-no-redundant-longhand-properties (#30950)' (#3769) from beowulf/gitea-port-pull-30950 into forgejo 2024-05-14 22:23:54 +00:00
tailwind.config.js [FEAT] folding results for repo search (#4134) 2024-06-15 20:16:18 +00:00
vitest.config.js
webpack.config.js [CHORE] Use better license checker 2024-07-19 19:49:29 +02:00

Welcome to Forgejo

Hi there! Tired of big platforms playing monopoly? Providing Git hosting for your project, friends, company or community? Forgejo (/for'd͡ʒe.jo/ inspired by forĝejo the Esperanto word for forge) has you covered with its intuitive interface, light and easy hosting and a lot of builtin functionality.

Forgejo was created in 2022 because we think that the project should be owned by an independent community. If you second that, then Forgejo is for you! Our promise: Independent Free/Libre Software forever!

What does Forgejo offer?

If you like any of the following, Forgejo is literally meant for you:

  • Lightweight: Forgejo can easily be hosted on nearly every machine. Running on a Raspberry? Small cloud instance? No problem!
  • Project management: Besides Git hosting, Forgejo offers issues, pull requests, wikis, kanban boards and much more to coordinate with your team.
  • Publishing: Have something to share? Use releases to host your software for download, or use the package registry to publish it for docker, npm and many other package managers.
  • Customizable: Want to change your look? Change some settings? There are many config switches to make Forgejo work exactly like you want.
  • Powerful: Organizations & team permissions, CI integration, Code Search, LDAP, OAuth and much more. If you have advanced needs, Forgejo has you covered.
  • Privacy: From update checker to default settings: Forgejo is built to be privacy first for you and your crew.
  • Federation: (WIP) We are actively working to connect software forges with each other through ActivityPub, and create a collaborative network of personal instances.

Learn more

Dive into the documentation, subscribe to releases and blog post on our website, find us on the Fediverse or hop into our Matrix room if you have any questions or want to get involved.

Get involved

If you are interested in making Forgejo better, either by reporting a bug or by changing the governance, please take a look at the contribution guide.