0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-11-25 11:42:49 +01:00
gitea/modules
zeripath dace0ce1b1
Prevent addition of labels from outside the repository or organisation in issues (#14912)
* Never add labels not from this repository or organisation and remove org labels on transfer

Prevent the addition of labels from outside of the repository or
organisation and remove organisation labels on transfer.

Related #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch to use sql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* subquery alias

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Give me some AS?

Signed-off-by: Andrew Thornton <art27@cantab.net>

* double AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* once more around the merry go round

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix api problem

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add outside label consistency check into doctor

This PR adds another consistency check into doctor in order to detect
labels that have been added from outside of repositories and organisations

Fix #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-19 21:25:14 +08:00
..
analyze Exclude generated files from language statistics (#11653) 2020-05-29 09:20:01 +03:00
auth Add SameSite setting for cookies (#14900) 2021-03-07 08:12:43 +00:00
avatar Avatars and Repo avatars support storing in minio (#12516) 2020-10-14 21:07:51 +08:00
base Add some Unit-Tests (#14500) 2021-01-28 19:08:11 +01:00
cache [Vendor] Update go-redis to v8.5.0 (#13749) 2021-02-10 21:28:32 +00:00
charset Ensure that the detected charset order is set in chardet test (#12574) 2020-08-23 14:15:29 +01:00
context Add SameSite setting for cookies (#14900) 2021-03-07 08:12:43 +00:00
convert [API] get pull, return head branch sha, even if deleted (#14931) 2021-03-08 21:48:31 +01:00
cron Cron job to cleanup hook_task table (#13080) 2021-01-26 22:02:42 +01:00
doctor Prevent addition of labels from outside the repository or organisation in issues (#14912) 2021-03-19 21:25:14 +08:00
emoji Fix several render issues (#14986) 2021-03-16 00:20:05 +01:00
eventsource Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
forms Move repo.CloseIssuesViaCommitInAnyBranch to issue settings (#14965) 2021-03-16 02:00:52 +01:00
generate Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
git support gitmailmap in GetCodeActivityStats() (#15009) 2021-03-17 17:00:26 -04:00
gitgraph [Refactor] CombinedStatus and CommitStatus related functions & structs (#14026) 2020-12-18 11:33:32 +08:00
graceful Make internal SSH server host key path configurable (#14918) 2021-03-08 03:43:59 +01:00
hcaptcha hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
highlight Use existing analyzer module for language detection for highlighting (#13522) 2020-11-13 16:13:41 -05:00
httpcache Use IsProd instead of testing if it's equal. (#14336) 2021-01-14 23:17:03 +02:00
httplib Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
indexer Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781) 2021-03-03 21:57:01 -05:00
lfs Fix race in LFS ContentStore.Put(...) (#14895) 2021-03-06 20:21:56 +00:00
log Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
markup another clusterfuzz spotted issue (#15032) 2021-03-18 22:37:11 +01:00
matchlist Add Allow-/Block-List for Migrate & Mirrors (#13610) 2020-11-28 19:37:58 -05:00
metrics Prometheus endpoint (#5256) 2018-11-04 22:20:00 -05:00
migrations Do not convert file path to lowercase (#15023) 2021-03-18 13:58:47 +00:00
nosql [Vendor] Update go-redis to v8.5.0 (#13749) 2021-02-10 21:28:32 +00:00
notification Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
options Add StatDir and replace com.StatDir (#14099) 2020-12-22 07:40:57 +08:00
password Check passwords against HaveIBeenPwned (#12716) 2020-09-08 17:06:39 -05:00
pprof Add golangci (#6418) 2019-06-12 15:41:28 -04:00
private Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
process Reduce data races (#14549) 2021-02-03 22:36:38 +01:00
public Update docs and comments to remove macaron (#14491) 2021-01-29 16:35:30 +01:00
queue Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
recaptcha Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
references Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) 2020-12-21 16:39:28 +01:00
repofiles remove duplicate define of CheckAttribute() (#14837) 2021-03-01 14:14:17 +02:00
repository Ensure memcache TTL cannot be over 30 days (#14592) 2021-02-09 22:29:03 +00:00
secret Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
session Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
setting Add reverse proxy configuration support for remote IP address (#14959) 2021-03-16 00:27:28 +02:00
ssh Make internal SSH server host key path configurable (#14918) 2021-03-08 03:43:59 +01:00
storage Fix race in local storage (#14888) 2021-03-05 14:19:17 +01:00
structs Make manual merge autodetection optional and add manual merge as merge method (#12543) 2021-03-03 22:41:23 -05:00
svg Fix filepath basename on Windows for SVG bindata (#12241) 2020-07-13 21:16:40 +01:00
sync Fix missing unlock in uniquequeue (#9790) 2020-01-15 23:58:33 +02:00
task Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
templates Prevent incorrect HTML escaping in swagger.json (#14957) 2021-03-11 23:43:04 -05:00
test Move middlewares to web/middleware (#14480) 2021-01-30 10:55:53 +02:00
timeutil Fix display since time round (#14226) 2021-01-28 13:29:22 +01:00
translation Fix locale init (#14582) 2021-02-05 22:41:45 +01:00
upload Update golangci-lint to version 1.31.0 (#13102) 2020-10-11 21:27:20 +01:00
uri Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
user Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
util [API] Add pagination to ListBranches (#14524) 2021-02-03 20:06:13 +01:00
validation Move macaron to chi (#14293) 2021-01-26 16:36:53 +01:00
web Add SameSite setting for cookies (#14900) 2021-03-07 08:12:43 +00:00