source.dussan.org Git - gitea.git/commit

]> source.dussan.org Git - gitea.git/commit

author	Giteabot <teabot@gitea.io>
	Thu, 27 Apr 2023 00:57:51 +0000 (20:57 -0400)
committer	GitHub <noreply@github.com>
	Thu, 27 Apr 2023 00:57:51 +0000 (20:57 -0400)
commit	d2efd2bf7363f8460e2ad6df01065fd30e7d3d4a
tree	a30901b8d45758f696c363f9db87cad1b355214d	tree \| snapshot
parent	89297c9355cf15fa733af900d9dcc4bb681bc137	commit \| diff

Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)

Backport #24362 by @jolheiser

> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom

modules/context/permission.go		diff \| blob \| history
routers/api/packages/api.go		diff \| blob \| history
routers/web/repo/attachment.go		diff \| blob \| history
routers/web/repo/http.go		diff \| blob \| history
services/auth/basic.go		diff \| blob \| history
services/lfs/locks.go		diff \| blob \| history
services/lfs/server.go		diff \| blob \| history
tests/integration/api_packages_npm_test.go		diff \| blob \| history
tests/integration/api_packages_nuget_test.go		diff \| blob \| history
tests/integration/api_packages_pub_test.go		diff \| blob \| history
tests/integration/api_packages_vagrant_test.go		diff \| blob \| history