upstream/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-03-02 05:00:39 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
forgejo/models
History
Gusted 4e83f85b75 feat: use keying for webhook secrets (#10059) 
- Follow up of forgejo/forgejo!5041, forgejo/forgejo!6074, forgejo/forgejo!8692, forgejo/forgejo!9923
- The `webhook` table contains a encrypted header authorization.
- Use `keying` to safely store this secret and bound them to the table, column and row id
- The migration isn't spectacular but does closely follow what we learned in the previous three migrations: use a transaction and delete records when you can't decrypt them.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/10059
Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-12-22 15:51:37 +01:00
..
actions chore: increase test coverage of runner management (#10490) 2025-12-20 15:29:40 +01:00
activities chore: ensure consistent import aliasing for services and models (#10253) 2025-11-30 17:00:57 +01:00
admin feat: cache derived keys for faster keying (#10114) 2025-11-16 14:29:14 +01:00
asymkey feat: use AppDomain for key verification (#10429) 2025-12-17 17:01:14 +01:00
auth feat: cache derived keys for faster keying (#10114) 2025-11-16 14:29:14 +01:00
avatars chore(lint): Add exceptions for dbfs_model and unittest (#10275) 2025-12-09 14:34:06 +01:00
db refactor: migrate from lib/pq to jackc/pgx (#10219) 2025-11-30 17:47:45 +01:00
dbfs fix: garbage collect lingering actions logs (#10009) 2025-11-18 18:59:01 +01:00
fixtures feat(ui): show cancel button until all jobs are finished (#9261) 2025-12-21 17:09:22 +01:00
forgefed log instrumentation & test package (#10371) 2025-12-09 15:37:50 +01:00
forgejo/semver Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
forgejo_migrations feat: use keying for webhook secrets (#10059) 2025-12-22 15:51:37 +01:00
forgejo_migrations_legacy feat: cache derived keys for faster keying (#10114) 2025-11-16 14:29:14 +01:00
git feat: always publish the link to the commit status (#8177) 2025-06-13 12:41:34 +02:00
gitea_migrations feat: use keying for webhook secrets (#10059) 2025-12-22 15:51:37 +01:00
issues fix: Allow SHA-256 in PR commit URLs (#10309) 2025-12-16 00:45:00 +01:00
moderation feat: render a link to poster profile next to the ID within shadow copy details (#10194) 2025-12-09 15:19:10 +01:00
organization chore: unify the usage of CryptoRandomString (#10110) 2025-11-15 13:24:53 +01:00
packages chore: unify the usage of CryptoRandomString (#10110) 2025-11-15 13:24:53 +01:00
perm feat: add foreign keys to the access table (#9557) 2025-10-14 05:39:47 +02:00
project feat(build): improve lint-locale-usage further (#8736) 2025-08-27 23:47:34 +02:00
pull fix: do not ignore automerge while a PR is checking for conflicts (#8189) 2025-06-17 10:58:07 +02:00
quota feat: allow sync quota groups with oauth2 auth source (#8554) 2025-12-01 14:12:00 +01:00
repo fix: always search for issue posters by user and full name (#10394) 2025-12-22 12:59:37 +01:00
secret feat: cache derived keys for faster keying (#10114) 2025-11-16 14:29:14 +01:00
shared/types chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
system Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
unit feat(build): add support for the base.Messenger, $.locale.Tr, Form structs to lint-locale-usage (#9095) 2025-09-30 03:25:45 +02:00
unittest fix: reduce deadlocks merging PRs by using caching for repo issue count stats (#9922) 2025-10-31 23:50:05 +01:00
user fix(user): set ActivityPub users to ProhibitLogin (#10434) 2025-12-17 15:38:32 +01:00
webhook feat: use keying for webhook secrets (#10059) 2025-12-22 15:51:37 +01:00
error.go fix: don't allow credentials in migrate/push mirror URL 2025-08-30 08:07:23 +02:00
main_test.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org_team.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org_team_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
org_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
repo.go fix: possible cause of invalid issue counts; cache invalidation occurs before a active transaction is committed (#10130) 2025-11-17 01:07:29 +01:00
repo_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
repo_transfer.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
repo_transfer_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00