1
0
Fork 0
forgejo/modules/setting
Jason Song 67bd9d4f1e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581)
Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70
2023-06-30 07:26:36 +00:00
..
actions.go Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) 2023-06-30 07:26:36 +00:00
actions_test.go Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) 2023-06-30 07:26:36 +00:00
admin.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
api.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
asset_dynamic.go Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
asset_static.go Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
attachment.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
attachment_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
cache.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
camo.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
config_env.go Refactor INI package (first step) (#25024) 2023-06-02 17:27:30 +08:00
config_env_test.go Refactor INI package (first step) (#25024) 2023-06-02 17:27:30 +08:00
config_provider.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
config_provider_test.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
cors.go Fix incorrect CORS default values (#24206) 2023-04-19 15:30:10 -04:00
cron.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
cron_test.go Rewrite queue (#24505) 2023-05-08 19:49:59 +08:00
database.go Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413) 2023-06-21 10:49:25 +00:00
database_sqlite.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
database_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
federation.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
git.go Use [git.config] for reflog cleaning up (#24958) 2023-05-28 01:07:14 +00:00
git_test.go Use [git.config] for reflog cleaning up (#24958) 2023-05-28 01:07:14 +00:00
highlight.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
i18n.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
incoming_email.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
indexer.go Allow skipping forks and mirrors from being indexed (#23187) 2023-05-25 16:13:47 +08:00
indexer_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
lfs.go Import additional secrets via file uri (#25408) 2023-06-23 00:16:12 +00:00
lfs_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
log.go Fix sub-command log level (#25537) 2023-06-28 08:02:06 +02:00
log_test.go Rewrite logger system (#24726) 2023-05-21 22:35:11 +00:00
mailer.go Make mailer SMTP check have timed context (#24751) 2023-05-16 22:55:51 +02:00
mailer_test.go Remove unnecessary code (#24610) 2023-05-10 04:57:06 +00:00
markup.go Add .livemd as a markdown extension (#22730) 2023-04-26 11:22:54 -04:00
metrics.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
migrations.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
mime_type_map.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
mirror.go Avoid polluting the config (#25345) 2023-06-18 16:10:44 +00:00
oauth2.go Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) 2023-06-28 23:30:06 +02:00
other.go Refactor setting.Other and remove unused SHOW_FOOTER_BRANDING (#24270) 2023-04-22 19:38:25 -04:00
packages.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
packages_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
path.go Use InitWorkPathAndCfgProvider for environment-to-ini to avoid unnecessary checks (#25480) 2023-06-24 09:13:35 +00:00
path_test.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
picture.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
project.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
proxy.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
queue.go Rewrite queue (#24505) 2023-05-08 19:49:59 +08:00
repository.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
repository_archive.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
repository_archive_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
security.go Import additional secrets via file uri (#25408) 2023-06-23 00:16:12 +00:00
server.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
service.go Support wildcard in email domain allow/block list (#24831) 2023-05-22 00:05:44 +00:00
service_test.go Support wildcard in email domain allow/block list (#24831) 2023-05-22 00:05:44 +00:00
session.go Refactor cookie (#24107) 2023-04-13 15:45:33 -04:00
setting.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
setting_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
ssh.go Prefer native parser for SSH public key parsing (#23798) 2023-04-11 14:34:28 +08:00
storage.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
storage_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
task.go handle deprecated settings (#22992) 2023-02-20 16:18:26 -06:00
time.go Remove unused setting time.FORMAT (#24430) 2023-04-29 22:51:43 +02:00
ui.go Remove the service worker (#25010) 2023-05-31 02:07:04 +00:00
webhook.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00