Gusted 60c1af244a fix(sec): only degrade permission check for git push ... - A permission check is done when incoming SSH connections are handled (this is run before git hooks). If this check is for write access and AGit flow is supported, then this check is degraded to a read check. The motivation behind this is that for AGit flow the user does not need write permissions but only read permissions. - The `if` condition cannot check if this is for AGit flow, as the Git protocol has not run yet and thus has to delay this permission check. This `if` condition failed to consider that this also might be run for LFS which does not care about AGit flow and would not do a delayed permission check, so ensure that this degradition only happens when the `git-receive-pack` command is being run (which roughly equals to `git push`). - Clarify code comment. - Added integration test.		2025-05-02 06:56:30 +02:00
..
api	feat: allow access to /api/v1/packages/{username} without token (#7716)	2025-04-29 14:37:19 +00:00
common	feat: use XORM EngineGroup instead of single Engine connection (#7212)	2025-03-30 11:34:02 +00:00
install	chore: use sharp to generate images (#7512)	2025-04-11 15:12:50 +00:00
private	fix(sec): only degrade permission check for git push	2025-05-02 06:56:30 +02:00
utils	[PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167)	2024-04-15 13:03:08 +00:00
web	feat: consider WebAuthn & SSH for instance signing (#7693)	2025-04-29 10:34:07 +00:00
init.go	chore: branding import path (#7337)	2025-03-27 19:40:14 +00:00