Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update jwt and redis packages #33984

Merged
merged 1 commit into from
Mar 23, 2025
Merged

update jwt and redis packages #33984

merged 1 commit into from
Mar 23, 2025

Conversation

TheFox0x7
Copy link
Contributor

fixes CVE-2025-30204 for jwt and CVE-2025-29923 for go-redis

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 23, 2025
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Mar 23, 2025
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 23, 2025
@wxiaoguang wxiaoguang added the backport/v1.23 This PR should be backported to Gitea 1.23 label Mar 23, 2025
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 23, 2025
@techknowlogick techknowlogick merged commit 1898737 into go-gitea:main Mar 23, 2025
26 checks passed
@GiteaBot GiteaBot added this to the 1.24.0 milestone Mar 23, 2025
@GiteaBot
Copy link
Collaborator

I was unable to create a backport for 1.23. @TheFox0x7, please send one manually. 🍵

go run ./contrib/backport 33984
...  // fix git conflicts if any
go run ./contrib/backport --continue

@GiteaBot GiteaBot added the backport/manual No power to the bots! Create your backport yourself! label Mar 23, 2025
TheFox0x7 added a commit to TheFox0x7/gitea that referenced this pull request Mar 23, 2025
@TheFox0x7
update jwt and redis packages (go-gitea#33984)
ec6ec39 
Backport go-gitea#33984
TheFox0x7 added a commit to TheFox0x7/gitea that referenced this pull request Mar 23, 2025
@TheFox0x7
update jwt and redis packages (go-gitea#33984)
39edc38 
Backport go-gitea#33984
@TheFox0x7 TheFox0x7 mentioned this pull request Mar 23, 2025
Merged
techknowlogick pushed a commit that referenced this pull request Mar 23, 2025
@TheFox0x7
update jwt and redis packages (#33984) (#33987)
347101f
@lunny lunny added the backport/done All backports for this PR have been created label Mar 23, 2025
zjjhot added a commit to zjjhot/gitea that referenced this pull request Mar 24, 2025
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
fde02d1 
* giteaofficial/main:
  [skip ci] Updated translations via Crowdin
  Only use prev and next buttons for pagination on user dashboard (go-gitea#33981)
  update jwt and redis packages (go-gitea#33984)
  [skip ci] Updated translations via Crowdin
  Improve oauth2 error handling (go-gitea#33969)
  [skip ci] Updated translations via Crowdin
  Cover `go.mod` and `go.sum` in `.editorconfig` (go-gitea#33960)
  Drop timeout for requests made to the internal hook api (go-gitea#33947)
  Fix file name could not be searched if the file was not a text file when using the Bleve indexer (go-gitea#33959)
  Fix oauth2 auth and UI (go-gitea#33961)
  Allow filtering issues by any assignee (go-gitea#33343)
  Optimize total count of feed when loading activities in user dashboard. (go-gitea#33841)
  Extract code to their own functions for push update (go-gitea#33944)
  Optimize heatmap query (go-gitea#33853)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/manual No power to the bots! Create your backport yourself! backport/v1.23 This PR should be backported to Gitea 1.23 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/dependencies size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
1.24.0
Development

Successfully merging this pull request may close these issues.
5 participants
@TheFox0x7 @GiteaBot @techknowlogick @wxiaoguang @lunny