Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update github.com/cloudflare/circl (#28789) #28790

Merged
merged 2 commits into from
Jan 15, 2024

Conversation

harryzcy
Copy link
Contributor

Backport #28789

cloudflare/circl: GHSA-9763-4f94-gfch

Backport go-gitea#28789

cloudflare/circl: GHSA-9763-4f94-gfch

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@GiteaBot GiteaBot added this to the 1.21.4 milestone Jan 15, 2024
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 15, 2024
@pull-request-size pull-request-size bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jan 15, 2024
@pull-request-size pull-request-size bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jan 15, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 15, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 15, 2024
@lunny lunny merged commit d1db2b7 into go-gitea:release/v1.21 Jan 15, 2024
26 checks passed
@harryzcy harryzcy deleted the backport-28789-v1.21 branch January 15, 2024 22:11
@lunny lunny added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Jan 16, 2024
nrdufour added a commit to nrdufour/home-ops that referenced this pull request Jan 17, 2024
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.21.3` -> `1.21.4` |

---

### Release Notes

<details>
<summary>go-gitea/gitea (docker.io/gitea/gitea)</summary>

### [`v1.21.4`](https://github.com/go-gitea/gitea/releases/tag/v1.21.4)

[Compare Source](go-gitea/gitea@v1.21.3...v1.21.4)

-   SECURITY
    -   Update github.com/cloudflare/circl ([#&#8203;28789](go-gitea/gitea#28789)) ([#&#8203;28790](go-gitea/gitea#28790))
    -   Require token for GET subscription endpoint ([#&#8203;28765](go-gitea/gitea#28765)) ([#&#8203;28768](go-gitea/gitea#28768))
-   BUGFIXES
    -   Use refname:strip-2 instead of refname:short when syncing tags ([#&#8203;28797](go-gitea/gitea#28797)) ([#&#8203;28811](go-gitea/gitea#28811))
    -   Fix links in issue card ([#&#8203;28806](go-gitea/gitea#28806)) ([#&#8203;28807](go-gitea/gitea#28807))
    -   Fix nil pointer panic when exec some gitea cli command ([#&#8203;28791](go-gitea/gitea#28791)) ([#&#8203;28795](go-gitea/gitea#28795))
    -   Require token for GET subscription endpoint ([#&#8203;28765](go-gitea/gitea#28765)) ([#&#8203;28778](go-gitea/gitea#28778))
    -   Fix button size in "attached header right" ([#&#8203;28770](go-gitea/gitea#28770)) ([#&#8203;28774](go-gitea/gitea#28774))
    -   Fix `convert.ToTeams` on empty input ([#&#8203;28426](go-gitea/gitea#28426)) ([#&#8203;28767](go-gitea/gitea#28767))
    -   Hide code related setting options in repository when code unit is disabled ([#&#8203;28631](go-gitea/gitea#28631)) ([#&#8203;28749](go-gitea/gitea#28749))
    -   Fix incorrect URL for "Reference in New Issue" ([#&#8203;28716](go-gitea/gitea#28716)) ([#&#8203;28723](go-gitea/gitea#28723))
    -   Fix panic when parsing empty pgsql host ([#&#8203;28708](go-gitea/gitea#28708)) ([#&#8203;28709](go-gitea/gitea#28709))
    -   Upgrade xorm to new version which supported update join for all supported databases ([#&#8203;28590](go-gitea/gitea#28590)) ([#&#8203;28668](go-gitea/gitea#28668))
    -   Fix alpine package files are not rebuilt ([#&#8203;28638](go-gitea/gitea#28638)) ([#&#8203;28665](go-gitea/gitea#28665))
    -   Avoid cycle-redirecting user/login page ([#&#8203;28636](go-gitea/gitea#28636)) ([#&#8203;28658](go-gitea/gitea#28658))
    -   Fix empty ref for cron workflow runs ([#&#8203;28640](go-gitea/gitea#28640)) ([#&#8203;28647](go-gitea/gitea#28647))
    -   Remove unnecessary syncbranchToDB with tests ([#&#8203;28624](go-gitea/gitea#28624)) ([#&#8203;28629](go-gitea/gitea#28629))
    -   Use known issue IID to generate new PR index number when migrating from GitLab ([#&#8203;28616](go-gitea/gitea#28616)) ([#&#8203;28618](go-gitea/gitea#28618))
    -   Fix flex container width ([#&#8203;28603](go-gitea/gitea#28603)) ([#&#8203;28605](go-gitea/gitea#28605))
    -   Fix the scroll behavior for emoji/mention list ([#&#8203;28597](go-gitea/gitea#28597)) ([#&#8203;28601](go-gitea/gitea#28601))
    -   Fix wrong due date rendering in issue list page ([#&#8203;28588](go-gitea/gitea#28588)) ([#&#8203;28591](go-gitea/gitea#28591))
    -   Fix `status_check_contexts` matching bug ([#&#8203;28582](go-gitea/gitea#28582)) ([#&#8203;28589](go-gitea/gitea#28589))
    -   Fix 500 error of searching commits ([#&#8203;28576](go-gitea/gitea#28576)) ([#&#8203;28579](go-gitea/gitea#28579))
    -   Use information from previous blame parts ([#&#8203;28572](go-gitea/gitea#28572)) ([#&#8203;28577](go-gitea/gitea#28577))
    -   Update mermaid for 1.21 ([#&#8203;28571](go-gitea/gitea#28571))
    -   Fix 405 method not allowed CORS / OIDC ([#&#8203;28583](go-gitea/gitea#28583)) ([#&#8203;28586](go-gitea/gitea#28586)) ([#&#8203;28587](go-gitea/gitea#28587)) ([#&#8203;28611](go-gitea/gitea#28611))
    -   Fix `GetCommitStatuses` ([#&#8203;28787](go-gitea/gitea#28787)) ([#&#8203;28804](go-gitea/gitea#28804))
    -   Forbid removing the last admin user ([#&#8203;28337](go-gitea/gitea#28337)) ([#&#8203;28793](go-gitea/gitea#28793))
    -   Fix schedule tasks bugs ([#&#8203;28691](go-gitea/gitea#28691)) ([#&#8203;28780](go-gitea/gitea#28780))
    -   Fix issue dependencies ([#&#8203;27736](go-gitea/gitea#27736)) ([#&#8203;28776](go-gitea/gitea#28776))
    -   Fix system webhooks API bug ([#&#8203;28531](go-gitea/gitea#28531)) ([#&#8203;28666](go-gitea/gitea#28666))
    -   Fix when private user following user, private user will not be counted in his own view ([#&#8203;28037](go-gitea/gitea#28037)) ([#&#8203;28792](go-gitea/gitea#28792))
    -   Render code block in activity tab ([#&#8203;28816](go-gitea/gitea#28816)) ([#&#8203;28818](go-gitea/gitea#28818))
-   ENHANCEMENTS
    -   Rework markup link rendering ([#&#8203;26745](go-gitea/gitea#26745)) ([#&#8203;28803](go-gitea/gitea#28803))
    -   Modernize merge button ([#&#8203;28140](go-gitea/gitea#28140)) ([#&#8203;28786](go-gitea/gitea#28786))
    -   Speed up loading the dashboard on mysql/mariadb ([#&#8203;28546](go-gitea/gitea#28546)) ([#&#8203;28784](go-gitea/gitea#28784))
    -   Assign pull request to project during creation ([#&#8203;28227](go-gitea/gitea#28227)) ([#&#8203;28775](go-gitea/gitea#28775))
    -   Show description as tooltip instead of title for labels ([#&#8203;28754](go-gitea/gitea#28754)) ([#&#8203;28766](go-gitea/gitea#28766))
    -   Make template `DateTime` show proper tooltip ([#&#8203;28677](go-gitea/gitea#28677)) ([#&#8203;28683](go-gitea/gitea#28683))
    -   Switch destination directory for apt signing keys ([#&#8203;28639](go-gitea/gitea#28639)) ([#&#8203;28642](go-gitea/gitea#28642))
    -   Include heap pprof in diagnosis report to help debugging memory leaks ([#&#8203;28596](go-gitea/gitea#28596)) ([#&#8203;28599](go-gitea/gitea#28599))
-   DOCS
    -   Suggest to use Type=simple for systemd service ([#&#8203;28717](go-gitea/gitea#28717)) ([#&#8203;28722](go-gitea/gitea#28722))
    -   Extend description for ARTIFACT_RETENTION_DAYS ([#&#8203;28626](go-gitea/gitea#28626)) ([#&#8203;28630](go-gitea/gitea#28630))
-   MISC
    -   Add -F to commit search to treat keywords as strings ([#&#8203;28744](go-gitea/gitea#28744)) ([#&#8203;28748](go-gitea/gitea#28748))
    -   Add download attribute to release attachments ([#&#8203;28739](go-gitea/gitea#28739)) ([#&#8203;28740](go-gitea/gitea#28740))
    -   Concatenate error in `checkIfPRContentChanged` ([#&#8203;28731](go-gitea/gitea#28731)) ([#&#8203;28737](go-gitea/gitea#28737))
    -   Improve 1.21 document for Database Preparation ([#&#8203;28643](go-gitea/gitea#28643)) ([#&#8203;28644](go-gitea/gitea#28644))

Instances on **[Gitea Cloud](https://cloud.gitea.com)** will be automatically upgraded to this version during the specified maintenance window.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEzMi4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://git.home/nrdufour/home-ops/pulls/316
Co-authored-by: Renovate <[email protected]>
Co-committed-by: Renovate <[email protected]>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 10, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed!
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants