New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigate Security vulnerability in the git hook feature #13058

Merged

lafriks merged 2 commits into go-gitea:master from Niklas974:git-hook

Oct 7, 2020

+15 −5

Commits on Oct 7, 2020

Extend git hook warning in the UI.
```
Git hooks are a dangerous feature, administrators should be warned before giving
the git hook privilege to users.
```
Niklas Goerke committed Oct 7, 2020
Configuration menu
View commit details

Copy full SHA for a753e80

Browse repository at this point
Copy the full SHA

a753e80 View commit details

Browse the repository at this point in the history
Disable Git hooks by default and add warning.
```
Git hooks are a dangerous features (see warning text) that should only
be enabled if the administrator was informed about the risk involved.
```
Niklas Goerke committed Oct 7, 2020
Configuration menu
View commit details

Copy full SHA for 1f94c4e

Browse repository at this point
Copy the full SHA

1f94c4e View commit details

Browse the repository at this point in the history