Affected by GO-2024-3056
and 6 other vulnerabilities
GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea
GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea
GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea
GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea
GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea
GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea
GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea
package
Version:
v1.21.10
Opens a new window with list of versions in this module.
Published: Mar 25, 2024
License: MIT
Opens a new window with license information.
Imports: 3
Opens a new window with list of imports.
Imported by: 2
Opens a new window with list of known importers.
Documentation
¶
Init initialize AppState interface
DBStore can be used to store app state items in local filesystem
type RuntimeState struct {
LastAppPath string `json:"last_app_path"`
LastCustomConf string `json:"last_custom_conf"`
}
RuntimeState contains app state for runtime, and we can save remote version for update checker here in future
Name returns the item name
type StateItem interface {
Name() string
}
StateItem provides the name for a state item. the name will be used to generate filenames, etc
StateStore is the interface to get/set app state items
AppState contains the state items for the app
Source Files
¶
Click to show internal directories.
Click to hide internal directories.