Copilot
2671b997f2
Refactor integration test DecodeJSON calls to use generic return value ( #37432 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: wxiaoguang <2114189+wxiaoguang@users.noreply.github.com >
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2026-04-26 14:57:07 +00:00
wxiaoguang
840cf68c3e
Fix release draft access check logic ( #36720 )
...
1. remove hasRepoWriteScope to avoid abuse
2. clarify "ctx.Written" behavior
3. merge "read-only" tests to slightly improve performance
2026-02-25 20:59:29 +00:00
Lunny Xiao
1eced4a7c0
Fix get release draft permission check ( #36659 )
...
Draft release and it's attachments need a write permission to access.
---------
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: Giteabot <teabot@gitea.io >
2026-02-22 20:56:46 +00:00
Kemal Zebari
7adc4717ec
Include file extension checks in attachment API ( #32151 )
...
From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.
2024-11-06 21:34:32 +00:00
