Commit graph

4 commits

Author SHA1 Message Date
Otto Richter
d06f1c6856 link to security policy in security.txt 2024-10-22 14:28:17 +02:00
0ko
5e7c7e981e Improvements to English locale (#4453)
A few fixes and improvements.

Notable changes:

- `issues.ref_closing_from` now makes sense.
https://codeberg.org/attachments/c091cc42-f0bf-4a14-8e43-8c66ead5ef06

- `pulls.cmd_instruction_hint`: removed full stop.
https://codeberg.org/attachments/41fcf979-3a5b-48f8-9e60-bde0b06dd522

- `settings.wiki_rename_branch_main_desc`: fix based on change in stalled 3546 so the sentence makes sense.

- `find_file.go_to_file`: better describe what the button does
https://codeberg.org/attachments/e181e486-3376-446d-a994-bfe65c125a70

- `repos.unadopted.no_more`: it's also shown when there are no results, not when the server "ran out of results"
https://codeberg.org/attachments/9077cbc4-f9e7-4ee5-ad86-6cfff41fec37

- `security.txt`: rephrase to decrease brokenness of English.

- `translation_meta`: added a special string, can be used to trigger Weblate to create a PR, which is usable for debugging

Co-authors:
- https://codeberg.org/Cyborus
- https://codeberg.org/toolforger
- https://codeberg.org/woutput

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4453
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-12 11:58:50 +00:00
Gusted
bdc296793e
[BRANDING] security.txt
- The [security.txt](https://securitytxt.org/) is a standardized file to
help with reporting security vulnerabilities, by having the most essential
information served at `.well-known/security.txt`.
- Brand this file to point to the Forgejo security team.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1192

(cherry picked from commit 7ca1d0ec87)
(cherry picked from commit ba974b0161)
(cherry picked from commit 966fbcdcfd)
(cherry picked from commit 8b9efebc6e)
(cherry picked from commit 91b1c84c18)
(cherry picked from commit 30ade1ea0b)
(cherry picked from commit 15ec35014e)
(cherry picked from commit a5e8bb4a93)
(cherry picked from commit 273b03888f)
(cherry picked from commit 69b6b53fe5)
(cherry picked from commit e22a512fde)
(cherry picked from commit 958b3e4877)
(cherry picked from commit d1ad5daa51)
(cherry picked from commit a4868c4d79)
(cherry picked from commit ce4692d352)
(cherry picked from commit 7cb94c23fd)
(cherry picked from commit 05fa514e14)
(cherry picked from commit be70e50114)
(cherry picked from commit 576997ac9a)
(cherry picked from commit 5ca0898717)
(cherry picked from commit 69db3def99)
(cherry picked from commit 577aec56fe)
(cherry picked from commit 1256e4f2f1)
(cherry picked from commit 98abae947e)
(cherry picked from commit 3106f876d2)
2024-02-05 16:05:02 +01:00
wxiaoguang
52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00