Beyond coding. We forge. (Code of Conduct: https://codeberg.org/forgejo/code-of-conduct)
Find a file
Gusted eff097448b
[GITEA] rework long-term authentication
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.
2023-10-05 08:03:27 +02:00
.devcontainer devpod use go1.21 (#26637) 2023-08-21 16:20:50 +00:00
.forgejo [TESTS] upgrade tests for storage 2023-10-02 17:06:23 +02:00
.gitea [WORKFLOW] yaml issue templates 2023-10-02 17:06:23 +02:00
.github delete Gitea specific files that need rewriting for Forgejo 2023-10-02 17:06:22 +02:00
assets [GITEA] Use maintained gziphandler 2023-10-02 19:28:45 +02:00
build Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
cmd [CLI] implement forgejo-cli 2023-10-02 16:13:39 +02:00
contrib Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
custom/conf [GITEA] notifies admins on new user registration (squash) cosmetic changes 2023-10-02 19:27:46 +02:00
docker Expanded minimum RSA Keylength to 3072 (#26604) 2023-08-28 00:53:16 +00:00
docs [GITEA] notifies admins on new user registration (squash) cosmetic changes 2023-10-02 19:27:46 +02:00
models [GITEA] rework long-term authentication 2023-10-05 08:03:27 +02:00
modules [GITEA] rework long-term authentication 2023-10-05 08:03:27 +02:00
options [GITEA] notifies admins on new user registration (squash) cosmetic changes 2023-10-02 19:27:46 +02:00
public [FEAT] add Forgero Git Service 2023-10-02 17:06:23 +02:00
releases/images [DOCS] RELEASE-NOTES.md 2023-10-02 17:06:22 +02:00
routers [GITEA] rework long-term authentication 2023-10-05 08:03:27 +02:00
services [GITEA] rework long-term authentication 2023-10-05 08:03:27 +02:00
snap set version in snapcraft yaml 2023-09-13 23:20:46 -04:00
templates [GITEA] fix indentation in Maven package install instructions 2023-10-02 22:31:16 +02:00
tests [GITEA] rework long-term authentication 2023-10-05 08:03:27 +02:00
web_src [GITEA] Use vertical tabs on issue filters 2023-10-02 19:23:41 +02:00
.air.toml Reduce verbosity of dev commands (#24917) 2023-05-24 20:11:04 +00:00
.changelog.yml Changelog for v1.15.0-rc1 (#16422) 2021-07-15 11:47:57 -04:00
.dockerignore Move public asset files to the proper directory (#25907) 2023-07-18 18:06:43 +02:00
.drone.yml Update nodejs installation method in release container (#27207) 2023-09-23 13:18:47 +00:00
.editorconfig Add markdownlint (#20512) 2022-07-28 09:22:47 +08:00
.eslintrc.yaml Use vitest globals (#27102) 2023-09-27 04:37:13 +00:00
.gitattributes [META] Use correct language for .tmpl 2023-10-02 17:06:22 +02:00
.gitignore [CI] gitignore: emacs backups 2023-10-02 16:15:23 +02:00
.gitpod.yml Add Github related extensions in devcontainer (#25800) 2023-07-14 15:58:02 +08:00
.golangci.yml Use Go 1.21 for golangci-lint (#26786) 2023-08-29 16:25:24 +02:00
.ignore Add /public/assets to .ignore (#26232) 2023-07-30 12:34:20 +02:00
.markdownlint.yaml Add markdownlint (#20512) 2022-07-28 09:22:47 +08:00
.npmrc Upgrade to npm lockfile v3 and explicitely set it (#23561) 2023-03-18 19:38:10 +01:00
.spectral.yaml Add spectral linter for Swagger (#20321) 2022-07-11 18:07:16 -05:00
.stylelintrc.yaml Update JS dependencies (#26025) 2023-07-21 11:34:10 +08:00
.yamllint.yaml Fix more yaml lint errors (#27284) 2023-09-26 12:56:42 -04:00
BSDmakefile update BSDmakefile to latest version from upstream (#24063) 2023-04-11 23:42:22 -04:00
build.go User/Org Feed render description as per web (#23887) 2023-04-04 04:39:47 +01:00
CHANGELOG.md Add v1.20.4 changelog (#26974) 2023-09-08 10:32:26 +00:00
CODEOWNERS [META] Add CODEOWNERS files 2023-10-02 17:06:23 +02:00
CONTRIBUTING.md [DOCS] CONTRIBUTING 2023-10-02 17:06:22 +02:00
DCO Remove address from DCO (#22595) 2023-01-24 18:52:38 +00:00
Dockerfile [CI] Forgejo Actions based release process 2023-10-02 16:15:20 +02:00
Dockerfile.rootless [CI] Forgejo Actions based release process 2023-10-02 16:15:20 +02:00
go.mod [GITEA] Use maintained gziphandler 2023-10-02 19:28:45 +02:00
go.sum [GITEA] Use maintained gziphandler 2023-10-02 19:28:45 +02:00
LICENSE [DOCS] LICENSE: add Forgejo Authors 2023-10-02 17:06:22 +02:00
main.go [SEMVER] store SemVer in ForgejoSemVer after a database upgrade 2023-10-02 17:06:23 +02:00
MAINTAINERS Apply lng2020 to maintainers (#27068) 2023-09-14 12:10:12 +08:00
Makefile [SEMVER] store SemVer in ForgejoSemVer after a database upgrade 2023-10-02 17:06:23 +02:00
package-lock.json Use vitest globals (#27102) 2023-09-27 04:37:13 +00:00
package.json Use vitest globals (#27102) 2023-09-27 04:37:13 +00:00
playwright.config.js Update JS dependencies and eslint config (#21388) 2022-10-10 20:02:20 +08:00
poetry.lock Update JS and Poetry dependencies and eslint (#27200) 2023-09-22 22:51:48 +02:00
poetry.toml Clean up pyproject.toml and package.json, fix poetry options (#25327) 2023-06-18 18:13:08 +00:00
pyproject.toml Update JS and Poetry dependencies and eslint (#27200) 2023-09-22 22:51:48 +02:00
README.md [DOCS] README 2023-10-02 17:06:22 +02:00
RELEASE-NOTES.md [DOCS] RELEASE-NOTES.md 2023-10-02 17:06:22 +02:00
vitest.config.js Use vitest globals (#27102) 2023-09-27 04:37:13 +00:00
webpack.config.js [API] Forgejo API /api/forgejo/v1 2023-10-02 17:06:22 +02:00

Welcome to Forgejo

Hi there! Tired of big platforms playing monopoly? Providing Git hosting for your project, friends, company or community? Forgejo (/for'd͡ʒe.jo/ inspired by forĝejo the Esperanto word for forge) has you covered with its intuitive interface, light and easy hosting and a lot of builtin functionality.

Forgejo was created in 2022 because we think that the project should be owned by an independent community. If you second that, then Forgejo is for you! Our promise: Independent Free/Libre Software forever!

What does Forgejo offer?

If you like any of the following, Forgejo is literally meant for you:

  • Lightweight: Forgejo can easily be hosted on nearly every machine. Running on a Raspberry? Small cloud instance? No problem!
  • Project management: Besides Git hosting, Forgejo offers issues, pull requests, wikis, kanban boards and much more to coordinate with your team.
  • Publishing: Have something to share? Use releases to host your software for download, or use the package registry to publish it for docker, npm and many other package managers.
  • Customizable: Want to change your look? Change some settings? There are many config switches to make Forgejo work exactly like you want.
  • Powerful: Organizations & team permissions, CI integration, Code Search, LDAP, OAuth and much more. If you have advanced needs, Forgejo has you covered.
  • Privacy: From update checker to default settings: Forgejo is built to be privacy first for you and your crew.
  • Federation: (WIP) We are actively working to connect software forges with each other through ActivityPub, and create a collaborative network of personal instances.

Learn more

Dive into the documentation, subscribe to releases and blog post on our website, find us on the Fediverse or hop into our Matrix room if you have any questions or want to get involved.

Get involved

If you are interested in making Forgejo better, either by reporting a bug or by changing the governance, please take a look at the contribution guide.