forgejo/routers/api/packages
Giteabot d2efd2bf73
Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
Backport #24362 by @jolheiser

> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-26 20:57:51 -04:00
..
cargo Add Cargo package registry (#21888) 2023-02-05 18:12:31 +08:00
chef Add Chef package registry (#22554) 2023-02-06 09:49:21 +08:00
composer Use ErrInvalidArgument in packages (#22268) 2022-12-31 12:49:37 +01:00
conan refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
conda Add Conda package registry (#22262) 2023-02-01 12:30:39 -06:00
container Add actions support to package auth verification (#23729) (#24028) 2023-04-10 10:36:21 +02:00
generic Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
helm Use ErrInvalidArgument in packages (#22268) 2022-12-31 12:49:37 +01:00
helper Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
maven Replace fmt.Sprintf with hex.EncodeToString (#21960) 2022-11-28 11:19:18 +00:00
npm Use ErrInvalidArgument in packages (#22268) 2022-12-31 12:49:37 +01:00
nuget Add /$count endpoints for NuGet v2 (#22855) 2023-02-11 19:30:44 +08:00
pub Use ErrInvalidArgument in packages (#22268) 2022-12-31 12:49:37 +01:00
pypi Update go dev dependencies (#22064) 2022-12-08 16:21:37 +08:00
rubygems Use ErrInvalidArgument in packages (#22268) 2022-12-31 12:49:37 +01:00
vagrant Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
api.go Require repo scope for PATs for private repos and basic authentication (#24362) (#24364) 2023-04-26 20:57:51 -04:00