forked from gitea/gitea
1
0
Fork 0
gitea/models
Jason Song edf98a2dc3
Require approval to run actions for fork pull request (#22803)
Currently, Gitea will run actions automatically which are triggered by
fork pull request. It's a security risk, people can create a PR and
modify the workflow yamls to execute a malicious script.

So we should require approval for first-time contributors, which is the
default strategy of a public repo on GitHub, see [Approving workflow
runs from public
forks](https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks).

Current strategy:

- don't need approval if it's not a fork PR;
- always need approval if the user is restricted;
- don't need approval if the user can write;
- don't need approval if the user has been approved before;
- otherwise, need approval.

https://user-images.githubusercontent.com/9418365/217207121-badf50a8-826c-4425-bef1-d82d1979bc81.mov

GitHub has an option for that, you can see that at
`/<owner>/<repo>/settings/actions`, and we can support that later.

<img width="835" alt="image"
src="https://user-images.githubusercontent.com/9418365/217199990-2967e68b-e693-4e59-8186-ab33a1314a16.png">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-24 15:58:49 +08:00
..
actions Require approval to run actions for fork pull request (#22803) 2023-02-24 15:58:49 +08:00
activities Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) 2023-02-18 20:11:03 +08:00
admin Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
asymkey Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
auth Use minio/sha256-simd for accelerated SHA256 (#23052) 2023-02-22 14:21:46 -05:00
avatars Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
db Remove all package data after tests (#22984) 2023-02-23 22:11:56 +08:00
dbfs Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
fixtures Make CI use a dummy password hasher for all tests (#22983) 2023-02-20 13:20:30 +08:00
git Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) 2023-02-18 20:11:03 +08:00
issues Fix intermittent panic in notify issue change content (#23019) 2023-02-20 19:15:49 -05:00
migrations Require approval to run actions for fork pull request (#22803) 2023-02-24 15:58:49 +08:00
organization Rename `GetUnits` to `LoadUnits` (#22970) 2023-02-19 16:31:39 +08:00
packages Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986) 2023-02-06 12:09:18 -06:00
perm Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) 2023-02-18 20:11:03 +08:00
project improve FindProjects (#23085) 2023-02-24 13:18:52 +08:00
pull refactor some functions to support ctx as first parameter (#21878) 2022-12-03 10:48:26 +08:00
repo Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) 2023-02-18 20:11:03 +08:00
secret Secrets storage with SecretKey encrypted (#22142) 2022-12-20 17:07:13 +08:00
system Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
unit Repositories: by default disable all units except code and pulls on forks (#22541) 2023-02-04 14:48:38 +08:00
unittest Make CI use a dummy password hasher for all tests (#22983) 2023-02-20 13:20:30 +08:00
user Provide the ability to set password hash algorithm parameters (#22942) 2023-02-19 15:35:20 +08:00
webhook Support system hook API (#14537) 2023-01-28 19:12:10 +01:00
error.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
fixture_generation.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
fixture_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
main_test.go Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
migrate.go Check primary keys for all tables and drop ForeignReference (#21721) 2022-12-23 19:35:43 +08:00
migrate_test.go Check primary keys for all tables and drop ForeignReference (#21721) 2022-12-23 19:35:43 +08:00
org.go refactor some functions to support ctx as first parameter (#21878) 2022-12-03 10:48:26 +08:00
org_team.go Supports wildcard protected branch (#20825) 2023-01-16 16:00:22 +08:00
org_team_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
org_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
repo.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
repo_collaboration.go refactor some functions to support ctx as first parameter (#21878) 2022-12-03 10:48:26 +08:00
repo_collaboration_test.go Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) 2023-02-18 20:11:03 +08:00
repo_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
repo_transfer.go Always reuse transaction (#22362) 2023-01-08 09:34:58 +08:00
repo_transfer_test.go Rename almost all Ctx functions (#22071) 2022-12-10 10:46:31 +08:00