[1.23.1]
Update gogs to 0.14.2
Full Changelog
Security: Cross-repository LFS object overwrite via missing content hash verification. #8166 - GHSA-gmf8-978x-2fg2
Security: Stored XSS via data URI in issue comments. #8174 - GHSA-xrcr-gmf5-2r8j
Security: Release tag option injection in release deletion. #8175 - GHSA-v9vm-r24h-6rqm
Security: Stored XSS in branch and wiki views through author and committer names. #8176 - GHSA-vgvf-m4fw-938j
Security: DOM-based XSS via issue meta selection on the issue page. #8178 - GHSA-vgjm-2cpf-4g7c
Unable to update files via web editor and API. #8184
@girish Thank you, that worked. Though now I'm realizing that I'm not sure if this migration process will work, because the Gogs version we are running is newer than the upgrade process allows:( But glad we can now run these commands.
@girish said in Questions about Cloudron Gogs Config File Settings:
It seems the config docs (https://gogs.io/docs/advanced/configuration_cheat_sheet) is now broken.
source still available https://github.com/gogs/docs/blob/b3379ec57b24f2a9a079c0cd9fede86fec6e3a99/en-US/advanced/configuration_cheat_sheet.md
@b1nar10 if there is also hook support in gogs, then this could be helpful to you. It's how I'm mirroring repos from my gitea to GitHub.
https://blog.9wd.eu/posts/git-mirror/
(what @arshsahzad said) but the username/password appears in a popup dialog immediately after install. But if you dismissed it by mistake, you can find this from the first time setup instructions:
[image: 1619027553859-8af992fd-949b-4f46-8afa-31784a9c22bb-image.png]
