mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-05-15 23:40:26 +00:00
4e83f85b75
- Follow up of forgejo/forgejo!5041, forgejo/forgejo!6074, forgejo/forgejo!8692, forgejo/forgejo!9923 - The `webhook` table contains a encrypted header authorization. - Use `keying` to safely store this secret and bound them to the table, column and row id - The migration isn't spectacular but does closely follow what we learned in the previous three migrations: use a transaction and delete records when you can't decrypt them. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/10059 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org> Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>
17 lines
305 B
YAML
17 lines
305 B
YAML
-
|
|
id: 1
|
|
owner_id: 3
|
|
repo_id: 3
|
|
header_authorization_encrypted: '54586e944822336738b940c2560b7ef38bea3a91dcfe43c9c32e55b2a57050f75c63456b'
|
|
|
|
-
|
|
id: 2
|
|
owner_id: 1
|
|
repo_id: 2
|
|
header_authorization_encrypted: 'badbadbad'
|
|
|
|
-
|
|
id: 3
|
|
owner_id: 2
|
|
repo_id: 1
|
|
header_authorization_encrypted: ''
|