Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by Gusted (gusted@social.linux.pizza)

Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Wednesday, 24-Jul-2024 23:09:57 JST Gusted
in reply to
- feld
- Forgejo
@feld @forgejo Having a verified SSH key is also a form of 2FA. For both occasions, you still need to know the password, so if your SSH key is leaked, it won't give anyone instant access to your account.

In conversation about 4 months ago from social.linux.pizza permalink
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Wednesday, 24-Jul-2024 22:35:55 JST Gusted
in reply to
- Forgejo
- Drew DeVault
@drewdevault @forgejo I hope you don't have to make the same sacrifice as Forgejo does, password being echoed back because PTY allocations are disabled for SSH sessions.

In conversation about 4 months ago from gnusocial.jp permalink
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Wednesday, 24-Jul-2024 22:34:01 JST Gusted
- Forgejo
Oh no! a wild security feature for @forgejo has appeared that even Github doesn't have! https://codeberg.org/forgejo/forgejo/pulls/4662
#forgejo
In conversation about 4 months ago from social.linux.pizza permalink
Attachments
1. Domain not in remote thumbnail source whitelist: codeberg.org
  
  [SEC] Add `totp_recovery_code` as SSH command
  
  from forgejo
  
  - When a person loses access to their TOTP (e.g. phone wiped) and didn't properly save their TOTP's scratch code they have to; they have to rely on the instance admins to authenticate with them that it is really their account, this can be a quite difficult and lengthy process to safely verify thi...
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Thursday, 22-Feb-2024 15:37:16 JST Gusted
in reply to
- Aral Balkan
- Codeberg.org
@aral @Codeberg https://codeberg.org/forgejo/forgejo/pulls/2427 is the partial result of the discussion we had internally. Codeberg is only going do this detection in the pull request diff and commit view.
In conversation about 9 months ago from social.linux.pizza permalink
Attachments
1. Domain not in remote thumbnail source whitelist: codeberg.org
  
  [FEAT] Enable ambiguous character detection in configured contexts
  
  from forgejo
  
  - The ambiguous character detection is an important security feature to combat against sourcecode-based attacks (https://trojansource.codes/). - However there are a few problems with the feature as it stands today (i) it's apparently an big performance hitter, it's twice as slow as syntax highlig...
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Thursday, 22-Feb-2024 05:14:37 JST Gusted
in reply to
- Aral Balkan
- Codeberg.org
@aral @Codeberg
I will bring it up internally.

In conversation about 9 months ago from social.linux.pizza permalink
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Monday, 09-Jan-2023 03:34:57 JST Gusted
in reply to
@apps @Codeberg @gitnex @forgejo @mmarif Everything that works with Gitea 1.18 will work with Forgejo 1.18. So Gitnex will not stop working.

In conversation Monday, 09-Jan-2023 03:34:57 JST from gnusocial.jp permalink
Embed this notice
Gusted (gusted@social.linux.pizza)'s status on Thursday, 27-Oct-2022 18:30:38 JST Gusted
- smallcircles (Humane Tech Now)
- dachary
Hello everyone, if you're reading about the #gitea changes. It could benefit to understand the full picture, I've written a summary of what happened today and as well what @dachary, @humanetech and I found out today.
https://forum.forgefriends.org/t/gitea-ltd-company/917/8

In conversation Thursday, 27-Oct-2022 18:30:38 JST from social.linux.pizza permalink

User actions

Gusted

I’m aware (and the NSA is), that I’m pretty 🌈. Gallium + Yttrium

Tags

(None)

Following 0

Followers 0

Groups 0

Statistics

User ID: 13840

Member since: 27 Oct 2022

Notices: 7

Daily average: 0

Feeds

Atom

Public

Notices by Gusted (gusted@social.linux.pizza)

User actions

Following 0

Followers 0

Groups 0

Statistics

Feeds