forgejo/forgejo
forgejo/forgejo
108
4.5k
Fork 777
Code Issues 1.3k Pull requests 141 Projects Releases 103 Packages 1 Activity Actions 4

Update github.com/go-git/go-git/v5 (indirect) to v5.17.1 [SECURITY] (v14.0/forgejo) #11899

Merged
mfenniak merged 1 commit from renovate/v14.0/forgejo-go-github.com-go-git-go-git-v5-vulnerability into v14.0/forgejo 2026-03-31 00:49:03 +00:00
Conversation 1 Commits 1 Files changed 2 +6 -6
viceice-bot commented 2026-03-30 21:06:24 +00:00
Member
Copy link

This PR contains the following updates:

Package Change Age Confidence
github.com/go-git/go-git/v5 v5.16.5v5.17.1 age confidence

go-git missing validation decoding Index v4 files leads to panic

CVE-2026-33762 / GHSA-gm2x-2g9h-ccm8

More information

Details

Impact

go-git’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decoded path name. A maliciously crafted index file can trigger an out-of-bounds slice operation, resulting in a runtime panic during normal index parsing.

This issue only affects Git index format version 4. Earlier formats (go-git supports only v2 and v3) are not vulnerable to this issue.

An attacker able to supply a crafted .git/index file can cause applications using go-git to panic while reading the index. If the application does not recover from panics, this results in process termination, leading to a denial-of-service (DoS) condition.

Exploitation requires the ability to modify or inject a Git index file within the local repository in disk. This typically implies write access to the .git directory.

Patches

Users should upgrade to v5.17.1, or the latest v6 pseudo-version, in order to mitigate this vulnerability.

Credit

go-git maintainers thank @​kq5y for finding and reporting this issue privately to the go-git project.

Severity

  • CVSS Score: 2.8 / 10 (Low)
  • Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

go-git: Maliciously crafted idx file can cause asymmetric memory consumption

CVE-2026-34165 / GHSA-jhf3-xxhw-2wpp

More information

Details

Impact

A vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition.

Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files.

Patches

Users should upgrade to v5.17.1, or the latest v6 pseudo-version, in order to mitigate this vulnerability.

Credit

The go-git maintainers thank @​kq5y for finding and reporting this issue privately to the go-git project.

Severity

  • CVSS Score: 5.0 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Release Notes

go-git/go-git (github.com/go-git/go-git/v5)

v5.17.1

Compare Source

What's Changed

Full Changelog: https://github.com/go-git/go-git/compare/v5.17.0...v5.17.1

v5.17.0

Compare Source

What's Changed

Full Changelog: https://github.com/go-git/go-git/compare/v5.16.5...v5.17.0

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `v5.16.5` → `v5.17.1` | ![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgo-git%2fgo-git%2fv5/v5.17.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgo-git%2fgo-git%2fv5/v5.16.5/v5.17.1?slim=true) | --- ### go-git missing validation decoding Index v4 files leads to panic [CVE-2026-33762](https://nvd.nist.gov/vuln/detail/CVE-2026-33762) / [GHSA-gm2x-2g9h-ccm8](https://github.com/advisories/GHSA-gm2x-2g9h-ccm8) <details> <summary>More information</summary> #### Details ##### Impact `go-git`’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decoded path name. A maliciously crafted index file can trigger an out-of-bounds slice operation, resulting in a runtime panic during normal index parsing. This issue only affects Git index format version 4. Earlier formats (`go-git` supports only `v2` and `v3`) are not vulnerable to this issue. An attacker able to supply a crafted `.git/index` file can cause applications using go-git to panic while reading the index. If the application does not recover from panics, this results in process termination, leading to a denial-of-service (DoS) condition. Exploitation requires the ability to modify or inject a Git index file within the local repository in disk. This typically implies write access to the `.git` directory. ##### Patches Users should upgrade to `v5.17.1`, or the latest `v6` [pseudo-version](https://go.dev/ref/mod#pseudo-versions), in order to mitigate this vulnerability. ##### Credit go-git maintainers thank @&#8203;kq5y for finding and reporting this issue privately to the `go-git` project. #### Severity - CVSS Score: 2.8 / 10 (Low) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L` #### References - [https://github.com/go-git/go-git/security/advisories/GHSA-gm2x-2g9h-ccm8](https://github.com/go-git/go-git/security/advisories/GHSA-gm2x-2g9h-ccm8) - [https://github.com/go-git/go-git](https://github.com/go-git/go-git) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-gm2x-2g9h-ccm8) and the [GitHub Advisory Database](https://github.com/github/advisory-database) ([CC-BY 4.0](https://github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### go-git: Maliciously crafted idx file can cause asymmetric memory consumption [CVE-2026-34165](https://nvd.nist.gov/vuln/detail/CVE-2026-34165) / [GHSA-jhf3-xxhw-2wpp](https://github.com/advisories/GHSA-jhf3-xxhw-2wpp) <details> <summary>More information</summary> #### Details ##### Impact A vulnerability has been identified in which a maliciously crafted `.idx` file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition. Exploitation requires write access to the local repository's `.git` directory, it order to create or alter existing `.idx` files. ##### Patches Users should upgrade to `v5.17.1`, or the latest `v6` [pseudo-version](https://go.dev/ref/mod#pseudo-versions), in order to mitigate this vulnerability. ##### Credit The go-git maintainers thank @&#8203;kq5y for finding and reporting this issue privately to the `go-git` project. #### Severity - CVSS Score: 5.0 / 10 (Medium) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H` #### References - [https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp](https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp) - [https://github.com/go-git/go-git](https://github.com/go-git/go-git) - [https://github.com/go-git/go-git/releases/tag/v5.17.1](https://github.com/go-git/go-git/releases/tag/v5.17.1) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-jhf3-xxhw-2wpp) and the [GitHub Advisory Database](https://github.com/github/advisory-database) ([CC-BY 4.0](https://github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>go-git/go-git (github.com/go-git/go-git/v5)</summary> ### [`v5.17.1`](https://github.com/go-git/go-git/releases/tag/v5.17.1) [Compare Source](https://github.com/go-git/go-git/compare/v5.17.0...v5.17.1) #### What's Changed - build: Update module github.com/cloudflare/circl to v1.6.3 \[SECURITY] (releases/v5.x) by [@&#8203;go-git-renovate](https://github.com/go-git-renovate)\[bot] in [#&#8203;1930](https://github.com/go-git/go-git/pull/1930) - \[v5] plumbing: format/index, Improve v4 entry name validation by [@&#8203;pjbgf](https://github.com/pjbgf) in [#&#8203;1935](https://github.com/go-git/go-git/pull/1935) - \[v5] plumbing: format/idxfile, Fix version and fanout checks by [@&#8203;pjbgf](https://github.com/pjbgf) in [#&#8203;1937](https://github.com/go-git/go-git/pull/1937) **Full Changelog**: <https://github.com/go-git/go-git/compare/v5.17.0...v5.17.1> ### [`v5.17.0`](https://github.com/go-git/go-git/releases/tag/v5.17.0) [Compare Source](https://github.com/go-git/go-git/compare/v5.16.5...v5.17.0) #### What's Changed - build: Update module github.com/go-git/go-git/v5 to v5.16.5 \[SECURITY] (releases/v5.x) by [@&#8203;go-git-renovate](https://github.com/go-git-renovate)\[bot] in [#&#8203;1839](https://github.com/go-git/go-git/pull/1839) - git: worktree, optimize infiles function for very large repos by [@&#8203;k-anshul](https://github.com/k-anshul) in [#&#8203;1853](https://github.com/go-git/go-git/pull/1853) - git: Add strict checks for supported extensions by [@&#8203;pjbgf](https://github.com/pjbgf) in [#&#8203;1861](https://github.com/go-git/go-git/pull/1861) - backport, git: Improve Status() speed with new index.ModTime check by [@&#8203;cedric-appdirect](https://github.com/cedric-appdirect) in [#&#8203;1862](https://github.com/go-git/go-git/pull/1862) - storage: filesystem, Avoid overwriting loose obj files by [@&#8203;pjbgf](https://github.com/pjbgf) in [#&#8203;1864](https://github.com/go-git/go-git/pull/1864) **Full Changelog**: <https://github.com/go-git/go-git/compare/v5.16.5...v5.17.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My45OS4xIiwidXBkYXRlZEluVmVyIjoiNDMuOTkuMSIsInRhcmdldEJyYW5jaCI6InYxNC4wL2Zvcmdlam8iLCJsYWJlbHMiOlsiZGVwZW5kZW5jeS11cGdyYWRlIiwidGVzdC9ub3QtbmVlZGVkIl19-->
Update github.com/go-git/go-git/v5 (indirect) to v5.17.1 [SECURITY]
All checks were successful
issue-labels / release-notes (pull_request_target) Has been skipped
Details
issue-labels / cascade (pull_request_target) Has been skipped
Details
requirements / merge-conditions (pull_request) Successful in 7s
Details
testing / frontend-checks (pull_request) Successful in 1m54s
Details
testing / backend-checks (pull_request) Successful in 7m8s
Details
testing / test-unit (pull_request) Successful in 9m31s
Details
testing / test-e2e (pull_request) Successful in 29m2s
Details
testing / test-mysql (pull_request) Successful in 29m21s
Details
testing / test-remote-cacher (redis) (pull_request) Successful in 3m2s
Details
testing / test-remote-cacher (valkey) (pull_request) Successful in 3m17s
Details
testing / test-remote-cacher (garnet) (pull_request) Successful in 3m11s
Details
testing / test-remote-cacher (redict) (pull_request) Successful in 3m20s
Details
testing / test-sqlite (pull_request) Successful in 35m57s
Details
testing / test-pgsql (pull_request) Successful in 42m4s
Details
testing / security-check (pull_request) Successful in 2m26s
Details
issue-labels / backporting (pull_request_target) Has been skipped
Details
milestone / set (pull_request_target) Successful in 9s
Details
0eea81ae3e
viceice-bot commented 2026-03-30 21:06:30 +00:00
Author
Member
Copy link

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 1 additional dependency was updated

Details:

Package Change
github.com/go-git/go-billy/v5 v5.6.2 -> v5.8.0
### ℹ️ Artifact update notice ##### File name: go.mod In order to perform the update(s) described in the table above, Renovate ran the `go get` command, which resulted in the following additional change(s): - 1 additional dependency was updated Details: | **Package** | **Change** | | :------------------------------ | :------------------- | | `github.com/go-git/go-billy/v5` | `v5.6.2` -> `v5.8.0` |
mfenniak approved these changes 2026-03-31 00:48:35 +00:00
mfenniak left a comment
Copy link

The only usage of go-git in Forgejo is the Actions jobparser using it in hashFiles to understand gitignore, so this change is irrelevant -- but to avoid any security doubts it's fine to incorporate.

The only usage of go-git in Forgejo is the Actions jobparser using it in `hashFiles` to understand gitignore, so this change is irrelevant -- but to avoid any security doubts it's fine to incorporate.
mfenniak merged commit 206224aff5 into v14.0/forgejo 2026-03-31 00:49:03 +00:00
mfenniak deleted branch renovate/v14.0/forgejo-go-github.com-go-git-go-git-v5-vulnerability 2026-03-31 00:49:13 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
mfenniak
forgejo/Reviewers
Labels
Clear labels   
arch
riscv64

Archived

  
backport/v1.19
Scheduled for backport to Forgejo v1.19

Archived

  
backport/v1.20
Scheduled for backport to Forgejo v1.20

Archived

  
backport/v1.21/forgejo
Scheduled for backport to Forgejo v1.21

Archived

  
backport/v10.0/forgejo
Automated backport to v10.0

Archived

  
backport/v11.0/forgejo
Automated backport to v11.0

  
backport/v12.0/forgejo
Automated backport to v12.0

Archived

  
backport/v13.0/forgejo
Automated backport to v13.0

Archived

  
backport/v14.0/forgejo
Automated backport to v14.0

Archived

  
backport/v15.0/forgejo
Automated backport to v15.0

  
backport/v7.0/forgejo
Scheduled for backport to Forgejo v7.0

Archived

  
backport/v8.0/forgejo
Scheduled for backport to Forgejo v8.0

Archived

  
backport/v9.0/forgejo
Scheduled for backport to Forgejo v9.0

Archived

  
breaking
The release containing this change is not backward compatible

  
bug
Something is not working

Archived

  
bug
confirmed
 it can be reproduced

  
bug
duplicate
 bug has already been reported in the Forgejo tracker

  
bug
needs-more-info
 the information provided does not contain enough details

  
bug
new-report
 bug has just been reported and need triage (default label on issue creation)

  
bug
reported-upstream
 bug cannot be fixed within Forgejo easily, it has been reported upstream

  
code/actions
Forgejo Actions feature

  
code/api
API

  
code/auth
Forgejo Authentication

  
code/auth/faidp
Forgejo as Identity Provider (in OAuth/OIDC flow)

  
code/auth/farp
Forgejo as Relying Party / Client (in OAuth/OIDC flow)

  
code/email
Everything related to email in Forgejo

  
code/federation
Federation

  
code/git
Related to the Git backend in Forgejo

  
code/migrations
Migration between Git forges (i.e. for GitHub, GitLab, Gitea, Forgejo, etc.). NOT for database migrations.

  
code/packages
Forgejo package and container registry

  
code/wiki
  
database
MySQL
 https://www.mysql.com/

  
database
PostgreSQL
 https://www.postgresql.org/

  
database
SQLite
 https://sqlite.org/

  
dependency-upgrade
https://codeberg.org/forgejo/forgejo/issues/2779

  
dependency
Chi
 https://github.com/go-chi/chi/

Archived

  
dependency
Chroma
 https://github.com/alecthomas/chroma/

Archived

  
dependency
F3
 https://f3.forgefriends.org/

  
dependency
ForgeFed
 https://forgefed.org

  
dependency
garage
 https://git.deuxfleurs.fr/Deuxfleurs/garage

  
dependency
Gitea
 https://github.com/go-gitea/gitea

Archived

  
dependency
Golang
 https://go.dev/

  
Discussion

   
duplicate
This issue or pull request already exists

  
enhancement/feature
New feature

  
forgejo/accessibility
Accessibility (a11y)

  
forgejo/branding
Branding (logo, name, tagline etc.)

  
forgejo/ci
Forgejo Actions CI configuration

  
forgejo/commit-graph
The commit graph feature and page.

  
forgejo/documentation

   
forgejo/furnace cleanup
Keeping Forgejo in sync with its dependencies and contributing back to them

Archived

  
forgejo/i18n
t9n/translation, l10n/localization, and i18n/internationalization of Forgejo

  
forgejo/interop
Interoperability with other services: Webhooks, bridges, integrations

  
forgejo/moderation
Moderation

  
forgejo/privacy
Privacy first

  
forgejo/release
Release management

  
forgejo/scaling
Performance and scaling

  
forgejo/security
Security (please disclose responsibly)

  
forgejo/ui
User interface

  
Gain
High
 User research provides indicators that this would be good to have, interested contributors are encouraged to pick this.

  
Gain
Nice to have
 This is likely worth having, but the assumption is not backed by user research data (it might benefit a small amount of users only.) Unlikely to receive much attention, but feel free to pick.

  
Gain
Undefined
 Not enough information to assess the request's benefits. This issue may be closed if no gain is established: You can help by giving us more input.

  
Gain
Very High
 User research indicates that this is an important improvement for Forgejo users. Contributions very welcome!

  
good first issue
Optimal for first-timers! Make sure to look for further explanations and ask for help if needed. If you want, you can consider the person who added this label as a point of contact.

  
i18n/backport-stable
This PR needs to be backported to stable branch of Forgejo safely and manually, using a migration script.

  
impact
large
 Large impact: Potential data loss, many users affected, major degradation in UX.

  
impact
medium
 Medium impact: Several users affected, degradation in UX, workarounds might be available but inconvenient.

  
impact
small
 Small impact: No data loss, workarounds might be available, affects few users.

  
impact
unknown
 Report was not yet triaged to assess impact.

  
Incompatible license
This pull request contains changes that are not (yet) compatible with the current Forgejo license

  
issue
closed
 The issue was resolved in the repository of the dependency

  
issue
do-not-exist-yet
 An issue should be created in the respository of the dependency

  
issue
open
 An open issue exists in the upstream repository of the dependency

  
manual test
Pull requests that have been merged with a manual test

Archived

  
Manually tested during feature freeze
The manual test instructions were followed

  
OS
FreeBSD
 Specific to the FreeBSD Operating System

  
OS
Linux
 Specific to (GNU/)Linux Operating Systems

  
OS
macOS
 Specific to the MacOS Operating System

  
OS
Windows
 Specific to the Windows Operating System

  
problem
A user report about a problem. Needs to be triaged to find potential solutions.

  
QA

   
regression
found in the version of the milestone and not before

  
release blocker
Issues that must be fixed before the release can be published

  
Release Cycle
Feature Freeze
 Only bug fixes with automated tests (except for CSS/JavaScript)

  
release-blocker
v7.0
 Issues that must be fixed before Forgejo v7.0 can be released 17 April 2024

Archived

  
release-blocker
v7.0.1
 Issues that must be fixed before Forgejo v7.0.1 can be released

Archived

  
release-blocker
v7.0.2
 Issues that must be fixed before Forgejo v7.0.2 can be released

Archived

  
release-blocker
v7.0.3
 Issues that must be fixed before Forgejo v7.0.3 can be released

Archived

  
release-blocker
v7.0.4
 Issues that must be fixed before Forgejo v7.0.4 can be released

Archived

  
release-blocker
v8.0.0
 Issues that must be fixed before Forgejo v8.0.0 can be released

Archived

  
release-blocker/v9.0.0
Issues that must be fixed before Forgejo v9.0.0 can be released

Archived

  
run-all-playwright-tests
Add this label to a PR to run all playwright tests manually.

  
run-end-to-end-tests
Trigger additional tests on the PR when it is ready to be merged

  
test
manual
 manual testing has been documented

  
test
needed
 test should be added

  
test
needs-help
 help needed to add a test

  
test
not-needed
 no additional test is needed

  
test
present
 test has been added

  
untested
Pull requests that have been merged with no test and submitted as is to the dependency where they belong

Archived

  
User research - time-tracker
Time tracking feature for issues and the JS stopwatch.

  
valuable code
This PR was closed because the implementation is incomplete

  
worth a release-note
Add this PR to the release notes

  
User research - Accessibility
Requires input about accessibility features, likely involves user testing.

  
User research - Blocked
Do not pick as-is! We are happy if you can help, but please coordinate with ongoing redesign in this area.

  
User research - Community
Community features, such as discovering other people's work or otherwise feeling welcome on a Forgejo instance.

  
User research - Config (instance)
Instance-wide configuration, authentication and other admin-only needs.

  
User research - Errors
How to deal with errors in the application and write helpful error messages.

  
User research - Filters
How filter and search is being worked with.

  
User research - Future backlog
The issue might be inspiring for future design work.

  
User research - Git workflow
AGit, fork-based and new Git workflow, PR creation etc

  
User research - Labels
Active research about Labels

  
User research - Moderation
Moderation Featuers for Admins are undergoing active User Research

  
User research - Needs input
Use this label to let the User Research team know their input is requested.

  
User research - Notifications/Dashboard
Research on how users should know what to do next.

  
User research - Rendering
Text rendering, markup languages etc

  
User research - Repo creation
Active research about the New Repo dialog.

  
User research - Repo units
The repo sections, disabling them and the "Add more" button.

  
User research - Security

   
User research - Settings (in-app)
How to structure in-app settings in the future?

No labels
arch
riscv64
backport/v1.19
backport/v1.20
backport/v1.21/forgejo
backport/v10.0/forgejo
backport/v11.0/forgejo
backport/v12.0/forgejo
backport/v13.0/forgejo
backport/v14.0/forgejo
backport/v15.0/forgejo
backport/v7.0/forgejo
backport/v8.0/forgejo
backport/v9.0/forgejo
breaking
bug
bug
confirmed
bug
duplicate
bug
needs-more-info
bug
new-report
bug
reported-upstream
code/actions
code/api
code/auth
code/auth/faidp
code/auth/farp
code/email
code/federation
code/git
code/migrations
code/packages
code/wiki
database
MySQL
database
PostgreSQL
database
SQLite
dependency-upgrade
dependency
Chi
dependency
Chroma
dependency
F3
dependency
ForgeFed
dependency
garage
dependency
Gitea
dependency
Golang
Discussion
duplicate
enhancement/feature
forgejo/accessibility
forgejo/branding
forgejo/ci
forgejo/commit-graph
forgejo/documentation
forgejo/furnace cleanup
forgejo/i18n
forgejo/interop
forgejo/moderation
forgejo/privacy
forgejo/release
forgejo/scaling
forgejo/security
forgejo/ui
Gain
High
Gain
Nice to have
Gain
Undefined
Gain
Very High
good first issue
i18n/backport-stable
impact
large
impact
medium
impact
small
impact
unknown
Incompatible license
issue
closed
issue
do-not-exist-yet
issue
open
manual test
Manually tested during feature freeze
OS
FreeBSD
OS
Linux
OS
macOS
OS
Windows
problem
QA
regression
release blocker
Release Cycle
Feature Freeze
release-blocker
v7.0
release-blocker
v7.0.1
release-blocker
v7.0.2
release-blocker
v7.0.3
release-blocker
v7.0.4
release-blocker
v8.0.0
release-blocker/v9.0.0
run-all-playwright-tests
run-end-to-end-tests
test
manual
test
needed
test
needs-help
test
not-needed
test
present
untested
User research - time-tracker
valuable code
worth a release-note
User research - Accessibility
User research - Blocked
User research - Community
User research - Config (instance)
User research - Errors
User research - Filters
User research - Future backlog
User research - Git workflow
User research - Labels
User research - Moderation
User research - Needs input
User research - Notifications/Dashboard
User research - Rendering
User research - Repo creation
User research - Repo units
User research - Security
User research - Settings (in-app)
Milestone
Clear milestone
No items
No milestone
Forgejo v14.0.4
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo/forgejo!11899
No description provided.