home
|
d2ef146474
|
security: upgrade Gitea to 1.25.4, add security headers
Build and Deploy GooSeek / build-and-deploy (push) Has been cancelled
- Update Gitea from 1.22.6 to 1.25.4 (fixes CVE-2026-20736, CVE-2026-20912)
- Disable public registration
- Disable Swagger API
- Add nginx-ingress security headers:
- X-Content-Type-Options: nosniff
- X-XSS-Protection: 1; mode=block
- Referrer-Policy: strict-origin-when-cross-origin
- Permissions-Policy
- Enable HSTS preload
- Reorganize Gitea K8s manifests into gitea/ directory
Made-with: Cursor
|
2026-03-02 22:01:51 +03:00 |
|