gogs: mark as insecure
gogs is affected by the recent vulnerabilities reported by the forgejo team. There is little/no real development activities in the gogs repository and the upstream maintainers do not seem to have acknowledged the security issues.
This commit is contained in:
parent
af8901aa2c
commit
aa629d9877
|
@ -45,5 +45,12 @@ buildGoModule rec {
|
|||
license = licenses.mit;
|
||||
maintainers = [ maintainers.schneefux ];
|
||||
mainProgram = "gogs";
|
||||
knownVulnerabilities = [ ''
|
||||
Gogs has known unpatched vulnerabilities and upstream maintainers appears to be unresponsive.
|
||||
|
||||
More information can be found in forgejo's blogpost: https://forgejo.org/2023-11-release-v1-20-5-1/
|
||||
|
||||
You might want to consider migrating to Gitea or forgejo.
|
||||
'' ];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user