| 7 Mar 2024 |
 raitobezarius | maybe the true question should be ok | 23:57:53 |
| raitobezarius | what if I send SAML support to Gitea tomorrow? | 23:57:58 |
| raitobezarius | do they accepti t? | 23:58:01 |
| raitobezarius | * do they accept it? | 23:58:04 |
 adamcstephens | No | 23:58:05 |
| raitobezarius | In reply to @adam:robins.wtf
No why? | 23:58:12 |
| adamcstephens | I’m sure they’d find some explanation or just ignore it | 23:58:35 |
| raitobezarius | Ah yes but then what you are saying is that you already concluded they are of bad faith and clearly planning to just pull the rug | 23:58:56 |
| 8 Mar 2024 |
| adamcstephens | Yeah probably a bit, based on the moves since the soft fork what forgejo has said about them. I’d be happy to be wrong and see gitea do amazing things. Unfortunately, I’d argue there’s enough examples in the past to suggest things won’t turn back toward community. | 00:01:43 |
| adamcstephens | * Yeah probably a bit, based on the moves since the soft fork and what forgejo has said about them. I’d be happy to be wrong and see gitea do amazing things. Unfortunately, I’d argue there’s enough examples in the past to suggest things won’t turn back toward community. | 00:07:21 |
 hexa | In reply to @raitobezarius:matrix.org
what if I send SAML support to Gitea tomorrow? looks for a simpler feature and doit 😄 | 00:15:40 |
| hexa | In reply to @raitobezarius:matrix.org
what if I send SAML support to Gitea tomorrow? * looks for a simpler feature and do it 😄 | 00:15:44 |
| hexa |
IP Allowlist: Control access to your repositories by specifying approved IP addresses.
| 00:16:03 |
| hexa | that sounds equally silly and simple | 00:16:08 |
| raitobezarius | https://github.com/go-gitea/gitea/pull/29403 I have a better answer | 16:46:49 |
| raitobezarius | Yes and it's the one used in Gitea Enterprise | 16:46:57 |
| hexa |
Yes, CommitGo is using this PR.
| 16:50:12 |
| hexa | lol | 16:50:13 |
| hexa | at least they're using their enterprise customers as guinea pigs ig | 16:50:36 |
| adamcstephens | So maybe they will accept them? Though if they have the patches privately it feels wrong that others may have to recreate the functionality. (Seems not to be this case) | 17:08:21 |
| hexa | anyway, who cares about SAML? Nobody. | 17:11:08 |
| raitobezarius | i want to roast you but i will prevent myself | 17:11:28 |
| raitobezarius | yes not everyone does not do authentication over an authorization RFC | 17:11:38 |
| hexa | universities do | 17:11:41 |
| raitobezarius | i much prefer saml to oauth2 | 17:12:01 |
| raitobezarius | * i much prefer saml to oauth2/oidc | 17:12:06 |
| hexa | lol what | 17:12:14 |
| hexa | https://joonas.fi/2021/08/saml-is-insecure-by-design/ | 17:12:24 |
| hexa | https://github.com/dexidp/dex/security/advisories/GHSA-m9hp-7r99-94h5 | 17:13:08 |
| hexa | https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7 | 17:13:22 |
