-
v1.17.4
* SECURITY * Do not allow Ghost access to limited visible user/org (#21849) (#21875) * Fix package access for admins and inactive users (#21580) (#21592) * ENHANCEMENTS * Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21927) * Fix vertical align of committer avatar rendered by email address (#21884) (#21919) * Fix setting HTTP headers after write (#21833) (#21874) * Ignore line anchor links with leading zeroes (#21728) (#21777) * Enable Monaco automaticLayout (#21516) * BUGFIXES * Do not list active repositories as unadopted (#22034) (#22167) * Correctly handle moved files in apply patch (#22118) (#22136) * Fix condition for is_internal (#22095) (#22131) * Fix permission check on issue/pull lock (#22114) * Fix sorting admin user list by last login (#22081) (#22106) * Workaround for container registry push/pull errors (#21862) (#22069) * Fix issue/PR numbers (#22037) (#22045) * Handle empty author names (#21902) (#22028) * Fix ListBranches to handle empty case (#21921) (#22025) * Fix enabling partial clones on 1.17 (#21809) * Prevent panic in doctor command when running default checks (#21791) (#21808) * Upgrade golang.org/x/crypto (#21792) (#21794) * Init git module before database migration (#21764) (#21766) * Set last login when activating account (#21731) (#21754) * Add HEAD fix to gitea doctor (#21352) (#21751) * Fix UI language switching bug (#21597) (#21748) * Remove semver compatible flag and change pypi to an array of test cases (#21708) (#21729) * Allow local package identifiers for PyPI packages (#21690) (#21726) * Fix repository adoption on Windows (#21646) (#21651) * Sync git hooks when config file path changed (#21619) (#21625) * Added check for disabled Packages (#21540) (#21614) * Fix `Timestamp.IsZero` (#21593) (#21604) * Fix issues count bug (#21600) * Support binary deploy in npm packages (#21589) * Update milestone counters when issue is deleted (#21459) (#21586) * SessionUser protection against nil pointer dereference (#21581) * Case-insensitive NuGet symbol file GUID (#21409) (#21575) * Suppress `ExternalLoginUserNotExist` error (#21504) (#21572) * Prevent Authorization header for presigned LFS urls (#21531) (#21569) * Update binding to fix bugs (#21560) * Fix generating compare link (#21519) (#21530) * Ignore error when retrieving changed PR review files (#21487) (#21524) * Fix incorrect notification commit url (#21479) (#21483) * Display total commit count in hook message (#21400) (#21481) * Enforce grouped NuGet search results (#21442) (#21480) * Return 404 when user is not found on avatar (#21476) (#21477) * Normalize NuGet package version on upload (#22186) (#22201) * MISC * Check for zero time instant in TimeStamp.IsZero() (#22171) (#22173) * Fix warn in database structs sync (#22111) * Allow for resolution of NPM registry paths that match upstream (#21568) (#21723)
-
v1.18.0-rc1
* BREAKING * Remove U2F support (#20141) * FEATURES * Add color previews in markdown (#21474) * Allow package version sorting (#21453) * Add support for Chocolatey/NuGet v2 API (#21393) * Add API endpoint to get changed files of a PR (#21177) * Add filetree on left of diff view (#21012) * Support Issue forms and PR forms (#20987) * Add support for Vagrant packages (#20930) * Add support for `npm unpublish` (#20688) * Add badge capabilities to users (#20607) * Add issue filter for Author (#20578) * Add KaTeX rendering to Markdown. (#20571) * Add support for Pub packages (#20560) * Support localized README (#20508) * Add support mCaptcha as captcha provider (#20458) * Add team member invite by email (#20307) * Added email notification option to receive all own messages (#20179) * Switch Unicode Escaping to a VSCode-like system (#19990) * Add user/organization code search (#19977) * Only show relevant repositories on explore page (#19361) * User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) * Add sitemap support (#18407) * Allow creation of OAuth2 applications for orgs (#18084) * Add system setting table with cache and also add cache supports for user setting (#18058) * Add pages to view watched repos and subscribed issues/PRs (#17156) * Support Proxy protocol (#12527) * Implement sync push mirror on commit (#19411) * API * Make external issue tracker regexp configurable via API (#21338) * Add name field for org api (#21270) * Show teams with no members if user is admin (#21204) * Add latest commit's SHA to content response (#20398) * Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079) * Add new endpoints for push mirrors management (#19841) * ENHANCEMENTS * Use CSS color-scheme instead of invert (#21616) (#21623) * Respect user's locale when rendering the date range in the repo activity page (#21410) * Change `commits-table` column width (#21564) * Refactor git command arguments and make all arguments to be safe to be used (#21535) * CSS color enhancements (#21534) * Add link to user profile in markdown mention only if user exists (#21533, #21554) * Add option to skip index dirs (#21501) * Diff file tree tweaks (#21446) * Localize all timestamps (#21440) * Add `code` highlighting in issue titles (#21432) * Use Name instead of DisplayName in LFS Lock (#21415) * Consolidate more CSS colors into variables (#21402) * Redirect to new repository owner (#21398) * Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396) * Use weighted algorithm for string matching when finding files in repo (#21370) * Show private data in feeds (#21369) * Refactor parseTreeEntries, speed up tree list (#21368) * Add GET and DELETE endpoints for Docker blob uploads (#21367) * Add nicer error handling on template compile errors (#21350) * Add `stat` to `ToCommit` function for speed (#21337) * Support instance-wide OAuth2 applications (#21335) * Record OAuth client type at registration (#21316) * Add new CSS variables --color-accent and --color-small-accent (#21305) * Improve error descriptions for unauthorized_client (#21292) * Case-insensitive "find files in repo" (#21269) * Consolidate more CSS rules, fix inline code on arc-green (#21260) * Log real ip of requests from ssh (#21216) * Save files in local storage as group readable (#21198) * Enable fluid page layout on medium size viewports (#21178) * File header tweaks (#21175) * Added missing headers on user packages page (#21172) * Display image digest for container packages (#21170) * Skip dirty check for team forms (#21154) * Keep path when creating a new branch (#21153) * Remove fomantic image module (#21145) * Make labels clickable in the comments section. (#21137) * Sort branches and tags by date descending (#21136) * Better repo API unit checks (#21130) * Improve commit status icons (#21124) * Limit length of repo description and repo url input fields (#21119) * Show .editorconfig errors in frontend (#21088) * Allow poster to choose reviewers (#21084) * Remove black labels and CSS cleanup (#21003) * Make e-mail sanity check more precise (#20991) * Use native inputs in whitespace dropdown (#20980) * Enhance package date display (#20928) * Display total blob size of a package version (#20927) * Show language name on hover (#20923) * Show instructions for all generic package files (#20917) * Refactor AssertExistsAndLoadBean to use generics (#20797) * Move the official website link at the footer of gitea (#20777) * Add support for full name in reverse proxy auth (#20776) * Remove useless JS operation for relative time tooltips (#20756) * Replace some icons with SVG (#20741) * Change commit status icons to SVG (#20736) * Improve single repo action for issue and pull requests (#20730) * Allow multiple files in generic packages (#20661) * Add option to create new issue from /issues page (#20650) * Background color of private list-items updated (#20630) * Added search input field to issue filter (#20623) * Increase default item listing size `ISSUE_PAGING_NUM` to 20 (#20547) * Modify milestone search keywords to be case insensitive again (#20513) * Show hint to link package to repo when viewing empty repo package list (#20504) * Add Tar ZSTD support (#20493) * Make code review checkboxes clickable (#20481) * Add "X-Gitea-Object-Type" header for GET `/raw/` & `/media/` API (#20438) * Display project in issue list (#20434) * Prepend commit message to template content when opening a new PR (#20429) * Replace fomantic popup module with tippy.js (#20428) * Allow to specify colors for text in markup (#20363) * Allow access to the Public Organization Member lists with minimal permissions (#20330) * Use default values when provided values are empty (#20318) * Vertical align navbar avatar at middle (#20302) * Delete cancel button in repo creation page (#21381) * Include login_name in adminCreateUser response (#20283) * fix: icon margin in user/settings/repos (#20281) * Remove blue text on migrate page (#20273) * Modify milestone search keywords to be case insensitive (#20266) * Move some files into models' sub packages (#20262) * Add tooltip to repo icons in explore page (#20241) * Remove deprecated licenses (#20222) * Webhook for Wiki changes (#20219) * Share HTML template renderers and create a watcher framework (#20218) * Allow enable LDAP source and disable user sync via CLI (#20206) * Adds a checkbox to select all issues/PRs (#20177) * Refactor `i18n` to `locale` (#20153) * Disable status checks in template if none found (#20088) * Allow manager logging to set SQL (#20064) * Add order by for assignee no sort issue (#20053) * Take a stab at porting existing components to Vue3 (#20044) * Add doctor command to write commit-graphs (#20007) * Add support for authentication based on reverse proxy email (#19949) * Enable spellcheck for EasyMDE, use contenteditable mode (#19776) * Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663) * Rework mailer settings (#18982) * Add option to purge users (#18064) * Add author search input (#21246) * Make rss/atom identifier globally unique (#21550) * BUGFIXES * Prevent panic in doctor command when running default checks (#21791) (#21807) * Load GitRepo in API before deleting issue (#21720) (#21796) * Ignore line anchor links with leading zeroes (#21728) (#21776) * Set last login when activating account (#21731) (#21755) * Fix UI language switching bug (#21597) (#21749) * Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738) * Allow local package identifiers for PyPI packages (#21690) (#21727) * Deal with markdown template without metadata (#21639) (#21654) * Fix opaque background on mermaid diagrams (#21642) (#21652) * Fix repository adoption on Windows (#21646) (#21650) * Sync git hooks when config file path changed (#21619) (#21626) * Fix 500 on PR files API (#21602) (#21607) * Fix `Timestamp.IsZero` (#21593) (#21603) * Fix viewing user subscriptions (#21482) * Fix mermaid-related bugs (#21431) * Fix branch dropdown shifting on page load (#21428) * Fix default theme-auto selector when nologin (#21346) * Fix and improve incorrect error messages (#21342) * Fix formatted link for PR review notifications to matrix (#21319) * Center-aligning content of WebAuthN page (#21127) * Remove follow from commits by file (#20765) * Fix commit status popup (#20737) * Fix init mail render logic (#20704) * Use correct page size for link header pagination (#20546) * Preserve unix socket file (#20499) * Use tippy.js for context popup (#20393) * Add missing parameter for error in log message (#20144) * Do not allow organisation owners add themselves as collaborator (#20043) * Rework file highlight rendering and fix yaml copy-paste (#19967) * Improve code diff highlight, fix incorrect rendered diff result (#19958) * TESTING * Improve OAuth integration tests (#21390) * Add playwright tests (#20123) * BUILD * Switch to building with go1.19 (#20695) * Update JS dependencies, adjust eslint (#20659) * Add more linters to improve code readability (#19989)
-
v1.18.0-rc0
v1.18.0-rc0
-
v1.17.3
Changelog * SECURITY * Sanitize and Escape refs in git backend (#21464) (#21463) * Bump `golang.org/x/text` (#21412) (#21413) * Update bluemonday (#21281) (#21287) * ENHANCEMENTS * Fix empty container layer history and UI (#21251) (#21278) * Use en-US as fallback when using other default language (#21200) (#21256) * Make the vscode clone link respect transport protocol (#20557) (#21128) * BUGFIXES * Do DB update after merge in hammer context (#21401) (#21416) * Add Num{Issues,Pulls} stats checks (#21404) (#21414) * Stop logging CheckPath returns error: context canceled (#21064) (#21405) * Parse OAuth Authorization header when request omits client secret (#21351) (#21374) * Ignore port for loopback redirect URIs (#21293) (#21373) * Set SemverCompatible to false for Conan packages (#21275) (#21366) * Tag list should include draft releases with existing tags (#21263) (#21365) * Fix linked account translation (#21331) (#21334) * Make NuGet service index publicly accessible (#21242) (#21277) * Foreign ID conflicts if ID is 0 for each item (#21271) (#21272) * Use absolute links in feeds (#21229) (#21265) * Prevent invalid behavior for file reviewing when loading more files (#21230) (#21234) * Respect `REQUIRE_SIGNIN_VIEW` for packages (#20873) (#21232) * Treat git object mode 40755 as directory (#21195) (#21218) * Allow uppercase ASCII alphabet in PyPI package names (#21095) (#21217) * Fix limited user cannot view himself's profile (#21212) * Fix template bug of admin monitor (#21209) * Fix reaction of issues (#21185) (#21196) * Fix CSV diff for added/deleted files (#21189) (#21193) * Fix pagination limit parameter problem (#21111) * TESTING * Fix missing m.Run() in TestMain (#21341) * BUILD * Use Go 1.19 fmt for Gitea 1.17, sync emoji data (#21239) -
v1.17.2
* SECURITY * Double check CloneURL is acceptable (#20869) (#20892) * Add more checks in migration code (#21011) (#21050) * ENHANCEMENTS * Fix hard-coded timeout and error panic in API archive download endpoint (#20925) (#21051) * Improve arc-green code theme (#21039) (#21042) * Enable contenthash in filename for dynamic assets (#20813) (#20932) * Don't open new page for ext wiki on same repository (#20725) (#20910) * Disable doctor logging on panic (#20847) (#20898) * Remove calls to load Mirrors in user.Dashboard (#20855) (#20897) * Update codemirror to 5.65.8 (#20875) * Rework repo buttons (#20602, #20718) (#20719) * BUGFIXES * Ensure delete user deletes all comments (#21067) (#21068) * Delete unreferenced packages when deleting a package version (#20977) (#21060) * Redirect if user does not exist on admin pages (#20981) (#21059) * Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (#20902) (#21058) * Fix 500 on time in timeline API (#21052) (#21057) * Fill the specified ref in webhook test payload (#20961) (#21055) * Add another index for Action table on postgres (#21033) (#21054) * Fix broken insecureskipverify handling in redis connection uris (#20967) (#21053) * Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (#21017) (#21044) * Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037) * Fix modified due date message (#20388) (#21032) * Fix missed sort bug (#21006) * Fix input.value attr for RequiredClaimName/Value (#20946) (#21001) * Change review buttons to icons to make space for text (#20934) (#20978) * Fix download archiver of a commit (#20962) (#20971) * Return 404 NotFound if requested attachment does not exist (#20886) (#20941) * Set no-tags in git fetch on compare (#20893) (#20936) * Allow multiple metadata files for Maven packages (#20674) (#20916) * Increase Content field size of gpg_key and public_key to MEDIUMTEXT (#20896) (#20911) * Fix mirror address setting not working (#20850) (#20904) * Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901) * Fix panic when an invalid oauth2 name is passed (#20820) (#20900) * In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it (#20837) (#20899) * Ensure that graceful start-up is informed of unused SSH listener (#20877) (#20888) * Pad GPG Key ID with preceding zeroes (#20878) (#20885) * Fix SQL Query for `SearchTeam` (#20844) (#20872) * Fix the mode of custom dir to 0700 in docker-rootless (#20861) (#20867) * Fix UI mis-align for PR commit history (#20845) (#20859)
-
v1.17.1
* SECURITY * Correctly escape within tribute.js (#20831) (#20832) * ENHANCEMENTS * Add support for NuGet API keys (#20721) (#20734) * Display project in issue list (#20583) * Add disable download source configuration (#20548) (#20579) * Add username check to doctor (#20140) (#20671) * Enable Wire 2 for Internal SSH Server (#20616) (#20617) * BUGFIXES * Use the total issue count for UI (#20785) (#20827) * Add proxy host into allow list (#20798) (#20819) * Add missing translation for queue flush workers (#20791) (#20792) * Improve comment header for mobile (#20781) (#20789) * Fix git.Init for doctor sub-command (#20782) (#20783) * Check webhooks slice length before calling xorm (#20642) (#20768) * Remove manual rollback for failed generated repositories (#20639) (#20762) * Use correct field name in npm template (#20675) (#20760) * Keep download count on Container tag overwrite (#20728) (#20735) * Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707) * Use request timeout for git service rpc (#20689) (#20693) * Send correct NuGet status codes (#20647) (#20677) * Use correct context to get package content (#20673) (#20676) * Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663) * Add default commit messages to PR for squash merge (#20618) (#20645) * Fix package upload for files >32mb (#20622) (#20635) * Fix the new-line copy-paste for rendered code (#20612) * Clean up and fix clone button script (#20415 & #20600) (#20599) * Fix default merge style (#20564) (#20565) * Add repository condition for issue count (#20454) (#20496) * Make branch icon stand out more (#20726) (#20774) * Fix loading button with invalid form (#20754) (#20759) * Fix SecToTime edge-cases (#20610) (#20611) * Executable check always returns true for windows (#20637) (#20835) * Check issue labels slice length before calling xorm Insert (#20655) (#20836) * Fix owners cannot create organization repos bug (#20841) (#20854) * Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848)
-
v1.17.0
v1.17.0 * BREAKING * Require go1.18 for Gitea 1.17 (#19918) * Make AppDataPath absolute against the AppWorkPath if it is not (#19815) * Nuke the incorrect permission report on /api/v1/notifications (#19761) * Refactor git module, make Gitea use internal git config (#19732) * Remove `RequireHighlightJS` field, update plantuml example. (#19615) * Increase minimal required git version to 2.0 (#19577) * Add a directory prefix `gitea-src-VERSION` to release-tar-file (#19396) * Use "main" as default branch name (#19354) * Make cron task no notice on success (#19221) * Add pam account authorization check (#19040) * Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971) * Refactor mirror code & fix StartToMirror (#18904) * Remove deprecated SSH ciphers from default (#18697) * Add the possibility to allow the user to have a favicon which differs from the main logo (#18542) * Update reserved usernames list (#18438) * Support custom ACME provider (#18340) * Change initial TrustModel to committer (#18335) * Update HTTP status codes (#18063) * Upgrade Alpine from 3.13 to 3.15 (#18050) * Restrict email address validation (#17688) * Refactor Router Logger (#17308) * SECURITY * Use git.HOME_PATH for Git HOME directory (#20114) (#20293) * Add write check for creating Commit Statuses (#20332) (#20333) * Remove deprecated SSH ciphers from default (#18697) * FEDERATION * Return statistic information for nodeinfo (#19561) * Add Webfinger endpoint (#19462) * Store the foreign ID of issues during migration (#18446) * FEATURES * Automatically render wiki TOC (#19873) * Adding button to link accounts from user settings (#19792) * Allow set default merge style while creating repo (#19751) * Auto merge pull requests when all checks succeeded (#9307 & #19648) * Improve reviewing PR UX (#19612) * Add support for rendering console output with colors (#19497) * Add Helm Chart registry (#19406) * Add Goroutine stack inspector to admin/monitor (#19207) * RSS/Atom support for Orgs & Repos (#17714 & #19055) * Add button for issue deletion (#19032) * Allow to mark files in a PR as viewed (#19007) * Add Index to comment for migrations and mirroring (#18806) * Add health check endpoint (#18465) * Add packagist webhook (#18224) * Add "Allow edits from maintainer" feature (#18002) * Add apply-patch, basic revert and cherry-pick functionality (#17902) * Add Package Registry (#16510) * Add LDAP group sync to Teams (#16299) * Pause queues (#15928) * Added auto-save whitespace behavior if it changed manually (#15566) * Find files in repo (#15028) * Provide configuration to allow camo-media proxying (#12802) * API * Add endpoint to serve blob or LFS file content (#19689) * Add endpoint to check if team has repo access (#19540) * More commit info (#19252) * Allow to create file on empty repo (#19224) * Allow removing issues (#18879) * Add endpoint to query collaborators permission for a repository (#18761) * Return primary language and repository language stats API URL (#18396) * Implement http signatures support for the API (#17565) * ENHANCEMENTS * Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269) * Adjust max-widths for the repository file table (#20243) (#20247) * Display full name (#20171) (#20246) * Add dbconsistency checks for Stopwatches (#20010) * Add fetch.writeCommitGraph to gitconfig (#20006) * Add fgprof pprof profiler (#20005) * Move agit dependency (#19998) * Empty log queue on flush and close (#19994) * Remove tab/TabName usage where it's not needed (#19973) * Improve file header on mobile (#19945) * Move issues related files into models/issues (#19931) * Add breaking email restrictions checker in doctor (#19903) * Improve UX on modal for deleting an access token (#19894) * Add alt text to logo (#19892) * Move some code into models/git (#19879) * Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861) * Make user profile image show full image on mobile (#19840) * Replace blue button and label classes with primary (#19763) * Remove fomantic progress module (#19760) * Allows repo search to match against "owner/repo" pattern strings (#19754) * Move org functions (#19753) * Move almost all functions' parameter db.Engine to context.Context (#19748) * Show source/target branches on PR's list (#19747) * Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739) * Add doctor orphan check for orphaned pull requests without an existing base repo (#19731) * Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729) * Update go-chi/cache to utilize Ping() (#19719) * Improve commit list/view on mobile (#19712) * Move some repository related code into sub package (#19711) * Use a better OlderThan for DeleteInactiveUsers (#19693) * Introduce eslint-plugin-jquery (#19690) * Tidy up `<head>` template (#19678) * Calculate filename hash only once (#19654) * Simplify `IsVendor` (#19626) * Add "Reference" section to Issue view sidebar (#19609) * Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581) * Use for a repo action one database transaction (#19576) * Simplify loops to copy (#19569) * Added X-Mailer header to outgoing emails (#19562) * use middleware to open gitRepo (#19559) * Mute link in diff header (#19556) * Improve UI on mobile (#19546) * Fix Pull Request comment filename word breaks (#19535) * Permalink files In PR diff (#19534) * PullService lock via pullID (#19520) * Make repository file list useable on mobile (#19515) * more context for models (#19511) * Refactor readme file renderer (#19502) * By default force vertical tabs on mobile (#19486) * Github style following followers (#19482) * Improve action table indices (#19472) * Use horizontal tabs for repo header on mobile (#19468) * pass gitRepo down since its used for main repo and wiki (#19461) * Admin should not delete himself (#19423) * Use queue instead of memory queue in webhook send service (#19390) * Simplify the code to get issue count (#19380) * Add commit status popup to issuelist (#19375) * Add RSS Feed buttons to Repo, User and Org pages (#19370) * Add logic to switch between source/rendered on Markdown (#19356) * Move some helper files out of models (#19355) * Move access and repo permission to models/perm/access (#19350) * Disallow selecting the text of buttons (#19330) * Allow custom redirect for landing page (#19324) * Remove dependent on session auth for api/v1 routers (#19321) * Never use /api/v1 from Gitea UI Pages (#19318) * Remove legacy unmaintained packages, refactor to support change default locale (#19308) * Move milestone to models/issues/ (#19278) * Configure OpenSSH log level via Environment in Docker (#19274) * Move reaction to models/issues/ (#19264) * Make git.OpenRepository accept Context (#19260) * Move some issue methods as functions (#19255) * Show last cron messages on monitor page (#19223) * New cron task: delete old system notices (#19219) * Add Redis Sentinel Authentication Support (#19213) * Add auto logging of goroutine pid label (#19212) * Set OpenGraph title to DisplayName in profile pages (#19206) * Add pprof labels in processes and for lifecycles (#19202) * Let web and API routes have different auth methods group (#19168) * Move init repository related functions to modules (#19159) * Feeds: render markdown to html (#19058) * Allow users to self-request a PR review (#19030) * Allow render HTML with css/js external links (#19017) * Fix script compatiable with OpenWrt (#19000) * Support ignore all santize for external renderer (#18984) * Add note to GPG key response if user has no keys (#18961) * Improve Stopwatch behavior (#18930) * Improve mirror iterator (#18928) * Uncapitalize errors (#18915) * Prevent Stats Indexer reporting error if repo dir missing (#18870) * Refactor SecToTime() function (#18863) * Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796) * Move deletebeans into models/db (#18781) * Fix display time of milestones (#18753) * Add config option to disable "Update branch by rebase" (#18745) * Display template path of current page in dev mode (#18717) * Add number in queue status to monitor page (#18712) * Change git.cmd to RunWithContext (#18693) * Refactor i18n, use Locale to provide i18n/translation related functions (#18648) * Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552) * Move organization related structs into sub package (#18518) * Warn at startup if the provided `SCRIPT_TYPE` is not on the PATH (#18467) * Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) * Use explicit jQuery import, remove unused eslint globals (#18435) * Allow to filter repositories by language in explore, user and organization repositories lists (#18430) * Use base32 for 2FA scratch token (#18384) * Unexport var git.GlobalCommandArgs (#18376) * Don't underline commit status icon on hover (#18372) * Always use git command but not os.Command (#18363) * Switch to non-deprecation setting (#18358) * Set the LastModified header for raw files (#18356) * Refactor jwt.StandardClaims to RegisteredClaims (#18344) * Enable deprecation error for v1.17.0 (#18341) * Refactor httplib (#18338) * Limit max-height of CodeMirror editors for issue comment and wiki (#18271) * Validate migration files (#18203) * Format with gofumpt (#18184) * Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177) * Prettify number of issues (#17760) * Add a "admin user generate-access-token" subcommand (#17722) * Custom regexp external issues (#17624) * Add smtp password to install page (#17564) * Add config options to hide issue events (#17414) * Prevent double click new issue/pull/comment button (#16157) * Show issue assignee on project board (#15232) * BUGFIXES * WebAuthn CredentialID field needs to be increased in size (#20530) (#20555) * Ensure that all unmerged files are merged when conflict checking (#20528) (#20536) * Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529) * Add labels to two buttons that were missing them (#20419) (#20524) * Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503) * Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407) * Allow RSA 2047 bit keys (#20272) (#20396) * Add missing return for when topic isn't found (#20351) (#20395) * Fix commit status icon when in subdirectory (#20285) (#20385) * Initialize cron last (#20373) (#20384) * Set target on create release with existing tag (#20381) (#20382) * Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372) * Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370) * Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361) * Correctly handle draft releases without a tag (#20314) (#20335) * Prevent "empty" scrollbars on Firefox (#20294) (#20308) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306) * Bump goldmark to v1.4.13 (#20300) (#20301) * Do not create empty ".ssh" directory when loading config (#20289) (#20298) * Fix NPE when using non-numeric (#20277) (#20278) * Store read access in access for team repositories (#20275) (#20276) * EscapeFilter the group dn membership (#20200) (#20254) * Only show Followers that current user can access (#20220) (#20252) * Update Bluemonday to v1.0.19 (#20199) (#20209) * Refix indices on actions table (#20158) (#20198) * Check if project has the same repository id with issue when assign project to issue (#20133) (#20188) * Fix remove file on initial comment (#20127) (#20128) * Catch the error before the response is processed by goth (#20000) (#20102) * Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099) * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) * Return 404 when tag is broken (#20017) (#20024) * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) * Return 404 when tag is broken (#20017) (#20024) * Write Commit-Graphs in RepositoryDumper (#20004) * Use DisplayName() instead of FullName in Oauth Provider (#19991) * Don't buffer doctor logger (#19982) * Always try to fetch repo for mirrors (#19975) * Uppercase first languages letters (#19965) * Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953) * Ensure minimum mirror interval is reported on settings page (#19895) * Exclude Archived repos from Dashboard Milestones (#19882) * gitconfig: set safe.directory = * (#19870) * Prevent NPE on update mirror settings (#19864) * Only return valid stopwatches to the EventSource (#19863) * Prevent NPE whilst migrating if there is a team request review (#19855) * Fix inconsistency in doctor output (#19836) * Fix release tag for webhook (#19830) * Add title attribute to dependencies in sidebar (#19807) * Estimate Action Count in Statistics (#19775) * Do not update user stars numbers unless fix is specified (#19750) * Improved ref comment link when origin is body/title (#19741) * Fix nodeinfo caching and prevent NPE if cache non-existent (#19721) * Fix duplicate entry error when add team member (#19702) * Fix sending empty notifications (#19589) * Update image URL for Discord webhook (#19536) * Don't let repo clone URL overflow (#19517) * Allow commit status popup on /pulls page (#19507) * Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494) * Fix logging of Transfer API (#19456) * Fix panic in teams API when requesting members (#19360) * Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337) * An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300) * Move checks for pulls before merge into own function (#19271) * Fix `contrib/upgrade.sh` (#19222) * Set the default branch for repositories generated from templates (#19136) * Fix EasyMDE error when input Enter (#19004) * Don't clean up hardcoded `tmp` (#18983) * Delete related notifications on issue deletion too (#18953) * Fix trace log to show value instead of pointers (#18926) * Fix behavior or checkbox submission. (#18851) * Add `ContextUser` (#18798) * Fix some mirror bugs (#18649) * Quote MAKE to prevent path expansion with space error (#18622) * Preserve users if restoring a repository on the same Gitea instance (#18604) * Fix non-ASCII search on database (#18437) * Automatically pause queue if index service is unavailable (#15066) * TESTING * Allow postgres integration tests to run over unix pipe (#19875) * Prevent intermittent NPE in queue tests (#19301) * Add test for importing pull requests in gitea uploader for migrations (#18752) * Remove redundant comparison in repo dump/restore (#18660) * More repo dump/restore tests, including pull requests (#18621) * Add test coverage for original author conversion during migrations (#18506) * TRANSLATION * Update issue_no_dependencies description (#19112) * Refactor webhooks i18n (#18380) * BUILD * Use alpine 3.16 (#19797) * Require node 14.0 (#19451) * DOCS * Update documents (git/fomantic/db, etc) (#19868) * Update the ROOT documentation and error messages (#19832) * Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` for Docker (#19794) * Update documentation to disable duration settings with -1 instead of 0 (#19647) * Add warning to set SENDMAIL_ARGS to -- (#19102) * Update nginx reverse proxy docs (#18922) * Add example to render html files (#18736) * Make SSH passtrough documentation better (#18687) * Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470) * Update the SSH passthrough documentation (#18366) * Add `contrib/upgrade.sh` (#18286) * MISC * Fix aria for logo (#19955) * In code search, get code unit accessible repos in one (main) query (#19764) * Add tooltip to pending PR comments (#19662) * Improve sync performance for pull-mirrors (#19125) * Improve dashboard's repo list performance (#18963) * Avoid database lookups for `DescriptionHTML` (#18924) * Remove CodeMirror dependencies (#18911) * Disable unnecessary mirroring elements (#18527) * Disable unnecessary OpenID/OAuth2 elements (#18491) * Disable unnecessary GitHooks elements (#18485) * Change some logging levels (#18421) * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18385) * Use correct translation key for errors (#18342)
-
v1.17.0-rc2
* SECURITY * Use git.HOME_PATH for Git HOME directory (#20114) (#20293) * Add write check for creating Commit Statuses (#20332) (#20333) * ENHANCEMENTS * Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269) * Adjust max-widths for the repository file table (#20243) (#20247) * Display full name (#20171) (#20246) * BUGFIXES * Allow RSA 2047 bit keys (#20272) (#20396) * Add missing return for when topic isn't found (#20351) (#20395) * Fix commit status icon when in subdirectory (#20285) (#20385) * Initialize cron last (#20373) (#20384) * Set target on create release with existing tag (#20381) (#20382) * Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372) * Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370) * Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361) * Correctly handle draft releases without a tag (#20314) (#20335) * Prevent "empty" scrollbars on Firefox (#20294) (#20308) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306) * Bump goldmark to v1.4.13 (#20300) (#20301) * Do not create empty ".ssh" directory when loading config (#20289) (#20298) * Fix NPE when using non-numeric (#20277) (#20278) * Store read access in access for team repositories (#20275) (#20276) * EscapeFilter the group dn membership (#20200) (#20254) * Only show Followers that current user can access (#20220) (#20252) * Update Bluemonday to v1.0.19 (#20199) (#20209) * Refix indices on actions table (#20158) (#20198) * Check if project has the same repository id with issue when assign project to issue (#20133) (#20188) * Fix remove file on initial comment (#20127) (#20128) * Catch the error before the response is processed by goth (#20000) (#20102) * Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099) * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) * Return 404 when tag is broken (#20017) (#20024)
-
v1.16.9
v1.16.9 * SECURITY * Add write check for creating Commit status (#20332) (#20334) * Check for permission when fetching user controlled issues (#20133) (#20196) * BUGFIXES * Hide notify mail setting ui if not enabled (#20138) (#20337) * Add write check for creating Commit status (#20332) (#20334) * Only show Followers that current user can access (#20220) (#20253) * Release page show all tags in compare dropdown (#20070) (#20071) * Fix permission check for delete tag (#19985) (#20001) * Only log non ErrNotExist errors in git.GetNote (#19884) (#19905) * Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893) * Set Setpgid on child git processes (#19865) (#19881) * Import git from alpine 3.16 repository as 2.30.4 is needed for `safe.directory = '*'` to work but alpine 3.13 has 2.30.3 (#19876) * Ensure responses are context.ResponseWriters (#19843) (#19859) * Fix incorrect usage of `Count` function (#19850) * Fix raw endpoint PDF file headers (#19825) (#19826) * Make WIP prefixes case insensitive, e.g. allow `Draft` as a WIP prefix (#19780) (#19811) * Don't return 500 on NotificationUnreadCount (#19802) * Prevent NPE when cache service is disabled (#19703) (#19783) * Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774) * Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770) * Fix bug with assigneees (#19757)