-
v1.15.10
1.15.10 ## [1.15.10](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) - 2022-01-14 * BUGFIXES * Fix inconsistent PR comment counts (#18260) (#18261) * Fix release link broken (#18252) (#18253) * Fix update user from site administration page bug (#18250) (#18251) * Set HeadCommit when creating tags (#18116) (#18173) * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152) * Fix purple color in suggested label colors (#18241) (#18242) * SECURITY * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
-
v1.15.9
v1.15.9 * BUGFIXES * Fix wrong redirect on org labels (#18128) (#18134) * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095) * Revert "Fix delete u2f keys bug (#18042)" (#18107) * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104) * Prevent NPE if gitea uploader fails to open url (#18080) (#18101) * Reset locale on login (#17734) (#18100) * Correctly handle failed migrations (#17575) (#18099) * Instead of using routerCtx just escape the url before routing (#18086) (#18098) * Quote references to the user table in consistency checks (#18072) (#18073) * Add NotFound handler (#18062) (#18067) * Ensure that git repository is closed before transfer (#18049) (#18057) * Use common sessioner for API and web routes (#18114) * TRANSLATION * Fix code search result hint on zh-CN (#18053)
-
v1.15.8
* BUGFIXES * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046) * Fix delete u2f keys bug (#18040) (#18042) * Reset Session ID on login (#18018) (#18041) * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035) * Stop printing 03d after escaped characters in logs (#18030) (#18034) * Reset locale on login (#18023) (#18025) * Fix reset password email template (#17025) (#18022) * Fix outType on gitea dump (#18000) (#18016) * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015) * Fix rename notification bug (#18011) * Prevent double decoding of % in url params (#17997) (#18001) * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992) * Prevent deadlock in create issue (#17970) (#17982) * TESTING * Use non-expiring key. (#17984) (#17985)
-
v1.15.7
v1.15.7 * ENHANCEMENTS * Only allow webhook to send requests to allowed hosts (#17482) (#17510) * Fix login redirection links (#17451) (#17473) * BUGFIXES * Fix database inconsistent when admin change user email (#17549) (#17840) * Use correct user on releases (#17806) (#17818) * Fix commit count in tag view (#17698) (#17790) * Fix close issue but time watcher still running (#17643) (#17761) * Fix Migrate Description (#17692) (#17727) * Fix bug when project board get open issue number (#17703) (#17726) * Return 400 but not 500 when request archive with wrong format (#17691) (#17700) * Fix bug when read mysql database max lifetime (#17682) (#17690) * Fix database deadlock when update issue labels (#17649) (#17665) * Fix bug on detect issue/comment writer (#17592) * Remove appSubUrl from pasted images (#17572) (#17588) * Make `ParsePatch` more robust (#17573) (#17580) * Fix stats upon searching issues (#17566) (#17578) * Escape issue titles in comments list (#17555) (#17556) * Fix zero created time bug on commit api (#17546) (#17547) * Fix database keyword quote problem on migration v161 (#17522) (#17523) * Fix email with + when active (#17518) (#17520) * Stop double encoding blame commit messages (#17498) (#17500) * Quote the table name in CountOrphanedObjects (#17487) (#17488) * Run Migrate in Install rather than just SyncTables (#17475) (#17486) * BUILD * Fix golangci-lint warnings (#17598 et al) (#17668) * MISC * Preserve color when inverting emojis (#17797) (#17799)
-
v1.15.6
v1.15.6 * BUGFIXES * Prevent panic in serv.go with Deploy Keys (#17434) (#17435) * Fix CSV render error (#17406) (#17431) * Read expected buffer size (#17409) (#17430) * Ensure that restricted users can access repos for which they are members (#17460) (#17464) * Make commit-statuses popup show correctly (#17447) (#17466) * TESTING * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463)
-
v1.15.5
* SECURITY * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) * BUGFIXES * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) * Ensure popup text is aligned left (backport for 1.15) (#17343) * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) * Disable core.protectNTFS (#17300) (#17302) * Use pointer for wrappedConn methods (#17295) (#17296) * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) * Handle duplicate keys on GPG key ring (#17242) (#17284) * Fix SVG side by side comparison link (#17375) (#17391)
-
v1.15.4
* BUGFIXES * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272) * Don't allow merged PRs to be reopened (#17192) (#17271) * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266) * Fix unwanted team review request deletion (#17257) (#17264) * Fix broken Activities link in team dashboard (#17255) (#17258) * API pull's head/base have correct permission(#17214) (#17245) * Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227) * Upgrade xorm to v1.2.5 (#17177) (#17188) * Fix missing repo link in issue/pull assigned emails (#17183) (#17184) * Fix bug of get context user (#17169) (#17172) * Nicely handle missing user in collaborations (#17049) (#17166) * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164) * Fix wrong i18n keys (#17150) (#17153) * Fix Archive Creation: correct transaction ending (#17151) * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141) * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) * ENHANCEMENT * Check user instead of organization when creating a repo from a template via API (#16346) (#17195) * TRANSLATION * v1.15 fix Sprintf format 'verbs' in locale files (#17187)
-
v1.15.3
* ENHANCEMENTS * Add fluid to ui container class to remove margin (#16396) (#16976) * Add caller to cat-file batch calls (#17082) (#17089) * BUGFIXES * Render full plain readme. (#17083) (#17090) * Upgrade xorm to v1.2.4 (#17059) * Fix bug of migrate comments which only fetch one page (#17055) (#17058) * Do not show issue context popup on external issues (#17050) (#17054) * Decrement Fork Num when converting from Fork (#17035) (#17046) * Correctly rollback in ForkRepository (#17034) (#17045) * Fix missing close in WalkGitLog (#17008) (#17009) * Add prefix to SVG id/class attributes (#16997) (#17000) * Fix bug of migrated repository not index (#16991) (#16996) * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990) * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) * Fix issue with issue default mail template (#16956) (#16975) * Ensure that rebase conflicts are handled in updates (#16952) (#16960) * Prevent panic on diff generation (#16950) (#16951)
-
v1.15.2
v1.15.2 ## [1.15.2](https://github.com/go-gitea/gitea/releases/tag/v1.15.2) - 2021-09-03 * BUGFIXES * Add unique constraint back into issue_index (#16938) * Close storage objects before cleaning (#16934) (#16942) Signed-off-by: Andrew Thornton <art27@cantab.net>
-
v1.15.1
* BUGFIXES * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923) * Prevent leave changes dialogs due to autofill fields (#16912) (#16920) * Ignore review comment when ref commit is missed (#16905) (#16919) * Fix wrong attachment removal (#16915) (#16917) * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913) * Correctly return the number of Repositories for Organizations (#16807) (#16911) * Test if LFS object is accessible (#16865) (#16904) * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900) * Fix dump and restore respository (#16698) (#16898) * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895) * Fix wiki raw commit diff/patch view (#16891) (#16892) * Ensure wiki repos are all closed (#16886) (#16888) * List limited and private orgs if authenticated on API (#16866) (#16879) * Simplify split diff view generation and remove JS dependency (#16775) (#16863) * Ensure that the default visibility is set on the user create page (#16845) (#16862) * In Render tolerate not being passed a context (#16842) (#16858) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) * Report the correct number of pushes on the feeds (#16811) (#16822) * Add primary_key to issue_index (#16813) (#16820) * Prevent NPE on empty commit (#16812) (#16819) * Fix branch pagination error (#16805) (#16816) * Add missing return to handleSettingRemoteAddrError (#16794) (#16795) * Remove spurious / from issues.opened_by (#16793) * Ensure that template compilation panics are sent to the logs (#16788) (#16792) * Update caddyserver/certmagic (#16789) (#16790)
-
v1.14.7
* BUGFIXES * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896) * Fix wiki raw commit diff/patch view (#16891) (#16893) * Ensure wiki repos are all closed (#16886) (#16889) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740)
-
v1.15.0
* BREAKING * Make app.ini permissions more restrictive (#16266) * Refactor Webhook + Add X-Hub-Signature (#16176) * Add asymmetric JWT signing (#16010) * Clean-up the settings hierarchy for issue_indexer queue (#16001) * Change default queue settings to be low go-routines (#15964) * Improve assets handler middleware (#15961) * Rename StaticUrlPrefix to AssetUrlPrefix (#15779) * Use a generic markup class to display externally rendered files and diffs (#15735) * Add frontend testing, require node 12 (#15315) * Move (custom) assets into subpath `/assets` (#15219) * Use level config in log section when sub log section not set level (#15176) * Links in markdown should be absolute to the repository not the server (#15088) * Upgrade to the latest version of golang-jwt (#16590) (#16606) * Set minimum supported version of go to 1.16 (#16710) * SECURITY * Encrypt LDAP bind password in db with SECRET_KEY (#15547) * Remove random password in Dockerfiles (#15362) * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * Correctly create of git-daemon-export-ok files (#16508) (#16514) * Don't show private user's repo in explore view (#16550) (#16554) * Update node tar dependency to 6.1.6 (#16622) (#16623) * FEATURES * Update Go-Git to take advantage of LargeObjectThreshold (#16316) * Support custom mime type mapping for text files (#16304) * Link to previous blames in file blame page (#16259) * Add LRU mem cache implementation (#16226) * Localize Email Templates (#16200) * Make command in authorized keys a template (#16003) * Add possibility to make branch in branch page (#15960) * Add email headers (#15939) * Make tasklist checkboxes clickable (#15791) * Add selecting tags on the compare page (#15723) * Add cron job to delete old actions from database (#15688) * On open repository open common cat file batch and batch-check (#15667) * Add tag protection (#15629) * Add push to remote mirror repository (#15157) * Add Image Diff for SVG files (#14867) * Add dashboard milestone search and repo milestone search by name. (#14866) * Add LFS Migration and Mirror (#14726) * Improve notifications for WIP draft PR's (#14663) * Disable Stars config option (#14653) * GPG Key Ownership verification with Signed Token (#14054) * OAuth2 auto-register (#5123) * API * Return updated repository when changing repository using API (#16420) * Let branch/tag name be a valid ref to get CI status (#16400) * Add endpoint to get commits of PR (#16300) * Allow COMMENT reviews to not specify a body (#16229) * Add subject-type filter to list notification API endpoints (#16177) * ListReleases add filter for draft and pre-releases (#16175) * ListIssues add more filters (#16174) * Issue Search Add filter for MilestoneNames (#16173) * GET / SET User Settings (#16169) * Expose repo.GetReviewers() & repo.GetAssignees() (#16168) * User expose counters (#16167) * Add repoGetTag (#16166) * Add repoCreateTag (#16165) * Creating a repo from a template repo via API (#15958) * Add Active and ProhibitLogin to API (#15689) * Add Location, Website and Description to API (#15675) * Expose resolver via API (#15167) * Swagger AccessToken fixes (#16574) (#16597) * Set AllowedHeaders on API CORS handler (#16524) (#16618) * ENHANCEMENTS * Support HTTP/2 in Let's Encrypt (#16371) * Introduce NotifySubjectType (#16320) * Add forge emojies (#16296) * Implemented head_commit for webhooks (#16282) * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278) * Add previous/next buttons to review comments (#16273) * Review comments: break-word for long file names (#16272) * Add configuration to restrict allowed user visibility modes (#16271) * Add scroll-margin-top to account for sticky header (#16269) * Add --quiet and --verbose to gitea web to control initial logging (#16260) * Use gitea logging module for git module (#16243) * Add tests for all webhooks (#16214) * Add button to delete undeleted repositories from failed migrations (#16197) * Speed up git diff highlight generation (#16180) * Add OpenID claims "profile" and "email". (#16141) * Reintroduce squash merge default comment as a config setting (#16134) * Add sanitizer rules per renderer (#16110) * Improve performance of dashboard list orgs (#16099) * Refactor assert statements in tests (#16089) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086) * Remove unnecessary goroutine (#16080) * Add attachments for PR reviews (#16075) * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070) * Add Visible modes function from Organisation to Users too (#16069) * Add checkbox to delete pull branch after successful merge (#16049) * Make commit info cancelable (#16032) * Make modules/context.Context a context.Context (#16031) * Unified custom config creation (#16012) * Make sshd_config more flexible regarding connections (#16009) * Append to existing trailers in generated squash commit message (#15980) * Always store primary email address into email_address table and also the state (#15956) * Load issue/PR context popup data only when needed (#15955) * Remove remaining fontawesome usage in templates (#15952) * Remove fomantic accordion module (#15951) * Small refactoring of modules/private (#15947) * Double the avatar size factor (#15941) * Add curl to rootless docker image (#15908) * Replace clipboard.js with async clipboard api (#15899) * Allow custom highlight mapping beyond file extensions (#15808) * Add trace logging to SSO methods (#15803) * Refactor routers directory (#15800) * Allow only internal registration (#15795) * Add a new internal hook to save ssh log (#15787) * Respect default merge message syntax when parsing item references (#15772) * OAuth2 login: Set account link to "login" as default behavior (#15768) * Use single shared random string generation function (#15741) * Hold the event source when there are no listeners (#15725) * Code comments improvements (#15722) * Provide OIDC compliant user info endpoint (#15721) * Fix webkit calendar icon color on arc-green (#15713) * Improve Light Chroma style (#15699) * Only use boost workers for leveldb shadow queues (#15696) * Add compare tag dropdown to releases page (#15695) * Add caret styling CSS (#15651) * Remove x-ua-compatible meta tag (#15640) * Refactor of link creation (#15619) * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) * Rewrite of the LFS server (#15523) * Display more repository type on admin repository management (#15440) * Remove usage of some JS globals (#15378) * SHA in merged commit comment should be rendered ui sha (#15376) * Add well-known config for OIDC (#15355) * Use route rather than use thus reducing the number of stack frames (#15301) * Code Formats, Nits & Unused Func/Var deletions (#15286) * Let package git depend on setting but not opposite (#15241) * Fixed sanitize errors (#15240) * response simple text message for not html request when 404 (#15229) * Remove file-loader dependency (#15196) * Refactor renders (#15175) * Add mimetype mapping settings (#15133) * Add Status Updates whilst Gitea migrations are occurring (#15076) * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073) * Counterwork seemingly unclickable repo button labels (#15064) * Add DefaultMergeStyle option to repository (#14789) * Added support for gopher URLs. (#14749) * Rework repository archive (#14723) * Add links to toggle WIP status (#14677) * Add Tabular Diff for CSV files (#14661) * Use milestone deadline when sorting issues (#14551) * BUGFIXES * Fix invalid params and typo of email templates (#16394) * Fix activation of primary email addresses (#16385) * Fix calculation for finalPage in repo-search component (#16382) * Specify user in rootless container numerically (#16361) * Detect encoding changes while parsing diff (#16330) * Fix U2F error reasons always hidden (#16327) * Prevent zombie processes (#16314) * Escape reference to `user` table in models.SearchEmails (#16313) * Fix default push instructions on empty repos (#16302) * Fix modified files list in webhooks when there is a space (#16288) * Fix webhook commits wrong hash on HEAD reset (#16283) * Fuzzer finds an NPE due to incorrect URLPrefix (#16249) * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238) * Do not show No match found for tribute (#16231) * Fix "Copy Link" for pull requests (#16230) * Fix diff expansion is missing final line in a file (#16222) * Fix private repo permission problem (#16142) * Fix not able to update local created non-urlencoded wiki pages (#16139) * More efficiently parse shas for shaPostProcessor (#16101) * Fix `doctor --run check-db-consistency --fix` with label fix (#16094) * Prevent webhook action buttons from shifting (#16087) * Change default TMPDIR path in rootless containers (#16077) * Fix typo and add TODO notice (#16064) * Use git log name-status in get last commit (#16059) * Fix 500 Error with branch and tag sharing the same name (#16040) * Fix get tag when migration (#16014) * Add custom emoji support (#16004) * Use filepath.ToSlash and Join in indexer defaults and queues (#15971) * Add permission check for ``GenerateRepository`` (#15946) * Ensure settings for Service and Mailer are read on the install page (#15943) * Fix layout of milestone view (#15927) * Unregister non-matching serviceworkers (#15834) * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693) * Attachment support repository route (#15580) * Fix missing icons and colorpicker when mounted on suburl (#15501) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304) * Prevent double-login for Git HTTP and LFS and simplify login (#15303) * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278) * Fix heatmap activity (#15252) * Remove vendored copy of fomantic-dropdown (#15193) * Update repository size on cron gc task (#15177) * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153) * Add code block highlight to orgmode back (#14222) * Remove User.GetOrganizations() (#14032) * Restore Accessibility for Dropdown (#16576) (#16617) * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) * Fix table alignment in markdown (#16596) (#16602) * Fix 500 on first wiki page (#16586) (#16598) * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) * Upgrade levelqueue to v0.4.0 (#16560) (#16561) * Handle too long PR titles correctly (#16517) (#16549) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Fix direct creation of external users on admin page (partial #16612) (#16613) * Prevent 500 on draft releases without tag (#16634) (#16636) * Restore creation of git-daemon-export-ok files (#16508) (#16514) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Restore compatibility with SQLServer 2008 R2 in migrations (#16638) * Fix direct creation of external users on admin page (#16613) * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659) * Fix NPE in fuzzer (#16680) (#16682) * Set issue_index when finishing migration (#16685) (#16687) * Skip patch download when no patch file exists (#16356) (#16681) * Ensure empty lines are copiable and final new line too (#16678) (#16692) * Fix wrong user in OpenID response (#16736) (#16741) * Do not use thin scrollbars on Firefox (#16738) (#16745) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739) * Keep attachments on tasklist update (#16750) (#16757) * TESTING * Bump `postgres` and `mysql` versions (#15710) * Add tests for clone from wiki (#15513) * Fix Benchmark tests, remove a broken one & add two new (#15250) * Create Proper Migration tests (#15116) * TRANSLATION * Use a special name for update default branch on repository setting (#15893) * Fix mirror_lfs source string in en-US locale (#15369) * BUILD * Upgrade xorm to v1.1.1 (#16339) * Disable legal comments in esbuild (#15929) * Switch to Node 16 to build fronted (#15804) * Use esbuild to minify CSS (#15756) * Use binary version of revive linter (#15739) * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465) * Stop packaging node_modules in release tarballs (#15273) * Introduce esbuild on webpack (#14578) * DOCS * Update queue workers documentation (#15999) * Comment out app.example.ini (#15807) * Improve logo customization docs (#15754) * Add some response status on api docs (#15399) * Rework Token API comments (#15162) * Add better errors for disabled account recovery (#15117) * MISC * Remove utf8 option from installation page (#16126) * Use Wants= over Requires= in systemd file (#15897)
-
v1.15.0-rc3
1.15.0-rc3 * BREAKING * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * SECURITY * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * Correctly create of git-daemon-export-ok files (#16508) (#16514) * Don't show private user's repo in explore view (#16550) (#16554) * Update node tar dependency to 6.1.6 (#16622) (#16623) * API * Swagger AccessToken fixes (#16574) (#16597) * Set AllowedHeaders on API CORS handler (#16524) (#16618) * BUGFIXES * Restore Accessibility for Dropdown (#16576) (#16617) * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) * Fix table alignment in markdown (#16596) (#16602) * Fix 500 on first wiki page (#16586) (#16598) * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) * Upgrade levelqueue to v0.4.0 (#16560) (#16561) * Handle too long PR titles correctly (#16517) (#16549) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Revert to use alpine 3.13 (#16451) (#16452) * Fix crash following ldap authentication update (#16447) (#16448) * Fix direct creation of external users on admin page (partial #16612) (#16613) * Prevent 500 on draft releases without tag (#16634) (#16636)
-
v1.14.6
[1.14.6](https://github.com/go-gitea/gitea/releases/tag/v1.14.6) - 2021-08-04 * SECURITY * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540) * Switch to maintained JWT lib (#16532) (#16535) * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607) * BUGFIXES * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)
-
v1.15.0-rc2
* BUGFIXES * Restore creation of git-daemon-export-ok files (#16508) (#16514) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Revert to use alpine 3.13 to fix multiple seccomp related issues with Docker <20 (#16451) (#16452) * Fix crash following ldap authentication update (#16447) (#16448)
-
v1.14.5
* SECURITY * Hide mirror passwords on repo settings page (#16022) (#16355) * Update bluemonday to v1.0.15 (#16379) (#16380) * BUGFIXES * Retry rename on lock induced failures (#16435) (#16439) * Validate issue index before querying DB (#16406) (#16410) * Fix crash following ldap authentication update (#16447) (#16449) * ENHANCEMENTS * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
-
-
v1.15.0-rc1
1.15.0-rc1 * BREAKING * Make app.ini permissions more restrictive (#16266) * Refactor Webhook + Add X-Hub-Signature (#16176) * Add asymmetric JWT signing (#16010) * Clean-up the settings hierarchy for issue_indexer queue (#16001) * Change default queue settings to be low go-routines (#15964) * Improve assets handler middleware (#15961) * Rename StaticUrlPrefix to AssetUrlPrefix (#15779) * Use a generic markup class to display externally rendered files and diffs (#15735) * Add frontend testing, require node 12 (#15315) * Move (custom) assets into subpath `/assets` (#15219) * Use level config in log section when sub log section not set level (#15176) * Links in markdown should be absolute to the repository not the server (#15088) * SECURITY * Encrypt LDAP bind password in db with SECRET_KEY (#15547) * Remove random password in Dockerfiles (#15362) * FEATURES * Update Go-Git to take advantage of LargeObjectThreshold (#16316) * Support custom mime type mapping for text files (#16304) * Link to previous blames in file blame page (#16259) * Add LRU mem cache implementation (#16226) * Localize Email Templates (#16200) * Make command in authorized keys a template (#16003) * Add possibility to make branch in branch page (#15960) * Add email headers (#15939) * Make tasklist checkboxes clickable (#15791) * Add selecting tags on the compare page (#15723) * Add cron job to delete old actions from database (#15688) * On open repository open common cat file batch and batch-check (#15667) * Add tag protection (#15629) * Add push to remote mirror repository (#15157) * Add Image Diff for SVG files (#14867) * Add dashboard milestone search and repo milestone search by name. (#14866) * Add LFS Migration and Mirror (#14726) * Improve notifications for WIP draft PR's (#14663) * Disable Stars config option (#14653) * Add option to provide signature for a token to verify key ownership (#14054) * OAuth2 auto-register (#5123) * API * Return updated repository when changing repository using API (#16420) * Let branch/tag name be a valid ref to get CI status (#16400) * Add endpoint to get commits of PR (#16300) * Allow COMMENT reviews to not specify a body (#16229) * Add subject-type filter to list notification API endpoints (#16177) * ListReleases add filter for draft and pre-releases (#16175) * ListIssues add more filters (#16174) * Issue Search Add filter for MilestoneNames (#16173) * GET / SET User Settings (#16169) * Expose repo.GetReviewers() & repo.GetAssignees() (#16168) * User expose counters (#16167) * Add repoGetTag (#16166) * Add repoCreateTag (#16165) * Creating a repo from a template repo via API (#15958) * Add Active and ProhibitLogin to API (#15689) * Add Location, Website and Description to API (#15675) * Expose resolver via API (#15167) * ENHANCEMENTS * Support HTTP/2 in Let's Encrypt (#16371) * Introduce NotifySubjectType (#16320) * Add forge emojies (#16296) * Implemented head_commit for webhooks (#16282) * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278) * Add previous/next buttons to review comments (#16273) * Review comments: break-word for long file names (#16272) * Add configuration to restrict allowed user visibility modes (#16271) * Add scroll-margin-top to account for sticky header (#16269) * Add --quiet and --verbose to gitea web to control initial logging (#16260) * Use gitea logging module for git module (#16243) * Add tests for all webhooks (#16214) * Add button to delete undeleted repositories from failed migrations (#16197) * Speed up git diff highlight generation (#16180) * Add OpenID claims "profile" and "email". (#16141) * Reintroduce squash merge default comment as a config setting (#16134) * Add sanitizer rules per renderer (#16110) * Improve performance of dashboard list orgs (#16099) * Refactor assert statements in tests (#16089) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086) * Remove unnecessary goroutine (#16080) * Add attachments for PR reviews (#16075) * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070) * Add Visible modes function from Organisation to Users too (#16069) * Add checkbox to delete pull branch after successful merge (#16049) * Make commit info cancelable (#16032) * Make modules/context.Context a context.Context (#16031) * Unified custom config creation (#16012) * Make sshd_config more flexible regarding connections (#16009) * Append to existing trailers in generated squash commit message (#15980) * Always store primary email address into email_address table and also the state (#15956) * Load issue/PR context popup data only when needed (#15955) * Remove remaining fontawesome usage in templates (#15952) * Remove fomantic accordion module (#15951) * Small refactoring of modules/private (#15947) * Double the avatar size factor (#15941) * Add curl to rootless docker image (#15908) * Replace clipboard.js with async clipboard api (#15899) * Allow custom highlight mapping beyond file extensions (#15808) * Add trace logging to SSO methods (#15803) * Refactor routers directory (#15800) * Allow only internal registration (#15795) * Add a new internal hook to save ssh log (#15787) * Respect default merge message syntax when parsing item references (#15772) * OAuth2 login: Set account link to "login" as default behavior (#15768) * Use single shared random string generation function (#15741) * Hold the event source when there are no listeners (#15725) * Code comments improvements (#15722) * Provide OIDC compliant user info endpoint (#15721) * Fix webkit calendar icon color on arc-green (#15713) * Improve Light Chroma style (#15699) * Only use boost workers for leveldb shadow queues (#15696) * Add compare tag dropdown to releases page (#15695) * Add caret styling CSS (#15651) * Remove x-ua-compatible meta tag (#15640) * Refactor of link creation (#15619) * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) * Rewrite of the LFS server (#15523) * Display more repository type on admin repository management (#15440) * Remove usage of some JS globals (#15378) * SHA in merged commit comment should be rendered ui sha (#15376) * Add well-known config for OIDC (#15355) * Use route rather than use thus reducing the number of stack frames (#15301) * Code Formats, Nits & Unused Func/Var deletions (#15286) * Let package git depend on setting but not opposite (#15241) * Fixed sanitize errors (#15240) * response simple text message for not html request when 404 (#15229) * Remove file-loader dependency (#15196) * Refactor renders (#15175) * Add mimetype mapping settings (#15133) * Add Status Updates whilst Gitea migrations are occurring (#15076) * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073) * Counterwork seemingly unclickable repo button labels (#15064) * Add DefaultMergeStyle option to repository (#14789) * Added support for gopher URLs. (#14749) * Rework repository archive (#14723) * Add links to toggle WIP status (#14677) * Add Tabular Diff for CSV files (#14661) * Use milestone deadline when sorting issues (#14551) * BUGFIXES * Fix invalid params and typo of email templates (#16394) * Fix activation of primary email addresses (#16385) * Fix calculation for finalPage in repo-search component (#16382) * Specify user in rootless container numerically (#16361) * Detect encoding changes while parsing diff (#16330) * Fix U2F error reasons always hidden (#16327) * Prevent zombie processes (#16314) * Escape reference to `user` table in models.SearchEmails (#16313) * Fix default push instructions on empty repos (#16302) * Fix modified files list in webhooks when there is a space (#16288) * Fix webhook commits wrong hash on HEAD reset (#16283) * Fuzzer finds an NPE due to incorrect URLPrefix (#16249) * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238) * Do not show No match found for tribute (#16231) * Fix "Copy Link" for pull requests (#16230) * Fix diff expansion is missing final line in a file (#16222) * Fix private repo permission problem (#16142) * Fix not able to update local created non-urlencoded wiki pages (#16139) * More efficiently parse shas for shaPostProcessor (#16101) * Fix `doctor --run check-db-consistency --fix` with label fix (#16094) * Prevent webhook action buttons from shifting (#16087) * Change default TMPDIR path in rootless containers (#16077) * Fix typo and add TODO notice (#16064) * Use git log name-status in get last commit (#16059) * Fix 500 Error with branch and tag sharing the same name (#16040) * Fix get tag when migration (#16014) * Add custom emoji support (#16004) * Use filepath.ToSlash and Join in indexer defaults and queues (#15971) * Add permission check for ``GenerateRepository`` (#15946) * Ensure settings for Service and Mailer are read on the install page (#15943) * Fix layout of milestone view (#15927) * Unregister non-matching serviceworkers (#15834) * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693) * Attachment support repository route (#15580) * Fix missing icons and colorpicker when mounted on suburl (#15501) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304) * Prevent double-login for Git HTTP and LFS and simplify login (#15303) * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278) * Fix heatmap activity (#15252) * Remove vendored copy of fomantic-dropdown (#15193) * Update repository size on cron gc task (#15177) * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153) * Add code block highlight to orgmode back (#14222) * Remove User.GetOrganizations() (#14032) * TESTING * Bump `postgres` and `mysql` versions (#15710) * Add tests for clone from wiki (#15513) * Fix Benchmark tests, remove a broken one & add two new (#15250) * Create Proper Migration tests (#15116) * TRANSLATION * Use a special name for update default branch on repository setting (#15893) * Fix mirror_lfs source string in en-US locale (#15369) * BUILD * Upgrade xorm to v1.1.1 (#16339) * Alpine 3.14 released (#16170) * Disable legal comments in esbuild (#15929) * Switch to Node 16 to build fronted (#15804) * Use esbuild to minify CSS (#15756) * Use binary version of revive linter (#15739) * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465) * Stop packaging node_modules in release tarballs (#15273) * Introduce esbuild on webpack (#14578) * DOCS * Update queue workers documentation (#15999) * Comment out app.example.ini (#15807) * Improve logo customization docs (#15754) * Add some response status on api docs (#15399) * Rework Token API comments (#15162) * Add better errors for disabled account recovery (#15117) * MISC * Remove utf8 option from installation page (#16126) * Use Wants= over Requires= in systemd file (#15897)
-
v1.14.4
* BUGFIXES * Fix relative links in postprocessed images (#16334) (#16340) * Fix list_options GetStartEnd (#16303) (#16305) * Fix API to use author for commits instead of committer (#16276) (#16277) * Handle misencoding of login_source cfg in mssql (#16268) (#16275) * Fixed issues not updated by commits (#16254) (#16261) * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255) * Use html.Parse rather than html.ParseFragment (#16223) (#16225) * Fix milestone counters on new issue (#16183) (#16224) * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
-
v1.14.3
v1.14.3 * SECURITY * Encrypt migration credentials at rest (#15895) (#16187) * Only check access tokens if they are likely to be tokens (#16164) (#16171) * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039) * Fix setting of SameSite on cookies (#15989) (#15991) * API * Repository object only count releases as releases (#16184) (#16190) * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190) * Fix overly strict edit pr permissions (#15900) (#16081) * BUGFIXES * Run processors on whole of text (#16155) (#16185) * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172) * Fix language switch for install page (#16043) (#16128) * Fix bug on getIssueIDsByRepoID (#16119) (#16124) * Set self-adjusting deadline for connection writing (#16068) (#16123) * Fix http path bug (#16117) (#16120) * Fix data URI scramble (#16098) (#16118) * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097) * git migration: don't prompt interactively for clone credentials (#15902) (#16082) * Fix case change in ownernames (#16045) (#16050) * Don't manipulate input params in email notification (#16011) (#16033) * Remove branch URL before IssueRefURL (#15968) (#15970) * Fix layout of milestone view (#15927) (#15940) * GitHub Migration, migrate draft releases too (#15884) (#15888) * Close the gitrepo when deleting the repository (#15876) (#15887) * Upgrade xorm to v1.1.0 (#15869) (#15885) * Fix blame row height alignment (#15863) (#15883) * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882) * Backport Fix LFS commit finder not working (#15856) (#15874) * Stop calling WriteHeader in Write (#15862) (#15873) * Add timeout to writing to responses (#15831) (#15872) * Return go-get info on subdirs (#15642) (#15871) * Restore PAM user autocreation functionality (#15825) (#15867) * Fix truncate utf8 string (#15828) (#15854) * Fix bound address/port for caddy's certmagic library (#15758) (#15848) * Upgrade unrolled/render to v1.1.1 (#15845) (#15846) * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840) * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839) * Set autocomplete off on branches selector (#15809) (#15833) * Add missing error to Doctor log (#15813) (#15824) * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816) * ENHANCEMENTS * Removable media support to snap package (#16136) (#16138) * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892) * DOCKER * Only write config in environment-to-ini if there are changes (#15861) (#15868) * Only offer hostcertificates if they exist (#15849) (#15853)