Gitea 1.18.0-rc1

Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket, and GitLab. Gitea is a fork of Gogs. See the Gitea Announcement blog post to read about the justification for a fork. Purpose The goal of this project is to provide the easiest, fastest, and most painless way of setting up a self-hosted Git service. With Go, this can be done with an independent binary distribution across all platforms and architectures that Go supports. This support includes Linux, macOS, and Windows, on architectures like amd64, i386, ARM, PowerPC, and others.

Tags git go
License MITL
State stable

Recent Releases

1.18.0-rc125 Nov 2022 15:25 minor feature: BREAKING. Remove U2F support. FEATURES. Add color previews in markdown. Allow package version sorting. Add support for Chocolatey/NuGet v2 API. Add API endpoint to get changed files of a PR. Add filetree on left of diff view. Support forms and PR forms. Add support for Vagrant packages. Add support for `npm unpublish`. Add badge capabilities to users. Add filter for Author. Add KaTeX rendering to Markdown.. Add support for Pub packages. Support localized README. Add support mCaptcha as captcha provider. Add team member invite by email. Added email notification option to receive all own messages. Switch Unicode Escaping to a VSCode-like system. Add user/organization code search. Only show relevant repositories on explore page. User keypairs and HTTP signatures for ActivityPub federation using go-ap. Add sitemap support. Allow creation of OAuth2 applications for orgs. Add system setting table with cache and also add cache supports for user setting. Add pages to view watched repos and subscribed /PRs. Support Proxy protocol. Implement sync push mirror on commit. API. Make external tracker regexp configurable via API. Add name field for org api. Show teams with no members if user is admin. Add latest commit's SHA to content response. Add allow_rebase_update, default_delete_branch_after_merge to repository api response. Add new endpoints for push mirrors management. ENHANCEMENTS. Use CSS color-scheme instead of invert. Respect user's locale when rendering the date range in the repo activity page. Change `commits-table` column width. Refactor git command arguments and make all arguments to be safe to be used. CSS color enhancements. Add link to user profile in markdown mention only if user exists. Add option to skip index dirs. Diff file tree tweaks. Localize all timestamps. Add `code` highlighting in titles. Use Name instead of DisplayName in LFS Lock. Consolidate more CSS colors into variables. Redirect to new reposito
1.17.316 Oct 2022 07:45 minor feature: Changelog SECURITY. Sanitize and Escape refs in git backend. Bump `golang.org/x/text`. Update bluemonday. ENHANCEMENTS. empty container layer history and UI. Use en-US as fallback when using other default language. Make the vscode clone link respect transport protocol. . Do DB update after merge in hammer context. Add Num ,Pulls stats checks. Stop logging CheckPath returns error: context canceled. Parse OAuth Authorization header when request omits client secret. Ignore port for loopback redirect URIs. Set SemverCompatible to false for Conan packages. Tag list should include draft releases with existing tags. linked account translation. Make NuGet service index publicly accessible. Foreign ID conflicts if ID is 0 for each item. Use absolute links in feeds. Prevent invalid behavior for file reviewing when loading more files. Respect `REQUIRE_SIGNIN_VIEW` for packages. Treat git object mode 40755 as directory. Allow uppercase ASCII alphabet in PyPI package names. limited user cannot view himself's profile. template of admin monitor. reaction of. CSV diff for added/deleted files. pagination limit parameter problem. TESTING. missing m.Run() in TestMain. BUILD. Use Go 1.19 fmt for Gitea 1.17, sync emoji data.
1.17.208 Sep 2022 03:05 minor feature: SECURITY. Double check CloneURL is acceptable. Add more checks in migration code. ENHANCEMENTS. hard-coded timeout and error panic in API archive download endpoint. Improve arc-green code theme. Enable contenthash in filename for dynamic assets. Don't open new page for ext wiki on same repository. Disable doctor logging on panic. Remove calls to load Mirrors in user.Dashboard. Update codemirror to 5.65.8. Rework repo buttons. . Ensure delete user deletes all comments. Delete unreferenced packages when deleting a package version. Redirect if user does not exist on admin pages. Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh. on time in timeline API. Fill the specified ref in webhook test payload. Add another index for Action table on postgres. broken insecureskipverify handling in redis connection uris. Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion. Do not add links to Posters or Assignees with ID lt; 0. modified due date message. missed sort. input.value attr for RequiredClaimName/Value. Change review buttons to icons to make space for text. download archiver of a commit. Return 404 NotFound if requested attachment does not exist. Set no-tags in git fetch on compare. Allow multiple metadata files for Maven packages. Increase Content field size of gpg_key and public_key to MEDIUMTEXT. mirror address setting not working. push mirror address backend get error Address cause setting page display error. panic when an invalid oauth2 name is passed. In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it. Ensure that graceful start-up is informed of unused SSH listener. Pad GPG Key ID with preceding zeroes. SQL Query for `SearchTeam`. the mode of custom dir to 0700 in docker-rootless. UI mis-align for PR commit history.
1.17.119 Aug 2022 03:25 minor feature: SECURITY. Correctly escape within tribute.js. ENHANCEMENTS. Add support for NuGet API keys. Display project in list. Add disable download source configuration. Add username check to doctor. Enable Wire 2 for Internal SSH Server. . Use the total count for UI. Add proxy host into allow list. Add missing translation for queue flush workers. Improve comment header for mobile. git.Init for doctor sub-command. Check webhooks slice length before calling xorm. Remove manual rollback for failed generated repositories. Use correct field name in npm template. Keep download count on Container tag overwrite. v220 migration to be compatible for MSSQL 2008 r2. Use request timeout for git service rpc. Send correct NuGet status codes. Use correct context to get package content. the JS error "EventSource is not defined" caused by some non-standard browsers. Add default commit messages to PR for squash merge. package upload for files gt;32mb. the new-line copy-paste for rendered code. Clean up and clone button script. default merge style. Add repository condition for count. Make branch icon stand out more. loading button with invalid form. SecToTime edge-cases. Executable check always returns true for windows. Check labels slice length before calling xorm Insert. owners cannot create organization repos. Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate.
1.17.031 Jul 2022 03:19 minor feature: v1.17.0 BREAKING. Require go1.18 for Gitea 1.17. Make AppDataPath absolute against the AppWorkPath if it is not. Nuke the incorrect permission report on /api/v1/notifications. Refactor git module, make Gitea use internal git config. Remove `RequireHighlightJS` field, update plantuml example.. Increase minimal required git version to 2.0. Add a directory pre`gitea-src-VERSION` to release-tar-file. Use "main" as default branch name. Make cron task no notice on success. Add pam account authorization check. Show messages for users if the ROOT_URL is wrong, show JavaScript errors. Refactor mirror code amp; StartToMirror. Remove deprecated SSH ciphers from default. Add the possibility to allow the user to have a favicon which differs from the main logo. Update reserved usernames list. Support custom ACME provider. Change initial TrustModel to committer. Update HTTP status codes. Upgrade Alpine from 3.13 to 3.15. Restrict email address validation. Refactor Router Logger. SECURITY. Use git.HOME_PATH for Git HOME directory. Add write check for creating Commit Statuses. Remove deprecated SSH ciphers from default. FEDERATION. Return statistic information for nodeinfo. Add Webfinger endpoint. Store the foreign ID of during migration. FEATURES. Automatically render wiki TOC. Adding button to link accounts from user settings. Allow set default merge style while creating repo. Auto merge pull requests when all checks succeeded. Improve reviewing PR UX. Add support for rendering console output with colors. Add Helm Chart registry. Add Goroutine stack inspector to admin/monitor. RSS/Atom support for Orgs amp; Repos. Add button for deletion. Allow to mark files in a PR as viewed. Add Index to comment for migrations and mirroring. Add health check endpoint. Add packagist webhook. Add "Allow edits from maintainer" feature. Add apply-patch, basic reve
1.17.0-rc220 Jul 2022 08:05 minor feature: SECURITY. Use git.HOME_PATH for Git HOME directory. Add write check for creating Commit Statuses. ENHANCEMENTS. Make notification bell more prominent on mobile. Adjust max-widths for the repository file table. Display full name. . Allow RSA 2047 bit keys. Add missing return for when topic isn't found. commit status icon when in subdirectory. Initialize cron last. Set target on create release with existing tag. Update xorm.io/xorm to a interpreting db column sizes on 32bit systems. Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo'. Prevent context deadline error propagation in GetCommitsInfo. Correctly handle draft releases without a tag. Prevent "empty" scrollbars on Firefox. Refactor SSH init code, directory creation for TrustedUserCAKeys file. Bump goldmark to v1.4.13. Do not create empty ".ssh" directory when loading config. NPE when using non-numeric. Store read access in access for team repositories. EscapeFilter the group dn membership. Only show Followers that current user can access. Update Bluemonday to v1.0.19. Reindices on actions table. Check if project has the same repository id with when assign project to. remove file on initial comment. Catch the error before the response is processed by goth. Dashboard feed respect setting.UI.FeedPagingNum again. Alter hook_task TEXT fields to LONGTEXT. Respond with a 401 on git push when password isn't changed yet. Return 404 when tag is broken.
1.16.913 Jul 2022 14:05 minor feature: v1.16.9 SECURITY. Add write check for creating Commit status. Check for permission when fetching user controlled. . Hide notify mail setting ui if not enabled. Add write check for creating Commit status. Only show Followers that current user can access. Release page show all tags in compare dropdown. permission check for delete tag. Only log non ErrNotExist errors in git.GetNote. Use exact search instead of fuzzy search for branch filter dropdown. Set Setpgid on child git processes. Import git from alpine 3.16 repository as 2.30.4 is needed for `safe.directory = '*'` to work but alpine 3.13 has 2.30.3. Ensure responses are context.ResponseWriters. incorrect usage of `Count` function. raw endpoint PDF file headers. Make WIP precase insensitive, e.g. allow `Draft` as a WIP pre. Don't return 500 on NotificationUnreadCount. Prevent NPE when cache service is disabled. Detect truncated utf-8 characters at the end of content as still representing utf-8. doctor pq: syntax error at or near "." quote user table name. with assigneees.
1.17.0-rc121 Jun 2022 03:15 minor feature: v1.17.0-rc1 BREAKING. Require go1.18 for Gitea 1.17. Make AppDataPath absolute against the AppWorkPath if it is not. Nuke the incorrect permission report on /api/v1/notifications. Refactor git module, make Gitea use internal git config. Remove `RequireHighlightJS` field, update plantuml example.. Increase minimal required git version to 2.0. Add a directory pre`gitea-src-VERSION` to release-tar-file. Use "main" as default branch name. Make cron task no notice on success. Add pam account authorization check. Show messages for users if the ROOT_URL is wrong, show JavaScript errors. Refactor mirror code amp; StartToMirror. Remove deprecated SSH ciphers from default. Add the possibility to allow the user to have a favicon which differs from the main logo. Update reserved usernames list. Support custom ACME provider. Change initial TrustModel to committer. Update HTTP status codes. Upgrade Alpine from 3.13 to 3.15. Restrict email address validation. Refactor Router Logger. SECURITY. Remove deprecated SSH ciphers from default. FEDERATION. Return statistic information for nodeinfo. Add Webfinger endpoint. Store the foreign ID of during migration. FEATURES. Automatically render wiki TOC. Adding button to link accounts from user settings. Allow set default merge style while creating repo. Auto merge pull requests when all checks succeeded. Improve reviewing PR UX. Add support for rendering console output with colors. Add Helm Chart registry. Add Goroutine stack inspector to admin/monitor. RSS/Atom support for Orgs amp; Repos. Add button for deletion. Allow to mark files in a PR as viewed. Add Index to comment for migrations and mirroring. Add health check endpoint. Add packagist webhook. Add "Allow edits from maintainer" feature. Add apply-patch, basic revert and cherry-pick functionality. Add Package Registry. Add LDAP group sync to Teams
1.16.817 May 2022 10:25 minor feature: ENHANCEMENTS. Add doctor check/for bogus action rows. Make.cs highlighting legible on dark themes.. . oauth setting list. Delete user related oauth stuff on user deletion too. new release from tags list UI. Prevent NPE when checking repo units if the user is nil. GetFeeds must always discard actions with dangling repo_id. Call MultipartForm.RemoveAll when request finishes. Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names. sending empty notifications. Ignore DNS error when doing migration allow/block check. overview for teams.
1.16.703 May 2022 10:45 minor feature: SECURITY. Escape git fetch remote. . Don't overwrite err with nil. On Migrations, only write commit-graph if wiki clone was successful. Respect DefaultUserIsRestricted system default when creating new user. Don't error when branch's commit doesn't exist. Support `hostname:port` to pass host matcher's check. Prevent intermittent race in attribute reader. bit atomic operations on 32-bit machines. Prevent dangling archiver goroutine. migrate release from github. When view _Siderbar or _Footer, just display once. blame page select range error and some typos. name of doctor "authorized-keys" in hints. User specific repoID or xorm builder conditions for search. Prevent dangling cat-file calls (goroutine alternative). RepoAssignment ensure to before overwrite. Set correct PR status on 3way on conflict checking. Mark TemplateLoading error as "UnprocessableEntity".
1.16.621 Apr 2022 08:05 minor feature: v1.16.6 ENHANCEMENTS. Only request write when necessary. Disable service worker by default. . When dumping trim the standard suffices instead of a random suf. DELETE request for non-existent public key. Don't panic on ErrEmailInvalid. Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients. Warn on SSH connection for incorrect configuration. Search via API, dont show 500 if filter result in empty list. When updating mirror repo intervals by API reschedule next update too. nil error when some pages are rendered outside request context. double blob-hunk on diff page. Don't allow merging PR's which are being conflict checked. middleware function's placements. invalid CSRF token, make sure CSRF tokens can be up-to-date. Restore user autoregistration with email addresses. Move checks for pulls before merge into own function. Granular webhook events in editHook. Only send webhook events to active system webhooks and only deliver to active hooks. Use full output of git show-ref --tags to get tags for PushUpdateAddTag. Touch mirrors on even on fail to update. Hide sensitive content on admin panel progress monitor. clone url JS error for the empty repo page. Bump goldmark to v1.4.11. TESTING. Prevent intermittent failures in RepoIndexerTest. BUILD. Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile. MISC. Performance improvement for add team user when org has more than 1000 repositories. Check go and nodejs version by go.mod and package.json.
1.16.524 Mar 2022 10:25 minor feature: BREAKING. Bump to build with go1.18. SECURITY. Prevent redirect to Host (2). Try to prevent autolinking of displaynames by email readers. Clean paths when looking in Storage. Do not send notification emails to inactive users. Do not send activation email if manual confirm is set. ENHANCEMENTS. Use the new/choose link for New on project page. . showing in your repositories. compare link in active feeds for new branch. Redirect.wiki/ ui link to /wiki. Ensure deploy keys with write access can push. Ensure that setting.LocalURL always has a trailing slash. Cleanup protected branches when deleting users amp; teams. Use IterateBufferSize whilst querying repositories during adoption check. NPE /repos//search when not signed in. Use custom favicon when viewing static files if it exists. the editor height in review box. Ensure isSSH is set whenever DISABLE_HTTP_GIT is set. wrong scopes caused by empty scope input. Make migrations SKIP_TLS_VERIFY apply to git too. Handle email address not exist. MISC. Update json-iterator to allow compilation with go1.18. Update golang.org/x/crypto.
1.16.415 Mar 2022 16:45 minor feature: v1.16.4 SECURITY. Restrict email address validation. lfs. ENHANCEMENTS. Improve SyncMirrors logging. . Refactor mirror code amp; `StartToMirror`. Update the webauthn_credential_id_sequence in Postgres. Prevent 500 when there is an error during new auth source post. If rendering has failed due to a net.OpError stop rendering (attempt 2). flag validation. Add pam account authorization check. Ignore missing comment for user notifications. Set `rel="nofollow noindex"` on new links. Upgrading binding package. Don't show context cancelled errors in attribute reader. update hint. MISC. potential assignee query for repo.
1.16.304 Mar 2022 11:25 minor feature: SECURITY. Git backend ignore replace objects. ENHANCEMENTS. Adjust error for already locked db and prevent level db lock on malformed connstr. . Set max text height to prevent overflow. newAttachmentPaths deletion for DeleteRepository(). Accounts with WebAuthn only (no TOTP) now exist... code to handle that case. Send 404 on `/ org .gpg`. admin user list pagination. lfs management setting. login with email panic when email is not exist. Update go-org to v1.6.1. ` lt;strong gt;` html in translation. page and missing return on unadopted repos API. Allow adminstrator teams members to see other teams. Don't treat BOM escape sequence as hidden character.. Correctly link URLs to users/repos with dashes, dots or underscores ( . redirect when using lowercase repo name. migration v210. team management UI (18886). BeforeSourcePath should point to base commit. TRANSLATION. Backport locales from master. MISC. Don't update email for organisation.
1.16.225 Feb 2022 06:45 minor feature: v1.16.2 ENHANCEMENTS. Show fullname on edits and gpg/ssh signing info. Immediately Hammer if second kill is sent. Allow mermaid render error to wrap. . ldap user sync missed email in email_address table. Update assignees check to include any writing team and change org sidebar. Don't report signal: killed errors in serviceRPC. where certain LDAP settings were reverted. Update go-org to 1.6.0. login with email for ldap users. for get user by email. panic in EscapeReader. ldap loginname. Remove redundant call to UpdateRepoStats during migration. In disk_channel queues synchronously push to disk on shutdown. template of LFS lock. Attempt to the webauthn migration again - part 3. Send mail to /pr assignee/reviewer also when OnMention is set. a broken link in commits_list_small.tmpl. Increase the size of the webauthn_credential credential_id field. Prevent dangling GetAttribute calls. isempty detection of git repository. source code line highlighting on external tracker. Prevent double encoding of branch names in delete branch. Always set PullRequestWorkInProgressPrein PrepareViewPullInfo. forked repositories missed tags. release typo. Separate the details links of commit-statuses in headers. Update object repo with the migrated repository. for version update hint. with docker-rootless shimming script. Let `MinUnitAccessMode` return correct perm. Prevent security failure due to bad APP_ID. Restart zero worker if there is still work to do. If rendering has failed due to a net.OpError stop rendering. TESTING. Ensure git tag tests and others create test repos in tmpdir. BUILD. Reduce CI go module downloads, add make targets. MISC. Put buttons back in org dashboard. Various Mermaid improvements. C preprocessor colors improvement. the missing i18n key for update checker.
1.16.107 Feb 2022 10:05 minor feature: ## 1.16.1 . - 2022-02-06. SECURITY. Update JS dependencies, lint. ENHANCEMENTS. Add dropdown icon to label set template dropdown. . Comments on migrated /prs must link to the comment ID. Stop logging an error when notes are not found. Ensure that blob-excerpt links work for wiki. Only attempt to flush queue if the underlying worker pool is not finished. Ensure commit-statuses box is sized correctly in headers. Prevent merge messages from being sorted to the top of email chains. Prevent panic on prohibited user login with oauth2. Collaborator trust model should trust collaborators. Detect conflicts with 3way merge. In docker rootless use GITEA_APP_INI if provided. Add `GetUserTeams`. review excerpt. for AvatarURL database type. Use `ImagedProvider` for gplus oauth2 provider. OAuth Source Edit Page. Use "read" value for General Access. Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs. BUILD. Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch. DOCS. Update 1.16.0 changelog to set #17846 as breaking.
1.16.003 Feb 2022 07:45 minor feature: BREAKING. Remove golang vendored directory. Paginate releases page amp; set default page size to 10. Only allow webhook to send requests to allowed hosts. SECURITY. Disable content sniffing on `PlainTextBytes`. Only view milestones from current repo. Sanitize user-input on file name. Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks. FEATURES. Add/update SMTP auth providers via cli. Support webauthn. Team permission allow different unit has different permission. Implement Well-Known URL for password change. Add support for ssh commit signing. Allow Loading of Diffs that are too large. Add copy button to markdown code blocks. Add.gitattribute assisted language detection to blame, diff and render. Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task. Add Reindex buttons to repository settings page. Make SSL cipher suite configurable. Add groups scope/claim to OIDC/OAuth2 Provider. Add simple update checker to Gitea. Migrated Repository will show modifications when possible. Create pub/priv keypair for federation. Make LDAP be able to skip local 2FA. Add nodeinfo endpoint for federation purposes. Save and view /comment content history. Use git attributes to determine generated and vendored status for language stats and diffs. Add migrate from Codebase. Add migration from GitBucket. Add OAuth2 introspection endpoint. Add proxy settings and support for migration and webhook. Add microsoft oauth2 providers. Send registration email on user autoregistration. Defer Last Commit Info. Support unprotected file patterns. Add migrate from OneDev. Add option to update pull request by `rebase`. Add RSS/Atom feed support for user actions. Add support for corporate WeChat webhooks. Add a simple way to rename branch like gh. Add bundle download for repository. Add agit flow support in gitea. API. Add MirrorUpdated field to Repository API type. Adjust Fork API to allow setting a custom reposit
1.15.1130 Jan 2022 04:05 minor feature: v1.15.11 SECURITY. Only view milestones from current repo. . broken when no commits and default branch is not master. commit's time. restore without topic failure. mermaid import in 1.15 (it uses ESModule now). Update to go/text 0.3.7. MISC. Upgrade EasyMDE to 2.16.1.
1.15.1015 Jan 2022 10:25 minor feature: 1.15.10 ## 1.15.10 - 2022-01-14. . Inconsistent PR comment counts. Release link broken. Update user from site administration page. Set HeadCommit when creating tags. Use correct translation key for error messages due to max repo limits. Purple color in suggested label colors. SECURITY. Bump mermaid from 8.10.1 to 8.13.8.
1.15.931 Dec 2021 03:18 minor feature: v1.15.9 . wrong redirect on org labels. : unstable sort skips/duplicates across pages. Revert "delete u2f keys ". Migrating wiki don't require token, so we should move it out of the require form. Prevent NPE if gitea uploader fails to open url. Reset locale on login. Correctly handle failed migrations. Instead of using routerCtx just escape the url before routing. Quote references to the user table in consistency checks. Add NotFound handler. Ensure that git repository is before transfer. Use common sessioner for API and web routes. TRANSLATION. code search result hint on zh-CN.
1.15.822 Dec 2021 03:05 minor feature: . Move POST / username /action/ action to simply POST / username . delete u2f keys. Reset Session ID on login. Prevent off-by-one error on comments on newly appended lines. Stop printing 03d after escaped characters in logs. Reset locale on login. reset password email template. outType on gitea dump. Ensure complexity, minlength and isPwned are checked on password setting. rename notification. Prevent double decoding of in url params. Prevent hang in git cat-file if the repository is not a valid repository. Prevent deadlock in create. TESTING. Use non-expiring key..
1.15.703 Dec 2021 03:17 minor feature: v1.15.7 ENHANCEMENTS. Only allow webhook to send requests to allowed hosts. login redirection links. . database inconsistent when admin change user email. Use correct user on releases. commit count in tag view. but time watcher still running. Migrate Description. when project board get open number. Return 400 but not 500 when request archive with wrong format. when read mysql database max lifetime. database deadlock when update labels. on detect /comment writer. Remove appSubUrl from pasted images. Make `ParsePatch` more robust. stats upon searching. Escape titles in comments list. zero created time on commit api. database keyword quote problem on migration v161. email with + when active. Stop double encoding blame commit messages. Quote the table name in CountOrphanedObjects. Run Migrate in Install rather than just SyncTables. BUILD. golangci-lint warnings. MISC. Preserve color when inverting emojis.
1.15.629 Oct 2021 10:45 minor feature: v1.15.6 . Prevent panic in serv.go with Deploy Keys. CSV render error. Read expected buffer size. Ensure that restricted users can access repos for which they are members. Make commit-statuses popup show correctly. TESTING. Add integration tests for private.NoServCommand and private.ServCommand.
1.15.523 Oct 2021 07:25 minor feature: SECURITY. Upgrade Bluemonday to v1.0.16. Ensure correct SSH permissions check for private and restricted users. . Prevent NPE in CSV diff rendering when column removed. Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH. Don't panic if we fail to parse U2FRegistration data. Ensure popup text is aligned left (backport for 1.15). Ensure that git daemon export ok is created for mirrors. Disable core.protectNTFS. Use pointer for wrappedConn methods. AutoRegistration is supposed to be working with disabled registration (backport). Handle duplicate keys on GPG key ring. SVG side by side comparison link.
1.15.409 Oct 2021 08:05 minor feature: Raw file API: don't try to interpret 40char filenames as commit SHA Don't allow merged PRs to be reopened incorrect repository count on organization tab of dashboard unwanted team review request deletion broken Activities link in team dashboard API pull's head/base have correct permission stange behavior of DownloadPullDiffOrPatch in incorect index Upgrade xorm to v1.2.5 missing repo link in /pull assigned emails of get context user Nicely handle missing user in collaborations Add Horizontal scrollbar to inner menu on Chrome wrong i18n keys Archive Creation: correct transaction ending Prevent panic in Org mode HighlightCodeBlock Create doctor command to repo_units broken by dumps from 1.14.3-1.14.6 . Raw file API: don't try to interpret 40char filenames as commit SHA. Don't allow merged PRs to be reopened. incorrect repository count on organization tab of dashboard. unwanted team review request deletion. broken Activities link in team dashboard. API pull's head/base have correct permission. stange behavior of DownloadPullDiffOrPatch in incorect index. Upgrade xorm to v1.2.5. missing repo link in /pull assigned emails. of get context user. Nicely handle missing user in collaborations. Add Horizontal scrollbar to inner menu on Chrome. wrong i18n keys. Archive Creation: correct transaction ending. Prevent panic in Org mode HighlightCodeBlock. Create doctor command to repo_units broken by dumps from 1.14.3-1.14.6. ENHANCEMENT Check user instead of organization when creating a repo from a template via API . Check user instead of organization when creating a repo from a template via API. TRANSLATION v1.15 Sprintf format 'verbs' in locale files . v1.15 Sprintf format 'verbs' in locale files.
1.15.322 Sep 2021 11:25 minor feature: ENHANCEMENTS Add fluid to ui container class to remove margin Add caller to cat-file batch calls . Add fluid to ui container class to remove margin. Add caller to cat-file batch calls. Render full plain readme. Upgrade xorm to v1.2.4 of migrate comments which only fetch one page Do not show context popup on external Decrement Fork Num when converting from Fork Correctly rollback in ForkRepository missing in WalkGitLog Add preto SVG id/class attributes of migrated repository not index Skip AllowedUserVisibilityModes validation on update user if it is an organisation storage Iterate and Add storage doctor to delete garbage attachments with default mail template Ensure that rebase conflicts are handled in updates Prevent panic on diff generation . Render full plain readme.. Upgrade xorm to v1.2.4. of migrate comments which only fetch one page. Do not show context popup on external. Decrement Fork Num when converting from Fork. Correctly rollback in ForkRepository. missing in WalkGitLog. Add preto SVG id/class attributes. of migrated repository not index. Skip AllowedUserVisibilityModes validation on update user if it is an organisation. storage Iterate and Add storage doctor to delete garbage attachments. with default mail template. Ensure that rebase conflicts are handled in updates. Prevent panic on diff generation.
1.15.207 Sep 2021 08:05 minor feature: Add unique constraint back into _index Storage objects before cleaning . Add unique constraint back into _index. Storage objects before cleaning.
1.15.103 Sep 2021 21:45 minor feature: Allow BASIC authentication access to /:owner/:repo/releases/download/ Prevent leave changes dialogs due to autofill fields Ignore review comment when ref commit is missed wrong attachment removal Gitlab Migrator: dont ignore reactions of last request Correctly return the number of Repositories for Organizations Test if LFS object is accessible git.Blob.DataAsync(): pipe since we return a Nopr dump and restore respository Repair and Improve GetDiffRangeWithWhitespaceBehavior wiki raw commit diff/patch view Ensure wiki repos are all List limited and private orgs if authenticated on API Simplify split diff view generation and remove JS dependency Ensure that the default visibility is set on the user create page In Render tolerate not being passed a context Upgrade xorm to v1.2.2 Add test to ensure that dumping of login sources remains correct Report the correct number of pushes on the feeds Add primary_key to _index Prevent NPE on empty commit branch pagination error Add missing return to handleSettingRemoteAddrError Remove spurious / from.opened_by Ensure that template compilation panics are sent to the logs Update caddyserver/certmagic . Allow BASIC authentication access to /:owner/:repo/releases/download/. Prevent leave changes dialogs due to autofill fields. Ignore review comment when ref commit is missed. wrong attachment removal. Gitlab Migrator: dont ignore reactions of last request. Correctly return the number of Repositories for Organizations. Test if LFS object is accessible. git.Blob.DataAsync(): pipe since we return a Nopr. dump and restore respository. Repair and Improve GetDiffRangeWithWhitespaceBehavior. wiki raw commit diff/patch view. Ensure wiki repos are all. List limited and private orgs if authenticated on API. Simplify split diff view generation and remove JS dependency. Ensure that the default visibility is set on the user create page. In Render tolerate not being passed a context. Upgrade xorm
1.15.022 Aug 2021 12:05 minor feature: BREAKING Make app.ini permissions more restrictive Refactor Webhook + Add X-Hub-Signature Add asymmetric JWT signing Clean-up the settings hierarchy for _indexer queue Change default queue settings to be low go-routines Improve assets handler middleware Rename StaticUrlPreto AssetUrlPre Use a generic markup class to display externally rendered files and diffs Add frontend testing, require node 12 Move (custom) assets into subpath /assets Use level config in log section when sub log section not set level Links in markdown should be absolute to the repository not the server Upgrade to the latest version of golang-jwt Set minimum supported version of go to 1.16 . Make app.ini permissions more restrictive. Refactor Webhook + Add X-Hub-Signature. Add asymmetric JWT signing. Clean-up the settings hierarchy for _indexer queue. Change default queue settings to be low go-routines. Improve assets handler middleware. Rename StaticUrlPreto AssetUrlPre. Use a generic markup class to display externally rendered files and diffs. Add frontend testing, require node 12. Move (custom) assets into subpath /assets. Use level config in log section when sub log section not set level. Links in markdown should be absolute to the repository not the server. Upgrade to the latest version of golang-jwt. Set minimum supported version of go to 1.16. SECURITY Encrypt LDAP bind password in db with SECRET_KEY Remove random password in Dockerfiles Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 Correctly create of git-daemon-export-ok files Don't show private user's repo in explore view Update node tar dependency to 6.1.6 . Encrypt LDAP bind password in db with SECRET_KEY. Remove random password in Dockerfiles. Upgrade to the latest version of golang-jwt and increase minimum go to 1.15. Correctly create of git-daemon-export-ok files. Don't show private user's repo in explore view. Update node tar dependency to 6.1.6. FEATURES Update Go-Git to take a
1.15.0-rc311 Aug 2021 00:25 minor feature: SECURITY Bump github.com/markbates/goth from v1.67.1 to v1.68.0 Switch to maintained JWT lib Upgrade to latest version of golang-jwt (as forked for 1.14) . Bump github.com/markbates/goth from v1.67.1 to v1.68.0. Switch to maintained JWT lib. Upgrade to latest version of golang-jwt (as forked for 1.14). Add basic edit ldap auth test actually Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end . Add basic edit ldap auth test actually. Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end.
1.14.606 Aug 2021 07:25 minor feature: SECURITY Hide mirror passwords on repo settings page Update bluemonday to v1.0.15 . Hide mirror passwords on repo settings page. Update bluemonday to v1.0.15. Retry rename on lock induced failures Validate index before querying DB crash following ldap authentication update . Retry rename on lock induced failures. Validate index before querying DB. crash following ldap authentication update. ENHANCEMENTS Redirect on bad CSRF instead of presenting bad page . Redirect on bad CSRF instead of presenting bad page.
1.15.0-rc226 Jul 2021 00:25 minor feature: SECURITY Hide mirror passwords on repo settings page Update bluemonday to v1.0.15 . Hide mirror passwords on repo settings page. Update bluemonday to v1.0.15. Retry rename on lock induced failures Validate index before querying DB crash following ldap authentication update . Retry rename on lock induced failures. Validate index before querying DB. crash following ldap authentication update. ENHANCEMENTS Redirect on bad CSRF instead of presenting bad page . Redirect on bad CSRF instead of presenting bad page.
1.14.521 Jul 2021 06:05 minor feature: SECURITY Hide mirror passwords on repo settings page Update bluemonday to v1.0.15 . Hide mirror passwords on repo settings page. Update bluemonday to v1.0.15. Retry rename on lock induced failures Validate index before querying DB crash following ldap authentication update . Retry rename on lock induced failures. Validate index before querying DB. crash following ldap authentication update. ENHANCEMENTS Redirect on bad CSRF instead of presenting bad page . Redirect on bad CSRF instead of presenting bad page.
1.16.0-dev16 Jul 2021 13:45 minor feature: Relative links in postprocessed images List_options GetStartEnd API to use author for commits instead of committer Handle misencoding of login_source cfg in mssql Not updated by commits Improve efficiency in FindRenderizableReferenceNumeric and getReference Use html.Parse rather than html.ParseFragment Milestone counters on new ReqOrgMembership calls need to be preceded by reqToken . Relative links in postprocessed images. List_options GetStartEnd. API to use author for commits instead of committer. Handle misencoding of login_source cfg in mssql. Not updated by commits. Improve efficiency in FindRenderizableReferenceNumeric and getReference. Use html.Parse rather than html.ParseFragment. Milestone counters on new. ReqOrgMembership calls need to be preceded by reqToken.
1.14.407 Jul 2021 11:05 minor feature: Relative links in postprocessed images List_options GetStartEnd API to use author for commits instead of committer Handle misencoding of login_source cfg in mssql Not updated by commits Improve efficiency in FindRenderizableReferenceNumeric and getReference Use html.Parse rather than html.ParseFragment Milestone counters on new ReqOrgMembership calls need to be preceded by reqToken . Relative links in postprocessed images. List_options GetStartEnd. API to use author for commits instead of committer. Handle misencoding of login_source cfg in mssql. Not updated by commits. Improve efficiency in FindRenderizableReferenceNumeric and getReference. Use html.Parse rather than html.ParseFragment. Milestone counters on new. ReqOrgMembership calls need to be preceded by reqToken.
1.14.319 Jun 2021 18:45 minor feature: SECURITY Encrypt migration credentials at rest Only check access tokens if they are likely to be tokens Add missing SameSite settings for the i_like_gitea cookie setting of SameSite on cookies . Encrypt migration credentials at rest. Only check access tokens if they are likely to be tokens. Add missing SameSite settings for the i_like_gitea cookie. setting of SameSite on cookies. API Repository object only count releases as releases EditOrg respect RepoAdminChangeTeamAccess option overly strict edit pr permissions . Repository object only count releases as releases. EditOrg respect RepoAdminChangeTeamAccess option. overly strict edit pr permissions. Run processors on whole of text Class -keyword is being incorrectly stripped off spans language switch for install page on getIDsByRepoID Set self-adjusting deadline for connection writing http path data URI scramble Merge all deleteBranch as one function and also when delete branch don't related PRs git migration: don't prompt interactively for clone credentials case change in ownernames Don't manipulate input params in email notification Remove branch URL before RefURL layout of milestone view GitHub Migration, migrate draft releases too the gitrepo when deleting the repository Upgrade xorm to v1.1.0 blame row height alignment error message when saving generated LOCAL_ROOT_URL config Backport LFS commit finder not working Stop calling WriteHeader in Write Add timeout to writing to responses Return go-get info on subdirs Restore PAM user autocreation functionality truncate utf8 string bound address/port for caddy's certmagic library Upgrade unrolled/render to v1.1.1 Queue manager FlushAll can loop rapidly - add delay Tagger can be empty, as can Commit and Author - tolerate this Set autocomplete off on branches selector Add missing error to Doctor log Move restore repo to internal router and invoke from command to avoid open the same db file or que
1.14.210 May 2021 23:25 minor feature: API Make change repo settings work on empty repos Add pull "merged" notification subject status to API . Make change repo settings work on empty repos. Add pull "merged" notification subject status to API. Ensure that ctx.Written is checked after (...) calls Use pulls in commit graph unless pulls are disabled Set GIT_DIR correctly if it is not set where repositories appear unadopted Not show ref-in-new-pop when was disabled Drop back to use IsAnInteractiveSession for SVC setting version table in dump button change on delete in simplemde area Defer closing the gitrepo until the end of the wrapped context functions some ui about draft release Only log Error on getLastCommitStatus error to let pull list still be visible Move tooltip down to allow selection of Remove File on error setting redis db path DB session cleanup several activation Delete references if repository gets deleted orphaned objects deletion Delete protected branch if repository gets removed Remove spurious set name from eventsource.sharedworker.js Not update updated uinx for git gc commit graph author link webhook timeout Resolve panic on failed interface conversion in migration v156 missing storage init If the default branch is not present do not report error on stats indexing lfs management find NPE on view commit with notes on commit graph Send size to /avatars if requested Prevent migration 156 failure if tag commit missing . Ensure that ctx.Written is checked after (...) calls. Use pulls in commit graph unless pulls are disabled. Set GIT_DIR correctly if it is not set. where repositories appear unadopted. Not show ref-in-new-pop when was disabled. Drop back to use IsAnInteractiveSession for SVC. setting version table in dump. button change on delete in simplemde area. Defer closing the gitrepo until the end of the wrapped context functions. some ui about draft release. Only log Error on getLastCommitStatus error to let pull list stil
1.14.116 Apr 2021 17:05 minor feature: SECURITY Respect approved email domain list for externally validated user registration Add reverse proxy configuration support for remote IP address detection Ensure validation occurs on clone addresses too . Respect approved email domain list for externally validated user registration. Add reverse proxy configuration support for remote IP address detection. Ensure validation occurs on clone addresses too. BREAKING double 'push tag' action feed Remove possible resource leak Handle unauthorized user events gracefully Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) Migrate from Macaron to Chi framework Deprecate building for mips Consolidate Logos and update README header Inline manifest.json Store repository data in data path if not previously set Rename "gitea" png to "logo" Standardise logging of failed authentication attempts in internal SSH Add markdown support in organization description Improve users management through the CLI . double 'push tag' action feed. Remove possible resource leak. Handle unauthorized user events gracefully. Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes). Migrate from Macaron to Chi framework. Deprecate building for mips. Consolidate Logos and update README header. Inline manifest.json. Store repository data in data path if not previously set. Rename "gitea" png to "logo". Standardise logging of failed authentication attempts in internal SSH. Add markdown support in organization description. Improve users management through the CLI. FEATURES Create a new with reference to lines of code from file view Repository transfer has to be confirmed, if user can not create repo for new owner Allow blocking some email domains from registering an account Create a new based on reference to an comment Add support to migrate from gogs Add pager to the branches page Minimal OpenID Connect implementation Display curre
1.14.012 Apr 2021 16:25 minor feature: SECURITY Respect approved email domain list for externally validated user registration Add reverse proxy configuration support for remote IP address detection Ensure validation occurs on clone addresses too . Respect approved email domain list for externally validated user registration. Add reverse proxy configuration support for remote IP address detection. Ensure validation occurs on clone addresses too. BREAKING double 'push tag' action feed Remove possible resource leak Handle unauthorized user events gracefully Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) Migrate from Macaron to Chi framework Deprecate building for mips Consolidate Logos and update README header Inline manifest.json Store repository data in data path if not previously set Rename "gitea" png to "logo" Standardise logging of failed authentication attempts in internal SSH Add markdown support in organization description Improve users management through the CLI . double 'push tag' action feed. Remove possible resource leak. Handle unauthorized user events gracefully. Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes). Migrate from Macaron to Chi framework. Deprecate building for mips. Consolidate Logos and update README header. Inline manifest.json. Store repository data in data path if not previously set. Rename "gitea" png to "logo". Standardise logging of failed authentication attempts in internal SSH. Add markdown support in organization description. Improve users management through the CLI. FEATURES Create a new with reference to lines of code from file view Repository transfer has to be confirmed, if user can not create repo for new owner Allow blocking some email domains from registering an account Create a new based on reference to an comment Add support to migrate from gogs Add pager to the branches page Minimal OpenID Connect implementation Display curre
1.13.708 Apr 2021 10:45 minor feature: SECURITY Update to bluemonday-1.0.6 Clusterfuzz found another way . Update to bluemonday-1.0.6. Clusterfuzz found another way. API wrong user returned in API . wrong user returned in API. Add 'fonts' into 'KnownPublicEntries' Speed up enry.IsVendor Response 404 for diff/patch of a commit that not exist Prevent NPE in CommentMustAsDiff if no hunk header . Add 'fonts' into 'KnownPublicEntries'. Speed up enry.IsVendor. Response 404 for diff/patch of a commit that not exist. Prevent NPE in CommentMustAsDiff if no hunk header. MISC Add size to Save function . Add size to Save function.
1.14.0-rc226 Mar 2021 01:45 minor feature: SECURITY on avatar middleware Another clusterfuzz identified . on avatar middleware. Another clusterfuzz identified. API Nil exeption for get pull reviews API #15104 . Nil exeption for get pull reviews API #15104. Markdown rendering in milestone content . Markdown rendering in milestone content.
1.15.0-dev21 Mar 2021 06:45 minor feature: SECURITY Popups . Popups. Race in LFS ContentStore.Put(...) a couple of with a feeds When transfering repository and database transaction failed, rollback the renames Race in local storage on pull view page if user is not loged in . Race in LFS ContentStore.Put(...). a couple of with a feeds. When transfering repository and database transaction failed, rollback the renames. Race in local storage. on pull view page if user is not loged in. DOCS How lfs data path is set . How lfs data path is set.
1.13.409 Mar 2021 14:05 minor feature: SECURITY Popups . Popups. Race in LFS ContentStore.Put(...) a couple of with a feeds When transfering repository and database transaction failed, rollback the renames Race in local storage on pull view page if user is not loged in . Race in LFS ContentStore.Put(...). a couple of with a feeds. When transfering repository and database transaction failed, rollback the renames. Race in local storage. on pull view page if user is not loged in. DOCS How lfs data path is set . How lfs data path is set.
1.13.305 Mar 2021 14:25 minor feature: BREAKING SECURITY Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one . Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one. paging of file commit logs Print useful error if SQLite is used in settings but not supported display since time round When Deleting Repository only explicitly PRs whose base is not this repository Set HCaptchaSiteKey on Link Account pages a couple of CommentAsPatch. Disable broken OAuth2 providers at startup Repo Transfer permission checks double alert in oauth2 application edit view broken spans in diffs Prevent race in PersistableChannelUniqueQueue.Has HasPreviousCommit causes recursive load of commits unnecessarily Do not assume all 40 char strings are SHA1s Allow org labels to be set with templates Accept multiple SSH keys in single LDAP SSHPublicKey attribute about ListOptions and stars/watchers pagnation GPG key deletion during account deletion . paging of file commit logs. Print useful error if SQLite is used in settings but not supported. display since time round. When Deleting Repository only explicitly PRs whose base is not this repository. Set HCaptchaSiteKey on Link Account pages. a couple of CommentAsPatch.. Disable broken OAuth2 providers at startup. Repo Transfer permission checks. double alert in oauth2 application edit view. broken spans in diffs. Prevent race in PersistableChannelUniqueQueue.Has. HasPreviousCommit causes recursive load of commits unnecessarily. Do not assume all 40 char strings are SHA1s. Allow org labels to be set with templates. Accept multiple SSH keys in single LDAP SSHPublicKey attribute. about ListOptions and stars/watchers pagnation. GPG key deletion during account deletion.
1.13.202 Feb 2021 12:05 minor feature: SECURITY Prevent panic on fuzzer provided string Add secure/httpOnly attributes to the lang cookie . Prevent panic on fuzzer provided string. Add secure/httpOnly attributes to the lang cookie. API If release publisher is deleted use ghost user . If release publisher is deleted use ghost user. Internal ssh server respect Ciphers, MACs and KeyExchanges settings Set the name Mapper in migrations wiki preview Update code.gitea.io/sdk/gitea v0.13.1 - v0.13.2 ChangeUserName: rename user files back on DB lfs preview Ensure timeout error is shown on u2f timeout Deadlock Delete affected reactions on comment deletion Use path not filepath in routers/editor Check if label template exist first migration v141 Use Request.URL.RequestURI() for fcgi Use ServerError provided by Context edit-label form init mailCommentBatch for pull request Render links for commit hashes followed by comma Send notifications for mentions in pulls,, (code-)comments avatar Ensure that schema search path is set with every connection on postgres dashboard labels filter When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route branch selector on new page Check for notExist on profile repository page . Internal ssh server respect Ciphers, MACs and KeyExchanges settings. Set the name Mapper in migrations. wiki preview. Update code.gitea.io/sdk/gitea v0.13.1 - v0.13.2. ChangeUserName: rename user files back on DB. lfs preview. Ensure timeout error is shown on u2f timeout. Deadlock Delete affected reactions on comment deletion. Use path not filepath in routers/editor. Check if label template exist first. migration v141. Use Request.URL.RequestURI() for fcgi. Use ServerError provided by Context. edit-label form init. mailCommentBatch for pull request. Render links for commit hashes followed by comma. Send notifications for mentions in pulls,, (code-)comments. avatar. Ensure that schema search path is set with ever
1.13.130 Dec 2020 13:05 minor feature: SECURITY Hide private participation in Orgs escaping in diff . Hide private participation in Orgs. escaping in diff. of link query order on markdown render Drop long repo topics during migration Ensure that search term and page are not lost on adoption page-turn storage config implementation panic in BasicAuthDecode Always wait for the cmd to finish Don't use simpleMDE editor on mobile devices for 1.13 incorrect review comment diffs Trim the branch prefrom action.GetBranch Ensure template renderer is available before storage handler Whenever the password is updated ensure that the hash algorithm is too Enforce setting HEAD in wiki to master feishu webhook caused by API changed Quote Reply button on review diff Pull Merge when tag with same name as base branch exist mermaid chart size branch/tag notifications in mirror sync crash in short link processor Update font stack to bootstrap's latest Make sure email recipients can see Reply button is not removed when deleting a code review comment When reinitialising DBConfig reset the database use flags . of link query order on markdown render. Drop long repo topics during migration. Ensure that search term and page are not lost on adoption page-turn. storage config implementation. panic in BasicAuthDecode. Always wait for the cmd to finish. Don't use simpleMDE editor on mobile devices for 1.13. incorrect review comment diffs. Trim the branch prefrom action.GetBranch. Ensure template renderer is available before storage handler. Whenever the password is updated ensure that the hash algorithm is too. Enforce setting HEAD in wiki to master. feishu webhook caused by API changed. Quote Reply button on review diff. Pull Merge when tag with same name as base branch exist. mermaid chart size. branch/tag notifications in mirror sync. crash in short link processor. Update font stack to bootstrap's latest. Make sure email recipients can see. Reply button is not removed when deleting a code
1.13.003 Dec 2020 13:45 minor feature: SECURITY Add Allow-/Block-List for Migrate Mirrors Prevent git operations for inactive users Disallow urlencoded new lines in git protocol paths if there is a port Mitigate Security vulnerability in the git hook feature Disable DSA ssh keys by default Set TLS minimum version to 1.2 Use argon as default password hash algorithm . Add Allow-/Block-List for Migrate Mirrors. Prevent git operations for inactive users. Disallow urlencoded new lines in git protocol paths if there is a port. Mitigate Security vulnerability in the git hook feature. Disable DSA ssh keys by default. Set TLS minimum version to 1.2. Use argon as default password hash algorithm. BREAKING Set RUN_MODE prod by default Don't replace underscores in auto-generated IDs in goldmark Add Primary Key to Topic and RepoTopic tables Disable password complexity check default Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid Add extension Support to Attachments (allow all types for releases) Remove IE11 Support . Set RUN_MODE prod by default. Don't replace underscores in auto-generated IDs in goldmark. Add Primary Key to Topic and RepoTopic tables. Disable password complexity check default. Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid. Add extension Support to Attachments (allow all types for releases). Remove IE11 Support. FEATURES Adopt repositories Check passwords against HaveIBeenPwned Gitea 2 Gitea migration Support storing Avatars in minio Allow addition of gpg keyring with multiple keys Add email notify for new release Add Access-Control-Expose-Headers UserProfile Page: Render Description Add command to recreate tables Add mermaid JS renderer Add ssh certificate support Add spent time to referenced in commit message Initial support for push options Provide option to unlink a fork Show exact tag for commit on diff view Pause, Resume, Release Reopen, Add and Remove Logging from command line templates directory Add a storage layer for
1.12.617 Nov 2020 07:05 minor feature: SECURITY Prevent git operations for inactive users Disallow urlencoded new lines in git protocol paths if there is a port . Prevent git operations for inactive users. Disallow urlencoded new lines in git protocol paths if there is a port. API should only return Json before and since query arguments at API Prevent panic on git blame by limiting lines to 4096 bytes at most link detection in repository description with tailing '_' Remove obsolete change of email on profile page permission check on get Reactions API endpoints Add migrated pulls to pull request task queue API deny wrong pull creation options initial commit page binary munching problem diff parsing Return error 404 not 500 from API if team does not exist Prohibit automatic downgrades GitLab Migration Option AuthToken GitLab Label Color Normalizer Log the underlying panic in runMigrateTask attachments list in edit comment deadlock when deleting team user error create comment on outdated file repository create/delete event webhooks internal server error on README in submodule . API should only return Json. before and since query arguments at API. Prevent panic on git blame by limiting lines to 4096 bytes at most. link detection in repository description with tailing '_'. Remove obsolete change of email on profile page. permission check on get Reactions API endpoints. Add migrated pulls to pull request task queue. API deny wrong pull creation options. initial commit page binary munching problem. diff parsing. Return error 404 not 500 from API if team does not exist. Prohibit automatic downgrades. GitLab Migration Option AuthToken. GitLab Label Color Normalizer. Log the underlying panic in runMigrateTask. attachments list in edit comment. deadlock when deleting team user. error create comment on outdated file. repository create/delete event webhooks. internal server error on README in submodule.
1.13.0-rc211 Nov 2020 17:25 minor feature: Allow U2F with default settings for gitea in subpath Prevent empty div when editing comment On mirror update also update address in DB Allow extended config on cron settings Open transaction when adding Avatar email-hash pairs to the DB internal server error from ListUserOrgs API Update only the repository columns that need updating panic when adding long comment Add size limit for content of comment on action ui Convert User expose ID each time Support slashes in release tags Add missing information to CreateRepo API endpoint On Migration respect old DefaultBranch notifications page links Stop cloning unnecessarily on PR update Escape more things that are passed through str2html Remove double escape on labels addition in comments "only mail on mention". yet another with diff file names RepoInit Respect AlternateDefaultBranch Avatar Resize (resize algo NearestNeighbor - Bilinear) . Allow U2F with default settings for gitea in subpath. Prevent empty div when editing comment. On mirror update also update address in DB. Allow extended config on cron settings. Open transaction when adding Avatar email-hash pairs to the DB. internal server error from ListUserOrgs API. Update only the repository columns that need updating. panic when adding long comment. Add size limit for content of comment on action ui. Convert User expose ID each time. Support slashes in release tags. Add missing information to CreateRepo API endpoint. On Migration respect old DefaultBranch. notifications page links. Stop cloning unnecessarily on PR update. Escape more things that are passed through str2html. Remove double escape on labels addition in comments. "only mail on mention". yet another with diff file names. RepoInit Respect AlternateDefaultBranch. Avatar Resize (resize algo NearestNeighbor - Bilinear). ENHANCEMENTS gitea dump: include version Check InstallLock . gitea dump: include version Check InstallLock.
1.14.0-dev15 Oct 2020 18:25 minor feature: Allow U2F with default settings for gitea in subpath Prevent empty div when editing comment On mirror update also update address in DB Allow extended config on cron settings Open transaction when adding Avatar email-hash pairs to the DB internal server error from ListUserOrgs API Update only the repository columns that need updating panic when adding long comment Add size limit for content of comment on action ui Convert User expose ID each time Support slashes in release tags Add missing information to CreateRepo API endpoint On Migration respect old DefaultBranch notifications page links Stop cloning unnecessarily on PR update Escape more things that are passed through str2html Remove double escape on labels addition in comments "only mail on mention". yet another with diff file names RepoInit Respect AlternateDefaultBranch Avatar Resize (resize algo NearestNeighbor - Bilinear) . Allow U2F with default settings for gitea in subpath. Prevent empty div when editing comment. On mirror update also update address in DB. Allow extended config on cron settings. Open transaction when adding Avatar email-hash pairs to the DB. internal server error from ListUserOrgs API. Update only the repository columns that need updating. panic when adding long comment. Add size limit for content of comment on action ui. Convert User expose ID each time. Support slashes in release tags. Add missing information to CreateRepo API endpoint. On Migration respect old DefaultBranch. notifications page links. Stop cloning unnecessarily on PR update. Escape more things that are passed through str2html. Remove double escape on labels addition in comments. "only mail on mention". yet another with diff file names. RepoInit Respect AlternateDefaultBranch. Avatar Resize (resize algo NearestNeighbor - Bilinear). ENHANCEMENTS gitea dump: include version Check InstallLock . gitea dump: include version Check InstallLock.
1.12.502 Oct 2020 10:45 minor feature: Allow U2F with default settings for gitea in subpath Prevent empty div when editing comment On mirror update also update address in DB Allow extended config on cron settings Open transaction when adding Avatar email-hash pairs to the DB internal server error from ListUserOrgs API Update only the repository columns that need updating panic when adding long comment Add size limit for content of comment on action ui Convert User expose ID each time Support slashes in release tags Add missing information to CreateRepo API endpoint On Migration respect old DefaultBranch notifications page links Stop cloning unnecessarily on PR update Escape more things that are passed through str2html Remove double escape on labels addition in comments "only mail on mention". yet another with diff file names RepoInit Respect AlternateDefaultBranch Avatar Resize (resize algo NearestNeighbor - Bilinear) . Allow U2F with default settings for gitea in subpath. Prevent empty div when editing comment. On mirror update also update address in DB. Allow extended config on cron settings. Open transaction when adding Avatar email-hash pairs to the DB. internal server error from ListUserOrgs API. Update only the repository columns that need updating. panic when adding long comment. Add size limit for content of comment on action ui. Convert User expose ID each time. Support slashes in release tags. Add missing information to CreateRepo API endpoint. On Migration respect old DefaultBranch. notifications page links. Stop cloning unnecessarily on PR update. Escape more things that are passed through str2html. Remove double escape on labels addition in comments. "only mail on mention". yet another with diff file names. RepoInit Respect AlternateDefaultBranch. Avatar Resize (resize algo NearestNeighbor - Bilinear). ENHANCEMENTS gitea dump: include version Check InstallLock . gitea dump: include version Check InstallLock.
1.12.404 Sep 2020 17:25 minor feature: SECURITY. Escape provider name in oauth2 provider redirect. Escape Email on password reset page. When reading expired sessions - expire them. ENHANCEMENTS. StaticRootPath configurable at compile time. . to show an that is related to a deleted. Expire time acknowledged for cache. diff path unquoting. Improve HTML escaping helper. models: break out of loop. Default empty merger list to those with write permissions. Skip SSPI authentication attempts for /api/internal. Prevent NPE on commenting on lines with invalidated comments. Remove hardcoded ES indexername. preventing transfer to private organization. Keys should not verify revoked email addresses. Do not add preon http/https submodule links. ignored login on compare. incorrect error logging in Stats indexer and OAuth2. Upgrade google/go-github to v32.1.0. Render emoji's of Commit message on feed-page. handling of diff on unrelated branches when Git 2.28 used.
1.12.329 Jul 2020 21:45 minor feature: . Don't change creation date when updating Release. Show 404 page when release not found. emoji detection in certain cases. Reduce emoji size. double-indirection in logging IDs. Link to pull list page on sidebar when view pr. Extend Notifications API and return pinned notifications by default.
1.12.213 Jul 2020 06:45 minor feature: When deleting repository decrese user repositry count in cache Gitea commits API again returns commit summaries, not full messages Properly set HEAD when a repo is created with a non-master default branch Ensure Subkeys are verified failing to cache last commit with key being to long Multiple small admin dashboard Remove spurious logging repository setup instructions when default branch is not master Move EventSource to SharedWorker ui in wiki commit page gitgraph branch continues after merge Set the base url when migrating from Gitlab using access token or username without password Ensure BlameReaders at end of request comments webhook panic backport . When deleting repository decrese user repositry count in cache. Gitea commits API again returns commit summaries, not full messages. Properly set HEAD when a repo is created with a non-master default branch. Ensure Subkeys are verified. failing to cache last commit with key being to long. Multiple small admin dashboard. Remove spurious logging. repository setup instructions when default branch is not master. Move EventSource to SharedWorker. ui in wiki commit page. gitgraph branch continues after merge. Set the base url when migrating from Gitlab using access token or username without password. Ensure BlameReaders at end of request. comments webhook panic backport. ENHANCEMENTS Disable dropzone's timeout . Disable dropzone's timeout.
1.12.123 Jun 2020 15:05 minor feature: Handle multiple merges in gitgraph.js Add serviceworker.js to KnownPublicEntries For language detection do not try to analyze big files by content . Handle multiple merges in gitgraph.js. Add serviceworker.js to KnownPublicEntries. For language detection do not try to analyze big files by content. ENHANCEMENTS scrollable header on dropdowns . scrollable header on dropdowns.
1.12.019 Jun 2020 03:25 minor feature: When using API CreateRelease set created_unix to the tag commit time. Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown. sanitizer config - multiple rules. Remove check on username when using AccessToken authentication for the API. Return 404 from Contents API when items don't exist. Notification API should always return a JSON object with the current count of notifications. Remove migration support from versions earlier than 1.6.0. Use -1 to disable key algorithm type in ssh.minimum_key_sizes. Improve config logging when WrappedQueue times out. Add branch delete to API. Use markdown frontmatter to provide Table of contents, language and frontmatter rendering. Add a way to mark Conversation (code comment) resolved. Handle yaml frontmatter in markdown. Cache PullRequest Divergence. Make gitea admin auth list formatting configurable. Add Matrix webhook. Add Organization Wide Labels. Allow to set protected file patterns for files that can not be changed under no conditions. Option to set default branch at repository creation. Add request review from specific reviewers feature in pull request. Add NextCloud oauth. System-wide webhooks. Relax sanitization as per https://github.com/jch/html-pipeline. Use media links for img in post-process. Add API endpoints to manage OAuth2 Application (list/create/delete). Render READMEs in docs/.gitea or.github from root. Add feishu webhook support. Cache last commit to accelerate the repository directory page visit. Implement basic app.ini and path checks to doctor cmd. Make WorkerPools and Queues flushable. Implement "embedded" command to extract static resources. Add API endpoint for repo transfer. Make archive preing configurable with a global setting. Add Unique Queue infrastructure and move TestPullRequests to this. /PR Context Popups. Add "Update Branch" button to Pull Requests. Add require signed commit for protected branch. Mark PR reviews as stale at push and allow to dismiss stale approvals. Add API notificati
1.12.0-rc209 Jun 2020 19:05 minor feature: SECURITY missing authorization check on pull for public repos of private/limited org Use session for retrieving org teams . missing authorization check on pull for public repos of private/limited org. Use session for retrieving org teams. Return json on 500 error from API wrong milestone in webhook message Prevent (caught) panic on login commit page js error Use media links for img in post-process Ensure public repositories in private organizations are visible and admin organizations list Set correct Content-Type value for Gogs/Gitea webhooks Allow all members of private orgs to see public repos Whenever the ctx.Session is updated, release it to save it before sending the redirect Forcibly clean and destroy the session on logout /api/v1/orgs/ endpoints by changing parameter to :org from :orgname. Add tracked time to doctor webpack chunk loading with STATIC_URL_PRE Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 . Return json on 500 error from API. wrong milestone in webhook message. Prevent (caught) panic on login. commit page js error. Use media links for img in post-process. Ensure public repositories in private organizations are visible and admin organizations list. Set correct Content-Type value for Gogs/Gitea webhooks. Allow all members of private orgs to see public repos. Whenever the ctx.Session is updated, release it to save it before sending the redirect. Forcibly clean and destroy the session on logout. /api/v1/orgs/ endpoints by changing parameter to :org from :orgname. Add tracked time to doctor. webpack chunk loading with STATIC_URL_PRE. Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14.
1.11.601 Jun 2020 00:45 minor feature: SECURITY missing authorization check on pull for public repos of private/limited org Use session for retrieving org teams . missing authorization check on pull for public repos of private/limited org. Use session for retrieving org teams. Return json on 500 error from API wrong milestone in webhook message Prevent (caught) panic on login commit page js error Use media links for img in post-process Ensure public repositories in private organizations are visible and admin organizations list Set correct Content-Type value for Gogs/Gitea webhooks Allow all members of private orgs to see public repos Whenever the ctx.Session is updated, release it to save it before sending the redirect Forcibly clean and destroy the session on logout /api/v1/orgs/ endpoints by changing parameter to :org from :orgname. Add tracked time to doctor webpack chunk loading with STATIC_URL_PRE Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 . Return json on 500 error from API. wrong milestone in webhook message. Prevent (caught) panic on login. commit page js error. Use media links for img in post-process. Ensure public repositories in private organizations are visible and admin organizations list. Set correct Content-Type value for Gogs/Gitea webhooks. Allow all members of private orgs to see public repos. Whenever the ctx.Session is updated, release it to save it before sending the redirect. Forcibly clean and destroy the session on logout. /api/v1/orgs/ endpoints by changing parameter to :org from :orgname. Add tracked time to doctor. webpack chunk loading with STATIC_URL_PRE. Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14.
1.12.0-rc122 May 2020 22:45 minor feature: Prevent timer leaks in Workerpool and others tracked time Add NotifySyncPushCommits to indexer notifier Allow X in addition to x in tasks When delete tracked time through the API return 404 not 500 Prevent duplicate records in organizations list when creating a repository Manage port in submodule refurl api.Context.NotFound(...) should tolerate nil Show pull request selection even when unrelated branches Repo: milestone: make /milestone/:id endpoint accessible GetContents(): Dont't ignore Executables submodule paths when AppSubUrl is not root Prevent clones and pushes to disabled wiki Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl On Repo Deletion: Delete related TrackedTimes too Refresh codemirror on show pull comment tab merge dialog on protected branch with missing required statuses Load pr Poster on API too release counter on API repository info Generate Diff and Patch direct from Pull head rebase conflict detection in git 2.26 . Prevent timer leaks in Workerpool and others. tracked time. Add NotifySyncPushCommits to indexer notifier. Allow X in addition to x in tasks. When delete tracked time through the API return 404 not 500. Prevent duplicate records in organizations list when creating a repository. Manage port in submodule refurl. api.Context.NotFound(...) should tolerate nil. Show pull request selection even when unrelated branches. Repo: milestone: make /milestone/:id endpoint accessible. GetContents(): Dont't ignore Executables. submodule paths when AppSubUrl is not root. Prevent clones and pushes to disabled wiki. Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl. On Repo Deletion: Delete related TrackedTimes too. Refresh codemirror on show pull comment tab. merge dialog on protected branch with missing required statuses. Load pr Poster on API too. release counter on API repository info. Generate Diff and Patch direct f
1.13.0-dev18 May 2020 23:25 minor feature: Prevent timer leaks in Workerpool and others tracked time Add NotifySyncPushCommits to indexer notifier Allow X in addition to x in tasks When delete tracked time through the API return 404 not 500 Prevent duplicate records in organizations list when creating a repository Manage port in submodule refurl api.Context.NotFound(...) should tolerate nil Show pull request selection even when unrelated branches Repo: milestone: make /milestone/:id endpoint accessible GetContents(): Dont't ignore Executables submodule paths when AppSubUrl is not root Prevent clones and pushes to disabled wiki Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl On Repo Deletion: Delete related TrackedTimes too Refresh codemirror on show pull comment tab merge dialog on protected branch with missing required statuses Load pr Poster on API too release counter on API repository info Generate Diff and Patch direct from Pull head rebase conflict detection in git 2.26 . Prevent timer leaks in Workerpool and others. tracked time. Add NotifySyncPushCommits to indexer notifier. Allow X in addition to x in tasks. When delete tracked time through the API return 404 not 500. Prevent duplicate records in organizations list when creating a repository. Manage port in submodule refurl. api.Context.NotFound(...) should tolerate nil. Show pull request selection even when unrelated branches. Repo: milestone: make /milestone/:id endpoint accessible. GetContents(): Dont't ignore Executables. submodule paths when AppSubUrl is not root. Prevent clones and pushes to disabled wiki. Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl. On Repo Deletion: Delete related TrackedTimes too. Refresh codemirror on show pull comment tab. merge dialog on protected branch with missing required statuses. Load pr Poster on API too. release counter on API repository info. Generate Diff and Patch direct f
1.11.511 May 2020 06:25 minor feature: Prevent timer leaks in Workerpool and others tracked time Add NotifySyncPushCommits to indexer notifier Allow X in addition to x in tasks When delete tracked time through the API return 404 not 500 Prevent duplicate records in organizations list when creating a repository Manage port in submodule refurl api.Context.NotFound(...) should tolerate nil Show pull request selection even when unrelated branches Repo: milestone: make /milestone/:id endpoint accessible GetContents(): Dont't ignore Executables submodule paths when AppSubUrl is not root Prevent clones and pushes to disabled wiki Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl On Repo Deletion: Delete related TrackedTimes too Refresh codemirror on show pull comment tab merge dialog on protected branch with missing required statuses Load pr Poster on API too release counter on API repository info Generate Diff and Patch direct from Pull head rebase conflict detection in git 2.26 . Prevent timer leaks in Workerpool and others. tracked time. Add NotifySyncPushCommits to indexer notifier. Allow X in addition to x in tasks. When delete tracked time through the API return 404 not 500. Prevent duplicate records in organizations list when creating a repository. Manage port in submodule refurl. api.Context.NotFound(...) should tolerate nil. Show pull request selection even when unrelated branches. Repo: milestone: make /milestone/:id endpoint accessible. GetContents(): Dont't ignore Executables. submodule paths when AppSubUrl is not root. Prevent clones and pushes to disabled wiki. Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl. On Repo Deletion: Delete related TrackedTimes too. Refresh codemirror on show pull comment tab. merge dialog on protected branch with missing required statuses. Load pr Poster on API too. release counter on API repository info. Generate Diff and Patch direct f
1.11.402 Apr 2020 13:05 minor feature: Only update merge_base if not already merged milestones too many SQL variables Protect against NPEs in notifications list Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID Account for empty lines in receive-hook message on branch API Migrate to go-git/go-git v5.0.0 hiding of fields in authorization source page Prevent default for linkAction . Only update merge_base if not already merged. milestones too many SQL variables. Protect against NPEs in notifications list. Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit. Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID. Account for empty lines in receive-hook message. on branch API. Migrate to go-git/go-git v5.0.0. hiding of fields in authorization source page. Prevent default for linkAction.
1.11.311 Mar 2020 19:45 minor feature: . Prevent panic in stopwatch. on pull view when required status check no ci result. Build explicitly with Go 1.13.
1.11.118 Feb 2020 05:05 minor feature: Repo name added to automatically generated commit message when merging Workerpool deadlock Divide Gettats query in smaller chunks reply on code review Stop hanging indexer initialisation from preventing shutdown filter label emoji width sidebar menus having an infinite height commit between two commits calculation if there is only last commit Only check for conflicts/merging if the PR has not been merged in the interim Blacklist manifest.json milestones user . Repo name added to automatically generated commit message when merging. Workerpool deadlock. Divide Gettats query in smaller chunks. reply on code review. Stop hanging indexer initialisation from preventing shutdown. filter label emoji width. sidebar menus having an infinite height. commit between two commits calculation if there is only last commit. Only check for conflicts/merging if the PR has not been merged in the interim. Blacklist manifest.json milestones user.
1.11.012 Feb 2020 00:05 minor feature: BREAKING followers and following tabs in profile Make CertFile and KeyFile relative to CustomPath Remove unused endpoints Preall user-generated IDs in markup Enforce Gitea environment for pushes Hide some user information via API if user have not enough permissions Move startpage/homepage translation to crowdin . followers and following tabs in profile. Make CertFile and KeyFile relative to CustomPath. Remove unused endpoints. Preall user-generated IDs in markup. Enforce Gitea environment for pushes. Hide some user information via API if user have not enough permissions. Move startpage/homepage translation to crowdin. SECURITY Never allow an empty password to validate Prevent redirect to Host Swagger hide search field Add "search" to reserved usernames Switch to fomantic-ui Only serve attachments when linked to /release and if accessible by user . Never allow an empty password to validate. Prevent redirect to Host. Swagger hide search field. Add "search" to reserved usernames. Switch to fomantic-ui. Only serve attachments when linked to /release and if accessible by user. FEATURES Webhooks should only show sender if it makes sense Provide Default messages for merges Add description to labels on create Graceful Queues: Indexing and Tasks Default NO_REPLY_ADDRESS to DOMAIN Allow FCGI over unix sockets Graceful: Xorm, RepoIndexer, Cron and Others Add API for Reactions Graceful: Cancel Process on monitor pages HammerTime Graceful: Allow graceful restart for unix sockets Graceful: Allow graceful restart for fcgi Sign protected branches Add Graceful shutdown for Windows and hooks for shutdown of goroutines Add Gitea icon to Emojis Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code Allow Custom Reactions /reopen by keywords in titles and comments. Allow incompletely specified Time Formats Prevent upload (overwrite) of lfs locked file Template Repositories Add /milestones endpoint Make repository management section
1.11.0-rc223 Jan 2020 12:45 minor feature: SECURITY Hide credentials when submitting migration Never allow an empty password to validate Prevent redirect to Host Hide public repos owned by private orgs . Hide credentials when submitting migration. Never allow an empty password to validate. Prevent redirect to Host. Hide public repos owned by private orgs. Allow assignee on Pull Creation when Unit is deactivated download file wrong content-type wrong identify poster on a migrated pull request when submit review dump non-exist log directory compare missing msteam webhook on organization add team on collaborator page when same name as organization cache problem on dashboard Send tag create and push webhook when release created on UI Branches not at ref commit ID should not be listed as Merged . Allow assignee on Pull Creation when Unit is deactivated. download file wrong content-type. wrong identify poster on a migrated pull request when submit review. dump non-exist log directory. compare. missing msteam webhook on organization. add team on collaborator page when same name as organization. cache problem on dashboard. Send tag create and push webhook when release created on UI. Branches not at ref commit ID should not be listed as Merged.
1.10.318 Jan 2020 23:25 minor feature: SECURITY Hide credentials when submitting migration Never allow an empty password to validate Prevent redirect to Host Hide public repos owned by private orgs . Hide credentials when submitting migration. Never allow an empty password to validate. Prevent redirect to Host. Hide public repos owned by private orgs. Allow assignee on Pull Creation when Unit is deactivated download file wrong content-type wrong identify poster on a migrated pull request when submit review dump non-exist log directory compare missing msteam webhook on organization add team on collaborator page when same name as organization cache problem on dashboard Send tag create and push webhook when release created on UI Branches not at ref commit ID should not be listed as Merged . Allow assignee on Pull Creation when Unit is deactivated. download file wrong content-type. wrong identify poster on a migrated pull request when submit review. dump non-exist log directory. compare. missing msteam webhook on organization. add team on collaborator page when same name as organization. cache problem on dashboard. Send tag create and push webhook when release created on UI. Branches not at ref commit ID should not be listed as Merged.
1.12.0-dev09 Jan 2020 16:05 minor feature: Allow only specific Columns to be updated on via API Add ErrReactionAlreadyExist error when migrate from API Use default avatar for ghost user repository pagination when there are more than one label filter deleted branch not removed when push the branch again missing repository status when migrating repository via API Trigger webhook when deleting a branch after merging a PR paging on /repos/ owner / repo /git/trees/ sha API endpoint NewCommitStatus Use OriginalURL instead of CloneAddr in migration logging Slack webhook payload title generation to work with Mattermost DefaultBranch needs to be preby BranchPre indexer not triggered when migrating a repository that release attachment files not deleted when deleting repository migration releases File Edit: Author/Committer interchanged . Allow only specific Columns to be updated on via API. Add ErrReactionAlreadyExist error. when migrate from API. Use default avatar for ghost user. repository pagination when there are more than one label filter. deleted branch not removed when push the branch again. missing repository status when migrating repository via API. Trigger webhook when deleting a branch after merging a PR. paging on /repos/ owner / repo /git/trees/ sha API endpoint. NewCommitStatus. Use OriginalURL instead of CloneAddr in migration logging. Slack webhook payload title generation to work with Mattermost. DefaultBranch needs to be preby BranchPre. indexer not triggered when migrating a repository. that release attachment files not deleted when deleting repository. migration releases. File Edit: Author/Committer interchanged.
1.10.203 Jan 2020 16:25 minor feature: Allow only specific Columns to be updated on via API Add ErrReactionAlreadyExist error when migrate from API Use default avatar for ghost user repository pagination when there are more than one label filter deleted branch not removed when push the branch again missing repository status when migrating repository via API Trigger webhook when deleting a branch after merging a PR paging on /repos/ owner / repo /git/trees/ sha API endpoint NewCommitStatus Use OriginalURL instead of CloneAddr in migration logging Slack webhook payload title generation to work with Mattermost DefaultBranch needs to be preby BranchPre indexer not triggered when migrating a repository that release attachment files not deleted when deleting repository migration releases File Edit: Author/Committer interchanged . Allow only specific Columns to be updated on via API. Add ErrReactionAlreadyExist error. when migrate from API. Use default avatar for ghost user. repository pagination when there are more than one label filter. deleted branch not removed when push the branch again. missing repository status when migrating repository via API. Trigger webhook when deleting a branch after merging a PR. paging on /repos/ owner / repo /git/trees/ sha API endpoint. NewCommitStatus. Use OriginalURL instead of CloneAddr in migration logging. Slack webhook payload title generation to work with Mattermost. DefaultBranch needs to be preby BranchPre. indexer not triggered when migrating a repository. that release attachment files not deleted when deleting repository. migration releases. File Edit: Author/Committer interchanged.
1.10.106 Dec 2019 13:05 minor feature: Max length check and limit in multiple repo forms Properly displaying virtual session provider in admin panel Upgrade levelqueue to 0.1.0 Panic when diff Smtp logger configuration sendTos should be an array Always Show Password Field on Link Account Sign-in Page Create PR on Current Repository by Default Race on indexer ReCAPTCHA URL Hide migrated credentials Update golang.org/x/crypto vendor to use acme v2 Password checks on admin create/edit user Add search as a reserved username Permission checks for /reopen from commit Ensure Written is set in GZIP ProxyResponseWriter Broken link to branch from list Wrong system notice when repository is empty Shadow password correctly for session config . Max length check and limit in multiple repo forms. Properly displaying virtual session provider in admin panel. Upgrade levelqueue to 0.1.0. Panic when diff. Smtp logger configuration sendTos should be an array. Always Show Password Field on Link Account Sign-in Page. Create PR on Current Repository by Default. Race on indexer. ReCAPTCHA URL. Hide migrated credentials. Update golang.org/x/crypto vendor to use acme v2. Password checks on admin create/edit user. Add search as a reserved username. Permission checks for /reopen from commit. Ensure Written is set in GZIP ProxyResponseWriter. Broken link to branch from list. Wrong system notice when repository is empty. Shadow password correctly for session config.
1.10.018 Nov 2019 20:05 minor feature: BREAKING deadline on update or PR via API Hide some user information via API if user doesn't have enough permission Remove legacy handling of drone token Change repo search to use exact match for topic search. Add pagination for admin api get orgs and only list public orgs Implement the ability to change the ssh port to match what is in the gitea config . deadline on update or PR via API. Hide some user information via API if user doesn't have enough permission. Remove legacy handling of drone token. Change repo search to use exact match for topic search. Add pagination for admin api get orgs and only list public orgs. Implement the ability to change the ssh port to match what is in the gitea config. SECURITY. Ignore mentions for users with no access Be more strict with git arguments reserve.well-known username . Ignore mentions for users with no access. Be more strict with git arguments. reserve.well-known username. FEATURE. Org/Members: display 2FA members states + optimize sql requests SetDefaultBranch on pushing to empty repository Adds side-by-side diff for images API method to list all commits of a repository Password Complexity Checks Add option to initialize repository with labels Add additional password hash algorithms . Org/Members: display 2FA members states + optimize sql requests. SetDefaultBranch on pushing to empty repository. Adds side-by-side diff for images. API method to list all commits of a repository. Password Complexity Checks. Add option to initialize repository with labels. Add additional password hash algorithms. Allow to merge if file path contains " or . On windows set core.longpaths true when edit hook Checkbox at RepoSettings Protected Branch SSH2 conditional in key parsing code commit expand button to not go to commit link new user form for non-local users to opened io resources as soon as not needed edit content button on migrated content require external registration password password comple
1.9.614 Nov 2019 14:05 minor feature: Allow to merge if file path contains " or when edit hook with user.fullname Update Github Migration Test Add () method to gogitRepository . Allow to merge if file path contains " or . when edit hook. with user.fullname. Update Github Migration Test. Add () method to gogitRepository.
1.10.0-rc231 Oct 2019 10:25 minor feature: BREAKING. deadline on update or PR via API. Hide some user information via API if user doesn't have enough permission. . Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params. milestone timestamp. when getting user as unauthenticated user. 'New Missing Milestone Comment'. Use AppSubUrl for more redirections. Add SubURL to redirect path. template error on account page. Allow externalID to be UUID. Prevent removal of non-empty emoji panel following selection of duplicate. Update heatmap tures to restore tests. Ensure that diff stats can scroll independently of the diff. Webhook: set Content-Type for application/x-www-form-urlencoded. by handling empty repos. on pull requests when transfer head repository. Add missed in ServeBlobLFS. Ensure that GitRepo is set on Empty repositories. migrate mirror 500. password complexity regex for special characters. Prevent.code-view from overriding font on icon fonts. Allow more than 255 characters for tokens in external_login_user table.
1.11.0-dev15 Oct 2019 11:05 minor feature: Highlight references When migrating a private repository #7917 Change general form binding to gogs form Editor commit to new branch if PR disabled Milestone num_ Allow users with explicit read access to give approvals Commit status in PR #8316 and PR #8321 API for edit and delete release attachment Assets on release webhook Release API URL generation Allow registration when button is hidden MS Teams webhook misses commit messages (backport v1.9) Data race Pull merge 500 error caused by git-fetch breaking behaviors The SSH config specification in the authorized_keys template Reading git notes from nested trees Team user api Add reviewers as participants . Highlight references. When migrating a private repository #7917. Change general form binding to gogs form. Editor commit to new branch if PR disabled. Milestone num_. Allow users with explicit read access to give approvals. Commit status in PR #8316 and PR #8321. API for edit and delete release attachment. Assets on release webhook. Release API URL generation. Allow registration when button is hidden. MS Teams webhook misses commit messages (backport v1.9). Data race. Pull merge 500 error caused by git-fetch breaking behaviors. The SSH config specification in the authorized_keys template. Reading git notes from nested trees. Team user api. Add reviewers as participants. BUILD Use vendored go-swagger Version-validation for GO 1.13 (go-macaron/cors) . Use vendored go-swagger. Version-validation for GO 1.13 (go-macaron/cors). MISC Make show private icon when repo avatar set . Make show private icon when repo avatar set.
1.9.409 Oct 2019 22:27 minor feature: