Releases: go-gitea/gitea
Releases · go-gitea/gitea
v1.16.9
- SECURITY
- BUGFIXES
- Hide notify mail setting ui if not enabled (#20138) (#20337)
- Add write check for creating Commit status (#20332) (#20334)
- Only show Followers that current user can access (#20220) (#20253)
- Release page show all tags in compare dropdown (#20070) (#20071)
- Fix permission check for delete tag (#19985) (#20001)
- Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
- Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
- Set Setpgid on child git processes (#19865) (#19881)
- Import git from alpine 3.16 repository as 2.30.4 is needed for
safe.directory = '*'to work but alpine 3.13 has 2.30.3 (#19876) - Ensure responses are context.ResponseWriters (#19843) (#19859)
- Fix incorrect usage of
Countfunction (#19850) - Fix raw endpoint PDF file headers (#19825) (#19826)
- Make WIP prefixes case insensitive, e.g. allow
Draftas a WIP prefix (#19780) (#19811) - Don't return 500 on NotificationUnreadCount (#19802)
- Prevent NPE when cache service is disabled (#19703) (#19783)
- Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
- Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770)
- Fix bug with assigneees (#19757)
v1.17.0-rc1
v1.17.0-rc1
This tag was signed with the committer’s verified signature.
The key has expired.
6543
6543
- BREAKING
- Require go1.18 for Gitea 1.17 (#19918)
- Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
- Nuke the incorrect permission report on /api/v1/notifications (#19761)
- Refactor git module, make Gitea use internal git config (#19732)
- Remove
RequireHighlightJSfield, update plantuml example. (#19615) - Increase minimal required git version to 2.0 (#19577)
- Add a directory prefix
gitea-src-VERSIONto release-tar-file (#19396) - Use "main" as default branch name (#19354)
- Make cron task no notice on success (#19221)
- Add pam account authorization check (#19040)
- Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
- Refactor mirror code & fix StartToMirror (#18904)
- Remove deprecated SSH ciphers from default (#18697)
- Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
- Update reserved usernames list (#18438)
- Support custom ACME provider (#18340)
- Change initial TrustModel to committer (#18335)
- Update HTTP status codes (#18063)
- Upgrade Alpine from 3.13 to 3.15 (#18050)
- Restrict email address validation (#17688)
- Refactor Router Logger (#17308)
- SECURITY
- Remove deprecated SSH ciphers from default (#18697)
- FEDERATION
- FEATURES
- Automatically render wiki TOC (#19873)
- Adding button to link accounts from user settings (#19792)
- Allow set default merge style while creating repo (#19751)
- Auto merge pull requests when all checks succeeded (#9307 & #19648)
- Improve reviewing PR UX (#19612)
- Add support for rendering console output with colors (#19497)
- Add Helm Chart registry (#19406)
- Add Goroutine stack inspector to admin/monitor (#19207)
- RSS/Atom support for Orgs & Repos (#17714 & #19055)
- Add button for issue deletion (#19032)
- Allow to mark files in a PR as viewed (#19007)
- Add Index to comment for migrations and mirroring (#18806)
- Add health check endpoint (#18465)
- Add packagist webhook (#18224)
- Add "Allow edits from maintainer" feature (#18002)
- Add apply-patch, basic revert and cherry-pick functionality (#17902)
- Add Package Registry (#16510)
- Add LDAP group sync to Teams (#16299)
- Pause queues (#15928)
- Added auto-save whitespace behavior if it changed manually (#15566)
- Find files in repo (#15028)
- Provide configuration to allow camo-media proxying (#12802)
- API
- Add endpoint to serve blob or LFS file content (#19689)
- Add endpoint to check if team has repo access (#19540)
- More commit info (#19252)
- Allow to create file on empty repo (#19224)
- Allow removing issues (#18879)
- Add endpoint to query collaborators permission for a repository (#18761)
- Return primary language and repository language stats API URL (#18396)
- Implement http signatures support for the API (#17565)
- ENHANCEMENTS
- Add dbconsistency checks for Stopwatches (#20010)
- Add fetch.writeCommitGraph to gitconfig (#20006)
- Add fgprof pprof profiler (#20005)
- Move agit dependency (#19998)
- Empty log queue on flush and close (#19994)
- Remove tab/TabName usage where it's not needed (#19973)
- Improve file header on mobile (#19945)
- Move issues related files into models/issues (#19931)
- Add breaking email restrictions checker in doctor (#19903)
- Improve UX on modal for deleting an access token (#19894)
- Add alt text to logo (#19892)
- Move some code into models/git (#19879)
- Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861)
- Make user profile image show full image on mobile (#19840)
- Replace blue button and label classes with primary (#19763)
- Remove fomantic progress module (#19760)
- Allows repo search to match against "owner/repo" pattern strings (#19754)
- Move org functions (#19753)
- Move almost all functions' parameter db.Engine to context.Context (#19748)
- Show source/target branches on PR's list (#19747)
- Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739)
- Add doctor orphan check for orphaned pull requests without an existing base repo (#19731)
- Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729)
- Update go-chi/cache to utilize Ping() (#19719)
- Improve commit list/view on mobile (#19712)
- Move some repository related code into sub package (#19711)
- Use a better OlderThan for DeleteInactiveUsers (#19693)
- Introduce eslint-plugin-jquery (#19690)
- Tidy up
<head>template (#19678) - Calculate filename hash only once (#19654)
- Simplify
IsVendor(#19626) - Add "Reference" section to Issue view sidebar (#19609)
- Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581)
- Use for a repo action one database transaction (#19576)
- Simplify loops to copy (#19569)
- Added X-Mailer header to outgoing emails (#19562)
- use middleware to open gitRepo (#19559)
- Mute link in diff header (#19556)
- Improve UI on mobile (#19546)
- Fix Pull Request comment filename word breaks (#19535)
- Permalink files In PR diff (#19534)
- PullService lock via pullID (#19520)
- Make repository file list useable on mobile (#19515)
- more context for models (#19511)
- Allow package dump skipping (#19506)
- Refactor readme file renderer (#19502)
- By default force vertical tabs on mobile (#19486)
- Github style following followers (#19482)
- Improve action table indices (#19472)
- Use horizontal tabs for repo header on mobile (#19468)
- pass gitRepo down since its used for main repo and wiki (#19461)
- Admin should not delete himself (#19423)
- Use queue instead of memory queue in webhook send service (#19390)
- Simplify the code to get issue count (#19380)
- Add commit status popup to issuelist (#19375)
- Add RSS Feed buttons to Repo, User and Org pages (#19370)
- Add logic to switch between source/rendered on Markdown (#19356)
- Move some helper files out of models (#19355)
- Move access and repo permission to models/perm/access (#19350)
- Disallow selecting the text of buttons (#19330)
- Allow custom redirect for landing page (#19324)
- Repository level enable package or disable (#19323)
- Remove dependent on session auth for api/v1 routers (#19321)
- Never use /api/v1 from Gitea UI Pages (#19318)
- Remove legacy unmaintained packages, refactor to support change default locale (#19308)
- Move milestone to models/issues/ (#19278)
- Configure OpenSSH log level via Environment in Docker (#19274)
- Move reaction to models/issues/ (#19264)
- Make git.OpenRepository accept Context (#19260)
- Move some issue methods as functions (#19255)
- Show last cron messages on monitor page (#19223)
- New cron task: delete old system notices (#19219)
- Add Redis Sentinel Authentication Support (#19213)
- Add auto logging of goroutine pid label (#19212)
- Set OpenGraph title to DisplayName in profile pages (#19206)
- Add pprof labels in processes and for lifecycles (#19202)
- Let web and API routes have different auth methods group (#19168)
- Move init repository related functions to modules (#19159)
- Feeds: render markdown to html (#19058)
- Allow users to self-request a PR review (#19030)
- Allow render HTML with css/js external links (#19017)
- Fix script compatiable with OpenWrt (#19000)
- Support ignore all santize for external renderer (#18984)
- Add note to GPG key response if user has no keys (#18961)
- Improve Stopwatch behavior (#18930)
- Improve mirror iterator (#18928)
- Uncapitalize errors (#18915)
- Prevent Stats Indexer reporting error if repo dir missing (#18870)
- Refactor SecToTime() function (#18863)
- Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796)
- Move deletebeans into models/db (#18781)
- Fix display time of milestones (#18753)
- Add config option to disable "Update branch by rebase" (#18745)
- Display template path of current page in dev mode (#18717)
- Add number in queue status to monitor page (#18712)
- Change git.cmd to RunWithContext (#18693)
- Refactor i18n, use Locale to provide i18n/translation related functions (#18648)
- Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552)
- Move organization related structs into sub package (#18518)
- Warn at startup if the provided
SCRIPT_TYPEis not on the PATH (#18467) - Use
CryptoRandomBytesinstead ofCryptoRandomString(#18439) - Use explicit jQuery import, remove unused eslint globals (#18435)
- Allow to filter repositories by language in explore, user and organization repositories lists (#18430)
- Use base32 for 2FA scratch token (#18384)
- Unexport var git.GlobalCommandArgs (#18376)
- Don't underline commit status icon on hover (#18372)
- Always use git command but not os.Command (#18363)
- Switch to non-deprecation setting (#18358)
- Set the LastModified header for raw files (#18356)
- Refactor jwt.StandardClaims to RegisteredClaims (#18344)
- Enable deprecation error for v1.17.0 (#18341)
- Refactor httplib (#18338)
- Limit max-height of CodeMirror editors for issue comment and wiki (#18271)
- Validate migration files (#18203)
- Format with gofumpt (#18184)
- Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
- Prettify number of issues (#17760)
- Add a "admin user generate-access-token" subcommand (#17722)
- Move project files into models/project sub package (#17704)
- Custom regexp external issues (#17624)
- Add...
v1.16.8
- ENHANCEMENTS
- BUGFIXES
- Fix oauth setting list bug (#19681)
- Delete user related oauth stuff on user deletion too (#19677) (#19680)
- Fix new release from tags list UI (#19670) (#19673)
- Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
- GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
- Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
- Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
- Fix sending empty notifications (#19589) (#19590)
- Ignore DNS error when doing migration allow/block check (#19566) (#19567)
- Fix issue overview for teams (#19652) (#19653)
v1.16.7
- SECURITY
- Escape git fetch remote (#19487) (#19490) CVE-2022-30781
- BUGFIXES
- Don't overwrite err with nil (#19572) (#19574)
- On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
- Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
- Don't error when branch's commit doesn't exist (#19547) (#19548)
- Support
hostname:portto pass host matcher's check (#19543) (#19544) - Prevent intermittent race in attribute reader close (#19537) (#19539)
- Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
- Prevent dangling archiver goroutine (#19516) (#19526)
- Fix migrate release from github (#19510) (#19523)
- When view _Siderbar or _Footer, just display once (#19501) (#19522)
- Fix blame page select range error and some typos (#19503)
- Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
- User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
- Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
- RepoAssignment ensure to close before overwrite (#19449) (#19460)
- Set correct PR status on 3way on conflict checking (#19457) (#19458)
- Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
v1.16.6
- ENHANCEMENTS
- BUGFIXES
- When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
- Fix DELETE request for non-existent public key (#19443) (#19444)
- Don't panic on ErrEmailInvalid (#19441) (#19442)
- Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
- Warn on SSH connection for incorrect configuration (#19317) (#19437)
- Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
- When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
- Fix nil error when some pages are rendered outside request context (#19427) (#19428)
- Fix double blob-hunk on diff page (#19404) (#19405)
- Don't allow merging PR's which are being conflict checked (#19357) (#19358)
- Fix middleware function's placements (#19377) (#19378)
- Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
- Restore user autoregistration with email addresses (#19261) (#19312)
- Move checks for pulls before merge into own function (#19271) (#19277)
- Granular webhook events in editHook (#19251) (#19257)
- Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
- Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
- Touch mirrors on even on fail to update (#19217) (#19233)
- Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
- Fix clone url JS error for the empty repo page (#19209)
- Bump goldmark to v1.4.11 (#19201) (#19203)
- TESTING
- BUILD
- Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)
- MISC
v1.16.5
- BREAKING
- SECURITY
- Prevent redirect to Host (2) (#19175) (#19186)
- Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
- Clean paths when looking in Storage (#19124) (#19179)
- Do not send notification emails to inactive users (#19131) (#19139)
- Do not send activation email if manual confirm is set (#19119) (#19122)
- ENHANCEMENTS
- BUGFIXES
- Fix showing issues in your repositories (#18916) (#19191)
- Fix compare link in active feeds for new branch (#19149) (#19185)
- Redirect .wiki/* ui link to /wiki (#18831) (#19184)
- Ensure deploy keys with write access can push (#19010) (#19182)
- Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
- Cleanup protected branches when deleting users & teams (#19158) (#19174)
- Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
- Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
- Use custom favicon when viewing static files if it exists (#19130) (#19152)
- Fix the editor height in review box (#19003) (#19147)
- Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
- Fix wrong scopes caused by empty scope input (#19029) (#19145)
- Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
- Handle email address not exist (#19089) (#19121)
- MISC
v1.16.4
- SECURITY
- ENHANCEMENTS
- BUGFIXES
- Refactor mirror code & fix
StartToMirror(#18904) (#19075) - Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
- Prevent 500 when there is an error during new auth source post (#19041) (#19059)
- If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
- Fix flag validation (#19046) (#19051)
- Add pam account authorization check (#19040) (#19047)
- Ignore missing comment for user notifications (#18954) (#19043)
- Set
rel="nofollow noindex"on new issue links (#19023) (#19042) - Upgrading binding package (#19034) (#19035)
- Don't show context cancelled errors in attribute reader (#19006) (#19027)
- Fix update hint bug (#18996) (#19002)
- Refactor mirror code & fix
- MISC
v1.16.3
1.16.3 - 2022-03-02
- SECURITY
- Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313
- ENHANCEMENTS
- BUGFIXES
- Set max text height to prevent overflow (#18862) (#18977)
- Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
- Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
- Send 404 on
/{org}.gpg(#18959) (#18962) - Fix admin user list pagination (#18957) (#18960)
- Fix lfs management setting (#18947) (#18946)
- Fix login with email panic when email is not exist (#18942)
- Update go-org to v1.6.1 (#18932) (#18933)
- Fix
<strong>html in translation (#18929) (#18931) - Fix page and missing return on unadopted repos API (#18848) (#18927)
- Allow adminstrator teams members to see other teams (#18918) (#18919)
- Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
- Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908)
- Fix redirect when using lowercase repo name (#18775) (#18902)
- Fix migration v210 (#18893) (#18892)
- Fix team management UI (#18887) (18886)
- BeforeSourcePath should point to base commit (#18880) (#18799)
- TRANSLATION
- Backport locales from master (#18944)
- MISC
v1.16.2
1.16.2 - 2022-02-24
- ENHANCEMENTS
- BUGFIXES
- Fix ldap user sync missed email in email_address table (#18786) (#18876)
- Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
- Don't report signal: killed errors in serviceRPC (#18850) (#18865)
- Fix bug where certain LDAP settings were reverted (#18859)
- Update go-org to 1.6.0 (#18824) (#18839)
- Fix login with email for ldap users (#18800) (#18836)
- Fix bug for get user by email (#18834)
- Fix panic in EscapeReader (#18820) (#18821)
- Fix ldap loginname (#18789) (#18804)
- Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
- In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
- Fix template bug of LFS lock (#18784) (#18787)
- Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
- Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
- Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
- Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
- Prevent dangling GetAttribute calls (#18754) (#18755)
- Fix isempty detection of git repository (#18746) (#18750)
- Fix source code line highlighting on external tracker (#18729) (#18740)
- Prevent double encoding of branch names in delete branch (#18714) (#18738)
- Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
- Fix forked repositories missed tags (#18719) (#18735)
- Fix release typo (#18728) (#18731)
- Separate the details links of commit-statuses in headers (#18661) (#18730)
- Update object repo with the migrated repository (#18684) (#18726)
- Fix bug for version update hint (#18701) (#18705)
- Fix issue with docker-rootless shimming script (#18690) (#18699)
- Let
MinUnitAccessModereturn correct perm (#18675) (#18689) - Prevent security failure due to bad APP_ID (#18678) (#18682)
- Restart zero worker if there is still work to do (#18658) (#18672)
- If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
- TESTING
- BUILD
- MISC
v1.16.1
1.16.1 - 2022-02-06
- SECURITY
- ENHANCEMENTS
- BUGFIXES
- Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
- Stop logging an error when notes are not found (#18626) (#18635)
- Ensure that blob-excerpt links work for wiki (#18587) (#18624)
- Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
- Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
- Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
- Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
- Collaborator trust model should trust collaborators (#18539) (#18557)
- Detect conflicts with 3way merge (#18536) (#18537)
- In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
- Add
GetUserTeams(#18499) (#18531) - Fix review excerpt (#18502) (#18530)
- Fix for AvatarURL database type (#18487) (#18529)
- Use
ImagedProviderfor gplus oauth2 provider (#18504) (#18505) - Fix OAuth Source Edit Page (#18495) (#18503)
- Use "read" value for General Access (#18496) (#18500)
- Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
- BUILD
- DOCS