Gogs - Package Updates
-
[1.14.0]
- Update Gogs to 0.12.1
- Full changelog
- Support for Git LFS, you can read documentation for both user and admin. #1322
- Allow admin to remove observers from the repository. #5803
- Use Last-Modified HTTP header for raw files. #5811
- Support syntax highlighting for SAS code files (i.e. .r, .sas, .tex, .yaml). #5856
- Able to fill in pull request title with a template. #5901
- Able to override static files under public/ directory, please refer to documentation for usage. #5920
- New API endpoint GET /admin/teams/:teamid/members to list members of a team. #5877
-
[1.14.1]
- Update Gogs to 0.12.2
- Regression: Pages are correctly rendered when requesting ?go-get=1 for subdirectories. #6314
- Regression: Submodule with a relative path is linked correctly. #6319
- Backup can be processed when --target is specified on Windows. #6339
- Commit message contains keywords look like an issue reference no longer fails the push entirely. #6289
-
[1.14.2]
- Update Gogs to 0.12.3
- Auto-linked commit SHAs now have correct links. #6300
- Git LFS client wasn't able to upload files with known format (e.g. PNG, JPEG), and the server is expecting the HTTP Header Content-Type to be application/octet-stream. The server now tells the LFS client to always use Content-Type: application/octet-stream when upload files.
-
[1.16.1]
- Update Gogs to 0.12.4
- Security: Potential SSRF attack by CRLF injection via repository migration. #6413 by @stypr
- Regression: Fixed smart links for issues stops rendering. #6506 by @unknwon
- Added X-Frame-Options header to prevent Clickjacking. #6409 by @matheusmosca
-
[1.17.1]
- Update Gogs to 0.12.6
- Full changelog
- Security: Remote command execution in file uploading. #6833 by @unknwon
- Regression: Unable to migrate repository from other local Git hosting. Added a new configuration option [security] LOCAL_NETWORK_ALLOWLIST, which is a comma separated list of hostnames that are explicitly allowed to be accessed within the local network. #6841 by @unknwon
-
[1.17.2]
- Update Gogs to 0.12.7
- Full changelog
- Security: Stored XSS in issues. #6919 by @unknwon
- Invalid character in Access-Control-Allow-Credentials response header. #4983 by @wuhan005
- Mysterious ssh: overflow reading version string errors from builtin SSH server. #6882 by @unknwon
-
[1.17.4]
- Update Gogs to 0.12.9
- Full changelog
- Security: OS Command Injection in file editor. #7000
- Security: Sanitize DisplayName in repository issue list. #7009
- Security: Path Traversal in file editor on Windows. #7001
- Security: Path Traversal in Git HTTP endpoints. #7002
- Unable to init repository during creation on Windows. #6967
-
[1.17.5]
- Update Gogs to 0.12.10
- Full changelog
- Support using [security] LOCAL_NETWORK_ALLOWLIST = * to allow all hostnames. #7111
- Unable to send webhooks to local network addresses after configured [security] LOCAL_NETWORK_ALLOWLIST. #7074
-
[1.18.1]
- Update Gogs to 0.12.11
- Full changelog
- Security: Stored XSS for issue assignees. #7145
- Security: OS Command Injection in repo editor on case-insensitive file systems. #7030
- Unable to render repository pages with implicit submodules (e.g. get submodule "REDACTED": revision does not exist). #6436
-
[1.19.0]
- Update Gogs to 0.13.0
- Full changelog
- Support using personal access token in the password field. #3866
- An unlisted option is added when create or migrate a repository. Unlisted repositories are public but not being listed for users without direct access in the UI. #5733
- New API endpoint PUT /repos/:owner/:repo/contents/:path for creating and update repository contents. #5967
- New configuration option [git.timeout] DIFF for customizing operation timeout of git diff. #6315
- New configuration option [server] SSH_SERVER_MACS for setting list of accepted MACs for connections to builtin SSH server. #6434
- New configuration option [repository] DEFAULT_BRANCH for setting default branch name for new repositories. #7291
- New configuration option [server] SSH_SERVER_ALGORITHMS for specifying the list of accepted key exchange algorithms for connections to builtin SSH server. #7345
- Support specifying custom schema for PostgreSQL. #6695
- Support rendering Mermaid diagrams in Markdown. #6776
- Docker: Allow passing extra arguments to the backup command. #7060
- New languages support: Mongolian, Romanian. #6510 #7082
- The required Go version to compile source code changed to 1.18.
- Access tokens are now stored using their SHA256 hashes instead of raw values. #7008
- Unable to use LDAP authentication on ARM machines. #6761
- Unable to choose "Lookup Avatar by mail" in user settings without deleting custom avatar. #7267
- Mistakenly include the "data" directory under the custom directory in the Docker setup. #7343
- Unable to start after data recovery with an outdated migration version. #7125
-
[1.20.2]
- Update gogs to 0.13.2
- Full Changelog
- Security: Path Traversal in file editing UI. GHSA-r7j8-5h9c-f6fx
- Security: Path Traversal in file update API. GHSA-qf5v-rp47-55gg
- Security: Argument Injection in the built-in SSH server. GHSA-vm62-9jw3-c8w3
- Security: Deletion of internal files. GHSA-ccqv-43vm-4f3w
- Security: Argument Injection during changes preview. GHSA-9pp6-wq8c-3w2c
- Security: Argument Injection when tagging new releases. GHSA-m27m-h5gj-wwmg
- Use the non-deprecated section name
[email]during installation for email settings. #7704 - Use the non-deprecated section name
[email] PASSWORDduring installation for email password. #7807 - Make purple template label color to actually use the hexcode of purple. #7722
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login