Gitea - Package Updates
-
You can use this topic to track updates to the Gitea package.
Please open issues in a separate topic instead of replying here.
-
[1.16.0]
- Update Gitea to 1.11.5
- Update base image to 2.0.0
-
[1.16.1]
- Update Gitea to 1.11.6
- Full changelog
- Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
- Use session for retrieving org teams (#11438) (#11439)
- Return json on 500 error from API (#11574) (#11660)
- Fix wrong milestone in webhook message (#11596) (#11612)
- Prevent (caught) panic on login (#11590) (#11598)
- Fix commit page js error (#11527)
-
[1.17.0]
- Update Gitea to 1.12.1
- Full changelog
-
[1.18.0]
- Add forumUrl and update tags and screenshots
-
[1.18.1]
- Update Gitea to 1.12.2
- Full changelog
-
[1.18.2]
- Update Gitea to 1.12.3
- Full changelog
- Don't change creation date when updating Release (#12343) (#12351)
- Show 404 page when release not found (#12328) (#12332)
- Fix emoji detection in certain cases (#12320) (#12327)
- Reduce emoji size (#12317) (#12327)
- Fix double-indirection bug in logging IDs (#12294) (#12308)
- Link to pull list page on sidebar when view pr (#12256) (#12263)
- Extend Notifications API and return pinned notifications by default (#12164) (#12232)
-
[1.18.3]
- Update Gitea to 1.12.4
- Full changelog
- Escape provider name in oauth2 provider redirect (#12648) (#12650)
- Escape Email on password reset page (#12610) (#12612)
- When reading expired sessions - expire them (#12686) (#12690)
- StaticRootPath configurable at compile time (#12371) (#12652)
- Fix to show an issue that is related to a deleted issue (#12651) (#12692)
- Expire time acknowledged for cache (#12605) (#12611)
- Fix diff path unquoting (#12554) (#12575)
- Improve HTML escaping helper (#12562)
- models: break out of loop (#12386) (#12561)
- Default empty merger list to those with write permissions (#12535) (#12560)
- Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
- Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
- Remove hardcoded ES indexername (#12521) (#12526)
- Fix bug preventing transfer to private organization (#12497) (#12501)
- Keys should not verify revoked email addresses (#12486) (#12495)
- Do not add prefix on http/https submodule links (#12477) (#12479)
- Fix ignored login on compare (#12476) (#12478)
- Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
- Upgrade google/go-github to v32.1.0 (#12361) (#12390)
- Render emoji's of Commit message on feed-page (#12373)
- Fix handling of diff on unrelated branches when Git 2.28 used (#12370)
-
[1.18.4]
- Update Gitea to 1.12.5
- Full changelog
- Allow U2F with default settings for gitea in subpath (#12990) (#13001)
- Prevent empty div when editing comment (#12404) (#12991)
- On mirror update also update address in DB (#12964) (#12967)
- Allow extended config on cron settings (#12939) (#12943)
- Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
- Fix internal server error from ListUserOrgs API (#12910) (#12915)
- Update only the repository columns that need updating (#12900) (#12912)
- Fix panic when adding long comment (#12892) (#12894)
- Add size limit for content of comment on action ui (#12881) (#12890)
- Convert User expose ID each time (#12855) (#12883)
- Support slashes in release tags (#12864) (#12882)
- Add missing information to CreateRepo API endpoint (#12848) (#12867)
- On Migration respect old DefaultBranch (#12843) (#12858)
- Fix notifications page links (#12838) (#12853)
- Stop cloning unnecessarily on PR update (#12839) (#12852)
- Escape more things that are passed through str2html (#12622) (#12850)
- Remove double escape on labels addition in comments (#12809) (#12810)
- Fix "only mail on mention" bug (#12775) (#12789)
- Fix yet another bug with diff file names (#12771) (#12776)
- RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
- Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
-
[1.18.5]
- Update Gitea to 1.12.6
- Full changelog
- Prevent git operations for inactive users (#13527) (#13537)
- Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
- API should only return Json (#13511) (#13564)
- Fix before and since query arguments at API (#13559) (#13560)
- Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
- Fix link detection in repository description with tailing '_' (#13407) (#13408)
- Remove obsolete change of email on profile page (#13341) (#13348)
- Fix permission check on get Reactions API endpoints (#13344) (#13346)
- Add migrated pulls to pull request task queue (#13331) (#13335)
- API deny wrong pull creation options (#13308) (#13327)
- Fix initial commit page & binary munching problem (#13249) (#13259)
- Fix diff parsing (#13157) (#13136) (#13139)
- Return error 404 not 500 from API if team does not exist (#13118) (#13119)
- Prohibit automatic downgrades (#13108) (#13111)
- Fix GitLab Migration Option AuthToken (#13101)
- GitLab Label Color Normalizer (#12793) (#13100)
- Log the underlying panic in runMigrateTask (#13096) (#13098)
- Fix attachments list in edit comment (#13036) (#13097)
- Fix deadlock when deleting team user (#13093)
- Fix error create comment on outdated file (#13041) (#13042)
- Fix repository create/delete event webhooks (#13008) (#13027)
- Fix internal server error on README in submodule (#13006) (#13016)
-
[1.19.0]
- Update Gitea to 1.13.0
- Full changelog
-
[1.19.1]
- Update Gitea to 1.13.1
- Full changelog
- Security: Hide private participation in Orgs (#13994) (#14031)
- Security: Fix escaping issue in diff (#14153) (#14154)
-
[1.19.2]
- Update Gitea to 1.13.2
- Prevent panic on fuzzer provided string (#14405) (#14409)
- Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
- If release publisher is deleted use ghost user (#14375)
- Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
- Set the name Mapper in migrations (#14526) (#14529)
- Fix wiki preview (#14515)
- Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
- ChangeUserName: rename user files back on DB issue (#14447)
- Fix lfs preview bug (#14428) (#14433)
- Ensure timeout error is shown on u2f timeout (#14417) (#14431)
- Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
- Use path not filepath in routers/editor (#14390) (#14396)
- Check if label template exist first (#14384) (#14389)
- Fix migration v141 (#14387) (#14388)
- Use Request.URL.RequestURI() for fcgi (#14347)
- Use ServerError provided by Context (#14333) (#14345)
- Fix edit-label form init (#14337)
- Fix mailIssueCommentBatch for pull request (#14252) (#14296)
- Render links for commit hashes followed by comma (#14224) (#14227)
- Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
- Fix avatar bugs (#14217) (#14220)
- Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
- Fix dashboard issues labels filter bug (#14210) (#14214)
- When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
- Fix branch selector on new issue page (#14194) (#14207)
- Check for notExist on profile repository page (#14197) (#14203)
-
[1.20.0]
- Use base image v3
-
[1.20.1]
- Update Gitea to 1.13.3
- Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
- Fix paging of file commit logs (#14831) (#14879)
- Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
- Fix display since time round (#14226) (#14873)
- When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
- Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
- Fix a couple of CommentAsPatch issues. (#14804) (#14820)
- Disable broken OAuth2 providers at startup (#14802) (#14811)
- Repo Transfer permission checks (#14792) (#14794)
- Fix double alert in oauth2 application edit view (#14764) (#14768)
- Fix broken spans in diffs (#14678) (#14683)
- Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
- HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
- Do not assume all 40 char strings are SHA1s (#14624) (#14648)
- Allow org labels to be set with issue templates (#14593) (#14647)
- Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
- Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
- Fix GPG key deletion during account deletion (#14561) (#14569)
-
[1.20.2]
- Update Gitea to 1.13.4
- Fix issue popups (#14898) (#14899)
- Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
- Fix a couple of issues with a feeds (#14897) (#14903)
- When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
- Fix race in local storage (#14888) (#14901)
- Fix 500 on pull view page if user is not loged in (#14885) (#14886)
-
[1.20.3]
- Update Gitea to 1.13.5
- Update to goldmark 1.3.3 (#15059) (#15061)
- Another clusterfuzz spotted issue (#15032) (#15034)
- Fix set milestone on PR creation (#14981) (#15001)
- Prevent panic when editing forked repos by API (#14960) (#14963)
- Fix bug when upload on web (#15042) (#15055)
- Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
- Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
- Fix several render issues (#14986) (#15013)
- Make sure sibling images get a link too (#14979) (#14995)
- Fix Anchor jumping with escaped query components (#14969) (#14977)
- Fix release mail html template (#14976)
- Fix excluding more than two labels on issues list (#14962) (#14973)
- Don't mark each comment poster as OP (#14971) (#14972)
- Add "captcha" to list of reserved usernames (#14930)
- Re-enable import local paths after reversion from #13610 (#14925) (#14927)
-
[1.20.4]
- Update Gitea to 1.13.6
- Fix bug on avatar middleware (#15124) (#15125)
- Fix another clusterfuzz identified issue (#15096) (#15114)
- Fix nil exeption for get pull reviews API #15104 (#15106)
- Fix markdown rendering in milestone content (#15056) (#15092)
-
[1.20.5]
- Update Gitea to 1.13.7
- Update to bluemonday-1.0.6 (#15294) (#15298)
- Clusterfuzz found another way (#15160) (#15169)
- Fix wrong user returned in API (#15139) (#15150)
- Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
- Speed up enry.IsVendor (#15213) (#15246)
- Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
- Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
- Add size to Save function (#15264) (#15271)
-
[1.21.0]
- Update Gitea to 1.14.0
- Full changelog
-
[1.21.1]
- Update Gitea to 1.14.1
- Fix bug clone wiki (#15499) (#15502)
- Github Migration ignore rate limit, if not enabled (#15490) (#15495)
- Use subdir for URL (#15446) (#15493)
- Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
- Ensure review dismissal only dismisses the correct review (#15477) (#15489)
- Use index of the supported tags to choose user lang (#15452) (#15488)
- Fix wrong file link in code search page (#15466) (#15486)
- Quick template fix for built-in SSH server in admin config (#15464) (#15481)
- Prevent superfluous response.WriteHeader (#15456) (#15476)
- Fix ambiguous argument error on tags (#15432) (#15474)
- Add created_unix instead of expiry to migration (#15458) (#15463)
- Fix repository search (#15428) (#15442)
- Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
- Fix wiki clone urls (#15430) (#15431)
- Fix dingtalk icon url at webhook (#15417) (#15426)
- Standardise icon on projects PR page (#15387) (#15408)
- Add option to skip LFS/attachment files for dump (#15407) (#15492)
- Clone panel fixes (#15436)
- Use semantic dropdown for code search query type (#15276) (#15364)
-
[1.21.2]
- Update Gitea to 1.14.2
- Full changelog
- Display conflict-free merge messages for pull requests (#15773) (#15796)
- Exponential Backoff for ByteFIFO (#15724) (#15793)
- Issue list alignment tweaks (#15483) (#15766)
- Implement delete release attachments and update release attachments' name (#14130) (#15666)
- Add placeholder text to deploy key textarea (#15575) (#15576)
- Project board improvements (#15429) (#15560)
- Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
-
[1.21.3]
- Update Gitea to 1.14.3
- Full changelog
- Encrypt migration credentials at rest (#15895) (#16187)
- Only check access tokens if they are likely to be tokens (#16164) (#16171)
- Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
- Fix setting of SameSite on cookies (#15989) (#15991)
-
[1.21.4]
- Update Gitea to 1.14.4
- Full changelog
- Fix relative links in postprocessed images (#16334) (#16340)
- Fix list_options GetStartEnd (#16303) (#16305)
- Fix API to use author for commits instead of committer (#16276) (#16277)
- Handle misencoding of login_source cfg in mssql (#16268) (#16275)
- Fixed issues not updated by commits (#16254) (#16261)
- Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
- Use html.Parse rather than html.ParseFragment (#16223) (#16225)
- Fix milestone counters on new issue (#16183) (#16224)
- reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
-
[1.21.5]
- Update Gitea to 1.14.5
- Full changelog
- Hide mirror passwords on repo settings page (#16022) (#16355)
- Update bluemonday to v1.0.15 (#16379) (#16380)
- Retry rename on lock induced failures (#16435) (#16439)
- Validate issue index before querying DB (#16406) (#16410)
- Fix crash following ldap authentication update (#16447) (#16449)
- Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
-
[1.21.6]
- Update Gitea to 1.14.6
- Full changelog
- SECURITY
- Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
- Switch to maintained JWT lib (#16532) (#16535)
- Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
-
[1.22.0]
- Update Gitea to 1.15.0
- Full changelog
-
[1.22.1]
- Update Gitea to 1.15.1
- Full changelog
-
[1.22.2]
- Update Gitea to 1.15.2
- Add unique constraint back into issue_index (#16938)
- Close storage objects before cleaning (#16934) (#16942)
-
[1.22.3]
- Update Gitea to 1.15.3
- Full changelog
- Add fluid to ui container class to remove margin (#16396) (#16976)
- Add caller to cat-file batch calls (#17082) (#17089)
- Many bug fixes
-
[1.22.4]
- Update Gitea to 1.15.4
- Full changelog
- Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
- Don't allow merged PRs to be reopened (#17192) (#17271)
- Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
- Fix unwanted team review request deletion (#17257) (#17264)
- Fix broken Activities link in team dashboard (#17255) (#17258)
- API pull's head/base have correct permission(#17214) (#17245)
- Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
- Upgrade xorm to v1.2.5 (#17177) (#17188)
- Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
- Fix bug of get context user (#17169) (#17172)
- Nicely handle missing user in collaborations (#17049) (#17166)
- Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
- Fix wrong i18n keys (#17150) (#17153)
- Fix Archive Creation: correct transaction ending (#17151)
- Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
- Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
-
[1.22.5]
- Update Gitea to 1.15.5
- Full changelog
- Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
- Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
- Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
- Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
- Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
- Ensure popup text is aligned left (backport for 1.15) (#17343)
- Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
- Disable core.protectNTFS (#17300) (#17302)
- Use pointer for wrappedConn methods (#17295) (#17296)
- AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
- Handle duplicate keys on GPG key ring (#17242) (#17284)
- Fix SVG side by side comparison link (#17375) (#17391)
-
[1.22.6]
- Update Gitea to 1.15.6
- Full changelog
- Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
- Fix CSV render error (#17406) (#17431)
- Read expected buffer size (#17409) (#17430)
- Ensure that restricted users can access repos for which they are members (#17460) (#17464)
- Make commit-statuses popup show correctly (#17447) (#17466)
-
[1.23.0]
- Update Gitea to 1.15.7
- Full changelog
- Enable rendering of jupyter notebooks, rst, asciidoc by default
- Only allow webhook to send requests to allowed hosts (#17482) (#17510)
- Fix login redirection links (#17451) (#17473)
-
[1.23.1]
- Update Gitea to 1.15.8
- Full changelog
- Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
- Fix delete u2f keys bug (#18040) (#18042)
- Reset Session ID on login (#18018) (#18041)
- Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
- Stop printing 03d after escaped characters in logs (#18030) (#18034)
-
[1.23.2]
- Update Gitea to 1.15.9
- Full changelog
- Fix wrong redirect on org labels (#18128) (#18134)
- Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
- Revert "Fix delete u2f keys bug (#18042)" (#18107)
- Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
- Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
- Reset locale on login (#17734) (#18100)
- Correctly handle failed migrations (#17575) (#18099)
- Instead of using routerCtx just escape the url before routing (#18086) (#18098)
- Quote references to the user table in consistency checks (#18072) (#18073)
- Add NotFound handler (#18062) (#18067)
- Ensure that git repository is closed before transfer (#18049) (#18057)
- Use common sessioner for API and web routes (#18114)
-
[1.23.3]
- Update Gitea to 1.15.10
- Full changelog
- Fix inconsistent PR comment counts (#18260) (#18261)
- Fix release link broken (#18252) (#18253)
- Fix update user from site administration page bug (#18250) (#18251)
- Set HeadCommit when creating tags (#18116) (#18173)
- Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
- Fix purple color in suggested label colors (#18241) (#18242)
- Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
-
[1.23.4]
- Update Gitea to 1.16.0
- Full changelog
-
[1.23.5]
- Update Gitea to 1.16.1
- Full changelog
- Update JS dependencies, fix lint (#18389) (#18540)
- Add dropdown icon to label set template dropdown (#18564) (#18571)
- Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
- Stop logging an error when notes are not found (#18626) (#18635)
- Ensure that blob-excerpt links work for wiki (#18587) (#18624)
- Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
-
[1.23.6]
- Update Gitea to 1.16.2
- Full changelog
- Show fullname on issue edits and gpg/ssh signing info (#18828)
- Immediately Hammer if second kill is sent (#18823) (#18826)
- Allow mermaid render error to wrap (#18791)
-
[1.23.7]
- Update Gitea to 1.16.3
- Full changelog
-
[1.23.8]
- Update Gitea to 1.16.4
- Full changelog
- Restrict email address validation (#17688) (#19085)
- Fix lfs bug (#19072) (#19080)
-
[1.23.9]
- Update Gitea to 1.16.5
- Full changelog
- Prevent redirect to Host (2) (#19175) (#19186)
- Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
- Clean paths when looking in Storage (#19124) (#19179)
- Do not send notification emails to inactive users (#19131) (#19139)
- Do not send activation email if manual confirm is set (#19119) (#19122)
-
[1.23.10]
- Update Gitea to 1.16.6
- Full changelog
- Only request write when necessary (#18657) (#19422)
- Disable service worker by default (#18914) (#19342)
-
[1.23.11]
- Update Gitea to 1.16.7
- Full changelog
- Escape git fetch remote (#19487) (#19490)
- On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
- Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
- Don't error when branch's commit doesn't exist (#19547) (#19548)
- Support hostname:port to pass host matcher's check (#19543) (#19544)
- Prevent dangling archiver goroutine (#19516) (#19526)
- Fix migrate release from github (#19510) (#19523)
- When view _Siderbar or _Footer, just display once (#19501) (#19522)
- Fix blame page select range error and some typos (#19503)
- Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
- User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
- Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
- RepoAssignment ensure to close before overwrite (#19449) (#19460)
- Set correct PR status on 3way on conflict checking (#19457) (#19458)
- Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
-
[1.23.12]
- Update Gitea to 1.16.8
- Full changelog
- Add doctor check/fix for bogus action rows (#19656) (#19669)
- Make .cs highlighting legible on dark themes (#19604) (#19605)
- Delete user related oauth stuff on user deletion too (#19677) (#19680)
- Fix new release from tags list UI (#19670) (#19673)
- Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
