Gitea - Package Updates

nebulon

[1.18.5]

• Update Gitea to 1.12.6
• Full changelog
• Prevent git operations for inactive users (#13527) (#13537)
• Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
• API should only return Json (#13511) (#13564)
• Fix before and since query arguments at API (#13559) (#13560)
• Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
• Fix link detection in repository description with tailing '_' (#13407) (#13408)
• Remove obsolete change of email on profile page (#13341) (#13348)
• Fix permission check on get Reactions API endpoints (#13344) (#13346)
• Add migrated pulls to pull request task queue (#13331) (#13335)
• API deny wrong pull creation options (#13308) (#13327)
• Fix initial commit page & binary munching problem (#13249) (#13259)
• Fix diff parsing (#13157) (#13136) (#13139)
• Return error 404 not 500 from API if team does not exist (#13118) (#13119)
• Prohibit automatic downgrades (#13108) (#13111)
• Fix GitLab Migration Option AuthToken (#13101)
• GitLab Label Color Normalizer (#12793) (#13100)
• Log the underlying panic in runMigrateTask (#13096) (#13098)
• Fix attachments list in edit comment (#13036) (#13097)
• Fix deadlock when deleting team user (#13093)
• Fix error create comment on outdated file (#13041) (#13042)
• Fix repository create/delete event webhooks (#13008) (#13027)
• Fix internal server error on README in submodule (#13006) (#13016)

nebulon

[1.19.0]

• Update Gitea to 1.13.0
• Full changelog

girish

[1.19.1]

• Update Gitea to 1.13.1
• Full changelog
• Security: Hide private participation in Orgs (#13994) (#14031)
• Security: Fix escaping issue in diff (#14153) (#14154)

nebulon

[1.19.2]

• Update Gitea to 1.13.2
• Prevent panic on fuzzer provided string (#14405) (#14409)
• Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
• If release publisher is deleted use ghost user (#14375)
• Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
• Set the name Mapper in migrations (#14526) (#14529)
• Fix wiki preview (#14515)
• Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
• ChangeUserName: rename user files back on DB issue (#14447)
• Fix lfs preview bug (#14428) (#14433)
• Ensure timeout error is shown on u2f timeout (#14417) (#14431)
• Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
• Use path not filepath in routers/editor (#14390) (#14396)
• Check if label template exist first (#14384) (#14389)
• Fix migration v141 (#14387) (#14388)
• Use Request.URL.RequestURI() for fcgi (#14347)
• Use ServerError provided by Context (#14333) (#14345)
• Fix edit-label form init (#14337)
• Fix mailIssueCommentBatch for pull request (#14252) (#14296)
• Render links for commit hashes followed by comma (#14224) (#14227)
• Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
• Fix avatar bugs (#14217) (#14220)
• Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
• Fix dashboard issues labels filter bug (#14210) (#14214)
• When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
• Fix branch selector on new issue page (#14194) (#14207)
• Check for notExist on profile repository page (#14197) (#14203)

girish

[1.20.0]

• Use base image v3

nebulon

[1.20.1]

• Update Gitea to 1.13.3
• Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
• Fix paging of file commit logs (#14831) (#14879)
• Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
• Fix display since time round (#14226) (#14873)
• When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
• Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
• Fix a couple of CommentAsPatch issues. (#14804) (#14820)
• Disable broken OAuth2 providers at startup (#14802) (#14811)
• Repo Transfer permission checks (#14792) (#14794)
• Fix double alert in oauth2 application edit view (#14764) (#14768)
• Fix broken spans in diffs (#14678) (#14683)
• Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
• HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
• Do not assume all 40 char strings are SHA1s (#14624) (#14648)
• Allow org labels to be set with issue templates (#14593) (#14647)
• Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
• Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
• Fix GPG key deletion during account deletion (#14561) (#14569)

nebulon

[1.20.2]

• Update Gitea to 1.13.4
• Fix issue popups (#14898) (#14899)
• Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
• Fix a couple of issues with a feeds (#14897) (#14903)
• When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
• Fix race in local storage (#14888) (#14901)
• Fix 500 on pull view page if user is not loged in (#14885) (#14886)

nebulon

[1.20.3]

• Update Gitea to 1.13.5
• Update to goldmark 1.3.3 (#15059) (#15061)
• Another clusterfuzz spotted issue (#15032) (#15034)
• Fix set milestone on PR creation (#14981) (#15001)
• Prevent panic when editing forked repos by API (#14960) (#14963)
• Fix bug when upload on web (#15042) (#15055)
• Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
• Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
• Fix several render issues (#14986) (#15013)
• Make sure sibling images get a link too (#14979) (#14995)
• Fix Anchor jumping with escaped query components (#14969) (#14977)
• Fix release mail html template (#14976)
• Fix excluding more than two labels on issues list (#14962) (#14973)
• Don't mark each comment poster as OP (#14971) (#14972)
• Add "captcha" to list of reserved usernames (#14930)
• Re-enable import local paths after reversion from #13610 (#14925) (#14927)

nebulon

[1.20.4]

• Update Gitea to 1.13.6
• Fix bug on avatar middleware (#15124) (#15125)
• Fix another clusterfuzz identified issue (#15096) (#15114)
• Fix nil exeption for get pull reviews API #15104 (#15106)
• Fix markdown rendering in milestone content (#15056) (#15092)

nebulon

[1.20.5]

• Update Gitea to 1.13.7
• Update to bluemonday-1.0.6 (#15294) (#15298)
• Clusterfuzz found another way (#15160) (#15169)
• Fix wrong user returned in API (#15139) (#15150)
• Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
• Speed up enry.IsVendor (#15213) (#15246)
• Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
• Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
• Add size to Save function (#15264) (#15271)

nebulon

[1.21.0]

• Update Gitea to 1.14.0
• Full changelog

nebulon

[1.21.1]

• Update Gitea to 1.14.1
• Fix bug clone wiki (#15499) (#15502)
• Github Migration ignore rate limit, if not enabled (#15490) (#15495)
• Use subdir for URL (#15446) (#15493)
• Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
• Ensure review dismissal only dismisses the correct review (#15477) (#15489)
• Use index of the supported tags to choose user lang (#15452) (#15488)
• Fix wrong file link in code search page (#15466) (#15486)
• Quick template fix for built-in SSH server in admin config (#15464) (#15481)
• Prevent superfluous response.WriteHeader (#15456) (#15476)
• Fix ambiguous argument error on tags (#15432) (#15474)
• Add created_unix instead of expiry to migration (#15458) (#15463)
• Fix repository search (#15428) (#15442)
• Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
• Fix wiki clone urls (#15430) (#15431)
• Fix dingtalk icon url at webhook (#15417) (#15426)
• Standardise icon on projects PR page (#15387) (#15408)
• Add option to skip LFS/attachment files for dump (#15407) (#15492)
• Clone panel fixes (#15436)
• Use semantic dropdown for code search query type (#15276) (#15364)