Gitea - Package Updates

girish

[1.20.0]

• Use base image v3

nebulon

[1.20.1]

• Update Gitea to 1.13.3
• Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
• Fix paging of file commit logs (#14831) (#14879)
• Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
• Fix display since time round (#14226) (#14873)
• When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
• Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
• Fix a couple of CommentAsPatch issues. (#14804) (#14820)
• Disable broken OAuth2 providers at startup (#14802) (#14811)
• Repo Transfer permission checks (#14792) (#14794)
• Fix double alert in oauth2 application edit view (#14764) (#14768)
• Fix broken spans in diffs (#14678) (#14683)
• Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
• HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
• Do not assume all 40 char strings are SHA1s (#14624) (#14648)
• Allow org labels to be set with issue templates (#14593) (#14647)
• Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
• Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
• Fix GPG key deletion during account deletion (#14561) (#14569)

nebulon

[1.20.2]

• Update Gitea to 1.13.4
• Fix issue popups (#14898) (#14899)
• Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
• Fix a couple of issues with a feeds (#14897) (#14903)
• When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
• Fix race in local storage (#14888) (#14901)
• Fix 500 on pull view page if user is not loged in (#14885) (#14886)

nebulon

[1.20.3]

• Update Gitea to 1.13.5
• Update to goldmark 1.3.3 (#15059) (#15061)
• Another clusterfuzz spotted issue (#15032) (#15034)
• Fix set milestone on PR creation (#14981) (#15001)
• Prevent panic when editing forked repos by API (#14960) (#14963)
• Fix bug when upload on web (#15042) (#15055)
• Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
• Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
• Fix several render issues (#14986) (#15013)
• Make sure sibling images get a link too (#14979) (#14995)
• Fix Anchor jumping with escaped query components (#14969) (#14977)
• Fix release mail html template (#14976)
• Fix excluding more than two labels on issues list (#14962) (#14973)
• Don't mark each comment poster as OP (#14971) (#14972)
• Add "captcha" to list of reserved usernames (#14930)
• Re-enable import local paths after reversion from #13610 (#14925) (#14927)

nebulon

[1.20.4]

• Update Gitea to 1.13.6
• Fix bug on avatar middleware (#15124) (#15125)
• Fix another clusterfuzz identified issue (#15096) (#15114)
• Fix nil exeption for get pull reviews API #15104 (#15106)
• Fix markdown rendering in milestone content (#15056) (#15092)

nebulon

[1.20.5]

• Update Gitea to 1.13.7
• Update to bluemonday-1.0.6 (#15294) (#15298)
• Clusterfuzz found another way (#15160) (#15169)
• Fix wrong user returned in API (#15139) (#15150)
• Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
• Speed up enry.IsVendor (#15213) (#15246)
• Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
• Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
• Add size to Save function (#15264) (#15271)

nebulon

[1.21.0]

• Update Gitea to 1.14.0
• Full changelog

nebulon

[1.21.1]

• Update Gitea to 1.14.1
• Fix bug clone wiki (#15499) (#15502)
• Github Migration ignore rate limit, if not enabled (#15490) (#15495)
• Use subdir for URL (#15446) (#15493)
• Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
• Ensure review dismissal only dismisses the correct review (#15477) (#15489)
• Use index of the supported tags to choose user lang (#15452) (#15488)
• Fix wrong file link in code search page (#15466) (#15486)
• Quick template fix for built-in SSH server in admin config (#15464) (#15481)
• Prevent superfluous response.WriteHeader (#15456) (#15476)
• Fix ambiguous argument error on tags (#15432) (#15474)
• Add created_unix instead of expiry to migration (#15458) (#15463)
• Fix repository search (#15428) (#15442)
• Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
• Fix wiki clone urls (#15430) (#15431)
• Fix dingtalk icon url at webhook (#15417) (#15426)
• Standardise icon on projects PR page (#15387) (#15408)
• Add option to skip LFS/attachment files for dump (#15407) (#15492)
• Clone panel fixes (#15436)
• Use semantic dropdown for code search query type (#15276) (#15364)

girish

[1.21.2]

• Update Gitea to 1.14.2
• Full changelog
• Display conflict-free merge messages for pull requests (#15773) (#15796)
• Exponential Backoff for ByteFIFO (#15724) (#15793)
• Issue list alignment tweaks (#15483) (#15766)
• Implement delete release attachments and update release attachments' name (#14130) (#15666)
• Add placeholder text to deploy key textarea (#15575) (#15576)
• Project board improvements (#15429) (#15560)
• Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)

nebulon

[1.21.3]

• Update Gitea to 1.14.3
• Full changelog
• Encrypt migration credentials at rest (#15895) (#16187)
• Only check access tokens if they are likely to be tokens (#16164) (#16171)
• Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
• Fix setting of SameSite on cookies (#15989) (#15991)

nebulon

[1.21.4]

• Update Gitea to 1.14.4
• Full changelog
• Fix relative links in postprocessed images (#16334) (#16340)
• Fix list_options GetStartEnd (#16303) (#16305)
• Fix API to use author for commits instead of committer (#16276) (#16277)
• Handle misencoding of login_source cfg in mssql (#16268) (#16275)
• Fixed issues not updated by commits (#16254) (#16261)
• Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
• Use html.Parse rather than html.ParseFragment (#16223) (#16225)
• Fix milestone counters on new issue (#16183) (#16224)
• reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)

nebulon

[1.21.5]

• Update Gitea to 1.14.5
• Full changelog
• Hide mirror passwords on repo settings page (#16022) (#16355)
• Update bluemonday to v1.0.15 (#16379) (#16380)
• Retry rename on lock induced failures (#16435) (#16439)
• Validate issue index before querying DB (#16406) (#16410)
• Fix crash following ldap authentication update (#16447) (#16449)
• Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)

girish

[1.21.6]

• Update Gitea to 1.14.6
• Full changelog
• SECURITY
  • Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
  • Switch to maintained JWT lib (#16532) (#16535)
  • Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)

nebulon

[1.22.0]

• Update Gitea to 1.15.0
• Full changelog

nebulon

[1.22.1]

• Update Gitea to 1.15.1
• Full changelog

nebulon

[1.22.2]

• Update Gitea to 1.15.2
• Add unique constraint back into issue_index (#16938)
• Close storage objects before cleaning (#16934) (#16942)

nebulon

[1.22.3]

• Update Gitea to 1.15.3
• Full changelog
• Add fluid to ui container class to remove margin (#16396) (#16976)
• Add caller to cat-file batch calls (#17082) (#17089)
• Many bug fixes

girish

[1.22.4]

• Update Gitea to 1.15.4
• Full changelog
• Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
• Don't allow merged PRs to be reopened (#17192) (#17271)
• Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
• Fix unwanted team review request deletion (#17257) (#17264)
• Fix broken Activities link in team dashboard (#17255) (#17258)
• API pull's head/base have correct permission(#17214) (#17245)
• Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
• Upgrade xorm to v1.2.5 (#17177) (#17188)
• Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
• Fix bug of get context user (#17169) (#17172)
• Nicely handle missing user in collaborations (#17049) (#17166)
• Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
• Fix wrong i18n keys (#17150) (#17153)
• Fix Archive Creation: correct transaction ending (#17151)
• Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
• Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)

nebulon

[1.22.5]

• Update Gitea to 1.15.5
• Full changelog
• Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
• Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
• Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
• Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
• Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
• Ensure popup text is aligned left (backport for 1.15) (#17343)
• Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
• Disable core.protectNTFS (#17300) (#17302)
• Use pointer for wrappedConn methods (#17295) (#17296)
• AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
• Handle duplicate keys on GPG key ring (#17242) (#17284)
• Fix SVG side by side comparison link (#17375) (#17391)

nebulon

[1.22.6]

• Update Gitea to 1.15.6
• Full changelog
• Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
• Fix CSV render error (#17406) (#17431)
• Read expected buffer size (#17409) (#17430)
• Ensure that restricted users can access repos for which they are members (#17460) (#17464)
• Make commit-statuses popup show correctly (#17447) (#17466)