Gitea - Package Updates

nebulon

[1.32.6]

• Update Gitea to 1.21.7
• Full changelog
• Fix XSS vulnerabilities (#29336)
• Use general token signing secret (#29205) (#29325)
• Refactor issue template parsing and fix API endpoint (#29069) (#29140)
• Fix swift packages not resolving (#29095) (#29102)
• Refactor git version functions and check compatibility (#29155) (#29157)
• Improve user experience for outdated comments (#29050) (#29086)
• Hide code links on release page if user cannot read code (#29064) (#29066)
• Wrap contained tags and branches again (#29021) (#29026)
• Fix incorrect button CSS usages (#29015) (#29023)
• Strip trailing newline in markdown code copy (#29019) (#29022)
• Remove SSH workaround (#27893) (#29332)
• Only log error when tag sync fails (#29295) (#29327)
• Fix SSPI user creation (#28948) (#29323)
• Improve the issue_comment workflow trigger event (#29277) (#29322)
• Discard unread data of git cat-file (#29297) (#29310)
• Fix error display when merging PRs (#29288) (#29309)
• Prevent double use of git cat-file session. (#29298) (#29301)
• Fix missing link on outgoing new release notifications (#29079) (#29300)
• Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
• Always write proc-receive hook for all git versions (#29287) (#29291)
• Do not show delete button when time tracker is disabled (#29257) (#29279)
• Workaround to clean up old reviews on creating a new one (#28554) (#29264)
• Fix bug when the linked account was disactived and list the linked accounts (#29263)
• Do not use lower tag names to find releases/tags (#29261) (#29262)
• Fix missed edit issues event for actions (#29237) (#29251)
• Only delete scheduled workflows when needed (#29091) (#29235)
• Make submit event code work with both jQuery event and native event (#29223) (#29234)
• Fix push to create with capitalize repo name (#29090) (#29206)
• Use ghost user if user was not found (#29161) (#29169)
• Dont load Review if Comment is CommentTypeReviewRequest (#28551) (#29160)
• Refactor parseSignatureFromCommitLine (#29054) (#29108)
• Avoid showing unnecessary JS errors when there are elements with different origin on the page (#29081) (#29089)
• Fix gitea-origin-url with default ports (#29085) (#29088)
• Fix orgmode link resolving (#29024) (#29076)
• Fix: Elasticsearch: Request Entity Too Large #28117 (#29062) (#29075)
• Do not render empty comments (#29039) (#29049)
• Avoid sending update/delete release notice when it is draft (#29008) (#29025)

girish

[1.32.7]

• Update Gitea to 1.21.8
• Full changelog
• Only use supported sort orders for "/explore/users" page (#29430) (#29443)
• Fix wrong line number in code search result (#29260) (#29623)
• Use Get but not Post to get actions artifacts (#29734) (#29737)
• Fix inconsistent rendering of block mathematical expressions (#29677) (#29711)
• Fix rendering internal file links in org (#29669) (#29705)
• Don't show AbortErrors on logout (#29639) (#29667)
• Fix user-defined markup links targets (#29305) (#29666)
• Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize (#29653) (#29663)
• Fix hidden test's failure (#29254) (#29662)

nebulon

[1.32.6]

• Update Gitea to 1.21.7
• [Full changelog](https://github.com/go-gitea/[1.32.8]
• Update Gitea to 1.21.9
• Full changelog
• Only do counting when count_only=true for repo dashboard (#29884) (#29905)
• Add cache for dashboard commit status (#29932)
• Make runs-on support variable expression (#29468) (#29782)
• Show Actions post step when it's running (#29926) (#29928)
• Fix PR creation via API between branches of the same repo with head field namespaced (#26986) (#29857)
• Fix and rewrite markup anchor processing (#29931) (#29946)
• Notify reviewers added via CODEOWNERS (#29842) (#29902)
• Fix template error when comment review doesn't exist (#29888) (#29889)
• Fix user id column case (#29863) (#29867)
• Make meilisearch do exact search for issues (#29740 & #29671) (#29846)
• Fix the for attribute not pointing to the ID of the color picker (#29813) (#29815)
• Fix codeowner detected diff base branch to mergebase (#29783) (#29807)
• Fix Safari spinner rendering (#29801) (#29802)
• Fix missing translation on milestones (#29785) (#29789)
• Fix user router possible panic (#29751) (#29786)
• Fix possible NPE in ToPullReviewList (#29759) (#29775)
• Fix the wrong default value of ENABLE_OPENID_SIGNIN on docs (#29925) (#29927)
• Solving the issue of UI disruption when the review is deleted without refreshing (#29951) (#29968)
• Fix loadOneBranch panic (#29938) (#29939)
• Fix invalid link of the commit status when ref is tagged (#29752) (#29908)
• Editor error message misleading due to re-used key. (#29859) (#29876)
• Fix double border and border-radius on empty action steps (#29845) (#29850)
• Use Temporal.PlainDate for absolute dates (#29804) (#29808)
• Fix incorrect package link method calls in templates (#29580) (#29764)
• Fix the bug that the user may log out if GetUserByID returns unknown error (#29962) (#29964)
• Performance improvements for pull request list page (#29900) (#29972)
• Fix bugs in rerunning jobs (#29983) (#29955)
  gitea/releases/tag/v1.21.7)
• Fix XSS vulnerabilities (#29336)
• Use general token signing secret (#29205) (#29325)
• Refactor issue template parsing and fix API endpoint (#29069) (#29140)
• Fix swift packages not resolving (#29095) (#29102)
• Refactor git version functions and check compatibility (#29155) (#29157)
• Improve user experience for outdated comments (#29050) (#29086)
• Hide code links on release page if user cannot read code (#29064) (#29066)
• Wrap contained tags and branches again (#29021) (#29026)
• Fix incorrect button CSS usages (#29015) (#29023)
• Strip trailing newline in markdown code copy (#29019) (#29022)
• Remove SSH workaround (#27893) (#29332)
• Only log error when tag sync fails (#29295) (#29327)
• Fix SSPI user creation (#28948) (#29323)
• Improve the issue_comment workflow trigger event (#29277) (#29322)
• Discard unread data of git cat-file (#29297) (#29310)
• Fix error display when merging PRs (#29288) (#29309)
• Prevent double use of git cat-file session. (#29298) (#29301)
• Fix missing link on outgoing new release notifications (#29079) (#29300)
• Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
• Always write proc-receive hook for all git versions (#29287) (#29291)
• Do not show delete button when time tracker is disabled (#29257) (#29279)
• Workaround to clean up old reviews on creating a new one (#28554) (#29264)
• Fix bug when the linked account was disactived and list the linked accounts (#29263)
• Do not use lower tag names to find releases/tags (#29261) (#29262)
• Fix missed edit issues event for actions (#29237) (#29251)
• Only delete scheduled workflows when needed (#29091) (#29235)
• Make submit event code work with both jQuery event and native event (#29223) (#29234)
• Fix push to create with capitalize repo name (#29090) (#29206)
• Use ghost user if user was not found (#29161) (#29169)
• Dont load Review if Comment is CommentTypeReviewRequest (#28551) (#29160)
• Refactor parseSignatureFromCommitLine (#29054) (#29108)
• Avoid showing unnecessary JS errors when there are elements with different origin on the page (#29081) (#29089)
• Fix gitea-origin-url with default ports (#29085) (#29088)
• Fix orgmode link resolving (#29024) (#29076)
• Fix: Elasticsearch: Request Entity Too Large #28117 (#29062) (#29075)
• Do not render empty comments (#29039) (#29049)
• Avoid sending update/delete release notice when it is draft (#29008) (#29025)

nebulon

[1.32.9]

• Update Gitea to 1.21.10
• Full changelog
• Fix Add/Remove WIP on pull request title failure (#29999) (#30066)
• Fix misuse of TxContext (#30061) (#30062)
• Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org (#30013) (#30035)
• Escape paths for find file correctly (#30026) (#30031)
• Remove duplicate option in admin screen and now-unused translation keys (#28492) (#30024)
• Fix manual merge form and 404 page templates (#30000)

nebulon

[1.32.10]

• Update Gitea to 1.21.11
• Full changelog
• Use go1.21.9 to include Golang security fix
• Fix possible renderer security problem (#30136) (#30315)
• Fix close file in the Upload func (#30262) (#30269)
• Fix inline math blocks can't be preceeded/followed by alphanumerical characters (#30175) (#30250)
• Fix missing 0 prefix of GPG key id (#30245) (#30247)
• Include encoding in signature payload (#30174) (#30181)
• Move from max( id ) to max( index ) for latest commit statuses (#30076) (#30155)
• Load attachments for code comments (#30124) (#30126)
• Fix gitea doctor will remove repo-avatar files when executing command storage-archives (#30094) (#30120)
• Fix possible data race on tests (#30093) (#30108)
• Performance optimization for git push (#30104)
• Fix duplicate migrated milestones (#30102) (#30105)
• Fix panic for fixBrokenRepoUnits16961 (#30068) (#30100)
• Fix incorrect SVGs (#30087)
• Fix create commit status (#30225) (#30340)
• Performance optimization for git push (#30104) (#30354)
• Fix misuse of unsupported global variables (#30402)
• Fix to delete the cookie when AppSubURL is non-empty (#30375) (#30468)
• Avoid user does not exist error when detecting schedule actions when the commit author is an external user (#30357) (#30408)
• Change the default maxPerPage for gitbucket (#30392) (#30471)
• Check the token's owner and repository when registering a runner (#30406) (#30412)
• Avoid losing token when updating mirror settings (#30429) (#30466)
• Fix commit status cache which missed target_url (#30426) (#30445)
• Fix rename branch 500 when the target branch is deleted but exist in database (#30430) (#30437)
• Fix mirror error when mirror repo is empty (#30432) (#30467)
• Use db.ListOptions directly instead of Paginator interface to make it easier to use and fix performance of /pulls and /issues (#29990) (#30447)
• Fix code owners will not be mentioned when a pull request comes from a forked repository (#30476) (#30497)

girish

[1.33.0]

• Update Gitea to 1.22.0
• Full changelog
• Breaking changes
• Allow everyone to read or write a wiki by a repo unit setting (#30495)
• Use raw Wiki links for non-renderable Wiki files (#30273)
• Render embedded code preview by permalink in markdown (#30234) (#30249)
• Support repo code search without setting up an indexer (#29998)
• Support pasting URLs over markdown text (#29566)
• Allow to change primary email before account activation (#29412)
• Customizable "Open with" applications for repository clone (#29320)
• Allow options to disable user deletion from the interface on app.ini (#29275)
• Extend issue template YAML engine (#29274)

nebulon

[1.33.1]

• Update Gitea to 1.22.1
• Full changelog

Package Updates

[1.33.2]

• Update Gitea to 1.22.2
• Full changelog
• Replace v-html with v-text in search inputbox (#31966) (#31973)
• Fix nuget/conan/container packages upload bugs (#31967) (#31982)
• Refactor the usage of batch catfile (#31754) (#31889)
• Fix overflowing content in action run log (#31842) (#31853)
• Scroll images in project issues separately from the remaining issue (#31683) (#31823)
• Add :focus-visible style to buttons (#31799) (#31819)
• Fix the display of project type for deleted projects (#31732) (#31734)
• Fix API owner ID should be zero when created repo secret (#31715) (#31811)
• Set owner id to zero when GetRegistrationToken for repo (#31725) (#31729)
• Fix API endpoint for registration-token (#31722) (#31728)
• Add permission check when creating PR (#31033) (#31720)

Package Updates

[1.33.3]

• Update Gitea to 1.22.3
• Full changelog
• Fix bug when a token is given public only (#32204) (#32218)
• Increase cacheContextLifetime to reduce false reports (#32011) (#32023)
• Don't join repository when loading action table data (#32127) (#32143)
• Fix javascript error when an anonymous user visits migration page (#32144) (#32179)
• Don't init signing keys if oauth2 provider is disabled (#32177)
• Fix wrong status of Set up Job when first step is skipped (#32120) (#32125)
• Fix bug when deleting a migrated branch (#32075) (#32123)
• Truncate commit message during Discord webhook push events (#31970) (#32121)
• Allow to set branch protection in an empty repository (#32095) (#32119)
• Fix panic when cloning with wrong ssh format. (#32076) (#32118)

Package Updates

[1.33.4]

• Update gitea to 1.22.4
• Full Changelog
• Fix basic auth with webauthn (#32531) (#32536)
• Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479)

Package Updates

[1.33.5]

• Update gitea to 1.22.5
• Full Changelog
• Upgrade crypto library (#​32791)
• Fix delete branch perm checking (#​32654) (#​32707)
• Add standard-compliant route to serve outdated R packages (#​32783) (#​32789)
• Fix internal server error when updating labels without write permission (#​32776) (#​32785)
• Add Swift login endpoint (#​32693) (#​32701)
• Fix fork page branch selection (#​32711) (#​32725)
• Fix word overflow in file search page (#​32695) (#​32699)
• Fix gogit GetRefCommitID (#​32705) (#​32712)
• Fix race condition in mermaid observer (#​32599) (#​32673)
• Fixe a keystring misuse and refactor duplicates keystrings (#​32668) (#​32792)
• Bump relative-time-element to v4.4.4 (#​32739)
• Make wiki pages visit fast (#​32732) (#​32745)
• Don't create action when syncing mirror pull refs (#​32659) (#​32664)

Package Updates

[1.33.6]

• Update gitea to 1.22.6
• Full Changelog
• Fix misuse of PublicKeyCallback(#​32810)
• Fix lfs migration (#​32812) (#​32818)
• Add missing two sync feed for refs/pull (#​32815)
• Avoid MacOS keychain dialog in integration tests (#​32813) (#​32816)

Package Updates

[1.34.0]

• Update gitea to 1.23.0
• Full Changelog
• Rename config option [camo].Allways to [camo].Always (#​32097)
• Remove SHA1 for support for SSH RSA signing (#​31857)
• Use UTC as the default timezone when scheduling Actions cron tasks (#​31742)
• Delete Actions logs older than 1 year by default (#​31735)
• Make OIDC introspection authentication strictly require Client ID and secret (#​31632)
• Include file extension checks in attachment API (#​32151)

Package Updates

[1.34.1]

• Update gitea to 1.23.1
• Full Changelog
• Move repo size to sidebar (#​33155)
• Fix editor markdown not incrementing in a numbered list (#​33187) #​33193

Package Updates

[1.34.2]

• Update gitea to 1.23.3
• Full Changelog
• Build Gitea with Golang v1.23.6 to fix security bugs
• Fix a bug caused by status webhook template #33512

Package Updates

[1.34.3]

• Update gitea to 1.23.4
• Full Changelog
• Enhance routers for the Actions variable operations (#33547) (#33553)
• Enhance routers for the Actions runner operations (#33549) (#33555)
• Fix project issues list and counting (#33594) #33619
• Add a transaction to pickTask (#33543) (#33563)
• Fix mirror bug (#33597) (#33607)
• Use default Git timeout when checking repo health (#33593) (#33598)
• Fix PR's target branch dropdown (#33589) (#33591)
• Fix various problems (artifact order, api empty slice, assignee check, fuzzy prompt, mirror proxy, adopt git) (#33569) (#33577)
• Rework suggestion backend (#33538) (#33546)
• Fix context usage (#33554) (#33557)

Package Updates

[1.34.4]

• Update gitea to 1.23.5
• Full Changelog
• Compile with Go 1.24.1
• Bump x/oauth2 & x/crypto (#33704) (#33727)
• Optimize user dashboard loading (#33686) (#33708)
• Fix navbar dropdown item align (#33782)
• Fix inconsistent closed issue list icon (#33722) (#33728)
• Fix for Maven Package Naming Convention Handling (#33678) (#33679)
• Improve Open-with URL encoding (#33666) (#33680)
• Deleting repository should unlink all related packages (#33653) (#33673)
• Fix omitempty bug (#33663) (#33670)
• Upgrade go-crypto from 1.1.4 to 1.1.6 (#33745) (#33754)
• Fix OCI image.version annotation for releases to use full semver (#33698) (#33701)
• Try to fix ACME path when renew (#33668) (#33693)
• Fix mCaptcha bug (#33659) (#33661)
• Git graph: don't show detached commits (#33645) (#33650)

Package Updates

[1.35.0]

• Base image 5

Package Updates

[1.35.1]

• Fix hard coded mysql hostname

Package Updates

[1.35.2]

• Update gitea to 1.23.6
• Full Changelog
• Fix LFS URL (#33840) (#33843)
• Update jwt and redis packages (#33984) (#33987)
• Update golang crypto and net (#33989)
• Drop timeout for requests made to the internal hook api (#33947) (#33970)
• Fix maven panic when no package exists (#33888) (#33889)
• Fix markdown render (#33870) (#33875)
• Fix auto concurrency cancellation skips commit status updates (#33764) (#33849)
• Fix oauth2 auth (#33961) (#33962)