0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-11-23 01:16:38 +01:00
gitea/CHANGELOG.md
Lunny Xiao 7d0903bf90
Adjust changelog for v1.21.6 to move prs to correct labels (#29339) (#29343)
When releasing, the releaser should read all the pull requests carefully
and do some adjustments because some of pull requests' labels are not
right when it's merged.

And the changelog tool needs to be adjusted. If one pull request has
both `bug` and `API`, it should mark it as `bug` but not `API`.

Backport #29339
2024-02-23 12:09:18 +01:00

472 KiB
Raw Blame History

Changelog

This changelog goes through all the changes that have been made in each release without substantial changes to our git log; to see the highlights of what has been added to each release, please refer to the blog.

1.21.6 - 2024-02-22

  • SECURITY
    • Fix XSS vulnerabilities (#29336)
    • Use general token signing secret (#29205) (#29325)
  • ENHANCEMENTS
    • Refactor git version functions and check compatibility (#29155) (#29157)
    • Improve user experience for outdated comments (#29050) (#29086)
    • Hide code links on release page if user cannot read code (#29064) (#29066)
    • Wrap contained tags and branches again (#29021) (#29026)
    • Fix incorrect button CSS usages (#29015) (#29023)
    • Strip trailing newline in markdown code copy (#29019) (#29022)
    • Implement some action notifier functions (#29173) (#29308)
    • Load outdated comments when (un)resolving conversation on PR timeline (#29203) (#29221)
  • BUGFIXES
    • Refactor issue template parsing and fix API endpoint (#29069) (#29140)
    • Fix swift packages not resolving (#29095) (#29102)
    • Remove SSH workaround (#27893) (#29332)
    • Only log error when tag sync fails (#29295) (#29327)
    • Fix SSPI user creation (#28948) (#29323)
    • Improve the issue_comment workflow trigger event (#29277) (#29322)
    • Discard unread data of git cat-file (#29297) (#29310)
    • Fix error display when merging PRs (#29288) (#29309)
    • Prevent double use of git cat-file session. (#29298) (#29301)
    • Fix missing link on outgoing new release notifications (#29079) (#29300)
    • Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
    • Always write proc-receive hook for all git versions (#29287) (#29291)
    • Do not show delete button when time tracker is disabled (#29257) (#29279)
    • Workaround to clean up old reviews on creating a new one (#28554) (#29264)
    • Fix bug when the linked account was disactived and list the linked accounts (#29263)
    • Do not use lower tag names to find releases/tags (#29261) (#29262)
    • Fix missed edit issues event for actions (#29237) (#29251)
    • Only delete scheduled workflows when needed (#29091) (#29235)
    • Make submit event code work with both jQuery event and native event (#29223) (#29234)
    • Fix push to create with capitalize repo name (#29090) (#29206)
    • Use ghost user if user was not found (#29161) (#29169)
    • Dont load Review if Comment is CommentTypeReviewRequest (#28551) (#29160)
    • Refactor parseSignatureFromCommitLine (#29054) (#29108)
    • Avoid showing unnecessary JS errors when there are elements with different origin on the page (#29081) (#29089)
    • Fix gitea-origin-url with default ports (#29085) (#29088)
    • Fix orgmode link resolving (#29024) (#29076)
    • Fix Elasticsearh Request Entity Too Large #28117 (#29062) (#29075)
    • Do not render empty comments (#29039) (#29049)
    • Avoid sending update/delete release notice when it is draft (#29008) (#29025)
    • Fix gitea-action user avatar broken on edited menu (#29190) (#29307)
    • Disallow merge when required checked are missing (#29143) (#29268)
    • Fix incorrect link to swift doc and swift package-registry login command (#29096) (#29103)
    • Convert visibility to number (#29226) (#29244)
  • DOCS
    • Remove outdated docs from some languages (#27530) (#29208)
    • Fix typos in the documentation (#29048) (#29056)
    • Explained where create issue/PR template (#29035)

1.21.5 - 2024-01-31

  • SECURITY
    • Prevent anonymous container access if RequireSignInView is enabled (#28877) (#28882)
    • Update go dependencies and fix go-git (#28893) (#28934)
  • BUGFIXES
    • Revert "Speed up loading the dashboard on mysql/mariadb (#28546)" (#29006) (#29007)
    • Fix an actions schedule bug (#28942) (#28999)
    • Fix update enable_prune even if mirror_interval is not provided (#28905) (#28929)
    • Fix uploaded artifacts should be overwritten (#28726) backport v1.21 (#28832)
    • Preserve BOM in web editor (#28935) (#28959)
    • Strip / from relative links (#28932) (#28952)
    • Don't remove all mirror repository's releases when mirroring (#28817) (#28939)
    • Implement MigrateRepository for the actions notifier (#28920) (#28923)
    • Respect branch info for relative links (#28909) (#28922)
    • Don't reload timeline page when (un)resolving or replying conversation (#28654) (#28917)
    • Only migrate the first 255 chars of a Github issue title (#28902) (#28912)
    • Fix sort bug on repository issues list (#28897) (#28901)
    • Fix DeleteCollaboration transaction behaviour (#28886) (#28889)
    • Fix schedule not trigger bug because matching full ref name with short ref name (#28874) (#28888)
    • Fix migrate storage bug (#28830) (#28867)
    • Fix archive creating LFS hooks and breaking pull requests (#28848) (#28851)
    • Fix reverting a merge commit failing (#28794) (#28825)
    • Upgrade xorm to v1.3.7 to fix a resource leak problem caused by Iterate (#28891) (#28895)
    • Fix incorrect PostgreSQL connection string for Unix sockets (#28865) (#28870)
  • ENHANCEMENTS
    • Make loading animation less aggressive (#28955) (#28956)
    • Avoid duplicate JS error messages on UI (#28873) (#28881)
    • Bump @github/relative-time-element to 4.3.1 (#28819) (#28826)
  • MISC
    • Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly defined (#28783) (#28868)
    • Remove duplicated checkinit on git module (#28824) (#28831)

1.21.4 - 2024-01-16

  • SECURITY
    • Update github.com/cloudflare/circl (#28789) (#28790)
    • Require token for GET subscription endpoint (#28765) (#28768)
  • BUGFIXES
    • Use refname:strip-2 instead of refname:short when syncing tags (#28797) (#28811)
    • Fix links in issue card (#28806) (#28807)
    • Fix nil pointer panic when exec some gitea cli command (#28791) (#28795)
    • Require token for GET subscription endpoint (#28765) (#28778)
    • Fix button size in "attached header right" (#28770) (#28774)
    • Fix convert.ToTeams on empty input (#28426) (#28767)
    • Hide code related setting options in repository when code unit is disabled (#28631) (#28749)
    • Fix incorrect URL for "Reference in New Issue" (#28716) (#28723)
    • Fix panic when parsing empty pgsql host (#28708) (#28709)
    • Upgrade xorm to new version which supported update join for all supported databases (#28590) (#28668)
    • Fix alpine package files are not rebuilt (#28638) (#28665)
    • Avoid cycle-redirecting user/login page (#28636) (#28658)
    • Fix empty ref for cron workflow runs (#28640) (#28647)
    • Remove unnecessary syncbranchToDB with tests (#28624) (#28629)
    • Use known issue IID to generate new PR index number when migrating from GitLab (#28616) (#28618)
    • Fix flex container width (#28603) (#28605)
    • Fix the scroll behavior for emoji/mention list (#28597) (#28601)
    • Fix wrong due date rendering in issue list page (#28588) (#28591)
    • Fix status_check_contexts matching bug (#28582) (#28589)
    • Fix 500 error of searching commits (#28576) (#28579)
    • Use information from previous blame parts (#28572) (#28577)
    • Update mermaid for 1.21 (#28571)
    • Fix 405 method not allowed CORS / OIDC (#28583) (#28586) (#28587) (#28611)
    • Fix GetCommitStatuses (#28787) (#28804)
    • Forbid removing the last admin user (#28337) (#28793)
    • Fix schedule tasks bugs (#28691) (#28780)
    • Fix issue dependencies (#27736) (#28776)
    • Fix system webhooks API bug (#28531) (#28666)
    • Fix when private user following user, private user will not be counted in his own view (#28037) (#28792)
    • Render code block in activity tab (#28816) (#28818)
  • ENHANCEMENTS
    • Rework markup link rendering (#26745) (#28803)
    • Modernize merge button (#28140) (#28786)
    • Speed up loading the dashboard on mysql/mariadb (#28546) (#28784)
    • Assign pull request to project during creation (#28227) (#28775)
    • Show description as tooltip instead of title for labels (#28754) (#28766)
    • Make template DateTime show proper tooltip (#28677) (#28683)
    • Switch destination directory for apt signing keys (#28639) (#28642)
    • Include heap pprof in diagnosis report to help debugging memory leaks (#28596) (#28599)
  • DOCS
    • Suggest to use Type=simple for systemd service (#28717) (#28722)
    • Extend description for ARTIFACT_RETENTION_DAYS (#28626) (#28630)
  • MISC
    • Add -F to commit search to treat keywords as strings (#28744) (#28748)
    • Add download attribute to release attachments (#28739) (#28740)
    • Concatenate error in checkIfPRContentChanged (#28731) (#28737)
    • Improve 1.21 document for Database Preparation (#28643) (#28644)

1.21.3 - 2023-12-21

  • SECURITY
    • Update golang.org/x/crypto (#28519)
  • API
    • chore(api): support ignore password if login source type is LDAP for creating user API (#28491) (#28525)
    • Add endpoint for not implemented Docker auth (#28457) (#28462)
  • ENHANCEMENTS
    • Add option to disable ambiguous unicode characters detection (#28454) (#28499)
    • Refactor SSH clone URL generation code (#28421) (#28480)
    • Polyfill SubmitEvent for PaleMoon (#28441) (#28478)
  • BUGFIXES
    • Fix the issue ref rendering for wiki (#28556) (#28559)
    • Fix duplicate ID when deleting repo (#28520) (#28528)
    • Only check online runner when detecting matching runners in workflows (#28286) (#28512)
    • Initalize stroage for orphaned repository doctor (#28487) (#28490)
    • Fix possible nil pointer access (#28428) (#28440)
    • Don't show unnecessary citation JS error on UI (#28433) (#28437)
  • DOCS
    • Update actions document about comparsion as Github Actions (#28560) (#28564)
    • Fix documents for "custom/public/assets/" (#28465) (#28467)
  • MISC
    • Fix inperformant query on retrifing review from database. (#28552) (#28562)
    • Improve the prompt for "ssh-keygen sign" (#28509) (#28510)
    • Update docs for DISABLE_QUERY_AUTH_TOKEN (#28485) (#28488)
    • Fix Chinese translation of config cheat sheet[API] (#28472) (#28473)
    • Retry SSH key verification with additional CRLF if it failed (#28392) (#28464)

1.21.2 - 2023-12-12

  • SECURITY
    • Rebuild with recently released golang version
    • Fix missing check (#28406) (#28411)
    • Do some missing checks (#28423) (#28432)
  • BUGFIXES
    • Fix margin in server signed signature verification view (#28379) (#28381)
    • Fix object does not exist error when checking citation file (#28314) (#28369)
    • Use filepath instead of path to create SQLite3 database file (#28374) (#28378)
    • Fix the runs will not be displayed bug when the main branch have no workflows but other branches have (#28359) (#28365)
    • Handle repository.size column being NULL in migration v263 (#28336) (#28363)
    • Convert git commit summary to valid UTF8. (#28356) (#28358)
    • Fix migration panic due to an empty review comment diff (#28334) (#28362)
    • Add HEAD support for rpm repo files (#28309) (#28360)
    • Fix RPM/Debian signature key creation (#28352) (#28353)
    • Keep profile tab when clicking on Language (#28320) (#28331)
    • Fix missing issue search index update when changing status (#28325) (#28330)
    • Fix wrong link in protect_branch_name_pattern_desc (#28313) (#28315)
    • Read previous info from git blame (#28306) (#28310)
    • Ignore "non-existing" errors when getDirectorySize calculates the size (#28276) (#28285)
    • Use appSubUrl for OAuth2 callback URL tip (#28266) (#28275)
    • Meilisearch: require all query terms to be matched (#28293) (#28296)
    • Fix required error for token name (#28267) (#28284)
    • Fix issue will be detected as pull request when checking First-time contributor (#28237) (#28271)
    • Use full width for project boards (#28225) (#28245)
    • Increase "version" when update the setting value to a same value as before (#28243) (#28244)
    • Also sync DB branches on push if necessary (#28361) (#28403)
    • Make gogit Repository.GetBranchNames consistent (#28348) (#28386)
    • Recover from panic in cron task (#28409) (#28425)
    • Deprecate query string auth tokens (#28390) (#28430)
  • ENHANCEMENTS
    • Improve doctor cli behavior (#28422) (#28424)
    • Fix margin in server signed signature verification view (#28379) (#28381)
    • Refactor template empty checks (#28351) (#28354)
    • Read previous info from git blame (#28306) (#28310)
    • Use full width for project boards (#28225) (#28245)
    • Enable system users search via the API (#28013) (#28018)

1.21.1 - 2023-11-26

  • SECURITY
    • Fix comment permissions (#28213) (#28216)
  • BUGFIXES
    • Fix delete-orphaned-repos (#28200) (#28202)
    • Make CORS work for oauth2 handlers (#28184) (#28185)
    • Fix missing buttons (#28179) (#28181)
    • Fix no ActionTaskOutput table waring (#28149) (#28152)
    • Fix empty action run title (#28113) (#28148)
    • Use "is-loading" to avoid duplicate form submit for code comment (#28143) (#28147)
    • Fix Matrix and MSTeams nil dereference (#28089) (#28105)
    • Fix incorrect pgsql conn builder behavior (#28085) (#28098)
    • Fix system config cache expiration timing (#28072) (#28090)
    • Restricted users only see repos in orgs which their team was assigned to (#28025) (#28051)
  • API
    • Fix permissions for Token DELETE endpoint to match GET and POST (#27610) (#28099)
  • ENHANCEMENTS
    • Do not display search box when there's no packages yet (#28146) (#28159)
    • Add missing packages.cleanup.success (#28129) (#28132)
  • DOCS
    • Docs: Replace deprecated IS_TLS_ENABLED mailer setting in email setup (#28205) (#28208)
    • Fix the description about the default setting for action in quick start document (#28160) (#28168)
    • Add guide page to actions when there's no workflows (#28145) (#28153)
  • MISC
    • Use full width for PR comparison (#28182) (#28186)

1.21.0 - 2023-11-14

  • BREAKING
    • Restrict certificate type for builtin SSH server (#26789)
    • Refactor to use urfave/cli/v2 (#25959)
    • Move public asset files to the proper directory (#25907)
    • Remove commit status running and warning to align GitHub (#25839) (partially reverted: Restore warning commit status (#27504) (#27529))
    • Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)
    • Set SSH_AUTHORIZED_KEYS_BACKUP to false (#25412)
  • FEATURES
    • User details page (#26713)
    • Chore(actions): support cron schedule task (#26655)
    • Support rebuilding issue indexer manually (#26546)
    • Allow to archive labels (#26478)
    • Add disable workflow feature (#26413)
    • Support .git-blame-ignore-revs file (#26395)
    • Pre-register OAuth2 applications for git credential helpers (#26291)
    • Add Retry button when creating a mirror-repo fails (#26228)
    • Artifacts retention and auto clean up (#26131)
    • Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
    • Implement auto-cancellation of concurrent jobs if the event is push (#25716)
    • Newly pushed branches hints on repository home page (#25715)
    • Display branch commit status (#25608)
    • Add direct serving of package content (#25543)
    • Add commits dropdown in PR files view and allow commit by commit review (#25528)
    • Allow package cleanup from admin page (#25307)
    • Batch delete issue and improve tippy opts (#25253)
    • Show branches and tags that contain a commit (#25180)
    • Add actor and status dropdowns to run list (#25118)
    • Allow Organisations to have a E-Mail (#25082)
    • Add codeowners feature (#24910)
    • Actions Artifacts support uploading multiple files and directories (#24874)
    • Support configuration variables on Gitea Actions (#24724)
    • Support downloading raw task logs (#24451)
  • API
    • Unify two factor check (#27915) (#27929)
    • Fix package webhook (#27839) (#27855)
    • Fix/upload artifact error windows (#27802) (#27840)
    • Fix bad method call when deleting user secrets via API (#27829) (#27831)
    • Do not force creation of _cargo-index repo on publish (#27266) (#27765)
    • Delete repos of org when purge delete user (#27273) (#27728)
    • Fix org team endpoint (#27721) (#27727)
    • Api: GetPullRequestCommits: return file list (#27483) (#27539)
    • Don't let API add 2 exclusive labels from same scope (#27433) (#27460)
    • Redefine the meaning of column is_active to make Actions Registration Token generation easier (#27143) (#27304)
    • Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27251)
    • Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27163)
    • Allow empty Conan files (#27092)
    • Fix token endpoints ignore specified account (#27080)
    • Reduce usage of db.DefaultContext (#27073) (#27083) (#27089) (#27103) (#27262) (#27265) (#27347) (#26076)
    • Make SSPI auth mockable (#27036)
    • Extract auth middleware from service (#27028)
    • Add RemoteAddress to mirrors (#26952)
    • Feat(API): add routes and functions for managing user's secrets (#26909)
    • Feat(API): add secret deletion functionality for repository (#26808)
    • Feat(API): add route and implementation for creating/updating repository secret (#26766)
    • Add Upload URL to release API (#26663)
    • Feat(API): update and delete secret for managing organization secrets (#26660)
    • Feat: implement organization secret creation API (#26566)
    • Add API route to list org secrets (#26485)
    • Set commit id when ref used explicitly (#26447)
    • PATCH branch-protection updates check list even when checks are disabled (#26351)
    • Add file status for API "Get a single commit from a repository" (#16205) (#25831)
    • Add API for changing Avatars (#25369)
  • BUGFIXES
    • Fix viewing wiki commit on empty repo (#28040) (#28044)
    • Enable system users for comment.LoadPoster (#28014) (#28032)
    • Fixed duplicate attachments on dump on windows (#28019) (#28031)
    • Fix wrong xorm Delete usage(backport for 1.21) (#28002)
    • Add word-break to repo description in home page (#27924) (#27957)
    • Fix rendering assignee changed comments without assignee (#27927) (#27952)
    • Add word break to release title (#27942) (#27947)
    • Fix JS NPE when viewing specific range of PR commits (#27912) (#27923)
    • Show correct commit sha when viewing single commit diff (#27916) (#27921)
    • Fix 500 when deleting a dismissed review (#27903) (#27910)
    • Fix DownloadFunc when migrating releases (#27887) (#27890)
    • Fix http protocol auth (#27875) (#27876)
    • Refactor postgres connection string building (#27723) (#27869)
    • Close all hashed buffers (#27787) (#27790)
    • Fix label render containing invalid HTML (#27752) (#27762)
    • Fix duplicate project board when hitting enter key (#27746) (#27751)
    • Fix link-action redirect network error (#27734) (#27749)
    • Fix sticky diff header background (#27697) (#27712)
    • Always delete existing scheduled action tasks (#27662) (#27688)
    • Support allowed hosts for webhook to work with proxy (#27655) (#27675)
    • Fix poster is not loaded in get default merge message (#27657) (#27666)
    • Improve dropdown button alignment and fix hover bug (#27632) (#27637)
    • Improve retrying index issues (#27554) (#27634)
    • Fix 404 when deleting Docker package with an internal version (#27615) (#27630)
    • Backport manually for a tmpl issue in v1.21 (#27612)
    • Don't show Link to TOTP if not set up (#27585) (#27588)
    • Fix data-race bug when accessing task.LastRun (#27584) (#27586)
    • Fix attachment download bug (#27486) (#27571)
    • Respect SSH.KeygenPath option when calculating ssh key fingerprints (#27536) (#27551)
    • Improve dropdown's behavior when there is a search input in menu (#27526) (#27534)
    • Fix panic in storageHandler (#27446) (#27479)
    • When comparing with an non-exist repository, return 404 but 500 (#27437) (#27442)
    • Fix pr template (#27436) (#27440)
    • Fix git 2.11 error when checking IsEmpty (#27393) (#27397)
    • Allow get release download files and lfs files with oauth2 token format (#26430) (#27379)
    • Fix missing ctx for GetRepoLink in dashboard (#27372) (#27375)
    • Absolute positioned checkboxes overlay floated elements (#26870) (#27366)
    • Introduce fixes and more rigorous tests for 'Show on a map' feature (#26803) (#27365)
    • Fix repo count in org action settings (#27245) (#27353)
    • Add logs for data broken of comment review (#27326) (#27345)
    • Fix the approval count of PR when there is no protection branch rule (#27272) (#27343)
    • Fix Bug in Issue Config when only contact links are set (#26521) (#27334)
    • Improve issue history dialog and make poster can delete their own history (#27323) (#27327)
    • Fix orphan check for deleted branch (#27310) (#27321)
    • Fix protected branch icon location (#26576) (#27317)
    • Fix yaml test (#27297) (#27303)
    • Fix some animation bugs (#27287) (#27294)
    • Fix incorrect change from #27231 (#27275) (#27282)
    • Add missing public user visibility in user details page (#27246) (#27250)
    • Fix EOL handling in web editor (#27141) (#27234)
    • Fix issues on action runners page (#27226) (#27233)
    • Quote table release in sql queries (#27205) (#27218)
    • Fix release URL in webhooks (#27182) (#27185)
    • Fix review request number and add more tests (#27104) (#27168)
    • Fix the variable regexp pattern on web page (#27161) (#27164)
    • Fix: treat tab "overview" as "repositories" in user profiles without readme (#27124)
    • Fix NPE when editing OAuth2 applications (#27078)
    • Fix the incorrect route path in the user edit page. (#27007)
    • Fix the secret regexp pattern on web page (#26910)
    • Allow users with write permissions for issues to add attachments with API (#26837)
    • Make "link-action" backend code respond correct JSON content (#26680)
    • Use line-height: normal by default (#26635)
    • Fix NPM packages name validation (#26595)
    • Rewrite the DiffFileTreeItem and fix misalignment (#26565)
    • Return empty when searching issues with no repos (#26545)
    • Explain SearchOptions and fix ToSearchOptions (#26542)
    • Add missing triggers to update issue indexer (#26539)
    • Handle base64 decoding correctly to avoid panic (#26483)
    • Avoiding accessing undefined mentionValues (#26461)
    • Fix incorrect redirection in new issue using references (#26440)
    • Fix the bug when getting files changed for pull_request_target event (#26320)
    • Remove IsWarning in tmpl (#26120)
    • Fix loading LFS_JWT_SECRET from wrong section (#26109)
    • Fixing redirection issue for logged-in users (#26105)
    • Improve "gitea doctor" sub-command and fix "help" commands (#26072)
    • Fix the truncate and alignment problem for some admin tables (#26042)
    • Update minimum password length requirements (#25946)
    • Do not "guess" the file encoding/BOM when using API to upload files (#25828)
    • Restructure issue list template, styles (#25750)
    • Fix ref for workflows triggered by pull_request_target (#25743)
    • Fix issues indexer document mapping (#25619)
    • Use JSON response for "user/logout" (#25522)
    • Fix migrate page layout on mobile (#25507)
    • Link to existing PR when trying to open a new PR on the same branches (#25494)
    • Do not publish docker release images on -dev tags (#25471)
    • Support pull_request_target event (#25229)
    • Modify the content format of the Feishu webhook (#25106)
  • ENHANCEMENTS
    • Render email addresses as such if followed by punctuation (#27987) (#27992)
    • Show error toast when file size exceeds the limits (#27985) (#27986)
    • Fix citation error when the file size is larger than 1024 bytes (#27958) (#27965)
    • Remove action runners on user deletion (#27902) (#27908)
    • Remove set tabindex on view issue (#27892) (#27896)
    • Reduce margin/padding on flex-list items and divider (#27872) (#27874)
    • Change katex limits (#27823) (#27868)
    • Clean up template locale usage (#27856) (#27857)
    • Add dedicated class for empty placeholders (#27788) (#27792)
    • Add gap between diff boxes (#27776) (#27781)
    • Fix incorrect "tab" parameter for repo search sub-template (#27755) (#27764)
    • Enable followCursor for language stats bar (#27713) (#27739)
    • Improve diff tree spacing (#27714) (#27719)
    • Feed UI Improvements (#27356) (#27717)
    • Improve feed icons and feed merge text color (#27498) (#27716)
    • [FIX] resolve confusing colors in languages stats by insert a gap (#27704) (#27715)
    • Add doctor dbconsistency fix to delete repos with no owner (#27290) (#27693)
    • Fix required checkboxes in issue forms (#27592) (#27692)
    • Hide archived labels by default from the suggestions when assigning labels for an issue (#27451) (#27661)
    • Cleanup repo details icons/labels (#27644) (#27654)
    • Keep filter when showing unfiltered results on explore page (#27192) (#27589)
    • Show manual cron run's last time (#27544) (#27577)
    • Revert "Fix pr template (#27436)" (#27567)
    • Increase queue length (#27555) (#27562)
    • Avoid run change title process when the title is same (#27467) (#27558)
    • Remove max-width and add hide text overflow (#27359) (#27550)
    • Add hover background to wiki list page (#27507) (#27521)
    • Fix mermaid flowchart margin issue (#27503) (#27516)
    • Refactor system setting (#27000) (#27452)
    • Fix missing ctx in new_form.tmpl (#27434) (#27438)
    • Add Index to action.user_id (#27403) (#27425)
    • Don't use subselect in DeleteIssuesByRepoID (#27332) (#27408)
    • Add support for HEAD ref in /src/branch and /src/commit routes (#27384) (#27407)
    • Make Actions tasks/jobs timeouts configurable by the user (#27400) (#27402)
    • Hide archived labels when filtering by labels on the issue list (#27115) (#27381)
    • Highlight user details link (#26998) (#27376)
    • Add protected branch name description (#27257) (#27351)
    • Improve tree not found page (#26570) (#27346)
    • Add Index to comment.dependent_issue_id (#27325) (#27340)
    • Improve branch list UI (#27319) (#27324)
    • Fix divider in subscription page (#27298) (#27301)
    • Add missed return to actions view fetch (#27289) (#27293)
    • Backport ctx locale refactoring manually (#27231) (#27259) (#27260)
    • Disable Test Delivery and Replay webhook buttons when webhook is inactive (#27211) (#27253)
    • Use mask-based fade-out effect for .new-menu (#27181) (#27243)
    • Cleanup locale function usage (#27227) (#27240)
    • Fix z-index on markdown completion (#27237) (#27239)
    • Fix Fomantic UI dropdown icon bug when there is a search input in menu (#27225) (#27228)
    • Allow copying issue comment link on archived repos and when not logged in (#27193) (#27210)
    • Fix: text decorator on issue sidebar menu label (#27206) (#27209)
    • Fix dropdown icon position (#27175) (#27177)
    • Add index to issue_user.issue_id (#27154) (#27158)
    • Increase auth provider icon size on login page (#27122)
    • Remove a gt-float-right and some unnecessary helpers (#27110)
    • Change green buttons to primary color (#27099)
    • Use db.WithTx for AddTeamMember to avoid ctx abuse (#27095)
    • Use print instead of printf (#27093)
    • Remove the useless function GetUserIssueStats and move relevant tests to indexer_test.go (#27067)
    • Search branches (#27055)
    • Display all user types and org types on admin management UI (#27050)
    • Ui correction in mobile view nav bar left aligned items. (#27046)
    • Chroma color tweaks (#26978)
    • Move some functions to service layer (#26969)
    • Improve "language stats" UI (#26968)
    • Replace util.SliceXxx with slices.Xxx (#26958)
    • Refactor dashboard/feed.tmpl (#26956)
    • Move repository deletion to service layer (#26948)
    • Fix the missing repo count (#26942)
    • Improve hint when uploading a too large avatar (#26935)
    • Extract common code to new template (#26933)
    • Move createrepository from module to service layer (#26927)
    • Move notification interface to services layer (#26915)
    • Move feed notification service layer (#26908)
    • Move ui notification to service layer (#26907)
    • Move indexer notification to service layer (#26906)
    • Move mail notification logic to service layer (#26905)
    • Extract common code to new template (#26903)
    • Show queue's active worker number (#26896)
    • Fix media description render for orgmode (#26895)
    • Remove CSS has selector and improve various styles (#26891)
    • Relocate the RSS user feed button (#26882)
    • Refactor "shortsha" (#26877)
    • Refactor og:description to limit the max length (#26876)
    • Move web/api context related testing function into a separate package (#26859)
    • Redable error on S3 storage connection failure (#26856)
    • Improve opengraph previews (#26851)
    • Add more descriptive error on forgot password page (#26848)
    • Show always repo count in header (#26842)
    • Remove "TODO" tasks from CSS file (#26835)
    • Render code blocks in repo description (#26830)
    • Minor dashboard tweaks, fix flex-list margins (#26829)
    • Remove polluted .ui.right (#26825)
    • Display archived labels specially when listing labels (#26820)
    • Remove polluted ".ui.left" style (#26809)
    • Make it posible to customize nav text color via css var (#26807)
    • Refactor lfs requests (#26783)
    • Improve flex list item padding (#26779)
    • Remove fomantic text module (#26777)
    • Remove fomantic item module (#26775)
    • Remove redundant nil check in WalkGitLog (#26773)
    • Reduce some allocations in type conversion (#26772)
    • Refactor some CSS styles and simplify code (#26771)
    • Unify border-radius behavior (#26770)
    • Improve modal dialog UI (#26764)
    • Allow "latest" to be used in release vTag when downloading file (#26748)
    • Adding hint Archived to archive label. (#26741)
    • Move modules/mirror to services (#26737)
    • Add "dir=auto" for input/textarea elements by default (#26735)
    • Add auth-required to config.json for Cargo http registry (#26729)
    • Simplify helper CSS classes and avoid abuse (#26728)
    • Make web context initialize correctly for different cases (#26726)
    • Focus editor on "Write" tab click (#26714)
    • Remove incorrect CSS helper classes (#26712)
    • Fix review bar misalignment (#26711)
    • Add reverseproxy auth for API back with default disabled (#26703)
    • Add default label in branch select list (#26697)
    • Improve Image Diff UI (#26696)
    • Fixed text overflow in dropdown menu (#26694)
    • [Refactor] getIssueStatsChunk to move inner function into own one (#26671)
    • Remove fomantic loader module (#26670)
    • Add member, collaborator, contributor, and first-time contributor roles and tooltips (#26658)
    • Improve some flex layouts (#26649)
    • Improve the branch selector tab UI (#26631)
    • Improve show role (#26621)
    • Remove avatarHTML from template helpers (#26598)
    • Allow text selection in actions step header (#26588)
    • Improve translation of milestone filters (#26569)
    • Add optimistic lock to ActionRun table (#26563)
    • Update team invitation email link (#26550)
    • Differentiate better between user settings and admin settings (#26538)
    • Check disabled workflow when rerun jobs (#26535)
    • Improve deadline icon location in milestone list page (#26532)
    • Improve repo sub menu (#26531)
    • Fix the display of org level badges (#26504)
    • Rename Sync2 -> Sync (#26479)
    • Fix stderr usages (#26477)
    • Remove fomantic transition module (#26469)
    • Refactor tests (#26464)
    • Refactor project templates (#26448)
    • Fall back to esbuild for css minify (#26445)
    • Always show usernames in reaction tooltips (#26444)
    • Use correct pull request commit link instead of a generic commit link (#26434)
    • Refactor "editorconfig" (#26391)
    • Make user-content-* consistent with github (#26388)
    • Remove unnecessary template helper repoAvatar (#26387)
    • Remove unnecessary template helper DisableGravatar (#26386)
    • Use template context function for avatar rendering (#26385)
    • Rename code_langauge.go to code_language.go (#26377)
    • Use more IssueList instead of []*Issue (#26369)
    • Do not highlight #number in documents (#26365)
    • Fix display problems of members and teams unit (#26363)
    • Fix 404 error when remove self from an organization (#26362)
    • Improve CLI and messages (#26341)
    • Refactor backend SVG package and add tests (#26335)
    • Add link to job details and tooltip to commit status in repo list in dashboard (#26326)
    • Use yellow if an approved review is stale (#26312)
    • Remove commit load branches and tags in wiki repo (#26304)
    • Add highlight to selected repos in milestone dashboard (#26300)
    • Delete issue_service.CreateComment (#26298)
    • Do not show Profile README when repository is private (#26295)
    • Tweak actions menu (#26278)
    • Start using template context function (#26254)
    • Use calendar icon for Joined on... in profiles (#26215)
    • Add 'Show on a map' button to Location in profile, fix layout (#26214)
    • Render plaintext task list items for markdown files (#26186)
    • Add tooltip to describe LFS table column and color delete LFS file button red (#26181)
    • Release attachments duplicated check (#26176)
    • De-emphasize issue sidebar buttons (#26171)
    • Fixing the align of commit stats in commit_page template. (#26161)
    • Allow editing push mirrors after creation (#26151)
    • Move web JSON functions to web context and simplify code (#26132)
    • Refactor improve NoBetterThan (#26126)
    • Improve clickable area in repo action view page (#26115)
    • Add context parameter to some database functions (#26055)
    • Docusaurus-ify (#26051)
    • Improve text for empty issue/pr description (#26047)
    • Categorize admin settings sidebar panel (#26030)
    • Remove redundant "RouteMethods" method (#26024)
    • Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
    • Add a link to OpenID Issuer URL in WebFinger response (#26000)
    • Fix UI for release tag page / wiki page / subscription page (#25948)
    • Support copy protected branch from template repository (#25889)
    • Improve display of Labels/Projects/Assignees sort options (#25886)
    • Fix margin on the new/edit project page. (#25885)
    • Show image size on view page (#25884)
    • Remove ref name in PR commits page (#25876)
    • Allow the use of alternative net.Listener implementations by downstreams (#25855)
    • Refactor "Content" for file uploading (#25851)
    • Add error info if no user can fork the repo (#25820)
    • Show edit title button on commits tab of PR, too (#25791)
    • Introduce flex-list & flex-item elements for Gitea UI (#25790)
    • Don't stack PR tab menu on small screens (#25789)
    • Repository Archived text title center align (#25767)
    • Make route middleware/handler mockable (#25766)
    • Move issue filters to shared template (#25729)
    • Use frontend fetch for branch dropdown component (#25719)
    • Add open/closed field support for issue index (#25708)
    • Some less naked returns (#25682)
    • Fix inconsistent user profile layout across tabs (#25625)
    • Get latest commit statuses from database instead of git data on dashboard for repositories (#25605)
    • Adding branch-name copy to clipboard branches screen. (#25596)
    • Update emoji set to Unicode 15 (#25595)
    • Move some files under repo/setting (#25585)
    • Add custom ansi colors and CSS variables for them (#25546)
    • Add log line anchor for action logs (#25532)
    • Use flex instead of float for sort button and search input (#25519)
    • Update octicons and use octicon-file-directory-symlink (#25453)
    • Add toasts to UI (#25449)
    • Fine tune project board label colors and modal content background (#25419)
    • Import additional secrets via file uri (#25408)
    • Switch to ansi_up for ansi rendering in actions (#25401)
    • Store and use seconds for timeline time comments (#25392)
    • Support displaying diff stats in PR tab bar (#25387)
    • Use fetch form action for lock/unlock/pin/unpin on sidebar (#25380)
    • Refactor: TotalTimes return seconds (#25370)
    • Navbar styling rework (#25343)
    • Introduce shared template for search inputs (#25338)
    • Only show 'Manage Account Links' when necessary (#25311)
    • Improve 'Privacy' section in profile settings (#25309)
    • Substitute variables in path names of template repos too (#25294)
    • Fix tags line no margin see #25255 (#25280)
    • Use fetch to send requests to create issues/comments (#25258)
    • Change form actions to fetch for submit review box (#25219)
    • Improve AJAX link and modal confirm dialog (#25210)
    • Reduce unnecessary DB queries for Actions tasks (#25199)
    • Disable Create column button while the column name is empty (#25192)
    • Refactor indexer (#25174)
    • Adjust style for action run list (align icons, adjust padding) (#25170)
    • Remove duplicated functions when deleting a branch (#25128)
    • Make confusable character warning less jarring (#25069)
    • Highlight viewed files differently in the PR filetree (#24956)
    • Support changing labels of Actions runner without re-registration (#24806)
    • Fix duplicate Reviewed-by trailers (#24796)
    • Resolve issue with sort icons on admin/users and admin/runners (#24360)
    • Split lfs size from repository size (#22900)
    • Sync branches into databases (#22743)
    • Disable run user change in installation page (#22499)
    • Add merge files files to GetCommitFileStatus (#20515)
    • Show OpenID Connect and OAuth on signup page (#20242)
  • SECURITY
    • Dont leak private users via extensions (#28023) (#28029)
    • Expanded minimum RSA Keylength to 3072 (#26604)
  • TESTING
    • Add user secrets API integration tests (#27832) (#27852)
    • Add tests for db indexer in indexer_test.go (#27087)
    • Speed up TestEventSourceManagerRun (#26262)
    • Add unit test for user renaming (#26261)
    • Add some Wiki unit tests (#26260)
    • Improve unit test for caching (#26185)
    • Add unit test for HashAvatar (#25662)
  • TRANSLATION
    • Backport translations to v1.21 (#27899)
    • Fix issues in translation file (#27699) (#27737)
    • Add locale for deleted head branch (#26296)
    • Improve multiple strings in en-US locale (#26213)
    • Fix broken translations for package documantion (#25742)
    • Correct translation wrong format (#25643)
  • BUILD
    • Dockerfile small refactor (#27757) (#27826)
    • Fix build errors on BSD (in BSDMakefile) (#27594) (#27608)
    • Fully replace drone with actions (#27556) (#27575)
    • Enable markdownlint no-duplicate-header (#27500) (#27506)
    • Enable production source maps for index.js, fix CSS sourcemaps (#27291) (#27295)
    • Update snap package (#27021)
    • Bump go to 1.21 (#26608)
    • Bump xgo to go-1.21.x and node to 20 in release-version (#26589)
    • Add template linting via djlint (#25212)
  • DOCS
    • Change default size of issue/pr attachments and repo file (#27946) (#28017)
    • Remove known issue section in Gitea Actions Doc (#27930) (#27938)
    • Remove outdated paragraphs when comparing Gitea Actions to GitHub Actions (#27119)
    • Update brew installation documentation since gitea moved to brew core package (#27070)
    • Actions are no longer experimental, so enable them by default (#27054)
    • Add a documentation note for Windows Service (#26938)
    • Add sparse url in cargo package guide (#26937)
    • Update nginx recommendations (#26924)
    • Update backup instructions to align with archive structure (#26902)
    • Expanding documentation in queue.go (#26889)
    • Update info regarding internet connection for build (#26776)
    • Docs: template variables (#26547)
    • Update index doc (#26455)
    • Update zh-cn documentation (#26406)
    • Fix typos and grammer problems for actions documentation (#26328)
    • Update documentation for 1.21 actions (#26317)
    • Doc update swagger doc for POST /orgs/{org}/teams (#26155)
    • Doc sync authentication.md to zh-cn (#26117)
    • Doc guide the user to create the appropriate level runner (#26091)
    • Make organization redirect warning more clear (#26077)
    • Update blog links (#25843)
    • Fix default value for LocalURL (#25426)
    • Update from-source.zh-cn.md & from-source.en-us.md - Cross Compile Using Zig (#25194)
  • MISC
    • Replace deprecated elliptic.Marshal (#26800)
    • Add elapsed time on debug for slow git commands (#25642)

1.20.5 - 2023-10-03

  • ENHANCEMENTS
    • Fix z-index on markdown completion (#27237) (#27242 & #27238)
    • Use secure cookie for HTTPS sites (#26999) (#27013)
  • BUGFIXES
    • Fix git 2.11 error when checking IsEmpty (#27393) (#27396)
    • Allow get release download files and lfs files with oauth2 token format (#26430) (#27378)
    • Fix orphan check for deleted branch (#27310) (#27320)
    • Quote table release in sql queries (#27205) (#27219)
    • Fix release URL in webhooks (#27182) (#27184)
    • Fix successful return value for SyncAndGetUserSpecificDiff (#27152) (#27156)
    • fix pagination for followers and following (#27127) (#27138)
    • Fix issue templates when blank isses are disabled (#27061) (#27082)
    • Fix context cache bug & enable context cache for dashabord commits' authors(#26991) (#27017)
    • Fix INI parsing for value with trailing slash (#26995) (#27001)
    • Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27249)
    • Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27167 & #27162)
    • Fix bug of review request number (#27406) (#27104)
  • TESTING
    • services/wiki: Close() after error handling (#27129) (#27137)
  • DOCS
    • Improve actions docs related to pull_request event (#27126) (#27145)
  • MISC
    • Add logs for data broken of comment review (#27326) (#27344)
    • Load reviewer before sending notification (#27063) (#27064)

1.20.4 - 2023-09-08

  • SECURITY
    • Check blocklist for emails when adding them to account (#26812) (#26831)
  • ENHANCEMENTS
    • Add branch_filter to hooks API endpoints (#26599) (#26632)
    • Fix incorrect "tabindex" attributes (#26733) (#26734)
    • Use line-height: normal by default (#26635) (#26708)
    • Fix unable to display individual-level project (#26198) (#26636)
  • BUGFIXES
    • Fix wrong review requested number (#26784) (#26880)
    • Avoid double-unescaping of form value (#26853) (#26863)
    • Redirect from {repo}/issues/new to {repo}/issues/new/choose when blank issues are disabled (#26813) (#26847)
    • Sync tags when adopting repos (#26816) (#26834)
    • Fix verifyCommits error when push a new branch (#26664) (#26810)
    • Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests (#26759) (#26806)
    • Fix some slice append usages (#26778) (#26798)
    • Add fix incorrect can_create_org_repo for org owner team (#26683) (#26791)
    • Fix bug for ctx usage (#26763)
    • Make issue template field template access correct template data (#26698) (#26709)
    • Use correct minio error (#26634) (#26639)
    • Ignore the trailing slashes when comparing oauth2 redirect_uri (#26597) (#26618)
    • Set errwriter for urfave/cli v1 (#26616)
    • Fix reopen logic for agit flow pull request (#26399) (#26613)
    • Fix context filter has no effect in dashboard (#26695) (#26811)
    • Fix being unable to use a repo that prohibits accepting PRs as a PR source. (#26785) (#26790)
    • Fix Page Not Found error (#26768)

1.20.3 - 2023-08-20

  • BREAKING
    • Fix the wrong derive path (#26271) (#26318)
  • SECURITY
    • Fix API leaking Usermail if not logged in (#25097) (#26350)
  • FEATURES
    • Add ThreadID parameter for Telegram webhooks (#25996) (#26480)
  • ENHANCEMENTS
    • Add minimum polyfill to support "relative-time-element" in PaleMoon (#26575) (#26578)
    • Fix dark theme highlight for "NameNamespace" (#26519) (#26527)
    • Detect ogg mime-type as audio or video (#26494) (#26505)
    • Use object-fit: contain for oauth2 custom icons (#26493) (#26498)
    • Move dropzone progress bar to bottom to show filename when uploading (#26492) (#26497)
    • Remove last newline from config file (#26468) (#26471)
    • Minio: add missing region on client initialization (#26412) (#26438)
    • Add pull request review request webhook event (#26401) (#26407)
    • Fix text truncate (#26354) (#26384)
    • Fix incorrect color of selected assignees when create issue (#26324) (#26372)
    • Display human-readable text instead of cryptic filemodes (#26352) (#26358)
    • Hide last indexed SHA when a repo could not be indexed yet (#26340) (#26345)
    • Fix the topic validation rule and suport dots (#26286) (#26303)
    • Fix due date rendering the wrong date in issue (#26268) (#26274)
    • Don't autosize textarea in diff view (#26233) (#26244)
    • Fix commit compare style (#26209) (#26226)
    • Warn instead of reporting an error when a webhook cannot be found (#26039) (#26211)
  • BUGFIXES
    • Use "input" event instead of "keyup" event for migration form (#26602) (#26605)
    • Do not use deprecated log config options by default (#26592) (#26600)
    • Fix "issueReposQueryPattern does not match query" (#26556) (#26564)
    • Sync repo's IsEmpty status correctly (#26517) (#26560)
    • Fix project filter bugs (#26490) (#26558)
    • Use hidden over clip for text truncation (#26520) (#26522)
    • Set "type=button" for editor's toolbar buttons (#26510) (#26518)
    • Fix NuGet search endpoints (#25613) (#26499)
    • Fix storage path logic especially for relative paths (#26441) (#26481)
    • Close stdout correctly for "git blame" (#26470) (#26473)
    • Check first if minio bucket exists before trying to create it (#26420) (#26465)
    • Avoiding accessing undefined tributeValues #26461 (#26462)
    • Call git.InitSimple for runRepoSyncReleases (#26396) (#26450)
    • Add transaction when creating pull request created dirty data (#26259) (#26437)
    • Fix wrong middleware sequence (#26428) (#26436)
    • Fix admin queue page title and fix CI failures (#26409) (#26421)
    • Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) (#26405)
    • Bypass MariaDB performance bug of the "IN" sub-query, fix incorrect IssueIndex (#26279) (#26368)
    • Fix incorrect CLI exit code and duplicate error message (#26346) (#26347)
    • Prevent newline errors with Debian packages (#26332) (#26342)
    • Fix bug with sqlite load read (#26305) (#26339)
    • Make git batch operations use parent context timeout instead of default timeout (#26325) (#26330)
    • Support getting changed files when commit ID is EmptySHA (#26290) (#26316)
    • Clarify the logger's MODE config option (#26267) (#26281)
    • Use shared template for webhook icons (#26242) (#26246)
    • Fix pull request check list is limited (#26179) (#26245)
    • Fix attachment clipboard copy on insecure origin (#26224) (#26231)
    • Fix access check for org-level project (#26182) (#26223)
  • MISC
    • Improve profile readme rendering (#25988) (#26453)
    • [docs] Add missing backtick in quickstart.zh-cn.md (#26349) (#26357)
    • Upgrade x/net to 0.13.0 (#26301)

1.20.2 - 2023-07-29

  • ENHANCEMENTS
    • Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
    • Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
  • BUGFIXES
    • Fix allowed user types setting problem (#26200) (#26206)
    • Fix handling of plenty Nuget package versions (#26075) (#26173)
    • Fix UI regression of asciinema player (#26159) (#26162)
    • Fix LFS object list style (#26133) (#26147)
    • Fix allowed user types setting problem (#26200) (#26206)
    • Prevent primary key update on migration (#26192) (#26199)
    • Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882) (#26158)
    • Fix bugs in LFS meta garbage collection (#26122) (#26157)
    • Update xorm version (#26128) (#26150)
    • Remove "misc" scope check from public API endpoints (#26134) (#26149)
    • Fix CLI allowing creation of access tokens with existing name (#26071) (#26144)
    • Fix incorrect router logger (#26137) (#26143)
    • Improve commit graph alignment and truncating (#26112) (#26127)
    • Avoid writing config file if not installed (#26107) (#26113)
    • Fix escape problems in the branch selector (#25875) (#26103)
    • Fix handling of Debian files with trailing slash (#26087) (#26098)
    • Fix Missing 404 swagger response docs for /admin/users/{username} (#26086) (#26089)
    • Use stderr as fallback if the log file can't be opened (#26074) (#26083)
    • Increase table cell horizontal padding (#26140) (#26142)
    • Fix wrong workflow status when rerun a job in an already finished workflow (#26119) (#26124)
    • Fix duplicated url prefix on issue context menu (#26066) (#26067)

1.20.1 - 2023-07-22

  • SECURITY
    • Disallow dangerous URL schemes (#25960) (#25964)
  • ENHANCEMENTS
    • Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947) (#25972)
    • Make pending commit status yellow again (#25935) (#25968)
  • BUGFIXES
    • Fix version in rpm repodata/primary.xml.gz (#26009) (#26048)
    • Fix env config parsing for "GITEA____APP_NAME" (#26001) (#26013)
    • ParseScope with owner/repo always sets owner to zero (#25987) (#25989)
    • Fix SSPI auth panic (#25955) (#25969)
    • Avoid creating directories when loading config (#25944) (#25957)
    • Make environment-to-ini work with INSTALL_LOCK=true (#25926) (#25937)
    • Ignore runs-on with expressions when warning no matched runners (#25917) (#25933)
    • Avoid opening/closing PRs which are already merged (#25883) (#25903)
  • DOCS
    • RPM Registry: Show zypper commands for SUSE based distros as well (#25981) (#26020)
    • Correctly refer to dev tags as nightly in the docker docs (#26004) (#26019)
    • Update path related documents (#25417) (#25982)
  • MISC
    • Adding remaining enum for migration repo model type. (#26021) (#26034)
    • Fix the route for pull-request's authors (#26016) (#26018)
    • Fix commit status color on dashboard repolist (#25993) (#25998)
    • Avoid hard-coding height in language dropdown menu (#25986) (#25997)
    • Add shutting down notice (#25920) (#25922)
    • Fix incorrect milestone count when provide a keyword (#25880) (#25904)

1.20.0 - 2023-07-16

  • BREAKING
    • Fix WORK_DIR for docker (root) image (#25738) (#25811)
    • Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
    • Refactor path & config system (#25330) (#25416)
    • Fix all possible setting error related storages and added some tests (#23911) (#25244)
    • Use a separate admin page to show global stats, remove actions stat (#25062)
    • Remove the service worker (#25010)
    • Remove meta tags theme-color and default-theme (#24960)
    • Use [git.config] for reflog cleaning up (#24958)
    • Allow all URL schemes in Markdown links by default (#24805)
    • Redesign Scoped Access Tokens (#24767)
    • Fix team members API endpoint pagination (#24754)
    • Rewrite logger system (#24726)
    • Increase default LFS auth timeout from 20m to 24h (#24628)
    • Rewrite queue (#24505)
    • Remove unused setting time.FORMAT (#24430)
    • Refactor setting.Other and remove unused SHOW_FOOTER_BRANDING (#24270)
    • Correct the access log format (#24085)
    • Reserve ".png" suffix for user/org names (#23992)
    • Prefer native parser for SSH public key parsing (#23798)
    • Editor preview support for external renderers (#23333)
    • Add Gitea Profile Readmes (#23260)
    • Refactor ctx in templates (#23105)
  • SECURITY
    • Test if container blob is accessible before mounting (#22759) (#25784)
    • Set type="password" on all auth_token fields (#22175)
  • FEATURES
    • Add button on diff header to copy file name, misc diff header tweaks (#24986)
    • API endpoint for changing/creating/deleting multiple files (#24887)
    • Support changing git config through app.ini, use diff.algorithm=histogram by default (#24860)
    • Add up and down arrows to selected lookup repositories (#24727)
    • Add Go package registry (#24687)
    • Add status indicator on main home screen for each repo (#24638)
    • Support for status check pattern (#24633)
    • Implement Cargo HTTP index (#24452)
    • Add Debian package registry (#24426)
    • Add the ability to pin Issues (#24406)
    • Add follow organization and fix the logic of following page (#24345)
    • Allow webp images as avatars (#24248)
    • Support upload outputs and use needs context on Actions (#24230)
    • Allow adding new files to an empty repo (#24164)
    • Make wiki title supports dashes and improve wiki name related features (#24143)
    • Add monospace toggle button to textarea (#24034)
    • Use auto-updating, natively hoverable, localized time elements (#23988)
    • Add ntlm authentication support for mail (#23811)
    • Add CLI command to register runner tokens (#23762)
    • Add Alpine package registry (#23714)
    • Expand/Collapse all changed files (#23639)
    • Add unset default project column (#23531)
    • Add activity feeds API (#23494)
    • Add RPM registry (#23380)
    • Add meilisearch support (#23136)
    • Add API for License templates (#23009)
    • Add admin API email endpoints (#22792)
    • Add user rename endpoint to admin api (#22789)
    • Add API for gitignore templates (#22783)
    • Implement actions artifacts (#22738)
    • Add RSS Feeds for branches and files (#22719)
    • Display when a repo was archived (#22664)
    • Add Swift package registry (#22404)
    • Add CRAN package registry (#22331)
    • Add user webhooks (#21563)
    • Implement systemd-notify protocol (#21151)
    • Implement Issue Config (#20956)
    • Add API to manage issue dependencies (#17935)
  • API
    • Use correct response code in push mirror creation response in v1_json.tmpl (#25476) (#25571)
    • Fix Permission in API returned repository struct (#25388) (#25441)
    • Add API for Label templates (#24602)
    • Filters for GetAllCommits (#24568)
    • Add ability to specify '--not' from GetAllCommits (#24409)
    • Support uploading file to empty repo by API (#24357)
    • Add absent repounits to create/edit repo API (#23500)
    • Add login name and source id for admin user searching API (#23376)
    • Create a branch directly from commit on the create branch API (#22956)
  • ENHANCEMENTS
    • Make add line comment buttons focusable (#25894) (#25896)
    • Always pass 6-digit hex color to monaco (#25780) (#25782)
    • Clarify "text-align" CSS helpers, fix clone button padding (#25763) (#25764)
    • Hide add file button for pull mirrors (#25748) (#25751)
    • Allow/fix review (approve/reject) of empty PRs (#25690) (#25732)
    • Fix tags header and pretty format numbers (#25624) (#25694)
    • Actions list enhancements (#25601) (#25678)
    • Fix show more for image on diff page (#25672) (#25673)
    • Prevent SVG shrinking (#25652) (#25669)
    • Fix UI misalignment on user setting page (#25629) (#25656)
    • Use css on labels (#25626) (#25636)
    • Read-only checkboxes don't appear and don't entirely act the way one might expect (#25573) (#25602)
    • Redirect to package after version deletion (#25594) (#25599)
    • Reduce table padding globally (#25568) (#25577)
    • Change Regenerate Secret button display (#25534) (#25541)
    • Fix rerun icon on action view component (#25531) (#25536)
    • Move some regexp out of functions (#25430) (#25445)
    • Diff page enhancements (#25398) (#25437)
    • Various UI fixes (#25264) (#25431)
    • Fix label list divider (#25312) (#25372)
    • Fix UI on mobile view (#25315) (#25340)
    • When viewing a file, hide the add button (#25320) (#25339)
    • Show if File is Executable (#25287) (#25300)
    • Fix edit OAuth application width (#25262) (#25263)
    • Use flex to align SVG and text (#25163) (#25260)
    • Revert overflow: overlay (revert #21850) (#25231) (#25239)
    • Use inline SVG for built-in OAuth providers (#25171) (#25234)
    • Change access token UI to select dropdowns (#25109) (#25230)
    • Remove hacky patch for "safari emoji glitch fix" (#25208) (#25211)
    • Minor arc-green color tweaks (#25175) (#25205)
    • Button and color enhancements (#24989) (#25176)
    • Fix mobile navbar and misc cleanups (#25134) (#25169)
    • Modify OAuth login ui and fix display name, iconurl related logic (#25030) (#25161)
    • Improve notification icon and navbar (#25111) (#25124)
    • Add details summary for vertical menus in settings to allow toggling (#25098)
    • Don't display select all issues checkbox when no issues are available (#25086)
    • Use RepositoryList instead of []*Repository (#25074)
    • Add ability to set multiple redirect URIs in OAuth application UI (#25072)
    • Use git command instead of the ini package to remove the origin remote (#25066)
    • Remove cancel button from branch protection form (#25063)
    • Show file tree by default (#25052)
    • Add Progressbar to Milestone Page (#25050)
    • Minor UI improvements: logo alignment, auth map editor, auth name display (#25043)
    • Allow for PKCE flow without client secret + add docs (#25033)
    • Refactor INI package (first step) (#25024)
    • Various style fixes (#25008)
    • Fix delete user account modal (#25004)
    • Refactor diffFileInfo / DiffTreeStore (#24998)
    • Add user level action runners (#24995)
    • Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest (#24988)
    • Add step start time to ViewStepLog (#24980)
    • Add dark mode to API Docs (#24971)
    • Display file mode for new file and file mode changes (#24966)
    • Make the 500 page load themes (#24953)
    • Show bot label next to username when rendering autor link if the user is a bot (#24943)
    • Repo list improvements, fix bold helper classes (#24935)
    • Improve queue and logger context (#24924)
    • Improve RunMode / dev mode (#24886)
    • Improve some Forms (#24878)
    • Add show timestamp/seconds and fullscreen options to action page (#24876)
    • Fix double border and adjust width for user profile page (#24870)
    • Improve Actions CSS (#24864)
    • Fix @font-face overrides (#24855)
    • Remove In your repositories link in milestones dashboard (#24853)
    • Fix missing yes/no in delete time log modal (#24851)
    • Show new pull request button also on subdirectories and files (#24842)
    • Make environment-to-ini support loading key value from file (#24832)
    • Support wildcard in email domain allow/block list (#24831)
    • Use CommentList instead of []*Comment (#24828)
    • Add RTL rendering support to Markdown (#24816)
    • Rework notifications list (#24812)
    • Mute repo names in dashboard repo list (#24811)
    • Fix max width and margin of comment box on conversation page (#24809)
    • Some refactors for issues stats (#24793)
    • Rework label colors (#24790)
    • Fix OAuth login loading state (#24788)
    • Remove duplicated issues options and some more refactors (#24787)
    • Decouple the different contexts from each other (#24786)
    • Remove background on user dashboard filter bar (#24779)
    • Improve and fix bugs surrounding reactions (#24760)
    • Make the color of zero-contribution-squares in the activity heatmap more subtle (#24758)
    • Fix WEBP image copying (#24743)
    • Rework OAuth login buttons, swap github logo to monocolor (#24740)
    • Consolidate the two review boxes into one (#24738)
    • Unification of registration fields order (#24737)
    • Refactor Pull Mirror and fix out-of-sync bugs (#24732)
    • Improvements for action detail page (#24718)
    • Fix flash of unstyled content in action view page (#24712)
    • Don't filter action runs based on state (#24711)
    • Optimize actions list by removing an unnecessary git call (#24710)
    • Support no label/assignee filter and batch clearing labels/assignees (#24707)
    • Add icon support for safari (#24697)
    • Use standard HTTP library to serve files (#24693)
    • Improve button-ghost, remove tertiary button (#24692)
    • Only hide tooltip tippy instances (#24688)
    • Support migrating storage for actions log via command line (#24679)
    • Remove highlight in repo list (#24675)
    • Add markdown preview to Submit Review Textarea (#24672)
    • Update pin and add pin-slash (#24669)
    • Improve empty notifications display (#24668)
    • Support SSH for go get (#24664)
    • Improve avatar uploading / resizing / compressing, remove Fomantic card module (#24653)
    • Only show one tippy at a time (#24648)
    • Notification list enhancements, fix striped tables on dark theme (#24639)
    • Improve queue & process & stacktrace (#24636)
    • Use the type RefName for all the needed places and fix pull mirror sync bugs (#24634)
    • Remove fluid on compare diff page (#24627)
    • Add a tooltip to the job rerun button (#24617)
    • Attach a tooltip to the action status icon (#24614)
    • Make the actions control button look like an actual button (#24611)
    • Remove unnecessary code (#24610)
    • Make repo migration cancelable and fix various bugs (#24605)
    • Improve updating Actions tasks (#24600)
    • Attach a tooltip to the action control button (#24595)
    • Make repository response support HTTP range request (#24592)
    • Improve Gitea's web context, decouple "issue template" code into service package (#24590)
    • Modify luminance calculation and extract related functions into single files (#24586)
    • Simplify template helper functions (#24570)
    • Split "modules/context.go" to separate files (#24569)
    • Add org visibility label to non-organization's dashboard (#24558)
    • Update LDAP filters to include both username and email address (#24547)
    • Review fixes and enhancements (#24526)
    • Display warning when user try to rename default branch (#24512)
    • Fix color for transfer related buttons when having no permission to act (#24510)
    • Rework button coloring, add focus and active colors (#24507)
    • New webhook trigger for receiving Pull Request review requests (#24481)
    • Add goto issue id function (#24479)
    • Fix incorrect webhook time and use relative-time to display it (#24477)
    • RSS icon fixes (#24476)
    • Replace N/A with - everywhere (#24474)
    • Pass 'not' to commit count (#24473)
    • Enhance stylelint rule config, remove dead CSS (#24472)
    • Remove font-awesome and fomantic icon module (#24471)
    • Improve "new-menu" (#24465)
    • Remove fomantic breadcrumb module (#24463)
    • Improve template system and panic recovery (#24461)
    • Make Issue/PR/projects more compact, misc CSS tweaks (#24459)
    • Replace remaining fontawesome dropdown icons with SVG (#24455)
    • Remove all direct references to font-awesome (#24448)
    • Move links out of translation (#24446)
    • Add ui-monospace and SF Mono to --fonts-monospace (#24442)
    • Hide 'Mirror Settings' when unneeded, improve hints (#24433)
    • Add "Updated" column for admin repositories list (#24429)
    • Improve issue list filter (#24425)
    • Rework header bar on issue, pull requests and milestone (#24420)
    • Improve template helper (#24417)
    • Make repo size style matches others (commits/branches/tags) (#24408)
    • Support markdown editor for issue template (#24400)
    • Improve commit date in commit graph (#24399)
    • Start cleaning the messy ".ui.left / .ui.right", improve label list page, fix stackable menu (#24393)
    • Merge setting.InitXXX into one function with options (#24389)
    • Move Rename branch from repo settings page to the page of branches list (#24380)
    • Improve protected branch setting page (#24379)
    • Display 'Unknown' when runner.version is empty (#24378)
    • Display owner of a runner as a tooltip instead of static text (#24377)
    • Fix incorrect last online time in runner_edit.tmpl (#24376)
    • Fix unclear IsRepositoryExist logic (#24374)
    • Add custom helm repo name generated from url (#24363)
    • Replace placeholders in licenses (#24354)
    • Add rerun workflow button and refactor to use SVG octicons (#24350)
    • Fix runner button height (#24338)
    • Restore bold on repolist (#24337)
    • Improve RSS (#24335)
    • Refactor "route" related code, fix Safari cookie bug (#24330)
    • Alert error message if open dependencies are included in the issues that try to batch close (#24329)
    • Add missed column title in runner management page (#24328)
    • Automatically select the org when click create repo from org dashboard (#24325)
    • Modify width of ui container, fine tune css for settings pages and org header (#24315)
    • Fix config list overflow and layout (#24312)
    • Improve some modal action buttons (#24289)
    • Move code from module to service (#24287)
    • Sort users and orgs on explore by recency by default (#24279)
    • Allow using localized absolute date times within phrases with place holders and localize issue due date events (#24275)
    • Show workflow config error on file view also (#24267)
    • Improve template helper functions: string/slice (#24266)
    • Use more specific test methods (#24265)
    • Add DumpVar helper function to help debugging templates (#24262)
    • Limit avatar upload to valid image files (#24258)
    • Improve emoji and mention matching (#24255)
    • Change to vertical navbar layout for secondary navbar for repo/user/admin settings (#24246)
    • Refactor config provider (#24245)
    • Improve test logger (#24235)
    • Default show closed actions list if all actions was closed (#24234)
    • Add missing badges in user profile for /projects and /packages (#24232)
    • Add repository counter badge to repository tab (#24205)
    • Move secrets and runners settings to actions settings (#24200)
    • Require at least one unit to be enabled (#24189)
    • Use same action status svg icons on actions list as on action page (#24178)
    • Use secondary pointing menu for tabs on user/organization home page (#24162)
    • Improve Wiki TOC (#24137)
    • Refactor locale number (#24134)
    • Localize activity heatmap (except tooltip) (#24131)
    • Fix duplicate modals when clicking on "remove all" repository button (#24129)
    • Add runner check in repo action page (#24124)
    • Support triggering workflows by wiki related events (#24119)
    • Refactor cookie (#24107)
    • Remove untranslatable on_date key (#24106)
    • Refactor delete_modal_actions template and use it for project column related actions (#24097)
    • Improve git log for debugging (#24095)
    • Add option to search for users is active join a team (#24093)
    • Add PDF rendering via PDFObject (#24086)
    • Refactor web route (#24080)
    • Make HTML template functions support context (#24056)
    • Refactor rename user and rename organization (#24052)
    • Localize milestone related time strings (#24051)
    • Expand selected file when clicking file tree (#24041)
    • Add popup to hashed comments/pull requests/issues in file editing/adding preview tab (#24040)
    • Add placeholder and aria attributes to release and wiki edit page (#24031)
    • Add new user types reserved, bot, and remote (#24026)
    • Allow adding SSH keys even if SSH server is disabled (#24025)
    • Use a general approach to access custom/static/builtin assets (#24022)
    • Update github.com/google/go-github to v52 (#24004)
    • Replace tribute with text-expander-element for textarea (#23985)
    • Group template helper functions, remove Printf, improve template error messages (#23982)
    • Drop "unrolled/render" package (#23965)
    • Add job.duration in web ui (#23963)
    • Tweak pull request branch delete ui (#23951)
    • Merge template functions "dict/Dict/mergeinto" (#23932)
    • Use a general Eval function for expressions in templates. (#23927)
    • Clean template/helper.go (#23922)
    • Actions: Use default branch as ref when a branch/tag delete occurs (#23910)
    • Add tooltips for MD editor buttons and add muted class for buttons (#23896)
    • Improve markdown editor: width, height, preferred (#23895)
    • Make Release Download URLs predictable (#23891)
    • Remove fomantic ".link" selector and styles (#23888)
    • Added close/open button to details page of milestone (#23877)
    • Introduce GitHub markdown editor, keep EasyMDE as fallback (#23876)
    • Introduce GiteaLocaleNumber custom element to handle number localization on pages. (#23861)
    • Make first section on home page full width (#23854)
    • Use different SVG for pending and running actions (#23836)
    • Display image size for multiarch container images (#23821)
    • Improve action log display with control chars (#23820)
    • Fix dropdown direction behavior (#23806)
    • Fix incorrect/Improve error handle in edit user page (#23805)
    • Use clippie module to copy to clipboard (#23801)
    • Make minio package support legacy MD5 checksum (#23768)
    • Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766)
    • Refactor docs (#23752)
    • Fix markup background, improve wiki rendering (#23750)
    • Make label templates have consistent behavior and priority (#23749)
    • Improve LoadUnitConfig to handle invalid or duplicate units (#23736)
    • Append (comment) when a link points at a comment rather than the whole issue (#23734)
    • Clean some legacy files and move some build files (#23699)
    • Refactor repo commit list (#23690)
    • Refactor internal API for git commands, use meaningful messages instead of "Internal Server Error" (#23687)
    • Add aria attributes to interactive time tooltips. (#23661)
    • Fix long project name display in issue list and in related dropdown (#23653)
    • Use data-tooltip-content for tippy tooltip (#23649)
    • Fix new issue/pull request btn margin when it is next to sort (#23647)
    • Fine tune more downdrop settings, use SVG for labels, improve Repo Topic Edit form (#23626)
    • Allow new file and edit file preview if it has editable extension (#23624)
    • Replace a few fontawesome icons with svg (#23602)
    • Publish Review buttons should indicate why they are disabled (#23598)
    • Convert issue list checkboxes to native (#23596)
    • Set opaque background on markup and images (#23578)
    • Use a general approach to show tooltip, fix temporary tooltip bug (#23574)
    • Improve <SvgIcon> to make it output svg node and optimize performance (#23570)
    • Enable color for consistency checks diffs (#23563)
    • Fix dropdown icon misalignment when using fomantic icon (#23558)
    • Decouple the issue-template code from comment_tab.tmpl (#23556)
    • Remove id="comment-form" dead code, fix tag (#23555)
    • Diff improvements (#23553)
    • Sort Python package descriptors by version to mimic PyPI format (#23550)
    • Use a general approch to improve a11y for all checkboxes and dropdowns. (#23542)
    • Fix long name ui issues and label ui issue (#23541)
    • Return repository in npm package metadata endpoint (#23539)
    • Use project.IconName instead of repeated unreadable if-else chains (#23538)
    • Remove stars in dashboard repo list (#23530)
    • Update mini-css-extract-plugin, remove postcss (#23520)
    • Change Close to either Close issue or Close pull request (#23506)
    • Fix theme-auto loading (#23504)
    • Fix tags sort by creation time (descending) on branch/tag dropdowns (#23491)
    • Display the version of runner in the runner list (#23490)
    • Replace Less with CSS (#23481)
    • Fix .locale.Tr function not found in delete modal (#23468)
    • Allow both fullname and username search when DEFAULT_SHOW_FULL_NAME is true (#23463)
    • Add project type descriptions in issue badge and improve project icons (#23437)
    • Use context for RepositoryList.LoadAttributes (#23435)
    • Refactor branch/tag selector to Vue SFC (#23421)
    • Keep (add if not existing) xmlns attribute for generated SVG images (#23410)
    • Refactor dashboard repo list to Vue SFC (#23405)
    • Add workflow error notification in ui (#23404)
    • Refactor branch/tag selector dropdown (first step) (#23394)
    • Reduce duplicate and useless code in options (#23369)
    • Convert <div class="button"> to <button class="button"> (#23337)
    • Add path prefix to ObjectStorage.Iterator (#23332)
    • Improve cache context (#23330)
    • Move pidfile creation from setting to web cmd package (#23285)
    • Fix tags view (#23243)
    • Add commit info in action page (#23210)
    • Support paste treepath when creating a new file or updating the file name (#23209)
    • Allow skipping forks and mirrors from being indexed (#23187)
    • Use context parameter in services/repository (#23186)
    • Hide target selector if tag exists when creating new release (#23171)
    • Improve FindProjects (#23085)
    • Clean Path in Options (#23006)
    • Add margin top to the top of branches (#23002)
    • Remove unnecessary and incorrect find('.menu').toggle() (#22987)
    • Improve GetBoards and getDefaultBoard (#22981)
    • Improve squash merge commit author and co-author with private emails (#22977)
    • Add --quiet option to gitea dump (#22969)
    • Add pagination for dashboard and user activity feeds (#22937)
    • Handle files starting with colons in WalkGitLog (#22935)
    • Add "Reviewed by you" filter for pull requests (#22927)
    • Parse external request id from request headers, and print it in access log (#22906)
    • Replace repo.namedBlob by git.TreeEntry. (#22898)
    • Pull Requests: add button to compare force pushed commits (#22857)
    • Fix pull request update showing too many commits with multiple branches (#22856)
    • Require approval to run actions for fork pull request (#22803)
    • Projects: rename Board to Column in interface and improve consistency (#22767)
    • Add user visibility in dashboard navbar (#22747)
    • Add .livemd as a markdown extension (#22730)
    • Clean up WebAuthn javascript code and remove JQuery code (#22697)
    • Merge message template support for rebase without merge commit (#22669)
    • Show editorconfig warnings when viewing a malformed editorconfig (#21257)
    • Npm packages: set repository link based on the url in package.json (#20379)
  • BUGFIXES
    • Add support for different Maven POM encoding (#25873) (#25890)
    • Fix incorrect repo url when changed the case of ownername (#25733) (#25881)
    • Fix empty project displayed in issue sidebar (#25802) (#25854)
    • Show correct SSL Mode on "install page" (#25818) (#25838)
    • Fix the error message when the token is incorrect (#25701) (#25836)
    • Fix incorrect oldest sort in project list (#25806) (#25835)
    • For API attachments, use API URL (#25639) (#25814)
    • Avoid amending the Rebase and Fast-forward merge if there is no message template (#25779) (#25809)
    • Make "install page" respect environment config (#25648) (#25799)
    • Fix activity type match in matchPullRequestEvent (#25746) (#25796)
    • Fix notification list bugs (#25781) (#25787)
    • Revert package access change from #23879 (#25707) (#25785)
    • Check ctx.Written() for GetActionIssue (#25698) (#25711)
    • Fix position of org follow button (#25688) (#25692)
    • Fix the nil pointer when assigning issues to projects (#25665) (#25677)
    • Log the real reason when authentication fails (but don't show the user) (#25414) (#25660)
    • Fix bug when change user name (#25637) (#25646)
    • Make "cancel" buttons have proper type in modal forms (#25618) (#25641)
    • Use AfterCommitId to get commit for Viewed functionality (#25529) (#25612)
    • Fix bug of branches API with tests(#25578) (#25579)
    • Fix content holes in Actions task logs file (#25560) (#25566)
    • Fix bugs related to notification endpoints (#25548) (#25562)
    • Add Adopt repository event and handler (#25497) (#25518)
    • Improve wiki sidebar and TOC (#25460) (#25477)
    • Make "dismiss" content shown correctly (#25461) (#25465)
    • Change default email domain for LDAP users (#25425) (#25434)
    • Fix missing commit message body when the message has leading newlines (#25418) (#25422)
    • Fix LDAP sync when Username Attribute is empty (#25278) (#25379)
    • Fetch all git data for embedding correct version in docker image (#25361) (#25373)
    • Fix incorrect actions ref_name (#25358) (#25367)
    • Write absolute AppDataPath to app.ini when installing (#25331) (#25347)
    • Fix incorrect config argument position for builtin SSH server (#25341)
    • Remove EasyMDE focus outline on text (#25328) (#25332)
    • Fix displayed RPM repo url (#25310) (#25313)
    • Fix index generation parallelly failure (#25235) (#25269)
    • Fix panic when migrating a repo from GitHub with issues (#25246) (#25247)
    • Fix task list checkbox toggle to work with YAML front matter (#25184) (#25227)
    • Fix compatible for webhook ref type (#25195) (#25223)
    • Hide limited users if viewed by anonymous ghost (#25214) (#25220)
    • Do not overwrite the log mode when installing (#25203) (#25209)
    • Fix fullscreen for action (#25200) (#25207)
    • Add WithPullRequest for actionsNotifier (#25144) (#25197)
    • Fix MilestoneIDs when querying issues (#25125) (#25141)
    • Fix incorrect git ignore rule and add missing license files (#25135) (#25138)
    • Remove incorrect element ID on "post-install" page (#25104) (#25129)
    • Fix 500 error caused by notifications without an issue such as repo transfers (#25101)
    • Help to recover from corrupted levelqueue (#24912)
    • Fix 500 error when select No assignee filter in issue list page (#24854)
    • Add validations.required check to dropdown field (#24849)
    • Reenable creating default webhooks. (#24626)
    • Fix incorrect user visibility (#24557)
    • Fix commits pushed with deploy keys not shown in dashboard (#24521)
    • Check length of LogIndexes in case it is outdated (#24516)
    • Fix incorrect CurrentUser check for docker rootless (#24441)
    • Fix some mistakes when using ignSignIn (#24415)
    • Fix incorrect CORS response in Http Git handler (#24303)
    • Fix issue attachment handling (#24202)
    • Make mention autocomplete case insensitive in new markdown editor (#24190)
    • Use 1.18's aria role for dropdown menus (#24144)
    • Fix internal sever error when visiting a PR that bound to the deleted team (#24127)
    • Add migration to fix external unit access mode of owner/admin team (#24117)
    • Show friendly 500 error page to users and developers (#24110)
    • Fix meilisearch not working when searching across multiple repositories (#24109)
    • Fix math and mermaid rendering bugs (#24049)
    • Remove "inverted" class on creating new label and cancel buttons (#24030)
    • Allow repo admins too to delete the repo (#23940)
    • Disable editing tags (#23883)
    • Fix review conversation reply (#23846)
    • Fix incorrect CORS failure detection logic (#23844)
    • Remove incorrect HTML self close tag (#23748)
    • Fix incorrect toggle buttons (#23676)
    • Introduce path Clean/Join helper functions (#23495)
    • Fix missed migration in #22235 (#23482)
    • Do not store user projects as organization projects (#23353)
    • Fix incorrect display for comment context menu (#23343)
    • Make Ctrl+Enter submit a pending comment (starting review) instead of submitting a single comment (#23245)
    • Fix submit button won't refresh in New Repository Fork page (#22994)
    • Remove stars when repo goes private (#19904)
  • TESTING
    • Add unit test for repository collaboration (#25640) (#25658)
    • Add missing test case and fix typo in tests (#24915)
    • Kd/fix redis unit test (#24650)
    • Add owner team permission check test (#24096)
    • Test renderReadmeFile (#23185)
    • Add default owner team to privated_org and limited_org in unit test (#23109)
    • Speed up HasUserStopwatch & GetActiveStopwatch (#23051)
    • Remove all package data after tests (#22984)
  • TRANSLATION
    • Backport locales to v1.20 (#25899)
    • Translate untranslated string in issues list (#25759) (#25761)
    • Remove broken translations (#25737)
    • Show correct naming for 1 comment (#25704) (#25712)
    • Add Chinese documentations for Actions (#24902)
    • Change valid_until translation to valid_until_date and include placeholder for the date (#24563)
    • Change add_on translation to added_on and include placeholder for the date (#24562)
    • Change join_on translation to joined_on and include placeholder for the date (#24550)
    • Use double quotes consistently in en-US (#24141)
    • Clarify Gitea/Crowdin locale behaviors, add tests for LocaleStore, fix some strings with semicolons (#23819)
    • Update localization.zh-cn.md (#23448)
    • Fix grammar in error message (#23273)
  • BUILD
    • Correct permissions for .ssh and authorized_keys (#25721) (#25730)
    • Upgrade snap to node 20 (#24990)
    • Use Go 1.20 for next release (#24859)
    • Ignore build for docs only (#24761)
    • Update cron-translations.yml (#24708)
    • Update to Alpine 3.18 (#24700)
    • Check latest version on CI (#24556)
    • Upgrade to Node 20 on CI, enable actions cancellation (#24524)
    • Mark /templates/swagger/v1_json.tmpl as generated file (#24306)
    • Enable forbidigo linter (#24278)
    • Introduce lint-md and compliance-docs pipeline (#24021)
    • Add eslint-plugin-custom-elements (#23991)
    • Update eslints for Vue 3 (#23935)
    • Improve backport-locales.go (#23807)
    • Don't run unnecessary steps when only docs changed (#23103)
  • DOCS
    • Docs: rootless docker ssh's default port is 2222 (#25771) (#25772)
    • Add documentation about supported workflow trigger events (#25582) (#25589)
    • Document creating an API key from the CLI (#25504)
    • Use the new download domain replace the old (#25405) (#25409)
    • Add Exoscale to installation on cloud provider docs (#25342) (#25346)
    • Improve some documents: release version, logging, NFS lock (#25202) (#25204)
    • Change branch name from master to main in some documents' links (#25126) (#25140)
    • Introduce how to configure cache when starting a Runner with Docker (#25077)
    • Docs: remove an extraneous whitespace (#24949)
    • Update Asciidoc markup example with safe defaults (#24920)
    • Fix <empty> in administration/config-cheat-sheet.en-us.md (#24905)
    • Rename docs packages title from xxx Packages Repository -> xxx Package Registry (#24895)
    • Replace drone exec to act_runner exec in test README.md (#24791)
    • Update packages overview page (#24730)
    • Docs for creating a user to run Gitea on Fedora/RHEL/CentOS (#24725)
    • Move actions as usage's subdirectory and update comparsion zh-cn version (#24719)
    • Document redis-cluster explicitly in config (#24717)
    • Improve reverse-proxy document and fix nginx config bug (#24616)
    • Fix broken README link (#24546)
    • Update CONTRIBUTING.md (#24492)
    • Docs for Gitea Actions (#24405)
    • Zh-cn support on doc pages (#24166)
    • Fix https setup doc zh-cn (#24015)
    • Adjust some documentations titles (#23941)
    • More specific and unique feed name for NuGet install command template. (#23889)
    • Clarify that Gitea requires JavaScript (#23677)
    • Rename develop -> development, contribute -> contributing, administer -> administration (#23662)
    • Update PR documentation (#23620)
    • Add package registry architecture overview (#23445)
    • Add gradle samples in maven doc of packages (#23374)
    • Improve the frontend guideline (#23298)
    • Add document for webcomponents (#23261)
    • Add Gitea Community Code of Conduct (#23188)
    • Avoid Hugo from adding quote to actions url (#23097)
    • Improve reverse proxies documentation (#23068)
    • Docs: HTTPS configuration for zh-cn (#23039)
  • MISC
    • Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) (#25576)
    • Align language menu icon and fit the footer area (#25556) (#25563)
    • Fix sub-command log level (#25537) (#25553)
    • Fix admin-dl-horizontal (#25512) (#25535)
    • Fix input line-height cutting off g (#25334) (#25533)
    • Clarify the reason why the user can't add a new email if there is a pending activation (#25509) (#25514)
    • Improve loadprojects for issue list (#25468) (#25493)
    • Use "utf8mb4" for MySQL by default (#25432)
    • Show outdated comments in files changed tab (#24936) (#25428)
    • Avoid polluting config file when "save" (#25395) (#25406)
    • Fix blank dir message when uploading files from web editor (#25391) (#25400)
    • Fix issue filters on mobile view (#25368) (#25371)
    • Avoid polluting the config (#25345) (#25354)
    • Fix action runner last online state on edit page (#25337)
    • Remove fomantic inverted variations (#25286) (#25289)
    • Show OAuth2 errors to end users (#25261) (#25271)
    • Fix profile render when the README.md size is larger than 1024 bytes (#25270)
    • Fix strange UI behavior of cancelling dismiss review modal (#25172)
    • Update js dependencies (#25137) (#25151)
    • Fix swagger documentation for multiple files API endpoint (#25110)
    • Fix link to customizing-gitea (#25056)
    • Add Link to Stars and Forks Page to Repo List (#24931)
    • Improve confusable character string (#24911)
    • Fix install page context, make the install page tests really test (#24858)
    • Add gitea manager reload-templates command (#24843)
    • Create pull request for base after editing file, if not enabled on fork (#24841)
    • Fix video width overflow in markdown, and other changes to match img (#24834)
    • Support Copy Link for video attachments (#24833)
    • Improve accessibility when (re-)viewing files (#24817)
    • Update JS dependencies (#24815)
    • Bump vm2 from 3.9.17 to 3.9.18 (#24742)
    • Add IsErrRepoFilesAlreadyExist check when fork repo (#24678)
    • Fix typo in act-runner file (#24652)
    • Do not send "registration success email" for external auth sources (#24632)
    • Filter get single commit (#24613)
    • Make diff view full width again (#24598)
    • Add permission check for moving issue action in project view page (#24589)
    • Revert "Prevent a user with a different email from accepting the team invite" (#24531)
    • Temporarily disable PATs until next release (#24527)
    • Clean up polluted styles and remove dead CSS code (#24497)
    • Faster git.GetDivergingCommits (#24482)
    • Fix test delivery button in repo webhook settings page (#24478)
    • Use globally shared HTMLRender (#24436)
    • Changelog 1.19.2 (#24365) (#24403)
    • Fix layouts of admin table / adapt repo / email test (#24370)
    • Gitea Actions add base_ref, head_ref, api_url, ref_type fields (#24356)
    • Fix 404 error when leaving the last private org team (#24322)
    • Improve External Wiki in Repo Header (#24304)
    • Updated upgrade script that is informing user that Gitea service has to be running in order to upgrade it (#24260)
    • Add run status in action view page (#24223)
    • Update JS dependencies (#24218)
    • Bump vm2 from 3.9.15 to 3.9.16 (#24089)
    • Update github.com/google/go-github to v51 (#23946)
    • Show visibility status of email in own profile (#23900)
    • Refactor authors dropdown (send get request from frontend to avoid long wait time) (#23890)
    • Add self to maintainers (#23644)
    • Upgrade to npm lockfile v3 and explicitely set it (#23561)
    • Improve indices for action table (#23532)
    • Update JS dependencies, Require Node.js 16 (#23528)
    • Add init file for Ubuntu (#23362)
    • Update go.mod dependencies (#23126)
    • Use minio/sha256-simd for accelerated SHA256 (#23052)
    • More detailed branch delete message (#22696)
    • Add tooltips to Hide comment type settings where necessary (#21306)

1.19.4 - 2023-07-04

  • SECURITY
    • Fix open redirect check for more cases (#25143) (#25155)
  • API
    • Return 404 in the API if the requested webhooks were not found (#24823) (#24830)
    • Fix organization field being null in GET /api/v1/teams/{id} (#24694) (#24696)
  • ENHANCEMENTS
    • Set --font-weight-bold to 600 (#24840)
    • Make mailer SMTP check have timed context (#24751) (#24759)
    • Do not select line numbers when selecting text from the action run logs (#24594) (#24596)
  • BUGFIXES
    • Fix bug when change user name (#25637) (#25645)
    • Fix task list checkbox toggle to work with YAML front matter (#25184) (#25236)
    • Hide limited users if viewed by anonymous ghost (#25214) (#25224)
    • Add WithPullRequest for actionsNotifier (#25144) (#25196)
    • Fix parallelly generating index failure with Mysql (#24567) (#25081)
    • GitLab migration: Sanitize response for reaction list (#25054) (#25059)
    • Fix users cannot visit issue attachment bug (#25019) (#25027)
    • Fix missing reference prefix of commits when sync mirror repository (#24994)
    • Only validate changed columns when update user (#24867) (#24903)
    • Make DeleteIssue use correct context (#24885)
    • Fix topics deleted via API not being deleted in org page (#24825) (#24829)
    • Fix Actions being enabled accidentally (#24802) (#24810)
    • Fix missed table name on iterate lfs meta objects (#24768) (#24774)
    • Fix safari cookie session bug (#24772)
    • Respect original content when creating secrets (#24745) (#24746)
    • Fix Pull Mirror out-of-sync bugs (#24732) (#24733)
    • Fix run list broken when trigger user deleted (#24706) (#24709)
    • Fix issues list page multiple selection update milestones (#24660) (#24663)
    • Fix: release page for empty or non-existing target (#24659)
    • Fix close org projects (#24588) (#24591)
    • Refresh the refernce of the closed PR when reopening (#24231) (#24587)
    • Fix the permission of team's Actions unit issue (#24536) (#24545)
    • Bump go.etcd.io/bbolt and blevesearch deps (#23062) (#24519)
    • Fix new wiki page mirror (#24518)
    • Match unqualified references when syncing pulls as well (#23070)
  • DOCS
    • Change branch name from master to main in some documents' links (#25126) (#25139)
    • Remove unnecessary content on docs (#24976) (#25001)
    • Unify doc links to use paths relative to doc folder (#24979) (#25000)
    • Fix docs documenting invalid @every for OLDER_THAN cron settings (#24695) (#24698)
  • MISC
    • Merge different languages for language stats (#24900) (#24921)
    • Hiding Secrets options when Actions feature is disabled (#24792)
    • Improve decryption failure message (#24573) (#24575)
    • Makefile: Use portable !, not GNUish -not, with find(1). (#24565) (#24572)

1.19.3 - 2023-05-03

  • SECURITY
    • Use golang 1.20.4 to fix CVE-2023-24539, CVE-2023-24540, and CVE-2023-29400
  • ENHANCEMENTS
    • Enable whitespace rendering on selection in Monaco (#24444) (#24485)
    • Improve milestone filter on issues page (#22423) (#24440)
  • BUGFIXES
    • Fix api error message if fork exists (#24487) (#24493)
    • Fix user-cards format (#24428) (#24431)
    • Fix incorrect CurrentUser check for docker rootless (#24435)
    • Getting the tag list does not require being signed in (#24413) (#24416)

1.19.2 - 2023-04-26

  • SECURITY
    • Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
    • Only delete secrets belonging to its owner (#24284) (#24286)
  • API
    • Fix typo in API route (#24310) (#24332)
    • Fix access token issue on some public endpoints (#24194) (#24259)
  • ENHANCEMENTS
    • Fix broken clone script on an empty archived repo (#24339) (#24348)
    • Fix Monaco IOS keyboard button (#24341) (#24347)
    • Don't set meta theme-color by default (#24340) (#24346)
    • Wrap too long push mirror addresses (#21120) (#24334)
    • Add --font-weight-bold and set previous bold to 601 (#24307) (#24331)
    • Unify nightly naming across binaries and docker images (#24116) (#24308)
    • Fix footer display (#24251) (#24269)
    • Fix label color, fix divider in dropdown (#24215) (#24244)
    • Vertical widths of containers removed (#24184) (#24211)
    • Use correct locale key for forks page (#24172) (#24175)
    • Sort repo topic labels by name (#24123) (#24153)
    • Highlight selected file in the PR file tree (#23947) (#24126)
  • BUGFIXES
    • Fix auth check bug (#24382) (#24387)
    • Add tags list for repos whose release setting is disabled (#23465) (#24369)
    • Fix wrong error info in RepoRefForAPI (#24344) (#24351)
    • Fix no edit/close/delete button in org repo project view page (#24349)
    • Respect the REGISTER_MANUAL_CONFIRM setting when registering via OIDC (#24035) (#24333)
    • Remove org users who belong to no teams (#24247) (#24313)
    • Fix bug when deleting wiki with no code write permission (#24274) (#24295)
    • Handle canceled workflow as a warning instead of a fail (#24282) (#24292)
    • Load reviewer for comments when dismissing a review (#24281) (#24288)
    • Show commit history for closed/merged PRs (#24238) (#24261)
    • Fix owner team access mode value in team_unit table (#24224)
    • Fix issue attachment handling (#24202) (#24221)
    • Fix incorrect CORS default values (#24206) (#24217)
    • Fix template error in pull request with deleted head repo (#24192) (#24216)
    • Don't list root repository on compare page if pulls not allowed (#24183) (#24210)
    • Fix calReleaseNumCommitsBehind (#24148) (#24197)
    • Fix Org edit page bugs: renaming detection, maxlength (#24161) (#24171)
    • Update redis library to support redis v7 (#24114) (#24156)
    • Use 1.18's aria role for dropdown menus (#24144) (#24155)
    • Fix 2-dot direct compare to use the right base commit (#24133) (#24150)
    • Fix incorrect server error content in RunnersList (#24118) (#24121)
    • Fix mismatch between hook events and github event types (#24048) (#24091)
  • BUILD
    • Support converting varchar to nvarchar for mssql database (#24105) (#24168)

1.19.1 - 2023-04-12

  • BREAKING
    • Rename actions unit to repo.actions and add docs for it (#23733) (#23881)
  • ENHANCEMENTS
    • Add card type to org/user level project on creation, edit and view (#24043) (#24066)
    • Refactor commit status for Actions jobs (#23786) (#24060)
    • Show errors for KaTeX and mermaid on the preview tab (#24009) (#24019)
    • Show protected branch rule names again (#23907) (#24018)
    • Adjust sticky PR header to cover background (#23956) (#23999)
    • Discolor pull request tab labels (#23950) (#23987)
    • Treat PRs with agit flow as fork PRs when triggering actions. (#23884) (#23967)
    • Left-align review comments (#23937)
    • Fix image border-radius (#23886) (#23930)
    • Scroll collapsed file into view (#23702) (#23929)
    • Fix code view (diff) broken layout (#23096) (#23918)
    • Org pages style fixes (#23901) (#23914)
    • Fix user profile description rendering (#23882) (#23902)
    • Fix review box viewport overflow issue (#23800) (#23898)
    • Prefill input values in OAuth settings as intended (#23829) (#23871)
    • CSS color tweaks (#23828) (#23842)
    • Fix incorrect visibility dropdown list in add/edit user page (#23804) (#23833)
    • Add CSS rules for basic colored labels (#23774) (#23777)
    • Add creation time in tag list page (#23693) (#23773)
    • Fix br display for packages curls (#23737) (#23764)
    • Fix issue due date edit toggle bug (#23723) (#23758)
    • Improve commit graph page UI alignment (#23751) (#23754)
    • Use GitHub Actions compatible globbing for branches, tag, path filter (#22804) (#23740)
    • Redirect to project again after editing it (#23326) (#23739)
    • Remove row clicking from notification table (#22695) (#23706)
    • Remove conflicting CSS rules on notifications, improve notifications table (#23565) (#23621)
    • Fix diff tree height and adjust target file style (#23616)
  • BUGFIXES
    • Improve error logging for LFS (#24072) (#24082)
    • Fix custom mailer template on Windows platform (#24081)
    • Update the value of diffEnd when clicking the Show More button in the DiffFileTree (#24069) (#24078)
    • Make label templates have consistent behavior and priority (#23749)
    • Fix accidental overwriting of LDAP team memberships (#24050) (#24065)
    • Fix branch protection priority (#24045) (#24061)
    • Use actions job link as commit status URL instead of run link (#24023) (#24032)
    • Add actions support to package auth verification (#23729) (#24028)
    • Fix protected branch for API (#24013) (#24027)
    • Do not escape space between PyPI repository URL and package name… (#23981) (#24008)
    • Fix redirect bug when creating issue from a project (#23971) (#23997)
    • Set ref to fully-formed of the tag when trigger event is release (#23944) (#23989)
    • Use Get/Set instead of Rename when regenerating session ID (#23975) (#23983)
    • Ensure RSS icon is present on all repo tabs (#23904) (#23973)
    • Remove Repository.getFilesChanged to fix Actions paths and paths-ignore filter (#23920) (#23969)
    • Delete deleted release attachments immediately from storage (#23913) (#23958)
    • Use ghost user if package creator does not exist (#23822) (#23915)
    • User/Org Feed render description as per web (#23887) (#23906)
    • Fix cases.Title crash for concurrency (#23885) (#23903)
    • Convert .Source.SkipVerify to $cfg.SkipVerify (#23839) (#23899)
    • Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path ... (#23874) (#23878)
    • Fix JS error when changing PR's target branch (#23862) (#23864)
    • Fix 500 error if there is a name conflict when editing authentication source (#23832) (#23852)
    • Fix closed PR also triggers Webhooks and actions (#23782) (#23834)
    • Fix checks for needs in Actions (#23789) (#23831)
    • Fix "Updating branch by merge" bug in "update_branch_by_merge.tmpl" (#23790) (#23825)
    • Fix cancel button in the page of project edit not work (#23655) (#23813)
    • Don't apply the group filter when listing LDAP group membership if it is empty (#23745) (#23788)
    • Fix profile page email display, respect settings (#23747) (#23756)
    • Fix project card preview select and template select (#23684) (#23731)
    • Check LFS/Packages settings in dump and doctor command (#23631) (#23730)
    • Add git dashes separator to some "log" and "diff" commands (#23606) (#23720)
    • Create commit status when event is pull_request_sync (#23683) (#23691)
    • Fix incorrect HookEventType of pull request review comments (#23650) (#23678)
    • Fix incorrect show-modal and show-panel class (#23660) (#23663)
    • Improve workflow event triggers (#23613) (#23648)
    • Introduce path Clean/Join helper functions, partially backport&refactor (#23495) (#23607)
    • Fix pagination on /notifications/watching (#23564) (#23603)
    • Fix submodule is nil panic (#23588) (#23601)
    • Polyfill the window.customElements (#23592) (#23595)
    • Avoid too long names for actions (#23162) (#23190)
  • TRANSLATION
    • Backport locales (with manual fixes) (#23808, #23634, #24083)
  • BUILD
    • Hardcode the path to docker images (#23955) (#23968)
  • DOCS
    • Update documentation to explain which projects allow Gitea to host static pages (#23993) (#24058)
    • Merge push to create, open PR from push, and push options docs articles into one (#23744) (#23959)
    • Fix code blocks in the cheat sheet (#23664) (#23669)
  • MISC
    • Do not crash when parsing an invalid workflow file (#23972) (#23976)
    • Remove assertion debug code for show/hide refactoring (#23576) (#23868)
    • Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766) (#23791)
    • Make minio package support legacy MD5 checksum (#23768) (#23770)
    • Improve template error reporting (#23396) (#23600)

1.19.0 - 2023-03-19

  • BREAKING
    • Add loading yaml label template files (#22976) (#23232)
    • Make issue and code search support camel case for Bleve (#22829)
    • Repositories: by default disable all units except code and pulls on forks (#22541)
    • Support template for merge message description (#22248)
    • Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
    • Implement actions (#21937)
    • Remove deprecated DSA host key from Docker Container (#21522)
    • Improve valid user name check (#20136)
  • SECURITY
    • Return 404 instead of 403 if user can not access the repo (#23155) (#23158)
    • Support scoped access tokens (#20908)
  • FEATURES
    • Add support for commit cross references (#22645)
    • Scoped labels (#22585)
    • Add Chef package registry (#22554)
    • Support asciicast files as new markup (#22448)
    • cgo cross-compile for freebsd (#22397)
    • Add cron method to gc LFS MetaObjects (#22385)
    • Add new captcha: cloudflare turnstile (#22369)
    • Enable @<user>- completion popup on the release description textarea (#22359)
    • make /{username}.png redirect to user/org avatar (#22356)
    • Add Conda package registry (#22262)
    • Support org/user level projects (#22235)
    • Add Mermaid copy button (#22225)
    • Add user secrets (#22191)
    • Secrets storage with SecretKey encrypted (#22142)
    • Preview images for Issue cards in Project Board view (#22112)
    • Add support for incoming emails (#22056)
    • Add Cargo package registry (#21888)
    • Add option to prohibit fork if user reached maximum limit of repositories (#21848)
    • Add attention blocks within quote blocks for Note and Warning (#21711)
    • Add Feed for Releases and Tags (#21696)
    • Add package registry cleanup rules (#21658)
    • Add "Copy" button to file view of raw text (#21629)
    • Allow disable sitemap (#21617)
    • Add package registry quota limits (#21584)
    • Map OIDC groups to Orgs/Teams (#21441)
    • Keep languages defined in .gitattributes (#21403)
    • Add Webhook authorization header (#20926)
    • Supports wildcard protected branch (#20825)
    • Copy citation file content, in APA and BibTex format, on repo home page (#19999)
  • API
    • Match api migration behavior to web behavior (#23552) (#23573)
    • Purge API comment (#23451) (#23452)
    • User creation API: allow custom "created" timestamps (#22549)
    • Add updated_at field to PullReview API object (#21812)
    • Add API management for issue/pull and comment attachments (#21783)
    • Add API endpoint to get latest release (#21267)
    • Support system hook API (#14537)
  • ENHANCEMENTS
    • Add .patch to attachment.ALLOWED_TYPES (#23580) (#23582)
    • Fix sticky header in diff view (#23554) (#23568)
    • Refactor merge/update git command calls (#23366) (#23544)
    • Fix review comment context menu clipped bug (#23523) (#23543)
    • Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) (#23513) (#23540)
    • Increase horizontal page padding (#23507) (#23537)
    • Use octicon-verified for gpg signatures (#23529) (#23536)
    • Make time tooltips interactive (#23526) (#23527)
    • Replace Less with CSS (#23508)
    • Fix 'View File' button in code search (#23478) (#23483)
    • Convert GitHub event on actions and fix some pull_request events. (#23037) (#23471)
    • Support reflogs (#22451) (#23438)
    • Fix actions frontend bugs (pagination, long name alignment) and small simplify (#23370) (#23436)
    • Scoped label display and documentation tweaks (#23430) (#23433)
    • Add missing tabs to org projects page (#22705) (#23412)
    • Fix and move "Use this template" button (#23398) (#23408)
    • Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397) (#23403)
    • Rename canWriteUnit to canWriteProjects (#23386) (#23399)
    • Refactor and tidy-up the merge/update branch code (#22568) (#23365)
    • Refactor setting.Database.UseXXX to methods (#23354) (#23356)
    • Fix incorrect project links and use symlink icon for org-wide projects (#23325) (#23336)
    • Fix PR view misalignment caused by long name file (#23321) (#23335)
    • Scoped labels: don't require holding alt key to remove (#23303) (#23331)
    • Add context when rendering labels or emojis (#23281) (#23319)
    • Change interactiveBorder to fix popup preview (#23169) (#23314)
    • Scoped labels: set aria-disabled on muted Exclusive option for a11y (#23306) (#23311)
    • update to mermaid v10 (#23178) (#23299)
    • Fix code wrap for unbroken lines (#23268) (#23293)
    • Use async await to fix empty quote reply at first time (#23168) (#23256)
    • Fix switched citation format (#23250) (#23253)
    • Allow <video> in MarkDown (#22892) (#23236)
    • Order pull request conflict checking by recently updated, for each push (#23220) (#23225)
    • Fix Fomantic UI's touchstart fastclick, always use click for click events (#23065) (#23195)
    • Add word-break to sidebar-item-link (#23146) (#23180)
    • Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177)
    • Fix height for sticky head on large screen on PR page (#23111) (#23123)
    • Change style to improve whitespaces trimming inside inline markdown code (#23093) (#23120)
    • Avoid warning for system setting when start up (#23054) (#23116)
    • Add accessibility to the menu on the navbar (#23059) (#23095)
    • Improve accessibility for issue comments (#22612) (#23083)
    • Remove delete button for review comment (#23036)
    • Remove dashes between organization member avatars on hover (#23034)
    • Use gt-relative class instead of the ambiguous gt-pr class (#23008)
    • handle deprecated settings (#22992)
    • Add scopes to API to create token and display them (#22989)
    • Improve PR Review Box UI (#22986)
    • Improve issues.LoadProject (#22982)
    • Add all units to the units permission list in org team members sidebar (#22971)
    • Rename GetUnits to LoadUnits (#22970)
    • Rename repo.GetOwner to repo.LoadOwner (#22967)
    • Rename "People" to "Members" in organization page and use a better icon (#22960)
    • Fix avatar misalignment (#22955)
    • Sort issues and pulls by recently updated in user and organization home (#22925)
    • Add title to PR file tree items (#22918)
    • First step to refactor the .hide to .gt-hidden (#22916)
    • Add tooltip to issue reference (#22913)
    • Always show the command line instructions button even if there are conflicts (#22909)
    • Fix dark-colored description text in arc-green theme (#22908)
    • Remove Fomantic-UI's .hidden CSS class for menu elements (#22895)
    • Move helpers to be prefixed with gt- (#22879)
    • Move IsReadmeFile* from modules/markup/ to modules/util (#22877)
    • Highlight focused diff file (#22870)
    • Add some headings to repo views (#22869)
    • Fix milestone title font problem (#22863)
    • Pull Requests: setting to allow edits by maintainers by default, tweak UI (#22862)
    • Introduce customized HTML elements, fix incorrect AppUrl usages in templates (#22861)
    • Add /$count endpoints for NuGet v2 (#22855)
    • Remove Fomantic-UI's .hidden CSS class for checkbox elements (#22851)
    • Fix notification and stopwatch empty states (#22845)
    • Always go full width in PR view (#22844)
    • Improve AppUrl/ROOT_URL checking (#22836)
    • Fix style of actions rerun button (#22835)
    • Fix more HTMLURL in templates (#22831)
    • Fix inconsistent Filter Project name in issue list (#22827)
    • include build info in Prometheus metrics (#22819)
    • Make clone URL use current page's host (#22808)
    • Refactor legacy strange git operations (#22756)
    • Improve error report when user passes a private key (#22726)
    • set user dashboard org visibility to basic (#22706)
    • Fix diff UI for unexpandable items (#22700)
    • Remove 'primary' class from tab counter labels (#22687)
    • Add more events details supports for actions (#22680)
    • Refactor git command package to improve security and maintainability (#22678)
    • Use relative url in actions view (#22675)
    • set user visibility class to basic (#22674)
    • Add repository setting to enable/disable releases unit (#22671)
    • Remove label color from global issue filters (#22660)
    • Fix poor alignment of organization description on organization home page (#22656)
    • Small refactor for loading PRs (#22652)
    • Allow setting access token scope by CLI (#22648)
    • Improve accessibility of navigation bar and footer (#22635)
    • Fixes accessibility behavior of Watching, Staring and Fork buttons (#22634)
    • Fixes accessibility of empty repository commit status (#22632)
    • Pull request yaml template support for including commit body in a field (#22629)
    • Show migration validation error (#22619)
    • set org visibility class to basic in header (#22605)
    • Fix cache-control header clearing comment text when editing issue (#22604)
    • Add ARIA support for Fomantic UI checkboxes (#22599)
    • Add templates to customize text when creating and migrating repositories (#22597)
    • Allow setting redirect_to cookie on OAuth login (#22594)
    • Improve checkbox accessibility a bit by adding the title attribute (#22593)
    • Allow issue templates to not render title (#22589)
    • Webhooks: for issue close/reopen action, add commit ID that caused it (#22583)
    • Fix missing title and filter in issue sidebar project menu (#22557)
    • Issues: support setting issue template field values with query (#22545)
    • Issues: add Project filter to issues list and search (#22544)
    • Pull Requests: add color to approved/reject icon in pull requests list (#22543)
    • Mute all links in issue timeline (#22533)
    • Dropzone: Add "Copy link" button for new uploads (#22517)
    • Support importing comment types (#22510)
    • Load asciicast css async (#22502)
    • Move delete user to service (#22478)
    • Change use of Walk to WalkDir to improve disk performance (#22462)
    • Add reply hint to mail text (#22459)
    • fix wrong theme class when logged out if default theme is changed (#22408)
    • Refactor the setting to make unit test easier (#22405)
    • Improve utils of slices (#22379)
    • Use context parameter in models/git (#22367)
    • Always reuse transaction (#22362)
    • Fix unstable emoji sort (#22346)
    • Add context cache as a request level cache (#22294)
    • Reminder for no more logs to console (#22282)
    • Support estimated count with multiple schemas (#22276)
    • Move convert package to services (#22264)
    • Use dynamic package type list (#22263)
    • Hide file borders on sticky diff box (#22217)
    • Improve notification and stopwatch styles (#22169)
    • Fixed Project view .board-column height for tall screens. (#22108)
    • Use multi reader instead to concat strings (#22099)
    • Use git command instead of exec.Cmd in blame (#22098)
    • Fix autofilled text visibility in dark mode (#22088)
    • Rename almost all Ctx functions (#22071)
    • Rename actions to operations on UI (#22067)
    • refactor bind functions based on generics (#22055)
    • Support disabling database auto migration (#22053)
    • remove duplicated read file code (#22042)
    • Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986)
    • Skip initing disabled storages (#21985)
    • Add doctor command for full GC of LFS (#21978)
    • Util type to parse ref name (#21969)
    • Replace fmt.Sprintf with hex.EncodeToString (#21960)
    • Use random bytes to generate access token (#21959)
    • Add index for access_token (#21908)
    • Move all remaining colors into CSS variables (#21903)
    • Webhook list enhancements (#21893)
    • Embed Matrix icon as SVG (#21890)
    • Remove useless "Cancel" buttons (#21872)
    • fix(web): keep the pages of the navigation in the center (#21867)
    • fix(web): reduce page jitter on browsers that support overlay scrollbar (#21850)
    • Improvements for Content Copy (#21842)
    • Tweak katex options (#21828)
    • Show syntax lexer name in file view/blame (#21814)
    • Remove href="javascript:;" in "save topics (Done)" button (#21813)
    • Render number of commits in repo page in a user friendly way (#21786)
    • Adjust clone timeout error to suggest increasing timeout (#21769)
    • Update message of reach_limit_of_creation (#21757)
    • Allow detect whether it's in a database transaction for a context.Context (#21756)
    • Add configuration for CORS allowed headers (#21747)
    • Move svg html render to modules/svg (#21716)
    • Release and Tag List tweaks (#21712)
    • Remove template previewer (#21701)
    • Clean up formatting on install page (#21668)
    • Configure update checker on installation page (#21655)
    • Merge db.Iterate and IterateObjects (#21641)
    • Add option to enable CAPTCHA validation for login (#21638)
    • Allow disable RSS/Atom feed (#21622)
    • Use CSS color-scheme instead of invert (#21616)
    • Localize time units on activity heatmap (#21570)
    • Fix UI column width, button overflow Fomantic's grid (#21559)
    • feat: notify doers of a merge when automerging (#21553)
    • Split migrations folder (#21549)
    • feat: add button to quickly clear merge message (#21548)
    • Add context.Context to more methods (#21546)
    • Add index for hook_task table (#21545)
    • Allow disable code tab (#20805)
  • BUGFIXES
    • Fix template error when reference Project (#23584)
    • Fix dropdown icon misalignment when using fomantic icon (#23558) (#23577)
    • Fix diff detail buttons wrapping, use tippy for review box (#23271) (#23546)
    • Handle missing README in create repos API (#23387) (#23510)
    • Disable sending email after push a commit to a closed PR (#23462) (#23492)
    • Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem (#23450) (#23486)
    • Fix due date being wrong on issue list (#23475) (#23477)
    • Remove wrongly added column on migration test fixtures (#23456) (#23470)
    • Make branches list page operations remember current page (#23420) (#23460)
    • Fix missing commit status in PR which from forked repo (#23351) (#23453)
    • Show edit/close/delete button on organization wide repositories (#23388) (#23429)
    • Preserve file size when creating attachments (#23406) (#23426)
    • Fix broken Chroma CSS styles (#23174) (#23402)
    • Fix incorrect NotFound conditions in org/projects.go (#23384) (#23395)
    • Set X-Gitea-Debug header once (#23361) (#23381)
    • Pass context to avatar for projects view (#23359) (#23378)
    • Fix panic when getting notes by ref (#23372) (#23377)
    • Do not recognize text files as audio (#23355) (#23368)
    • Fix adding of empty class name (#23352) (#23360)
    • Fix various ImageDiff/SVG bugs (#23312) (#23358)
    • Fix incorrect display for comment context menu (#23343) (#23344)
    • Remove unnecessary space on link (#23334) (#23340)
    • Fix incorrect redirect link of delete org project (#23327) (#23339)
    • Fix cannot reopen after pushing commits to a closed PR (#23189) (#23324)
    • Fix broken code editor diff preview (#23307) (#23320)
    • Support sanitising the URL by removing extra slashes in the URL (#21333) (#23300)
    • Avoid panic caused by broken payload when creating commit status (#23216) (#23294)
    • Fill head commit to in payload when notifying push commits for mirroring (#23215) (#23292)
    • Fix various bugs for "install" page (#23194) (#23286)
    • Fix GetFilesChangedBetween if the file name may be escaped (#23272) (#23279)
    • Revert relative links to absolute links in mail templates (#23267) (#23269)
    • Fix commit retrieval by tag (#21804) (#23266)
    • Use correct README link to render the README (#23152) (#23264)
    • Close the temp file when dumping database to make the temp file can be deleted on Windows (#23249) (#23251)
    • Use the correct selector to hide the checkmark of selected labels on clear (#23224) (#23228)
    • Fix incorrect checkbox behaviors in the dashboard repolist's filter (#23147) (#23205)
    • Properly flush unique queues on startup (#23154) (#23201)
    • Pass --global when calling git config --get, for consistency with git config --set (#23157) (#23199)
    • Make gitea serv respect git binary home (#23138) (#23197)
    • Change button text for commenting and closing an issue at the same time (#23135) (#23182)
    • Fix DBConsistency checks on MSSQL (#23132) (#23134)
    • Show empty repos in Admin Repository Management page (#23114) (#23130)
    • Redirect to the commit page after applying patch (#23056) (#23127)
    • Fix nil context in RenderMarkdownToHtml (#23092) (#23108)
    • Make issue meta dropdown support Enter, confirm before reloading (#23014) (#23102)
    • Fix SyncOnCommit always return false in API of push_mirrors (#23088) (#23100)
    • Fix commit name in Apply Patch page (#23086) (#23099)
    • Fix some more hidden problems (#23074) (#23075)
    • Bump golang.org/x/net from 0.4.0 to 0.7.0 (#22980)
    • Get rules by id when editing branch protection rule (#22932)
    • Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) (#22921)
    • Increase Content field size of gpg_import_key to MEDIUMTEXT (#22897)
    • Fix hidden commit status on multiple checks (#22889)
    • Fix update by rebase being wrongly disabled by protected base branch (#22825)
    • Make issue title edit buttons focusable and fix incorrect ajax requests (#22807)
    • Fix rerun button of Actions (#22798)
    • remove update language in ProfilePost (#22748)
    • Do not overwrite empty DefaultBranch (#22708)
    • Fix ref to trigger Actions (#22679)
    • Fix time to NotifyPullRequestSynchronized (#22650)
    • Show all projects, not just repo projects and open/closed projects (#22640)
    • Project links should use parent link methods (#22587)
    • Fix group filter for ldap source sync (#22506)
    • Check quota limits for container uploads (#22450)
    • Fix halfCommitter and WithTx (#22366)
    • Attempt to fix TestExportUserGPGKeys (#22159)
    • Fix heatmap first color being unused (#22157)
    • Fix scroll over mermaid frame (#21925)
    • Move migration test fixtures to the correct directories (#21901)
    • fix(web): add alt for logo in home page (#21887)
    • Fix webhook attachment text is not set in review comment (#21763)
    • Alter package_version.metadata_json to LONGTEXT (#21667)
    • Ensure that Webhook tasks are not double delivered (#21558)
  • TESTING
    • Make CI use a dummy password hasher for all tests (#22983)
    • Disable test for incoming email (#22686)
    • Move fuzz tests into tests/fuzz (#22376)
    • Test views of LFS files (#22196)
    • Specify ID in TestAPITeam (#22192)
    • verify nodeinfo response by schema (#22137)
    • Skip GitHub migration tests if the API token is undefined (#21824)
    • Add a simple test for external renderer (#20033)
  • TRANSLATION
    • Use "Title Case" for text "Reference in new issue" (#22936)
  • BUILD
    • Wrap unless-check in docker manifests (#23079) (#23081)
    • Adjust manifest to prevent tagging latest on rcs (#22811)
    • update to build with go1.20 (#22732)
    • Add Bash and Zsh completion scripts (#22646)
    • Add Contributed backport command (#22643)
    • Remove deprecated packages & staticcheck fixes (#22012)
    • Update to Alpine 3.17 (#21904)
    • Fix webpack license warning (#21815)
  • DOCS
    • Update documentation for the new YAML label file format (#23020) (#23341)
    • Update hacking-on-gitea-zh_cn documentation (#23315) (#23323)
    • Add basic documentation for labels, including scoped labels (#23304) (#23309)
    • Re-add accidentally removed hacking-on-gitea.zh-cn.md (#23297) (#23305)
    • Fix secrets overview page missing from docs sidebar (#23143) (#23145)
    • Add some guidelines for refactoring (#22880)
    • Explain that the no-access team unit does not affect public repositories (#22661)
    • Fix incorrect Redis URL snippets in the example app.ini (#22573)
    • docs: add swagger.json file location to FAQ (#22489)
    • Update index.de-de.md (#22363)
    • Update Gmail mailer configuration (#22291)
    • Add missed reverse proxy authentication documentation (#22250)
    • Add plural definitions for German translations (#21802)
    • Attempt clarify AppWorkPath etc. (#21656)
    • Add some documentation to packages (#21648)
  • MISC
    • Use <nav> instead of <div> in the global navbar (#23125) (#23533)
    • Do not create commit graph for temporary repos (#23219) (#23229)
    • Update button is shown when a Pull Request is marked WIP - Issue #21740 (#22683)
    • Add main landmark to templates and adjust titles (#22670)
    • Fix error on account activation with wrong passwd (#22609)
    • Update JS dependencies (#22538)
    • Display unreferenced packages total size in package admin panel (#22498)
    • Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. (#22152)
    • Update chroma to v2.4.0 (#22000)
    • Hide collapse icon in diff with no lines (#21094)

1.18.5 - 2023-02-21

  • ENHANCEMENTS
    • Hide 2FA status from other members in organization members list (#22999) (#23023)
  • BUGFIXES
    • Add force_merge to merge request and fix checking mergable (#23010) (#23032)
    • Use --message=%s for git commit message (#23028) (#23029)
    • Render access log template as text instead of HTML (#23013) (#23025)
    • Fix the Manually Merged form (#23015) (#23017)
    • Use beforeCommit instead of baseCommit (#22949) (#22996)
    • Display attachments of review comment when comment content is blank (#23035) (#23046)
    • Return empty url for submodule tree entries (#23043) (#23048)

1.18.4 - 2023-02-20

  • SECURITY
    • Provide the ability to set password hash algorithm parameters (#22942) (#22943)
    • Add command to bulk set must-change-password (#22823) (#22928)
  • ENHANCEMENTS
    • Use import of OCI structs (#22765) (#22805)
    • Fix color of tertiary button on dark theme (#22739) (#22744)
    • Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642)
  • BUGFIXES
    • Notify on container image create (#22806) (#22965)
    • Fix blame view missing lines (#22826) (#22929)
    • Fix incorrect role labels for migrated issues and comments (#22914) (#22923)
    • Fix PR file tree folders no longer collapsing (#22864) (#22872)
    • Escape filename when assemble URL (#22850) (#22871)
    • Fix isAllowed of escapeStreamer (#22814) (#22837)
    • Load issue before accessing index in merge message (#22822) (#22830)
    • Improve trace logging for pulls and processes (#22633) (#22812)
    • Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794)
    • Add default user visibility to cli command "admin user create" (#22750) (#22760)
    • Escape path for the file list (#22741) (#22757)
    • Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721)
    • Add missing close bracket in imagediff (#22710) (#22712)
    • Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707)
    • Fix line spacing for plaintext previews (#22699) (#22701)
    • Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698)
    • Fix README TOC links (#22577) (#22677)
    • Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658)
    • Improve checkIfPRContentChanged (#22611) (#22644)
    • Prevent duplicate labels when importing more than 99 (#22591) (#22598)
    • Don't return duplicated users who can create org repo (#22560) (#22562)
  • BUILD
    • Upgrade golangcilint to v1.51.0 (#22764)
  • MISC
    • Use proxy for pull mirror (#22771) (#22772)
    • Use --index-url in PyPi description (#22620) (#22636)

1.18.3 - 2023-01-23

  • SECURITY
    • Prevent multiple To recipients (#22566) (#22569)
  • BUGFIXES
    • Truncate commit summary on repo files table. (#22551) (#22552)
    • Mute all links in issue timeline (#22534)

1.18.2 - 2023-01-19

  • BUGFIXES
    • Fix issue not auto-closing when it includes a reference to a branch (#22514) (#22521)
    • Fix invalid issue branch reference if not specified in template (#22513) (#22520)
    • Fix 500 error viewing pull request when fork has pull requests disabled (#22512) (#22515)
    • Reliable selection of admin user (#22509) (#22511)
    • Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479) (#22496)
  • BUILD
    • cgo cross-compile for freebsd (#22397) (#22519)

1.18.1 - 2023-01-17

  • API
    • Add sync_on_commit option for push mirrors api (#22271) (#22292)
  • BUGFIXES
    • Update github.com/zeripath/zapx/v15 (#22485)
    • Fix pull request API field closed_at always being null (#22482) (#22483)
    • Fix container blob mount (#22226) (#22476)
    • Fix error when calculating repository size (#22392) (#22474)
    • Fix Operator does not exist bug on explore page with ONLY_SHOW_RELEVANT_REPOS (#22454) (#22472)
    • Fix environments for KaTeX and error reporting (#22453) (#22473)
    • Remove the netgo tag for Windows build (#22467) (#22468)
    • Fix migration from GitBucket (#22477) (#22465)
    • Prevent panic on looking at api "git" endpoints for empty repos (#22457) (#22458)
    • Fix PR status layout on mobile (#21547) (#22441)
    • Fix wechatwork webhook sends empty content in PR review (#21762) (#22440)
    • Remove duplicate "Actions" label in mobile view (#21974) (#22439)
    • Fix leaving organization bug on user settings -> orgs (#21983) (#22438)
    • Fixed colour transparency regex matching in project board sorting (#22092) (#22437)
    • Correctly handle select on multiple channels in Queues (#22146) (#22428)
    • Prepend refs/heads/ to issue template refs (#20461) (#22427)
    • Restore function to "Show more" buttons (#22399) (#22426)
    • Continue GCing other repos on error in one repo (#22422) (#22425)
    • Allow HOST has no port (#22280) (#22409)
    • Fix omit avatar_url in discord payload when empty (#22393) (#22394)
    • Don't display stop watch top bar icon when disabled and hidden when click other place (#22374) (#22387)
    • Don't lookup mail server when using sendmail (#22300) (#22383)
    • Fix gravatar disable bug (#22337)
    • Fix update settings table on install (#22326) (#22327)
    • Fix sitemap (#22272) (#22320)
    • Fix code search title translation (#22285) (#22316)
    • Fix due date rendering the wrong date in issue (#22302) (#22306)
    • Fix get system setting bug when enabled redis cache (#22298)
    • Fix bug of DisableGravatar default value (#22297)
    • Fix key signature error page (#22229) (#22230)
  • TESTING
    • Remove test session cache to reduce possible concurrent problem (#22199) (#22429)
  • MISC
    • Restore previous official review when an official review is deleted (#22449) (#22460)
    • Log STDERR of external renderer when it fails (#22442) (#22444)

1.18.0 - 2022-12-29

  • SECURITY
    • Remove ReverseProxy authentication from the API (#22219) (#22251)
    • Support Go Vulnerability Management (#21139)
    • Forbid HTML string tooltips (#20935)
  • BREAKING
    • Rework mailer settings (#18982)
    • Remove U2F support (#20141)
    • Refactor i18n to locale (#20153)
    • Enable contenthash in filename for dynamic assets (#20813)
  • FEATURES
    • Add color previews in markdown (#21474)
    • Allow package version sorting (#21453)
    • Add support for Chocolatey/NuGet v2 API (#21393)
    • Add API endpoint to get changed files of a PR (#21177)
    • Add filetree on left of diff view (#21012)
    • Support Issue forms and PR forms (#20987)
    • Add support for Vagrant packages (#20930)
    • Add support for npm unpublish (#20688)
    • Add badge capabilities to users (#20607)
    • Add issue filter for Author (#20578)
    • Add KaTeX rendering to Markdown. (#20571)
    • Add support for Pub packages (#20560)
    • Support localized README (#20508)
    • Add support mCaptcha as captcha provider (#20458)
    • Add team member invite by email (#20307)
    • Added email notification option to receive all own messages (#20179)
    • Switch Unicode Escaping to a VSCode-like system (#19990)
    • Add user/organization code search (#19977)
    • Only show relevant repositories on explore page (#19361)
    • User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
    • Add sitemap support (#18407)
    • Allow creation of OAuth2 applications for orgs (#18084)
    • Add system setting table with cache and also add cache supports for user setting (#18058)
    • Add pages to view watched repos and subscribed issues/PRs (#17156)
    • Support Proxy protocol (#12527)
    • Implement sync push mirror on commit (#19411)
  • API
    • Allow empty assignees on pull request edit (#22150) (#22214)
    • Make external issue tracker regexp configurable via API (#21338)
    • Add name field for org api (#21270)
    • Show teams with no members if user is admin (#21204)
    • Add latest commit's SHA to content response (#20398)
    • Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079)
    • Add new endpoints for push mirrors management (#19841)
  • ENHANCEMENTS
    • Add setting to disable the git apply step in test patch (#22130) (#22170)
    • Multiple improvements for comment edit diff (#21990) (#22007)
    • Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21928)
    • Fix flex layout for repo list icons (#21896) (#21920)
    • Fix vertical align of committer avatar rendered by email address (#21884) (#21918)
    • Fix setting HTTP headers after write (#21833) (#21877)
    • Color and Style enhancements (#21784, #21799) (#21868)
    • Ignore line anchor links with leading zeroes (#21728) (#21776)
    • Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738)
    • Use CSS color-scheme instead of invert (#21616) (#21623)
    • Respect user's locale when rendering the date range in the repo activity page (#21410)
    • Change commits-table column width (#21564)
    • Refactor git command arguments and make all arguments to be safe to be used (#21535)
    • CSS color enhancements (#21534)
    • Add link to user profile in markdown mention only if user exists (#21533, #21554)
    • Add option to skip index dirs (#21501)
    • Diff file tree tweaks (#21446)
    • Localize all timestamps (#21440)
    • Add code highlighting in issue titles (#21432)
    • Use Name instead of DisplayName in LFS Lock (#21415)
    • Consolidate more CSS colors into variables (#21402)
    • Redirect to new repository owner (#21398)
    • Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396)
    • Use weighted algorithm for string matching when finding files in repo (#21370)
    • Show private data in feeds (#21369)
    • Refactor parseTreeEntries, speed up tree list (#21368)
    • Add GET and DELETE endpoints for Docker blob uploads (#21367)
    • Add nicer error handling on template compile errors (#21350)
    • Add stat to ToCommit function for speed (#21337)
    • Support instance-wide OAuth2 applications (#21335)
    • Record OAuth client type at registration (#21316)
    • Add new CSS variables --color-accent and --color-small-accent (#21305)
    • Improve error descriptions for unauthorized_client (#21292)
    • Case-insensitive "find files in repo" (#21269)
    • Consolidate more CSS rules, fix inline code on arc-green (#21260)
    • Log real ip of requests from ssh (#21216)
    • Save files in local storage as group readable (#21198)
    • Enable fluid page layout on medium size viewports (#21178)
    • File header tweaks (#21175)
    • Added missing headers on user packages page (#21172)
    • Display image digest for container packages (#21170)
    • Skip dirty check for team forms (#21154)
    • Keep path when creating a new branch (#21153)
    • Remove fomantic image module (#21145)
    • Make labels clickable in the comments section. (#21137)
    • Sort branches and tags by date descending (#21136)
    • Better repo API unit checks (#21130)
    • Improve commit status icons (#21124)
    • Limit length of repo description and repo url input fields (#21119)
    • Show .editorconfig errors in frontend (#21088)
    • Allow poster to choose reviewers (#21084)
    • Remove black labels and CSS cleanup (#21003)
    • Make e-mail sanity check more precise (#20991)
    • Use native inputs in whitespace dropdown (#20980)
    • Enhance package date display (#20928)
    • Display total blob size of a package version (#20927)
    • Show language name on hover (#20923)
    • Show instructions for all generic package files (#20917)
    • Refactor AssertExistsAndLoadBean to use generics (#20797)
    • Move the official website link at the footer of gitea (#20777)
    • Add support for full name in reverse proxy auth (#20776)
    • Remove useless JS operation for relative time tooltips (#20756)
    • Replace some icons with SVG (#20741)
    • Change commit status icons to SVG (#20736)
    • Improve single repo action for issue and pull requests (#20730)
    • Allow multiple files in generic packages (#20661)
    • Add option to create new issue from /issues page (#20650)
    • Background color of private list-items updated (#20630)
    • Added search input field to issue filter (#20623)
    • Increase default item listing size ISSUE_PAGING_NUM to 20 (#20547)
    • Modify milestone search keywords to be case insensitive again (#20513)
    • Show hint to link package to repo when viewing empty repo package list (#20504)
    • Add Tar ZSTD support (#20493)
    • Make code review checkboxes clickable (#20481)
    • Add "X-Gitea-Object-Type" header for GET /raw/ & /media/ API (#20438)
    • Display project in issue list (#20434)
    • Prepend commit message to template content when opening a new PR (#20429)
    • Replace fomantic popup module with tippy.js (#20428)
    • Allow to specify colors for text in markup (#20363)
    • Allow access to the Public Organization Member lists with minimal permissions (#20330)
    • Use default values when provided values are empty (#20318)
    • Vertical align navbar avatar at middle (#20302)
    • Delete cancel button in repo creation page (#21381)
    • Include login_name in adminCreateUser response (#20283)
    • fix: icon margin in user/settings/repos (#20281)
    • Remove blue text on migrate page (#20273)
    • Modify milestone search keywords to be case insensitive (#20266)
    • Move some files into models' sub packages (#20262)
    • Add tooltip to repo icons in explore page (#20241)
    • Remove deprecated licenses (#20222)
    • Webhook for Wiki changes (#20219)
    • Share HTML template renderers and create a watcher framework (#20218)
    • Allow enable LDAP source and disable user sync via CLI (#20206)
    • Adds a checkbox to select all issues/PRs (#20177)
    • Refactor i18n to locale (#20153)
    • Disable status checks in template if none found (#20088)
    • Allow manager logging to set SQL (#20064)
    • Add order by for assignee no sort issue (#20053)
    • Take a stab at porting existing components to Vue3 (#20044)
    • Add doctor command to write commit-graphs (#20007)
    • Add support for authentication based on reverse proxy email (#19949)
    • Enable spellcheck for EasyMDE, use contenteditable mode (#19776)
    • Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
    • Rework mailer settings (#18982)
    • Add option to purge users (#18064)
    • Add author search input (#21246)
    • Make rss/atom identifier globally unique (#21550)
  • BUGFIXES
    • Auth interface return error when verify failure (#22119) (#22259)
    • Use complete SHA to create and query commit status (#22244) (#22257)
    • Update bleve and zapx to fix unaligned atomic (#22031) (#22218)
    • Prevent panic in doctor command when running default checks (#21791) (#21807)
    • Load GitRepo in API before deleting issue (#21720) (#21796)
    • Ignore line anchor links with leading zeroes (#21728) (#21776)
    • Set last login when activating account (#21731) (#21755)
    • Fix UI language switching bug (#21597) (#21749)
    • Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738)
    • Allow local package identifiers for PyPI packages (#21690) (#21727)
    • Deal with markdown template without metadata (#21639) (#21654)
    • Fix opaque background on mermaid diagrams (#21642) (#21652)
    • Fix repository adoption on Windows (#21646) (#21650)
    • Sync git hooks when config file path changed (#21619) (#21626)
    • Fix 500 on PR files API (#21602) (#21607)
    • Fix Timestamp.IsZero (#21593) (#21603)
    • Fix viewing user subscriptions (#21482)
    • Fix mermaid-related bugs (#21431)
    • Fix branch dropdown shifting on page load (#21428)
    • Fix default theme-auto selector when nologin (#21346)
    • Fix and improve incorrect error messages (#21342)
    • Fix formatted link for PR review notifications to matrix (#21319)
    • Center-aligning content of WebAuthN page (#21127)
    • Remove follow from commits by file (#20765)
    • Fix commit status popup (#20737)
    • Fix init mail render logic (#20704)
    • Use correct page size for link header pagination (#20546)
    • Preserve unix socket file (#20499)
    • Use tippy.js for context popup (#20393)
    • Add missing parameter for error in log message (#20144)
    • Do not allow organisation owners add themselves as collaborator (#20043)
    • Rework file highlight rendering and fix yaml copy-paste (#19967)
    • Improve code diff highlight, fix incorrect rendered diff result (#19958)
  • TESTING
    • Improve OAuth integration tests (#21390)
    • Add playwright tests (#20123)
  • BUILD
    • Switch to building with go1.19 (#20695)
    • Update JS dependencies, adjust eslint (#20659)
    • Add more linters to improve code readability (#19989)

1.17.4 - 2022-12-21

  • SECURITY
    • Do not allow Ghost access to limited visible user/org (#21849) (#21875)
    • Fix package access for admins and inactive users (#21580) (#21592)
  • ENHANCEMENTS
    • Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21927)
    • Fix vertical align of committer avatar rendered by email address (#21884) (#21919)
    • Fix setting HTTP headers after write (#21833) (#21874)
    • Ignore line anchor links with leading zeroes (#21728) (#21777)
    • Enable Monaco automaticLayout (#21516)
  • BUGFIXES
    • Do not list active repositories as unadopted (#22034) (#22167)
    • Correctly handle moved files in apply patch (#22118) (#22136)
    • Fix condition for is_internal (#22095) (#22131)
    • Fix permission check on issue/pull lock (#22114)
    • Fix sorting admin user list by last login (#22081) (#22106)
    • Workaround for container registry push/pull errors (#21862) (#22069)
    • Fix issue/PR numbers (#22037) (#22045)
    • Handle empty author names (#21902) (#22028)
    • Fix ListBranches to handle empty case (#21921) (#22025)
    • Fix enabling partial clones on 1.17 (#21809)
    • Prevent panic in doctor command when running default checks (#21791) (#21808)
    • Upgrade golang.org/x/crypto (#21792) (#21794)
    • Init git module before database migration (#21764) (#21766)
    • Set last login when activating account (#21731) (#21754)
    • Add HEAD fix to gitea doctor (#21352) (#21751)
    • Fix UI language switching bug (#21597) (#21748)
    • Remove semver compatible flag and change pypi to an array of test cases (#21708) (#21729)
    • Allow local package identifiers for PyPI packages (#21690) (#21726)
    • Fix repository adoption on Windows (#21646) (#21651)
    • Sync git hooks when config file path changed (#21619) (#21625)
    • Added check for disabled Packages (#21540) (#21614)
    • Fix Timestamp.IsZero (#21593) (#21604)
    • Fix issues count bug (#21600)
    • Support binary deploy in npm packages (#21589)
    • Update milestone counters when issue is deleted (#21459) (#21586)
    • SessionUser protection against nil pointer dereference (#21581)
    • Case-insensitive NuGet symbol file GUID (#21409) (#21575)
    • Suppress ExternalLoginUserNotExist error (#21504) (#21572)
    • Prevent Authorization header for presigned LFS urls (#21531) (#21569)
    • Update binding to fix bugs (#21560)
    • Fix generating compare link (#21519) (#21530)
    • Ignore error when retrieving changed PR review files (#21487) (#21524)
    • Fix incorrect notification commit url (#21479) (#21483)
    • Display total commit count in hook message (#21400) (#21481)
    • Enforce grouped NuGet search results (#21442) (#21480)
    • Return 404 when user is not found on avatar (#21476) (#21477)
    • Normalize NuGet package version on upload (#22186) (#22201)
  • MISC
    • Check for zero time instant in TimeStamp.IsZero() (#22171) (#22173)
    • Fix warn in database structs sync (#22111)
    • Allow for resolution of NPM registry paths that match upstream (#21568) (#21723)

1.17.3 - 2022-10-15

  • SECURITY
    • Sanitize and Escape refs in git backend (#21464) (#21463)
    • Bump golang.org/x/text (#21412) (#21413)
    • Update bluemonday (#21281) (#21287)
  • ENHANCEMENTS
    • Fix empty container layer history and UI (#21251) (#21278)
    • Use en-US as fallback when using other default language (#21200) (#21256)
    • Make the vscode clone link respect transport protocol (#20557) (#21128)
  • BUGFIXES
    • Do DB update after merge in hammer context (#21401) (#21416)
    • Add Num{Issues,Pulls} stats checks (#21404) (#21414)
    • Stop logging CheckPath returns error: context canceled (#21064) (#21405)
    • Parse OAuth Authorization header when request omits client secret (#21351) (#21374)
    • Ignore port for loopback redirect URIs (#21293) (#21373)
    • Set SemverCompatible to false for Conan packages (#21275) (#21366)
    • Tag list should include draft releases with existing tags (#21263) (#21365)
    • Fix linked account translation (#21331) (#21334)
    • Make NuGet service index publicly accessible (#21242) (#21277)
    • Foreign ID conflicts if ID is 0 for each item (#21271) (#21272)
    • Use absolute links in feeds (#21229) (#21265)
    • Prevent invalid behavior for file reviewing when loading more files (#21230) (#21234)
    • Respect REQUIRE_SIGNIN_VIEW for packages (#20873) (#21232)
    • Treat git object mode 40755 as directory (#21195) (#21218)
    • Allow uppercase ASCII alphabet in PyPI package names (#21095) (#21217)
    • Fix limited user cannot view himself's profile (#21212)
    • Fix template bug of admin monitor (#21209)
    • Fix reaction of issues (#21185) (#21196)
    • Fix CSV diff for added/deleted files (#21189) (#21193)
    • Fix pagination limit parameter problem (#21111)
  • TESTING
    • Fix missing m.Run() in TestMain (#21341)
  • BUILD
    • Use Go 1.19 fmt for Gitea 1.17, sync emoji data (#21239)

1.17.2 - 2022-09-06

  • SECURITY
    • Double check CloneURL is acceptable (#20869) (#20892)
    • Add more checks in migration code (#21011) (#21050)
  • ENHANCEMENTS
    • Fix hard-coded timeout and error panic in API archive download endpoint (#20925) (#21051)
    • Improve arc-green code theme (#21039) (#21042)
    • Enable contenthash in filename for dynamic assets (#20813) (#20932)
    • Don't open new page for ext wiki on same repository (#20725) (#20910)
    • Disable doctor logging on panic (#20847) (#20898)
    • Remove calls to load Mirrors in user.Dashboard (#20855) (#20897)
    • Update codemirror to 5.65.8 (#20875)
    • Rework repo buttons (#20602, #20718) (#20719)
  • BUGFIXES
    • Ensure delete user deletes all comments (#21067) (#21068)
    • Delete unreferenced packages when deleting a package version (#20977) (#21060)
    • Redirect if user does not exist on admin pages (#20981) (#21059)
    • Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (#20902) (#21058)
    • Fix 500 on time in timeline API (#21052) (#21057)
    • Fill the specified ref in webhook test payload (#20961) (#21055)
    • Add another index for Action table on postgres (#21033) (#21054)
    • Fix broken insecureskipverify handling in redis connection uris (#20967) (#21053)
    • Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (#21017) (#21044)
    • Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037)
    • Fix modified due date message (#20388) (#21032)
    • Fix missed sort bug (#21006)
    • Fix input.value attr for RequiredClaimName/Value (#20946) (#21001)
    • Change review buttons to icons to make space for text (#20934) (#20978)
    • Fix download archiver of a commit (#20962) (#20971)
    • Return 404 NotFound if requested attachment does not exist (#20886) (#20941)
    • Set no-tags in git fetch on compare (#20893) (#20936)
    • Allow multiple metadata files for Maven packages (#20674) (#20916)
    • Increase Content field size of gpg_key and public_key to MEDIUMTEXT (#20896) (#20911)
    • Fix mirror address setting not working (#20850) (#20904)
    • Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901)
    • Fix panic when an invalid oauth2 name is passed (#20820) (#20900)
    • In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it (#20837) (#20899)
    • Ensure that graceful start-up is informed of unused SSH listener (#20877) (#20888)
    • Pad GPG Key ID with preceding zeroes (#20878) (#20885)
    • Fix SQL Query for SearchTeam (#20844) (#20872)
    • Fix the mode of custom dir to 0700 in docker-rootless (#20861) (#20867)
    • Fix UI mis-align for PR commit history (#20845) (#20859)

1.17.1 - 2022-08-17

  • SECURITY
    • Correctly escape within tribute.js (#20831) (#20832)
  • ENHANCEMENTS
    • Add support for NuGet API keys (#20721) (#20734)
    • Display project in issue list (#20583)
    • Add disable download source configuration (#20548) (#20579)
    • Add username check to doctor (#20140) (#20671)
    • Enable Wire 2 for Internal SSH Server (#20616) (#20617)
  • BUGFIXES
    • Use the total issue count for UI (#20785) (#20827)
    • Add proxy host into allow list (#20798) (#20819)
    • Add missing translation for queue flush workers (#20791) (#20792)
    • Improve comment header for mobile (#20781) (#20789)
    • Fix git.Init for doctor sub-command (#20782) (#20783)
    • Check webhooks slice length before calling xorm (#20642) (#20768)
    • Remove manual rollback for failed generated repositories (#20639) (#20762)
    • Use correct field name in npm template (#20675) (#20760)
    • Keep download count on Container tag overwrite (#20728) (#20735)
    • Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707)
    • Use request timeout for git service rpc (#20689) (#20693)
    • Send correct NuGet status codes (#20647) (#20677)
    • Use correct context to get package content (#20673) (#20676)
    • Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663)
    • Add default commit messages to PR for squash merge (#20618) (#20645)
    • Fix package upload for files >32mb (#20622) (#20635)
    • Fix the new-line copy-paste for rendered code (#20612)
    • Clean up and fix clone button script (#20415 & #20600) (#20599)
    • Fix default merge style (#20564) (#20565)
    • Add repository condition for issue count (#20454) (#20496)
    • Make branch icon stand out more (#20726) (#20774)
    • Fix loading button with invalid form (#20754) (#20759)
    • Fix SecToTime edge-cases (#20610) (#20611)
    • Executable check always returns true for windows (#20637) (#20835)
    • Check issue labels slice length before calling xorm Insert (#20655) (#20836)
    • Fix owners cannot create organization repos bug (#20841) (#20854)
    • Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848)

1.17.0 - 2022-07-30

  • BREAKING
    • Require go1.18 for Gitea 1.17 (#19918)
    • Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
    • Nuke the incorrect permission report on /api/v1/notifications (#19761)
    • Refactor git module, make Gitea use internal git config (#19732)
    • Remove RequireHighlightJS field, update plantuml example. (#19615)
    • Increase minimal required git version to 2.0 (#19577)
    • Add a directory prefix gitea-src-VERSION to release-tar-file (#19396)
    • Use "main" as default branch name (#19354)
    • Make cron task no notice on success (#19221)
    • Add pam account authorization check (#19040)
    • Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
    • Refactor mirror code & fix StartToMirror (#18904)
    • Remove deprecated SSH ciphers from default (#18697)
    • Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
    • Update reserved usernames list (#18438)
    • Support custom ACME provider (#18340)
    • Change initial TrustModel to committer (#18335)
    • Update HTTP status codes (#18063)
    • Upgrade Alpine from 3.13 to 3.15 (#18050)
    • Restrict email address validation (#17688)
    • Refactor Router Logger (#17308)
  • SECURITY
    • Use git.HOME_PATH for Git HOME directory (#20114) (#20293)
    • Add write check for creating Commit Statuses (#20332) (#20333)
    • Remove deprecated SSH ciphers from default (#18697)
  • FEDERATION
    • Return statistic information for nodeinfo (#19561)
    • Add Webfinger endpoint (#19462)
    • Store the foreign ID of issues during migration (#18446)
  • FEATURES
    • Automatically render wiki TOC (#19873)
    • Adding button to link accounts from user settings (#19792)
    • Allow set default merge style while creating repo (#19751)
    • Auto merge pull requests when all checks succeeded (#9307 & #19648)
    • Improve reviewing PR UX (#19612)
    • Add support for rendering console output with colors (#19497)
    • Add Helm Chart registry (#19406)
    • Add Goroutine stack inspector to admin/monitor (#19207)
    • RSS/Atom support for Orgs & Repos (#17714 & #19055)
    • Add button for issue deletion (#19032)
    • Allow to mark files in a PR as viewed (#19007)
    • Add Index to comment for migrations and mirroring (#18806)
    • Add health check endpoint (#18465)
    • Add packagist webhook (#18224)
    • Add "Allow edits from maintainer" feature (#18002)
    • Add apply-patch, basic revert and cherry-pick functionality (#17902)
    • Add Package Registry (#16510)
    • Add LDAP group sync to Teams (#16299)
    • Pause queues (#15928)
    • Added auto-save whitespace behavior if it changed manually (#15566)
    • Find files in repo (#15028)
    • Provide configuration to allow camo-media proxying (#12802)
  • API
    • Add endpoint to serve blob or LFS file content (#19689)
    • Add endpoint to check if team has repo access (#19540)
    • More commit info (#19252)
    • Allow to create file on empty repo (#19224)
    • Allow removing issues (#18879)
    • Add endpoint to query collaborators permission for a repository (#18761)
    • Return primary language and repository language stats API URL (#18396)
    • Implement http signatures support for the API (#17565)
  • ENHANCEMENTS
    • Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269)
    • Adjust max-widths for the repository file table (#20243) (#20247)
    • Display full name (#20171) (#20246)
    • Add dbconsistency checks for Stopwatches (#20010)
    • Add fetch.writeCommitGraph to gitconfig (#20006)
    • Add fgprof pprof profiler (#20005)
    • Move agit dependency (#19998)
    • Empty log queue on flush and close (#19994)
    • Remove tab/TabName usage where it's not needed (#19973)
    • Improve file header on mobile (#19945)
    • Move issues related files into models/issues (#19931)
    • Add breaking email restrictions checker in doctor (#19903)
    • Improve UX on modal for deleting an access token (#19894)
    • Add alt text to logo (#19892)
    • Move some code into models/git (#19879)
    • Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861)
    • Make user profile image show full image on mobile (#19840)
    • Replace blue button and label classes with primary (#19763)
    • Remove fomantic progress module (#19760)
    • Allows repo search to match against "owner/repo" pattern strings (#19754)
    • Move org functions (#19753)
    • Move almost all functions' parameter db.Engine to context.Context (#19748)
    • Show source/target branches on PR's list (#19747)
    • Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739)
    • Add doctor orphan check for orphaned pull requests without an existing base repo (#19731)
    • Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729)
    • Update go-chi/cache to utilize Ping() (#19719)
    • Improve commit list/view on mobile (#19712)
    • Move some repository related code into sub package (#19711)
    • Use a better OlderThan for DeleteInactiveUsers (#19693)
    • Introduce eslint-plugin-jquery (#19690)
    • Tidy up <head> template (#19678)
    • Calculate filename hash only once (#19654)
    • Simplify IsVendor (#19626)
    • Add "Reference" section to Issue view sidebar (#19609)
    • Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581)
    • Use for a repo action one database transaction (#19576)
    • Simplify loops to copy (#19569)
    • Added X-Mailer header to outgoing emails (#19562)
    • use middleware to open gitRepo (#19559)
    • Mute link in diff header (#19556)
    • Improve UI on mobile (#19546)
    • Fix Pull Request comment filename word breaks (#19535)
    • Permalink files In PR diff (#19534)
    • PullService lock via pullID (#19520)
    • Make repository file list useable on mobile (#19515)
    • more context for models (#19511)
    • Refactor readme file renderer (#19502)
    • By default force vertical tabs on mobile (#19486)
    • Github style following followers (#19482)
    • Improve action table indices (#19472)
    • Use horizontal tabs for repo header on mobile (#19468)
    • pass gitRepo down since its used for main repo and wiki (#19461)
    • Admin should not delete himself (#19423)
    • Use queue instead of memory queue in webhook send service (#19390)
    • Simplify the code to get issue count (#19380)
    • Add commit status popup to issuelist (#19375)
    • Add RSS Feed buttons to Repo, User and Org pages (#19370)
    • Add logic to switch between source/rendered on Markdown (#19356)
    • Move some helper files out of models (#19355)
    • Move access and repo permission to models/perm/access (#19350)
    • Disallow selecting the text of buttons (#19330)
    • Allow custom redirect for landing page (#19324)
    • Remove dependent on session auth for api/v1 routers (#19321)
    • Never use /api/v1 from Gitea UI Pages (#19318)
    • Remove legacy unmaintained packages, refactor to support change default locale (#19308)
    • Move milestone to models/issues/ (#19278)
    • Configure OpenSSH log level via Environment in Docker (#19274)
    • Move reaction to models/issues/ (#19264)
    • Make git.OpenRepository accept Context (#19260)
    • Move some issue methods as functions (#19255)
    • Show last cron messages on monitor page (#19223)
    • New cron task: delete old system notices (#19219)
    • Add Redis Sentinel Authentication Support (#19213)
    • Add auto logging of goroutine pid label (#19212)
    • Set OpenGraph title to DisplayName in profile pages (#19206)
    • Add pprof labels in processes and for lifecycles (#19202)
    • Let web and API routes have different auth methods group (#19168)
    • Move init repository related functions to modules (#19159)
    • Feeds: render markdown to html (#19058)
    • Allow users to self-request a PR review (#19030)
    • Allow render HTML with css/js external links (#19017)
    • Fix script compatiable with OpenWrt (#19000)
    • Support ignore all santize for external renderer (#18984)
    • Add note to GPG key response if user has no keys (#18961)
    • Improve Stopwatch behavior (#18930)
    • Improve mirror iterator (#18928)
    • Uncapitalize errors (#18915)
    • Prevent Stats Indexer reporting error if repo dir missing (#18870)
    • Refactor SecToTime() function (#18863)
    • Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796)
    • Move deletebeans into models/db (#18781)
    • Fix display time of milestones (#18753)
    • Add config option to disable "Update branch by rebase" (#18745)
    • Display template path of current page in dev mode (#18717)
    • Add number in queue status to monitor page (#18712)
    • Change git.cmd to RunWithContext (#18693)
    • Refactor i18n, use Locale to provide i18n/translation related functions (#18648)
    • Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552)
    • Move organization related structs into sub package (#18518)
    • Warn at startup if the provided SCRIPT_TYPE is not on the PATH (#18467)
    • Use CryptoRandomBytes instead of CryptoRandomString (#18439)
    • Use explicit jQuery import, remove unused eslint globals (#18435)
    • Allow to filter repositories by language in explore, user and organization repositories lists (#18430)
    • Use base32 for 2FA scratch token (#18384)
    • Unexport var git.GlobalCommandArgs (#18376)
    • Don't underline commit status icon on hover (#18372)
    • Always use git command but not os.Command (#18363)
    • Switch to non-deprecation setting (#18358)
    • Set the LastModified header for raw files (#18356)
    • Refactor jwt.StandardClaims to RegisteredClaims (#18344)
    • Enable deprecation error for v1.17.0 (#18341)
    • Refactor httplib (#18338)
    • Limit max-height of CodeMirror editors for issue comment and wiki (#18271)
    • Validate migration files (#18203)
    • Format with gofumpt (#18184)
    • Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
    • Prettify number of issues (#17760)
    • Add a "admin user generate-access-token" subcommand (#17722)
    • Custom regexp external issues (#17624)
    • Add smtp password to install page (#17564)
    • Add config options to hide issue events (#17414)
    • Prevent double click new issue/pull/comment button (#16157)
    • Show issue assignee on project board (#15232)
  • BUGFIXES
    • WebAuthn CredentialID field needs to be increased in size (#20530) (#20555)
    • Ensure that all unmerged files are merged when conflict checking (#20528) (#20536)
    • Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)
    • Add labels to two buttons that were missing them (#20419) (#20524)
    • Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503)
    • Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407)
    • Allow RSA 2047 bit keys (#20272) (#20396)
    • Add missing return for when topic isn't found (#20351) (#20395)
    • Fix commit status icon when in subdirectory (#20285) (#20385)
    • Initialize cron last (#20373) (#20384)
    • Set target on create release with existing tag (#20381) (#20382)
    • Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372)
    • Make sure repo_dir is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370)
    • Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)
    • Correctly handle draft releases without a tag (#20314) (#20335)
    • Prevent "empty" scrollbars on Firefox (#20294) (#20308)
    • Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)
    • Bump goldmark to v1.4.13 (#20300) (#20301)
    • Do not create empty ".ssh" directory when loading config (#20289) (#20298)
    • Fix NPE when using non-numeric (#20277) (#20278)
    • Store read access in access for team repositories (#20275) (#20276)
    • EscapeFilter the group dn membership (#20200) (#20254)
    • Only show Followers that current user can access (#20220) (#20252)
    • Update Bluemonday to v1.0.19 (#20199) (#20209)
    • Refix indices on actions table (#20158) (#20198)
    • Check if project has the same repository id with issue when assign project to issue (#20133) (#20188)
    • Fix remove file on initial comment (#20127) (#20128)
    • Catch the error before the response is processed by goth (#20000) (#20102)
    • Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)
    • Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
    • Respond with a 401 on git push when password isn't changed yet (#20026) (#20027)
    • Return 404 when tag is broken (#20017) (#20024)
    • Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
    • Respond with a 401 on git push when password isn't changed yet (#20026) (#20027)
    • Return 404 when tag is broken (#20017) (#20024)
    • Write Commit-Graphs in RepositoryDumper (#20004)
    • Use DisplayName() instead of FullName in Oauth Provider (#19991)
    • Don't buffer doctor logger (#19982)
    • Always try to fetch repo for mirrors (#19975)
    • Uppercase first languages letters (#19965)
    • Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953)
    • Ensure minimum mirror interval is reported on settings page (#19895)
    • Exclude Archived repos from Dashboard Milestones (#19882)
    • gitconfig: set safe.directory = * (#19870)
    • Prevent NPE on update mirror settings (#19864)
    • Only return valid stopwatches to the EventSource (#19863)
    • Prevent NPE whilst migrating if there is a team request review (#19855)
    • Fix inconsistency in doctor output (#19836)
    • Fix release tag for webhook (#19830)
    • Add title attribute to dependencies in sidebar (#19807)
    • Estimate Action Count in Statistics (#19775)
    • Do not update user stars numbers unless fix is specified (#19750)
    • Improved ref comment link when origin is body/title (#19741)
    • Fix nodeinfo caching and prevent NPE if cache non-existent (#19721)
    • Fix duplicate entry error when add team member (#19702)
    • Fix sending empty notifications (#19589)
    • Update image URL for Discord webhook (#19536)
    • Don't let repo clone URL overflow (#19517)
    • Allow commit status popup on /pulls page (#19507)
    • Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494)
    • Fix logging of Transfer API (#19456)
    • Fix panic in teams API when requesting members (#19360)
    • Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337)
    • An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300)
    • Move checks for pulls before merge into own function (#19271)
    • Fix contrib/upgrade.sh (#19222)
    • Set the default branch for repositories generated from templates (#19136)
    • Fix EasyMDE error when input Enter (#19004)
    • Don't clean up hardcoded tmp (#18983)
    • Delete related notifications on issue deletion too (#18953)
    • Fix trace log to show value instead of pointers (#18926)
    • Fix behavior or checkbox submission. (#18851)
    • Add ContextUser (#18798)
    • Fix some mirror bugs (#18649)
    • Quote MAKE to prevent path expansion with space error (#18622)
    • Preserve users if restoring a repository on the same Gitea instance (#18604)
    • Fix non-ASCII search on database (#18437)
    • Automatically pause queue if index service is unavailable (#15066)
  • TESTING
    • Allow postgres integration tests to run over unix pipe (#19875)
    • Prevent intermittent NPE in queue tests (#19301)
    • Add test for importing pull requests in gitea uploader for migrations (#18752)
    • Remove redundant comparison in repo dump/restore (#18660)
    • More repo dump/restore tests, including pull requests (#18621)
    • Add test coverage for original author conversion during migrations (#18506)
  • TRANSLATION
    • Update issue_no_dependencies description (#19112)
    • Refactor webhooks i18n (#18380)
  • BUILD
    • Use alpine 3.16 (#19797)
    • Require node 14.0 (#19451)
  • DOCS
    • Update documents (git/fomantic/db, etc) (#19868)
    • Update the ROOT documentation and error messages (#19832)
    • Update document to use FHS /usr/local/bin/gitea instead of /app/... for Docker (#19794)
    • Update documentation to disable duration settings with -1 instead of 0 (#19647)
    • Add warning to set SENDMAIL_ARGS to -- (#19102)
    • Update nginx reverse proxy docs (#18922)
    • Add example to render html files (#18736)
    • Make SSH passtrough documentation better (#18687)
    • Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470)
    • Update the SSH passthrough documentation (#18366)
    • Add contrib/upgrade.sh (#18286)
  • MISC
    • Fix aria for logo (#19955)
    • In code search, get code unit accessible repos in one (main) query (#19764)
    • Add tooltip to pending PR comments (#19662)
    • Improve sync performance for pull-mirrors (#19125)
    • Improve dashboard's repo list performance (#18963)
    • Avoid database lookups for DescriptionHTML (#18924)
    • Remove CodeMirror dependencies (#18911)
    • Disable unnecessary mirroring elements (#18527)
    • Disable unnecessary OpenID/OAuth2 elements (#18491)
    • Disable unnecessary GitHooks elements (#18485)
    • Change some logging levels (#18421)
    • Prevent showing webauthn error for every time visiting /user/settings/security (#18385)
    • Use correct translation key for errors (#18342)

1.16.9 - 2022-07-12

  • SECURITY
    • Add write check for creating Commit status (#20332) (#20334)
    • Check for permission when fetching user controlled issues (#20133) (#20196)
  • BUGFIXES
    • Hide notify mail setting ui if not enabled (#20138) (#20337)
    • Add write check for creating Commit status (#20332) (#20334)
    • Only show Followers that current user can access (#20220) (#20253)
    • Release page show all tags in compare dropdown (#20070) (#20071)
    • Fix permission check for delete tag (#19985) (#20001)
    • Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
    • Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
    • Set Setpgid on child git processes (#19865) (#19881)
    • Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
    • Ensure responses are context.ResponseWriters (#19843) (#19859)
    • Fix incorrect usage of Count function (#19850)
    • Fix raw endpoint PDF file headers (#19825) (#19826)
    • Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
    • Don't return 500 on NotificationUnreadCount (#19802)
    • Prevent NPE when cache service is disabled (#19703) (#19783)
    • Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
    • Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770)
    • Fix bug with assigneees (#19757)

1.16.8 - 2022-05-16

  • ENHANCEMENTS
    • Add doctor check/fix for bogus action rows (#19656) (#19669)
    • Make .cs highlighting legible on dark themes. (#19604) (#19605)
  • BUGFIXES
    • Fix oauth setting list bug (#19681)
    • Delete user related oauth stuff on user deletion too (#19677) (#19680)
    • Fix new release from tags list UI (#19670) (#19673)
    • Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
    • GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
    • Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
    • Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
    • Fix sending empty notifications (#19589) (#19590)
    • Ignore DNS error when doing migration allow/block check (#19566) (#19567)
    • Fix issue overview for teams (#19652) (#19653)

1.16.7 - 2022-05-02

  • SECURITY
    • Escape git fetch remote (#19487) (#19490)
  • BUGFIXES
    • Don't overwrite err with nil (#19572) (#19574)
    • On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
    • Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
    • Don't error when branch's commit doesn't exist (#19547) (#19548)
    • Support hostname:port to pass host matcher's check (#19543) (#19544)
    • Prevent intermittent race in attribute reader close (#19537) (#19539)
    • Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
    • Prevent dangling archiver goroutine (#19516) (#19526)
    • Fix migrate release from github (#19510) (#19523)
    • When view _Siderbar or _Footer, just display once (#19501) (#19522)
    • Fix blame page select range error and some typos (#19503)
    • Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
    • User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
    • Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
    • RepoAssignment ensure to close before overwrite (#19449) (#19460)
    • Set correct PR status on 3way on conflict checking (#19457) (#19458)
    • Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

1.16.6 - 2022-04-20

  • ENHANCEMENTS
    • Only request write when necessary (#18657) (#19422)
    • Disable service worker by default (#18914) (#19342)
  • BUGFIXES
    • When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
    • Fix DELETE request for non-existent public key (#19443) (#19444)
    • Don't panic on ErrEmailInvalid (#19441) (#19442)
    • Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
    • Warn on SSH connection for incorrect configuration (#19317) (#19437)
    • Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
    • When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
    • Fix nil error when some pages are rendered outside request context (#19427) (#19428)
    • Fix double blob-hunk on diff page (#19404) (#19405)
    • Don't allow merging PR's which are being conflict checked (#19357) (#19358)
    • Fix middleware function's placements (#19377) (#19378)
    • Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
    • Restore user autoregistration with email addresses (#19261) (#19312)
    • Move checks for pulls before merge into own function (#19271) (#19277)
    • Granular webhook events in editHook (#19251) (#19257)
    • Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
    • Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
    • Touch mirrors on even on fail to update (#19217) (#19233)
    • Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
    • Fix clone url JS error for the empty repo page (#19209)
    • Bump goldmark to v1.4.11 (#19201) (#19203)
  • TESTING
    • Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)
  • BUILD
    • Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)
  • MISC
    • Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
    • Check go and nodejs version by go.mod and package.json (#19197) (#19254)

1.16.5 - 2022-03-23

  • BREAKING
    • Bump to build with go1.18 (#19120 et al) (#19127)
  • SECURITY
    • Prevent redirect to Host (2) (#19175) (#19186)
    • Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
    • Clean paths when looking in Storage (#19124) (#19179)
    • Do not send notification emails to inactive users (#19131) (#19139)
    • Do not send activation email if manual confirm is set (#19119) (#19122)
  • ENHANCEMENTS
    • Use the new/choose link for New Issue on project page (#19172) (#19176)
  • BUGFIXES
    • Fix showing issues in your repositories (#18916) (#19191)
    • Fix compare link in active feeds for new branch (#19149) (#19185)
    • Redirect .wiki/* ui link to /wiki (#18831) (#19184)
    • Ensure deploy keys with write access can push (#19010) (#19182)
    • Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
    • Cleanup protected branches when deleting users & teams (#19158) (#19174)
    • Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
    • Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
    • Use custom favicon when viewing static files if it exists (#19130) (#19152)
    • Fix the editor height in review box (#19003) (#19147)
    • Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
    • Fix wrong scopes caused by empty scope input (#19029) (#19145)
    • Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
    • Handle email address not exist (#19089) (#19121)
  • MISC
    • Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
    • Update golang.org/x/crypto (#19097) (#19098)

1.16.4 - 2022-03-14

  • SECURITY
    • Restrict email address validation (#17688) (#19085)
    • Fix lfs bug (#19072) (#19080)
  • ENHANCEMENTS
    • Improve SyncMirrors logging (#19045) (#19050)
  • BUGFIXES
    • Refactor mirror code & fix StartToMirror (#18904) (#19075)
    • Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
    • Prevent 500 when there is an error during new auth source post (#19041) (#19059)
    • If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
    • Fix flag validation (#19046) (#19051)
    • Add pam account authorization check (#19040) (#19047)
    • Ignore missing comment for user notifications (#18954) (#19043)
    • Set rel="nofollow noindex" on new issue links (#19023) (#19042)
    • Upgrading binding package (#19034) (#19035)
    • Don't show context cancelled errors in attribute reader (#19006) (#19027)
    • Fix update hint bug (#18996) (#19002)
  • MISC
    • Fix potential assignee query for repo (#18994) (#18999)

1.16.3 - 2022-03-02

  • SECURITY
    • Git backend ignore replace objects (#18979) (#18980)
  • ENHANCEMENTS
    • Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)
  • BUGFIXES
    • Set max text height to prevent overflow (#18862) (#18977)
    • Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
    • Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
    • Send 404 on /{org}.gpg (#18959) (#18962)
    • Fix admin user list pagination (#18957) (#18960)
    • Fix lfs management setting (#18947) (#18946)
    • Fix login with email panic when email is not exist (#18942)
    • Update go-org to v1.6.1 (#18932) (#18933)
    • Fix <strong> html in translation (#18929) (#18931)
    • Fix page and missing return on unadopted repos API (#18848) (#18927)
    • Allow adminstrator teams members to see other teams (#18918) (#18919)
    • Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
    • Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908)
    • Fix redirect when using lowercase repo name (#18775) (#18902)
    • Fix migration v210 (#18893) (#18892)
    • Fix team management UI (#18887) (18886)
    • BeforeSourcePath should point to base commit (#18880) (#18799)
  • TRANSLATION
    • Backport locales from master (#18944)
  • MISC
    • Don't update email for organisation (#18905) (#18906)

1.16.2 - 2022-02-24

  • ENHANCEMENTS
    • Show fullname on issue edits and gpg/ssh signing info (#18828)
    • Immediately Hammer if second kill is sent (#18823) (#18826)
    • Allow mermaid render error to wrap (#18791)
  • BUGFIXES
    • Fix ldap user sync missed email in email_address table (#18786) (#18876)
    • Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
    • Don't report signal: killed errors in serviceRPC (#18850) (#18865)
    • Fix bug where certain LDAP settings were reverted (#18859)
    • Update go-org to 1.6.0 (#18824) (#18839)
    • Fix login with email for ldap users (#18800) (#18836)
    • Fix bug for get user by email (#18834)
    • Fix panic in EscapeReader (#18820) (#18821)
    • Fix ldap loginname (#18789) (#18804)
    • Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
    • In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
    • Fix template bug of LFS lock (#18784) (#18787)
    • Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
    • Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
    • Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
    • Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
    • Prevent dangling GetAttribute calls (#18754) (#18755)
    • Fix isempty detection of git repository (#18746) (#18750)
    • Fix source code line highlighting on external tracker (#18729) (#18740)
    • Prevent double encoding of branch names in delete branch (#18714) (#18738)
    • Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
    • Fix forked repositories missed tags (#18719) (#18735)
    • Fix release typo (#18728) (#18731)
    • Separate the details links of commit-statuses in headers (#18661) (#18730)
    • Update object repo with the migrated repository (#18684) (#18726)
    • Fix bug for version update hint (#18701) (#18705)
    • Fix issue with docker-rootless shimming script (#18690) (#18699)
    • Let MinUnitAccessMode return correct perm (#18675) (#18689)
    • Prevent security failure due to bad APP_ID (#18678) (#18682)
    • Restart zero worker if there is still work to do (#18658) (#18672)
    • If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
  • TESTING
    • Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)
  • BUILD
    • Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)
  • MISC
    • Put buttons back in org dashboard (#18817) (#18825)
    • Various Mermaid improvements (#18776) (#18780)
    • C preprocessor colors improvement (#18671) (#18696)
    • Fix the missing i18n key for update checker (#18646) (#18665)

1.16.1 - 2022-02-06

  • SECURITY
    • Update JS dependencies, fix lint (#18389) (#18540)
  • ENHANCEMENTS
    • Add dropdown icon to label set template dropdown (#18564) (#18571)
  • BUGFIXES
    • comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
    • Stop logging an error when notes are not found (#18626) (#18635)
    • Ensure that blob-excerpt links work for wiki (#18587) (#18624)
    • Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
    • Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
    • Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
    • Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
    • Collaborator trust model should trust collaborators (#18539) (#18557)
    • Detect conflicts with 3way merge (#18536) (#18537)
    • In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
    • Add GetUserTeams (#18499) (#18531)
    • Fix review excerpt (#18502) (#18530)
    • Fix for AvatarURL database type (#18487) (#18529)
    • Use ImagedProvider for gplus oauth2 provider (#18504) (#18505)
    • Fix OAuth Source Edit Page (#18495) (#18503)
    • Use "read" value for General Access (#18496) (#18500)
    • Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
  • BUILD
    • Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
  • DOCS
    • Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)

1.16.0 - 2022-01-30

  • BREAKING
    • Remove golang vendored directory (#18277)
    • Paginate releases page & set default page size to 10 (#16857)
    • Use shadowing script for docker (#17846)
    • Only allow webhook to send requests to allowed hosts (#17482)
  • SECURITY
    • Disable content sniffing on PlainTextBytes (#18359) (#18365)
    • Only view milestones from current repo (#18414) (#18417)
    • Sanitize user-input on file name (#17666)
    • Use hostmatcher to replace matchlist to improve blocking of bad hosts in Webhooks (#17605)
  • FEATURES
    • Add/update SMTP auth providers via cli (#18197)
    • Support webauthn (#17957)
    • Team permission allow different unit has different permission (#17811)
    • Implement Well-Known URL for password change (#17777)
    • Add support for ssh commit signing (#17743)
    • Allow Loading of Diffs that are too large (#17739)
    • Add copy button to markdown code blocks (#17638)
    • Add .gitattribute assisted language detection to blame, diff and render (#17590)
    • Add PULL_LIMIT and PUSH_LIMIT to cron.update_mirror task (#17568)
    • Add Reindex buttons to repository settings page (#17494)
    • Make SSL cipher suite configurable (#17440)
    • Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
    • Add simple update checker to Gitea (#17212)
    • Migrated Repository will show modifications when possible (#17191)
    • Create pub/priv keypair for federation (#17071)
    • Make LDAP be able to skip local 2FA (#16954)
    • Add nodeinfo endpoint for federation purposes (#16953)
    • Save and view issue/comment content history (#16909)
    • Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
    • Add migrate from Codebase (#16768)
    • Add migration from GitBucket (#16767)
    • Add OAuth2 introspection endpoint (#16752)
    • Add proxy settings and support for migration and webhook (#16704)
    • Add microsoft oauth2 providers (#16544)
    • Send registration email on user autoregistration (#16523)
    • Defer Last Commit Info (#16467)
    • Support unprotected file patterns (#16395)
    • Add migrate from OneDev (#16356)
    • Add option to update pull request by rebase (#16125)
    • Add RSS/Atom feed support for user actions (#16002)
    • Add support for corporate WeChat webhooks (#15910)
    • Add a simple way to rename branch like gh (#15870)
    • Add bundle download for repository (#14538)
    • Add agit flow support in gitea (#14295)
  • API
    • Add MirrorUpdated field to Repository API type (#18267)
    • Adjust Fork API to allow setting a custom repository name (#18066)
    • Add API to manage repo tranfers (#17963)
    • Add API to get file commit history (#17652)
    • Add API to get issue/pull comments and events (timeline) (#17403)
    • Add API to get/edit wiki (#17278)
    • Add API for get user org permissions (#17232)
    • Add HTML urls to notification API (#17178)
    • Add API to get commit diff/patch (#17095)
    • Respond with updated notifications in API (#17064)
    • Add API to fetch git notes (#16649)
    • Generalize list header for API (#16551)
    • Add API Token Cache (#16547)
    • Allow Token API calls be authorized using the reverse-proxy header (#15119)
  • ENHANCEMENTS
    • Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
    • Return nicer error if trying to pull from non-existent user (#18288)
    • Show pull link for agit pull request also (#18235)
    • Enable partial clone by default (#18195)
    • Added replay of webhooks (#18191)
    • Show OAuth callback error message (#18185)
    • Increase Salt randomness (#18179)
    • Add MP4 as default allowed attachment type (#18170)
    • Include folders into size cost (#18158)
    • Remove /email2user endpoint (#18127)
    • Handle invalid issues (#18111)
    • Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
    • Support open compare page directly (#17975)
    • Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
    • Clean legacy SimpleMDE code (#17926)
    • Refactor install page (db type) (#17919)
    • Improve interface when comparing a branch which has created a pull request (#17911)
    • Allow default branch to be inferred on compare page (#17908)
    • Display issue/comment role even if repo archived (#17907)
    • Always set a message-id on mails (#17900)
    • Change <a> elements to underline on hover (#17898)
    • Render issue references in file table (#17897)
    • Handle relative unix socket paths (#17836)
    • Move accessmode into models/perm (#17828)
    • Fix some org style problems (#17807)
    • Add List-Unsubscribe header (#17804)
    • Create menus for organization pages (#17802)
    • Switch archive URL code back to href attributes (#17796)
    • Refactor "refs/*" string usage by using constants (#17784)
    • Allow forks to org if you can create repos (#17783)
    • Improve install code to avoid low-level mistakes. (#17779)
    • Improve ellipsis buttons (#17773)
    • Add restrict and no-user-rc to authorized_keys (#17772)
    • Add copy Commit ID button in commits list (#17759)
    • Make bind error more readable (#17750)
    • Fix navbar on project view (#17749)
    • More pleasantly handle broken or missing git repositories (#17747)
    • Use *PushUpdateOptions as receiver (#17724)
    • Remove unused user paramater (#17723)
    • Better builtin avatar generator (#17707)
    • Cleanup and use global style on popups (#17674)
    • Move user/org deletion to services (#17673)
    • Added comment for changing issue ref (#17672)
    • Allow admins to change user avatars (#17661)
    • Only set data-path once for each file in diff pages (#17657)
    • Add icon to vscode clone link (#17641)
    • Add download button for file viewer (#17640)
    • Add pagination to fork list (#17639)
    • Use a standalone struct name for Organization (#17632)
    • Minor readability patch. (#17627)
    • Add context support for GetUserByID (#17602)
    • Move merge-section to > .content (#17582)
    • Remove NewSession method from db.Engine interface (#17577)
    • Move unit into models/unit/ (#17576)
    • Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
    • Refactor commentTags functionality (#17558)
    • Make Repo Code Indexer an Unique Queue (#17515)
    • Simplify Gothic to use our session store instead of creating a different store (#17507)
    • Add settings to allow different SMTP envelope from address (#17479)
    • Properly determine CSV delimiter (#17459)
    • Hide label comments if labels were added and removed immediately (#17455)
    • Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
    • Add appearance section in settings (#17433)
    • Move key forms before list and add cancel button (#17432)
    • When copying executables to the docker chmod them (#17423)
    • Remove deprecated extendDefaultPlugins method of svgo (#17399)
    • Fix the click behavior for and with [data-href] (#17388)
    • Refactor update checker to use AppState (#17387)
    • Improve async/await usage, and sort init calls in index.js (#17386)
    • Use a variable but a function for IsProd because of a slight performance increment (#17368)
    • Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
    • Hide command line merge instructions when user can't push (#17339)
    • Move session to models/login (#17338)
    • Sync gitea app path for git hooks and authorized keys when starting (#17335)
    • Make the Mirror Queue a queue (#17326)
    • Add "Copy branch name" button to pull request page (#17323)
    • Fix repository summary on mobile (#17322)
    • Split index.js to separate files (#17315)
    • Show direct match on top for user search (#17303)
    • Frontend refactor: move Vue related code from index.js to components dir, and remove unused codes. (#17301)
    • Upgrade chi to v5 (#17298)
    • Disable form autofill (#17291)
    • Improve behavior of "Fork" button (#17288)
    • Open markdown image links in new window (#17287)
    • Add hints for special Wiki pages (#17283)
    • Move add deploy key form before the list and add a cancel button (#17228)
    • Allow adding multiple issues to a project (#17226)
    • Add metrics to get issues by repository (#17225)
    • Add specific event type to header (#17222)
    • Redirect on project after issue created (#17211)
    • Reference in new issue modal: dont pre-populate issue title (#17208)
    • Always set a unique Message-ID header (#17206)
    • Add projects and project boards in exposed metrics (#17202)
    • Add metrics to get issues by label (#17201)
    • Add protection to disable Gitea when run as root (#17168)
    • Don't return binary file changes in raw PR diffs by default (#17158)
    • Support sorting for project board issuses (#17152)
    • Force color-adjust for markdown checkboxes (#17146)
    • Add option to copy line permalink (#17145)
    • Move twofactor to models/login (#17143)
    • Multiple tokens support for migrating from github (#17134)
    • Unify issue and PR subtitles (#17133)
    • Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
    • Fix problem when database id is not increment as expected (#17124)
    • Avatar refactor, move avatar code from models to models.avatars, remove duplicated code (#17123)
    • Re-allow clipboard copy on non-https sites (#17118)
    • DBContext is just a Context (#17100)
    • Move login related structs and functions to models/login (#17093)
    • Add SkipLocal2FA option to pam and smtp sources (#17078)
    • Move db related basic functions to models/db (#17075)
    • Fixes username tagging in "Reference in new issue" (#17074)
    • Use light/dark theme based on system preference (#17051)
    • Always emit the configuration path (#17036)
    • Add AbsoluteListOptions (#17028)
    • Use common sessioner for API and Web (#17027)
    • Fix overflow label in small view (#17020)
    • Report the associated filter if there is an error in LDAP (#17014)
    • Add "new issue" btn on project (#17001)
    • Add doctor dbconsistency check for release and attachment (#16978)
    • Disable Fomantic's CSS tooltips (#16974)
    • Add Cache-Control to avatar redirects (#16973)
    • Make mirror feature more configurable (#16957)
    • Add skip and limit to git.GetTags (#16897)
    • Remove ParseQueueConnStr as it is unused (#16878)
    • Remove unused Fomantic sidebar module (#16853)
    • Allow LDAP Sources to provide Avatars (#16851)
    • Remove Dashboard/Home button from the navbar (#16844)
    • Use conditions but not repo ids as query condition (#16839)
    • Add user settings key/value DB table (#16834)
    • Add buttons to allow loading of incomplete diffs (#16829)
    • Add information for migrate failure (#16803)
    • Add EdDSA JWT signing algorithm (#16786)
    • Add user status filter to admin user management page (#16770)
    • Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
    • Do not use thin scrollbars on Firefox (#16738)
    • Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731)
    • Compute proper foreground color for labels (#16729)
    • Add edit button to wiki sidebar and footer (#16719)
    • Fix migration svg color (#16715)
    • Add link to vscode to repo header (#16664)
    • Add filter by owner and team to issue/pulls search endpoint (#16662)
    • Kanban colored boards (#16647)
    • Allow setting X-FRAME-OPTIONS (#16643)
    • Separate open and closed issue in metrics (#16637)
    • Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635)
    • Add setting to OAuth handlers to skip local 2FA authentication (#16594)
    • Make PR merge options more intuitive (#16582)
    • Show correct text when comparing commits on empty pull request (#16569)
    • Pre-fill suggested New File 'name' and 'content' with Query Params (#16556)
    • Add an abstract json layout to make it's easier to change json library (#16528)
    • Make Mermaid.js limit configurable (#16519)
    • Improve 2FA autofill (#16473)
    • Add modals to Organization and Team remove/leave (#16471)
    • Show tag name on dashboard items list (#16466)
    • Change default cron schedules from @every 24h to @midnight (#16431)
    • Prevent double sanitize (#16386)
    • Replace list.List with slices (#16311)
    • Add configuration option to restrict users by default (#16256)
    • Move login out of models (#16199)
    • Support pagination of organizations on user settings pages (#16083)
    • Switch migration icon to svg (#15954)
    • Add left padding for chunk header of split diff view (#13397)
    • Allow U2F 2FA without TOTP (#11573)
  • BUGFIXES
    • GitLab reviews may not have the updated_at field set (#18450) (#18461)
    • Fix detection of no commits when the default branch is not master (#18422) (#18423)
    • Fix broken oauth2 authentication source edit page (#18412) (#18419)
    • Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404)
    • Fix restore without topic failure (#18387) (#18400)
    • Fix commit's time (#18375) (#18392)
    • Fix partial cloning a repo (#18373) (#18377)
    • Stop trimming preceding and suffixing spaces from editor filenames (#18334)
    • Prevent showing webauthn error for every time visiting /user/settings/security (#18386)
    • Fix mime-type detection for HTTP server (#18370) (#18371)
    • Stop trimming preceding and suffixing spaces from editor filenames (#18334)
    • Restore propagation of ErrDependenciesLeft (#18325)
    • Fix PR comments UI (#18323)
    • Use indirect comparison when showing pull requests (#18313)
    • Replace satori/go.uuid with gofrs/uuid (#18311)
    • Fix commit links on compare page (#18310)
    • Don't show double error response in git hook (#18292)
    • Handle missing default branch better in owner/repo/branches page (#18290)
    • Fix CheckRepoStats and reuse it during migration (#18264)
    • Prevent underline hover on cards (#18259)
    • Don't delete branch if other PRs with this branch are open (#18164)
    • Require codereview to have content (#18156)
    • Allow admin to associate missing LFS objects for repositories (#18143)
    • When attempting to subscribe other user to issue report why access denied (#18091)
    • Add option to convert CRLF to LF line endings for sendmail (#18075)
    • Only create pprof files for gitea serv if explicitly asked for (#18068)
    • Abort merge if head has been updated before pressing merge (#18032)
    • Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
    • Use JSON module instead of stdlib json (#18003)
    • Fixed issue merged/closed wording (#17973)
    • Return nicer error for ForcePrivate (#17971)
    • Fix overflow in commit graph (#17947)
    • Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941)
    • Use disable_form_autofill on Codebase and Gitbucket (#17936)
    • Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)
    • Fix markdown URL parsing (#17924)
    • Apply CSS Variables to all message elements (#17920)
    • Improve checkBranchName (#17901)
    • Update chi/middleware to chi/v5/middleware (#17888)
    • Fix position of label color picker colors (#17866)
    • Fix ListUnadoptedRepositories incorrect total count (#17865)
    • Remove whitespace inside rendered code <td> (#17859)
    • Make Co-committed-by and co-authored-by trailers optional (#17848)
    • Fix value of User.IsRestricted when oauth2 user registration (#17839)
    • Use new OneDev /milestones endpoint (#17782)
    • Prevent deadlock in TestPersistableChannelQueue (#17717)
    • Simplify code for writing SHA to name-rev (#17696)
    • Fix database deadlock when update issue labels (#17649)
    • Add warning for BIDI characters in page renders and in diffs (#17562)
    • Fix ipv6 parsing for builtin ssh server (#17561)
    • Multiple Escaping Improvements (#17551)
    • Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)
    • Show client-side error if wiki page is empty (#17415)
    • Fix context popup error (#17398)
    • Stop sanitizing full name in API (#17396)
    • Fix issue close/comment buttons on mobile (#17317)
    • Fix navbar UI (#17235)
    • Fix problem when database id is not increment as expected (#17229)
    • Open the DingTalk link in browser (#17084)
    • Remove heads pointing to missing old refs (#17076)
    • Fix commit status index problem (#17061)
    • Handle broken references in mirror sync (#17013)
    • Fix for create repo page layout (#17012)
    • Improve LDAP synchronization efficiency (#16994)
    • Add repo_id for attachment (#16958)
    • Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705)
    • Remove duplicate csv import in modules/csv/csv.go (#16631)
    • Improve SMTP authentication and Fix user creation bugs (#16612)
    • Fixed emoji alias not parsed in links (#16221)
    • Calculate label URL on API (#16186)
  • TRANSLATION
    • Fix mispelling of starred as stared (#17465)
    • Re-separate the color translation strings (#17390)
    • Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)
  • BUILD
    • Add lockfile-check (#18285)
    • Don't store assets modified time into generated files (#18193)
  • MISC
    • Update JS dependencies (#17611)

1.15.11 - 2022-01-29

  • SECURITY
    • Only view milestones from current repo (#18414) (#18418)
  • BUGFIXES
    • Fix broken when no commits and default branch is not master (#18422) (#18424)
    • Fix commit's time (#18375) (#18409)
    • Fix restore without topic failure (#18387) (#18401)
    • Fix mermaid import in 1.15 (it uses ESModule now) (#18382)
    • Update to go/text 0.3.7 (#18336)
  • MISC
    • Upgrade EasyMDE to 2.16.1 (#18278) (#18279)

1.15.10 - 2022-01-14

  • BUGFIXES
    • Fix inconsistent PR comment counts (#18260) (#18261)
    • Fix release link broken (#18252) (#18253)
    • Fix update user from site administration page bug (#18250) (#18251)
    • Set HeadCommit when creating tags (#18116) (#18173)
    • Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
    • Fix purple color in suggested label colors (#18241) (#18242)
  • SECURITY
    • Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

1.15.9 - 2021-12-30

  • BUGFIXES
    • Fix wrong redirect on org labels (#18128) (#18134)
    • Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
    • Revert "Fix delete u2f keys bug (#18042)" (#18107)
    • Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
    • Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
    • Reset locale on login (#17734) (#18100)
    • Correctly handle failed migrations (#17575) (#18099)
    • Instead of using routerCtx just escape the url before routing (#18086) (#18098)
    • Quote references to the user table in consistency checks (#18072) (#18073)
    • Add NotFound handler (#18062) (#18067)
    • Ensure that git repository is closed before transfer (#18049) (#18057)
    • Use common sessioner for API and web routes (#18114)
  • TRANSLATION
    • Fix code search result hint on zh-CN (#18053)

1.15.8 - 2021-12-20

  • BUGFIXES
    • Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
    • Fix delete u2f keys bug (#18040) (#18042)
    • Reset Session ID on login (#18018) (#18041)
    • Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
    • Stop printing 03d after escaped characters in logs (#18030) (#18034)
    • Reset locale on login (#18023) (#18025)
    • Fix reset password email template (#17025) (#18022)
    • Fix outType on gitea dump (#18000) (#18016)
    • Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
    • Fix rename notification bug (#18011)
    • Prevent double decoding of % in url params (#17997) (#18001)
    • Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
    • Prevent deadlock in create issue (#17970) (#17982)
  • TESTING
    • Use non-expiring key. (#17984) (#17985)

1.15.7 - 2021-12-01

  • ENHANCEMENTS
    • Only allow webhook to send requests to allowed hosts (#17482) (#17510)
    • Fix login redirection links (#17451) (#17473)
  • BUGFIXES
    • Fix database inconsistent when admin change user email (#17549) (#17840)
    • Use correct user on releases (#17806) (#17818)
    • Fix commit count in tag view (#17698) (#17790)
    • Fix close issue but time watcher still running (#17643) (#17761)
    • Fix Migrate Description (#17692) (#17727)
    • Fix bug when project board get open issue number (#17703) (#17726)
    • Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
    • Fix bug when read mysql database max lifetime (#17682) (#17690)
    • Fix database deadlock when update issue labels (#17649) (#17665)
    • Fix bug on detect issue/comment writer (#17592)
    • Remove appSubUrl from pasted images (#17572) (#17588)
    • Make ParsePatch more robust (#17573) (#17580)
    • Fix stats upon searching issues (#17566) (#17578)
    • Escape issue titles in comments list (#17555) (#17556)
    • Fix zero created time bug on commit api (#17546) (#17547)
    • Fix database keyword quote problem on migration v161 (#17522) (#17523)
    • Fix email with + when active (#17518) (#17520)
    • Stop double encoding blame commit messages (#17498) (#17500)
    • Quote the table name in CountOrphanedObjects (#17487) (#17488)
    • Run Migrate in Install rather than just SyncTables (#17475) (#17486)
  • BUILD
    • Fix golangci-lint warnings (#17598 et al) (#17668)
  • MISC
    • Preserve color when inverting emojis (#17797) (#17799)

1.15.6 - 2021-10-28

  • BUGFIXES
    • Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
    • Fix CSV render error (#17406) (#17431)
    • Read expected buffer size (#17409) (#17430)
    • Ensure that restricted users can access repos for which they are members (#17460) (#17464)
    • Make commit-statuses popup show correctly (#17447) (#17466)
  • TESTING
    • Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463)

1.15.5 - 2021-10-21

  • SECURITY
    • Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
    • Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
  • BUGFIXES
    • Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
    • Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
    • Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
    • Ensure popup text is aligned left (backport for 1.15) (#17343)
    • Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
    • Disable core.protectNTFS (#17300) (#17302)
    • Use pointer for wrappedConn methods (#17295) (#17296)
    • AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
    • Handle duplicate keys on GPG key ring (#17242) (#17284)
    • Fix SVG side by side comparison link (#17375) (#17391)

1.15.4 - 2021-10-08

  • BUGFIXES
    • Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
    • Don't allow merged PRs to be reopened (#17192) (#17271)
    • Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
    • Fix unwanted team review request deletion (#17257) (#17264)
    • Fix broken Activities link in team dashboard (#17255) (#17258)
    • API pull's head/base have correct permission(#17214) (#17245)
    • Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227)
    • Upgrade xorm to v1.2.5 (#17177) (#17188)
    • Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
    • Fix bug of get context user (#17169) (#17172)
    • Nicely handle missing user in collaborations (#17049) (#17166)
    • Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
    • Fix wrong i18n keys (#17150) (#17153)
    • Fix Archive Creation: correct transaction ending (#17151)
    • Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
    • Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
  • ENHANCEMENT
    • Check user instead of organization when creating a repo from a template via API (#16346) (#17195)
  • TRANSLATION
    • v1.15 fix Sprintf format 'verbs' in locale files (#17187)

1.15.3 - 2021-09-19

  • ENHANCEMENTS
    • Add fluid to ui container class to remove margin (#16396) (#16976)
    • Add caller to cat-file batch calls (#17082) (#17089)
  • BUGFIXES
    • Render full plain readme. (#17083) (#17090)
    • Upgrade xorm to v1.2.4 (#17059)
    • Fix bug of migrate comments which only fetch one page (#17055) (#17058)
    • Do not show issue context popup on external issues (#17050) (#17054)
    • Decrement Fork Num when converting from Fork (#17035) (#17046)
    • Correctly rollback in ForkRepository (#17034) (#17045)
    • Fix missing close in WalkGitLog (#17008) (#17009)
    • Add prefix to SVG id/class attributes (#16997) (#17000)
    • Fix bug of migrated repository not index (#16991) (#16996)
    • Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990)
    • Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977)
    • Fix issue with issue default mail template (#16956) (#16975)
    • Ensure that rebase conflicts are handled in updates (#16952) (#16960)
    • Prevent panic on diff generation (#16950) (#16951)

1.15.2 - 2021-09-03

  • BUGFIXES
    • Add unique constraint back into issue_index (#16938)
    • Close storage objects before cleaning (#16934) (#16942)

1.15.1 - 2021-09-02

  • BUGFIXES
    • Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923)
    • Prevent leave changes dialogs due to autofill fields (#16912) (#16920)
    • Ignore review comment when ref commit is missed (#16905) (#16919)
    • Fix wrong attachment removal (#16915) (#16917)
    • Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)
    • Correctly return the number of Repositories for Organizations (#16807) (#16911)
    • Test if LFS object is accessible (#16865) (#16904)
    • Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900)
    • Fix dump and restore respository (#16698) (#16898)
    • Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895)
    • Fix wiki raw commit diff/patch view (#16891) (#16892)
    • Ensure wiki repos are all closed (#16886) (#16888)
    • List limited and private orgs if authenticated on API (#16866) (#16879)
    • Simplify split diff view generation and remove JS dependency (#16775) (#16863)
    • Ensure that the default visibility is set on the user create page (#16845) (#16862)
    • In Render tolerate not being passed a context (#16842) (#16858)
    • Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)
    • Report the correct number of pushes on the feeds (#16811) (#16822)
    • Add primary_key to issue_index (#16813) (#16820)
    • Prevent NPE on empty commit (#16812) (#16819)
    • Fix branch pagination error (#16805) (#16816)
    • Add missing return to handleSettingRemoteAddrError (#16794) (#16795)
    • Remove spurious / from issues.opened_by (#16793)
    • Ensure that template compilation panics are sent to the logs (#16788) (#16792)
    • Update caddyserver/certmagic (#16789) (#16790)

1.15.0 - 2021-08-21

  • BREAKING
    • Make app.ini permissions more restrictive (#16266)
    • Refactor Webhook + Add X-Hub-Signature (#16176)
    • Add asymmetric JWT signing (#16010)
    • Clean-up the settings hierarchy for issue_indexer queue (#16001)
    • Change default queue settings to be low go-routines (#15964)
    • Improve assets handler middleware (#15961)
    • Rename StaticUrlPrefix to AssetUrlPrefix (#15779)
    • Use a generic markup class to display externally rendered files and diffs (#15735)
    • Add frontend testing, require node 12 (#15315)
    • Move (custom) assets into subpath /assets (#15219)
    • Use level config in log section when sub log section not set level (#15176)
    • Links in markdown should be absolute to the repository not the server (#15088)
    • Upgrade to the latest version of golang-jwt (#16590) (#16606)
    • Set minimum supported version of go to 1.16 (#16710)
  • SECURITY
    • Encrypt LDAP bind password in db with SECRET_KEY (#15547)
    • Remove random password in Dockerfiles (#15362)
    • Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
    • Correctly create of git-daemon-export-ok files (#16508) (#16514)
    • Don't show private user's repo in explore view (#16550) (#16554)
    • Update node tar dependency to 6.1.6 (#16622) (#16623)
  • FEATURES
    • Update Go-Git to take advantage of LargeObjectThreshold (#16316)
    • Support custom mime type mapping for text files (#16304)
    • Link to previous blames in file blame page (#16259)
    • Add LRU mem cache implementation (#16226)
    • Localize Email Templates (#16200)
    • Make command in authorized keys a template (#16003)
    • Add possibility to make branch in branch page (#15960)
    • Add email headers (#15939)
    • Make tasklist checkboxes clickable (#15791)
    • Add selecting tags on the compare page (#15723)
    • Add cron job to delete old actions from database (#15688)
    • On open repository open common cat file batch and batch-check (#15667)
    • Add tag protection (#15629)
    • Add push to remote mirror repository (#15157)
    • Add Image Diff for SVG files (#14867)
    • Add dashboard milestone search and repo milestone search by name. (#14866)
    • Add LFS Migration and Mirror (#14726)
    • Improve notifications for WIP draft PR's (#14663)
    • Disable Stars config option (#14653)
    • GPG Key Ownership verification with Signed Token (#14054)
    • OAuth2 auto-register (#5123)
  • API
    • Return updated repository when changing repository using API (#16420)
    • Let branch/tag name be a valid ref to get CI status (#16400)
    • Add endpoint to get commits of PR (#16300)
    • Allow COMMENT reviews to not specify a body (#16229)
    • Add subject-type filter to list notification API endpoints (#16177)
    • ListReleases add filter for draft and pre-releases (#16175)
    • ListIssues add more filters (#16174)
    • Issue Search Add filter for MilestoneNames (#16173)
    • GET / SET User Settings (#16169)
    • Expose repo.GetReviewers() & repo.GetAssignees() (#16168)
    • User expose counters (#16167)
    • Add repoGetTag (#16166)
    • Add repoCreateTag (#16165)
    • Creating a repo from a template repo via API (#15958)
    • Add Active and ProhibitLogin to API (#15689)
    • Add Location, Website and Description to API (#15675)
    • Expose resolver via API (#15167)
    • Swagger AccessToken fixes (#16574) (#16597)
    • Set AllowedHeaders on API CORS handler (#16524) (#16618)
  • ENHANCEMENTS
    • Support HTTP/2 in Let's Encrypt (#16371)
    • Introduce NotifySubjectType (#16320)
    • Add forge emojies (#16296)
    • Implemented head_commit for webhooks (#16282)
    • Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)
    • Add previous/next buttons to review comments (#16273)
    • Review comments: break-word for long file names (#16272)
    • Add configuration to restrict allowed user visibility modes (#16271)
    • Add scroll-margin-top to account for sticky header (#16269)
    • Add --quiet and --verbose to gitea web to control initial logging (#16260)
    • Use gitea logging module for git module (#16243)
    • Add tests for all webhooks (#16214)
    • Add button to delete undeleted repositories from failed migrations (#16197)
    • Speed up git diff highlight generation (#16180)
    • Add OpenID claims "profile" and "email". (#16141)
    • Reintroduce squash merge default comment as a config setting (#16134)
    • Add sanitizer rules per renderer (#16110)
    • Improve performance of dashboard list orgs (#16099)
    • Refactor assert statements in tests (#16089)
    • Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
    • Remove unnecessary goroutine (#16080)
    • Add attachments for PR reviews (#16075)
    • Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070)
    • Add Visible modes function from Organisation to Users too (#16069)
    • Add checkbox to delete pull branch after successful merge (#16049)
    • Make commit info cancelable (#16032)
    • Make modules/context.Context a context.Context (#16031)
    • Unified custom config creation (#16012)
    • Make sshd_config more flexible regarding connections (#16009)
    • Append to existing trailers in generated squash commit message (#15980)
    • Always store primary email address into email_address table and also the state (#15956)
    • Load issue/PR context popup data only when needed (#15955)
    • Remove remaining fontawesome usage in templates (#15952)
    • Remove fomantic accordion module (#15951)
    • Small refactoring of modules/private (#15947)
    • Double the avatar size factor (#15941)
    • Add curl to rootless docker image (#15908)
    • Replace clipboard.js with async clipboard api (#15899)
    • Allow custom highlight mapping beyond file extensions (#15808)
    • Add trace logging to SSO methods (#15803)
    • Refactor routers directory (#15800)
    • Allow only internal registration (#15795)
    • Add a new internal hook to save ssh log (#15787)
    • Respect default merge message syntax when parsing item references (#15772)
    • OAuth2 login: Set account link to "login" as default behavior (#15768)
    • Use single shared random string generation function (#15741)
    • Hold the event source when there are no listeners (#15725)
    • Code comments improvements (#15722)
    • Provide OIDC compliant user info endpoint (#15721)
    • Fix webkit calendar icon color on arc-green (#15713)
    • Improve Light Chroma style (#15699)
    • Only use boost workers for leveldb shadow queues (#15696)
    • Add compare tag dropdown to releases page (#15695)
    • Add caret styling CSS (#15651)
    • Remove x-ua-compatible meta tag (#15640)
    • Refactor of link creation (#15619)
    • Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
    • Rewrite of the LFS server (#15523)
    • Display more repository type on admin repository management (#15440)
    • Remove usage of some JS globals (#15378)
    • SHA in merged commit comment should be rendered ui sha (#15376)
    • Add well-known config for OIDC (#15355)
    • Use route rather than use thus reducing the number of stack frames (#15301)
    • Code Formats, Nits & Unused Func/Var deletions (#15286)
    • Let package git depend on setting but not opposite (#15241)
    • Fixed sanitize errors (#15240)
    • response simple text message for not html request when 404 (#15229)
    • Remove file-loader dependency (#15196)
    • Refactor renders (#15175)
    • Add mimetype mapping settings (#15133)
    • Add Status Updates whilst Gitea migrations are occurring (#15076)
    • Reload locales in initialisation if needed by utilizing i18n.Reset (#15073)
    • Counterwork seemingly unclickable repo button labels (#15064)
    • Add DefaultMergeStyle option to repository (#14789)
    • Added support for gopher URLs. (#14749)
    • Rework repository archive (#14723)
    • Add links to toggle WIP status (#14677)
    • Add Tabular Diff for CSV files (#14661)
    • Use milestone deadline when sorting issues (#14551)
  • BUGFIXES
    • Fix invalid params and typo of email templates (#16394)
    • Fix activation of primary email addresses (#16385)
    • Fix calculation for finalPage in repo-search component (#16382)
    • Specify user in rootless container numerically (#16361)
    • Detect encoding changes while parsing diff (#16330)
    • Fix U2F error reasons always hidden (#16327)
    • Prevent zombie processes (#16314)
    • Escape reference to user table in models.SearchEmails (#16313)
    • Fix default push instructions on empty repos (#16302)
    • Fix modified files list in webhooks when there is a space (#16288)
    • Fix webhook commits wrong hash on HEAD reset (#16283)
    • Fuzzer finds an NPE due to incorrect URLPrefix (#16249)
    • Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238)
    • Do not show No match found for tribute (#16231)
    • Fix "Copy Link" for pull requests (#16230)
    • Fix diff expansion is missing final line in a file (#16222)
    • Fix private repo permission problem (#16142)
    • Fix not able to update local created non-urlencoded wiki pages (#16139)
    • More efficiently parse shas for shaPostProcessor (#16101)
    • Fix doctor --run check-db-consistency --fix with label fix (#16094)
    • Prevent webhook action buttons from shifting (#16087)
    • Change default TMPDIR path in rootless containers (#16077)
    • Fix typo and add TODO notice (#16064)
    • Use git log name-status in get last commit (#16059)
    • Fix 500 Error with branch and tag sharing the same name (#16040)
    • Fix get tag when migration (#16014)
    • Add custom emoji support (#16004)
    • Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
    • Add permission check for GenerateRepository (#15946)
    • Ensure settings for Service and Mailer are read on the install page (#15943)
    • Fix layout of milestone view (#15927)
    • Unregister non-matching serviceworkers (#15834)
    • Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
    • Attachment support repository route (#15580)
    • Fix missing icons and colorpicker when mounted on suburl (#15501)
    • Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
    • Prevent double-login for Git HTTP and LFS and simplify login (#15303)
    • Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278)
    • Fix heatmap activity (#15252)
    • Remove vendored copy of fomantic-dropdown (#15193)
    • Update repository size on cron gc task (#15177)
    • Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
    • Add code block highlight to orgmode back (#14222)
    • Remove User.GetOrganizations() (#14032)
    • Restore Accessibility for Dropdown (#16576) (#16617)
    • Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
    • Fix table alignment in markdown (#16596) (#16602)
    • Fix 500 on first wiki page (#16586) (#16598)
    • Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
    • Upgrade levelqueue to v0.4.0 (#16560) (#16561)
    • Handle too long PR titles correctly (#16517) (#16549)
    • Fix data race in bleve indexer (#16474) (#16509)
    • Restore CORS on git smart http protocol (#16496) (#16506)
    • Fix race in log (#16490) (#16505)
    • Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
    • Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
    • Update notification table with only latest data (#16445) (#16469)
    • Fix crash following ldap authentication update (#16447) (#16448)
    • Fix direct creation of external users on admin page (partial #16612) (#16613)
    • Prevent 500 on draft releases without tag (#16634) (#16636)
    • Restore creation of git-daemon-export-ok files (#16508) (#16514)
    • Fix data race in bleve indexer (#16474) (#16509)
    • Restore CORS on git smart http protocol (#16496) (#16506)
    • Fix race in log (#16490) (#16505)
    • Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
    • Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
    • Update notification table with only latest data (#16445) (#16469)
    • Fix crash following ldap authentication update (#16447) (#16448)
    • Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
    • Fix direct creation of external users on admin page (#16613)
    • Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
    • Fix NPE in fuzzer (#16680) (#16682)
    • Set issue_index when finishing migration (#16685) (#16687)
    • Skip patch download when no patch file exists (#16356) (#16681)
    • Ensure empty lines are copiable and final new line too (#16678) (#16692)
    • Fix wrong user in OpenID response (#16736) (#16741)
    • Do not use thin scrollbars on Firefox (#16738) (#16745)
    • Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
    • Keep attachments on tasklist update (#16750) (#16757)
  • TESTING
    • Bump postgres and mysql versions (#15710)
    • Add tests for clone from wiki (#15513)
    • Fix Benchmark tests, remove a broken one & add two new (#15250)
    • Create Proper Migration tests (#15116)
  • TRANSLATION
    • Use a special name for update default branch on repository setting (#15893)
    • Fix mirror_lfs source string in en-US locale (#15369)
  • BUILD
    • Upgrade xorm to v1.1.1 (#16339)
    • Disable legal comments in esbuild (#15929)
    • Switch to Node 16 to build fronted (#15804)
    • Use esbuild to minify CSS (#15756)
    • Use binary version of revive linter (#15739)
    • Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465)
    • Stop packaging node_modules in release tarballs (#15273)
    • Introduce esbuild on webpack (#14578)
  • DOCS
    • Update queue workers documentation (#15999)
    • Comment out app.example.ini (#15807)
    • Improve logo customization docs (#15754)
    • Add some response status on api docs (#15399)
    • Rework Token API comments (#15162)
    • Add better errors for disabled account recovery (#15117)
  • MISC
    • Remove utf8 option from installation page (#16126)
    • Use Wants= over Requires= in systemd file (#15897)

1.14.7 - 2021-09-02

  • BUGFIXES
    • Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896)
    • Fix wiki raw commit diff/patch view (#16891) (#16893)
    • Ensure wiki repos are all closed (#16886) (#16889)
    • Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849)
    • Recreate Tables should Recreate indexes on MySQL (#16718) (#16740)

1.14.6 - 2021-08-04

  • SECURITY
    • Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
    • Switch to maintained JWT lib (#16532) (#16535)
    • Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
  • BUGFIXES
    • Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495)
    • Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)

1.14.5 - 2021-07-16

  • SECURITY
    • Hide mirror passwords on repo settings page (#16022) (#16355)
    • Update bluemonday to v1.0.15 (#16379) (#16380)
  • BUGFIXES
    • Retry rename on lock induced failures (#16435) (#16439)
    • Validate issue index before querying DB (#16406) (#16410)
    • Fix crash following ldap authentication update (#16447) (#16449)
  • ENHANCEMENTS
    • Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)

1.14.4 - 2021-07-06

  • BUGFIXES
    • Fix relative links in postprocessed images (#16334) (#16340)
    • Fix list_options GetStartEnd (#16303) (#16305)
    • Fix API to use author for commits instead of committer (#16276) (#16277)
    • Handle misencoding of login_source cfg in mssql (#16268) (#16275)
    • Fixed issues not updated by commits (#16254) (#16261)
    • Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
    • Use html.Parse rather than html.ParseFragment (#16223) (#16225)
    • Fix milestone counters on new issue (#16183) (#16224)
    • reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)

1.14.3 - 2021-06-18

  • SECURITY
    • Encrypt migration credentials at rest (#15895) (#16187)
    • Only check access tokens if they are likely to be tokens (#16164) (#16171)
    • Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
    • Fix setting of SameSite on cookies (#15989) (#15991)
  • API
    • Repository object only count releases as releases (#16184) (#16190)
    • EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190)
    • Fix overly strict edit pr permissions (#15900) (#16081)
  • BUGFIXES
    • Run processors on whole of text (#16155) (#16185)
    • Class issue-keyword is being incorrectly stripped off spans (#16163) (#16172)
    • Fix language switch for install page (#16043) (#16128)
    • Fix bug on getIssueIDsByRepoID (#16119) (#16124)
    • Set self-adjusting deadline for connection writing (#16068) (#16123)
    • Fix http path bug (#16117) (#16120)
    • Fix data URI scramble (#16098) (#16118)
    • Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097)
    • git migration: don't prompt interactively for clone credentials (#15902) (#16082)
    • Fix case change in ownernames (#16045) (#16050)
    • Don't manipulate input params in email notification (#16011) (#16033)
    • Remove branch URL before IssueRefURL (#15968) (#15970)
    • Fix layout of milestone view (#15927) (#15940)
    • GitHub Migration, migrate draft releases too (#15884) (#15888)
    • Close the gitrepo when deleting the repository (#15876) (#15887)
    • Upgrade xorm to v1.1.0 (#15869) (#15885)
    • Fix blame row height alignment (#15863) (#15883)
    • Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882)
    • Backport Fix LFS commit finder not working (#15856) (#15874)
    • Stop calling WriteHeader in Write (#15862) (#15873)
    • Add timeout to writing to responses (#15831) (#15872)
    • Return go-get info on subdirs (#15642) (#15871)
    • Restore PAM user autocreation functionality (#15825) (#15867)
    • Fix truncate utf8 string (#15828) (#15854)
    • Fix bound address/port for caddy's certmagic library (#15758) (#15848)
    • Upgrade unrolled/render to v1.1.1 (#15845) (#15846)
    • Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840)
    • Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
    • Set autocomplete off on branches selector (#15809) (#15833)
    • Add missing error to Doctor log (#15813) (#15824)
    • Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816)
  • ENHANCEMENTS
    • Removable media support to snap package (#16136) (#16138)
    • Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
  • DOCKER
    • Only write config in environment-to-ini if there are changes (#15861) (#15868)
    • Only offer hostcertificates if they exist (#15849) (#15853)

1.14.2 - 2021-05-09

  • API
    • Make change repo settings work on empty repos (#15778) (#15789)
    • Add pull "merged" notification subject status to API (#15344) (#15654)
  • BUGFIXES
    • Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798)
    • Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775)
    • Set GIT_DIR correctly if it is not set (#15751) (#15769)
    • Fix bug where repositories appear unadopted (#15757) (#15767)
    • Not show ref-in-new-issue pop when issue was disabled (#15761) (#15765)
    • Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762)
    • Fix setting version table in dump (#15753) (#15759)
    • Fix close button change on delete in simplemde area (#15737) (#15747)
    • Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746)
    • Fix some ui bug about draft release (#15137) (#15745)
    • Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715)
    • Move tooltip down to allow selection of Remove File on error (#15672) (#15714)
    • Fix setting redis db path (#15698) (#15708)
    • Fix DB session cleanup (#15697) (#15700)
    • Fixed several activation bugs (#15473) (#15685)
    • Delete references if repository gets deleted (#15681) (#15684)
    • Fix orphaned objects deletion bug (#15657) (#15683)
    • Delete protected branch if repository gets removed (#15658) (#15676)
    • Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652)
    • Not update updated uinx for git gc (#15637) (#15641)
    • Fix commit graph author link (#15627) (#15630)
    • Fix webhook timeout bug (#15613) (#15621)
    • Resolve panic on failed interface conversion in migration v156 (#15604) (#15610)
    • Fix missing storage init (#15589) (#15598)
    • If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594)
    • Fix lfs management find (#15537) (#15578)
    • Fix NPE on view commit with notes (#15561) (#15573)
    • Fix bug on commit graph (#15517) (#15530)
    • Send size to /avatars if requested (#15459) (#15528)
    • Prevent migration 156 failure if tag commit missing (#15519) (#15527)
  • ENHANCEMENTS
    • Display conflict-free merge messages for pull requests (#15773) (#15796)
    • Exponential Backoff for ByteFIFO (#15724) (#15793)
    • Issue list alignment tweaks (#15483) (#15766)
    • Implement delete release attachments and update release attachments' name (#14130) (#15666)
    • Add placeholder text to deploy key textarea (#15575) (#15576)
    • Project board improvements (#15429) (#15560)
    • Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
  • MISC
    • Fix webkit calendar icon color on arc-green (#15713) (#15728)
    • Performance improvement for last commit cache and show-ref (#15455) (#15701)
    • Bump unrolled/render to v1.1.0 (#15581) (#15608)
    • Add ETag header (#15370) (#15552)

1.14.1 - 2021-04-15

  • BUGFIXES
    • Fix bug clone wiki (#15499) (#15502)
    • Github Migration ignore rate limit, if not enabled (#15490) (#15495)
    • Use subdir for URL (#15446) (#15493)
    • Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
    • Ensure review dismissal only dismisses the correct review (#15477) (#15489)
    • Use index of the supported tags to choose user lang (#15452) (#15488)
    • Fix wrong file link in code search page (#15466) (#15486)
    • Quick template fix for built-in SSH server in admin config (#15464) (#15481)
    • Prevent superfluous response.WriteHeader (#15456) (#15476)
    • Fix ambiguous argument error on tags (#15432) (#15474)
    • Add created_unix instead of expiry to migration (#15458) (#15463)
    • Fix repository search (#15428) (#15442)
    • Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
    • Fix wiki clone urls (#15430) (#15431)
    • Fix dingtalk icon url at webhook (#15417) (#15426)
    • Standardise icon on projects PR page (#15387) (#15408)
  • ENHANCEMENTS
    • Add option to skip LFS/attachment files for dump (#15407) (#15492)
    • Clone panel fixes (#15436)
    • Use semantic dropdown for code search query type (#15276) (#15364)
  • BUILD
    • Build go-git variants for windows (#15482) (#15487)
    • Lock down build-images dependencies (Partial #15479) (#15480)
  • MISC
    • Performance improvement for list pull requests (#15447) (#15500)
    • Fix potential copy lfs records failure when fork a repository (#15441) (#15485)

1.14.0 - 2021-04-11

  • SECURITY
    • Respect approved email domain list for externally validated user registration (#15014)
    • Add reverse proxy configuration support for remote IP address detection (#14959)
    • Ensure validation occurs on clone addresses too (#14994)
    • Fix several render issues highlighted during fuzzing (#14986)
  • BREAKING
    • Fix double 'push tag' action feed (#15078) (#15083)
    • Remove possible resource leak (#15067) (#15082)
    • Handle unauthorized user events gracefully (#15071) (#15074)
    • Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475)
    • Migrate from Macaron to Chi framework (#14293)
    • Deprecate building for mips (#14174)
    • Consolidate Logos and update README header (#14136)
    • Inline manifest.json (#14038)
    • Store repository data in data path if not previously set (#13991)
    • Rename "gitea" png to "logo" (#13974)
    • Standardise logging of failed authentication attempts in internal SSH (#13962)
    • Add markdown support in organization description (#13549)
    • Improve users management through the CLI (#6001) (#10492)
  • FEATURES
    • Create a new issue with reference to lines of code from file view (#14863)
    • Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
    • Allow blocking some email domains from registering an account (#14667)
    • Create a new issue based on reference to an issue comment (#14366)
    • Add support to migrate from gogs (#14342)
    • Add pager to the branches page (#14202)
    • Minimal OpenID Connect implementation (#14139)
    • Display current stopwatch in navbar (#14122)
    • Display SVG files as images instead of text (#14101)
    • Disable SSH key deletion of externally managed Keys (#13985)
    • Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)
    • Add support for Mastodon OAuth2 provider (#13293)
    • Add gitea sendmail command (#13079)
    • Create DB session provider(based on xorm) (#13031)
    • Add dismiss review feature (#12674)
    • Make manual merge autodetection optional and add manual merge as merge method (#12543)
    • Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
    • Create Rootless Docker image (#10154)
  • API
    • Speedup issue search (#15179) (#15192)
    • Get pull, return head branch sha, even if deleted (#14931)
    • Export LFS & TimeTracking function status (#14753)
    • Show Gitea version in swagger (#14654)
    • Fix PATCH /repos/{owner}/{repo} panic (#14637)
    • Add Restricted Field to User (#14630)
    • Add support for ref parameter to get raw file API (#14602)
    • Add affected files of commits to commit struct (#14579)
    • Fix CJK fonts again and misc. font issues (#14575)
    • Add delete release by tag & delete tag (#14563) & (#13358)
    • Add pagination to ListBranches (#14524)
    • Add signoff option in commit form (#14516)
    • GetRelease by tag only return release (#14397)
    • Add MirrorInterval to the API (#14163)
    • Make BasicAuth Prefix case insensitive (#14106)
    • Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)
    • Add ref to create/edit issue options & deprecated assignee (#13992)
    • Add Ref to Issue (#13946)
    • Expose default theme in meta and API (#13809)
    • Send error message when CSRF token is missing (#13676)
    • List, Check, Add & delete endpoints for repository teams (#13630)
    • Admin EditUser: Make FullName, Email, Website & Location optional (#13562)
    • Add more filters to issues search (#13514)
    • Add review request api (#11355)
  • BUGFIXES
    • Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396)
    • Always set the merge base used to merge the commit (#15352) (#15385)
    • Upgrade to bluemonday 1.0.7 (#15379) (#15380)
    • Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377)
    • Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361)
    • Show diff on rename with diff changes (#15338) (#15339)
    • Fix handling of logout event (#15323) (#15337)
    • Fix CanCreateRepo check (#15311) (#15321)
    • Fix xorm log stack level (#15285) (#15316)
    • Fix bug in Wrap (#15302) (#15309)
    • Drop the event source if we are unauthorized (#15275) (#15280)
    • Backport Fix graph pagination (#15225) (#15249)
    • Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200)
    • should run RetrieveRepoMetas() for empty pr (#15187) (#15190)
    • Move setting to enable closing issue via commit in non default branch to repo settings (#14965)
    • Show correct issues for team dashboard (#14952)
    • Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932)
    • Only allow issue labels from owner repository or organization (#14928)
    • Fix alignment of People and Teams right arrow on org homepage (#14924)
    • Fix overdue marking of closed issues and milestones (#14923)
    • Prevent panic when empty MilestoneID in repo/issue/list (#14911)
    • Fix migration context data (#14910)
    • Handle URLs with trailing slash (#14852)
    • Add CORS config on to /login/oauth/access_token endpoint (#14850)
    • Make searching issues by keyword case insensitive on DB (#14848)
    • Prevent use of double sub-path and incorrect asset path in manifest (#14827)
    • Fix link account ui (#14763)
    • Fix preview status switch button on wiki editor (#14742)
    • Fix github download on migration (#14703)
    • Fix svg spacing (#14638)
    • Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623)
    • Truncated organizations name (#14615)
    • Exclude the current dump file from the dump (#14606)
    • Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
    • Ensure memcache caching works when TTL greater than 30 days (#14592)
    • Remove NULs byte arrays passed to PostProcess (#14587)
    • Restore detection of branches are equal on compare page (#14586)
    • Fix incorrect key name so registerManualConfirm works (#14455)
    • Fix close/reopen with comment (#14436)
    • Allow passcode invalid error to appear (#14371)
    • Escape branch names in compare url (#14364)
    • Label and milestone webhooks on issue/pull creation (#14363)
    • Handle NotifyCreateRef as create branch in feeds (#14245)
    • Prevent clipping input text in Chrome + Segoe UI Font (#14179)
    • Fix UI on edit auth source page (#14137)
    • Fix git.parseTagData (#14105)
    • Refactor get tag to remove unnecessary steps (#14058)
    • Fix integrations test error with space in CURDIR path (#14056)
    • Dropdown triangle fixes (#14028)
    • Fix label of --id in admin delete user (#14005)
    • Cause NotifyMigrateRepository to emit a repo create webhook (#14004)
    • Update HEAD to match defaultBranch in template generation (#13948)
    • Fix action avatar loading (#13909)
    • Fix issue participants (#13893)
    • Fix avatar template error (#13833)
    • Fix review request notification email links when external issue tracker is enabled (#13723)
    • Fix blame line alignment (#13542)
    • Include OriginalAuthor in Reaction constraint (#13505)
    • Comments on review should have the same sha (#13448)
    • Fix whitespace rendering in diff (#13415)
    • Fixed git args duplication (#13411)
    • Fix bug on release publisherid migrations (#13410)
    • Fix --port setting (#13288)
    • Keep database transactions not too big (#13254)
    • Git version check, ignore pre-releases constraints (#13234)
    • Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
    • Update Mirror IsEmpty status on synchronize (#13185)
    • Use GO variable in go-check target (#13146) (#13147)
  • ENHANCEMENTS
    • UI style improvements
    • Dropzone styling improvements (#15291) (#15374)
    • Add size to Save function (#15264) (#15270)
    • Monaco improvements (#15333) (#15345)
    • Support .mailmap in code activity stats (#15009)
    • Sort release attachments by name (#15008)
    • Add ui.explore settings to control view of explore pages (#14094)
    • Make internal SSH server host key path configurable (#14918)
    • Hide resync all ssh principals when using internal ssh server (#14904)
    • Add SameSite setting for cookies (#14900)
    • Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781)
    • Add environment-to-ini to docker image (#14762)
    • Add preview support for wiki editor when disable simpleMDE (#14757)
    • Add easyMDE(simpleMDE) support for release content editor (#14744)
    • Organization removal confirmation using name not password (#14738)
    • Make branch names in PR description clickable (#14716)
    • Add Password Algorithm option to install page (#14701)
    • Add fullTextSearch to dropdowns by default (#14694)
    • Fix truncated organization names (#14655)
    • Whitespace in commits (#14650)
    • Sort / move project boards (#14634)
    • Make fileheader sticky in diffs (#14616)
    • Add helper descriptions on new repo page (#14591)
    • Move the stopwatches to the eventsource stream (#14588)
    • Add Content-Length header to HEAD requests (#14542)
    • Add Image Diff options in Diff view (#14450)
    • Improve Description in new/ edit Project template (#14429)
    • Allow ssh-keygen on Windows to detect ssh key type (#14413)
    • Display error if twofaSecret cannot be retrieved (#14372)
    • Sort issue search results by revelance (#14353)
    • Implement ghost comment mitigation (#14349)
    • Upgrade blevesearch dependency to v2.0.1 (#14346)
    • Add edit, delete and reaction support to code review comments on issue page (#14339)
    • Merge default and system webhooks under one menu (#14244)
    • Add option for administrator to reset user 2FA (#14243)
    • Add option to change username to the admin panel (#14229)
    • Check for 'main' as potential default branch name (#14193)
    • Project: show referenced PRs in issue cards (#14183)
    • Use caddy's certmagic library for extensible/robust ACME handling (#14177)
    • CLI support for OAuth sources custom icons (#14166)
    • Custom icons for OAuth sources (#14161)
    • Team dashboards (#14159)
    • KanBan: be able to set default board (#14147)
    • Disable Fomantic's custom scrollbars (#14109)
    • Add UI to delete tracked times (#14100)
    • Rework heatmap permissions (#14080)
    • Issue and pull request filters on organization dashboard (#14072)
    • Fix webhook list styling (#14001)
    • Show dropdown with all statuses for commit (#13977)
    • Show status check for merged PRs (#13975)
    • Diff stat improvements (#13954)
    • Report permissions denied in internal SSH (#13953)
    • Markdown task list improvements (#13952)
    • Heatmap days clickable (#13935)
    • chore: use octicon-mirror for feeds display (#13928)
    • Move diff split code into own template file (#13919)
    • Markdown: Enable wrapping in code blocks and a color tweak (#13894)
    • Do not reload page after adding comments in Pull Request reviews (#13877)
    • Add pull request manually merge instruction (#13840)
    • add thumbnail preview section to issue attachments (#13826)
    • Move Repo APIFormat to convert package (#13787)
    • Move notification APIFormat (#13783)
    • Swap swagger-ui with swagger-ui-dist (#13777)
    • User Settings: Ignore empty language codes & validate (#13755)
    • Improve migrate page and add card CSS (#13751)
    • Add block on official review requests branch protection (#13705)
    • Add review requested filter on pull request overview (#13701)
    • Use chronological commit order in default squash message (#13696)
    • Clickable links in pull request (and issue) titles (#13695)
    • Support shortened commit SHAs in URLs (#13686)
    • Use native git variants by default with go-git variants as build tag (#13673)
    • Don't render dropdown when only 1 merge style is available (#13670)
    • Move webhook type from int to string (#13664)
    • Direct avatar rendering (#13649)
    • Verify password for local-account activation (#13631)
    • Prevent clone protocol button flash on page load (#13626)
    • Remove fetch request from heatmap (#13623)
    • Refactor combine label comments with tests (#13619)
    • Move metrics from macaron to chi (#13601)
    • Issue and Pulls lists rework (#13594)
    • HTTP cache rework and enable caching for storage assets (#13569)
    • Use mount but not register for chi routes (#13555)
    • Use monaco for the git hook editor (#13552)
    • Make heatmap colors more distinct (#13533)
    • Lazy-load issue reviewers and assignees avatars (#13526)
    • Change search and filter icons to SVG (#13473)
    • Create tag on ui (#13467)
    • updateSize when create a repo with init commit (#13441)
    • Added title and action buttons to Project view page (#13437)
    • Override fomantic monospace fonts and set size (#13435)
    • Rework focused comment styling (#13434)
    • Tags cleanup (#13428)
    • Various style tweaks (#13418)
    • Refactor push update (#13381)
    • Comment box tweaks and SVG dropdown triangles (#13376)
    • Various style fixes (#13372)
    • Change repo home page icons to SVG (#13364)
    • Use CSS Vars for primary color (#13361)
    • Refactor image paste code (#13354)
    • Switch from SimpleMDE to EasyMDE (#13333)
    • Group Label Changed Comments in timeline (#13304)
    • Make the logger an interface (#13294)
    • Fix PR/Issue titles on mobile (#13292)
    • Rearrange the order of the merged by etc. in locale (#13284)
    • Replace footer and modal icons with SVG (#13245)
    • Issues overview should not show issues from archived repos (#13220)
    • Show stale label for stale code comment which is marked as resolved (#13213)
    • Use CSS Variables for fonts, remove postcss-loader (#13204)
    • Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198)
    • Move install pages out of main macaron routes (#13195)
    • Update outdated label to use Fomantic UI style (#13181)
    • Added option to disable webhooks (#13176)
    • Change order of possible-owner organizations to alphabetical (#13160)
    • Log IP on SSH authentication failure for Built-in SSH server (#13150)
    • Added option to disable migrations (#13114)
    • New "Add Mirror" Button in the Organization view (#13105)
    • Manually approve new registration (#13083)
    • Cron job to cleanup hook_task table (#13080)
    • Use the headline comment of pull-request as the squash commit's message (#13071)
    • Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
    • Slightly simplify the queue settings code to help reduce the risk of problems (#12976)
    • Add precise search type for Elastic Search (#12869)
    • Move APIFormat functions into convert package (#12856)
    • Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766)
    • Add TrN for repository limit (#12492)
    • Refactor doctor (#12264)
    • Add the tag list page to the release page (#12096)
    • Redirect on changed user and org name (#11649)
    • load U2F js only on pages which need it (#11585)
    • Make archival asynchronous (#11296)
    • Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420)
    • Improve vfsgen to not unzip bindata files but send to browser directly (#7109)
    • Enhance release list (#6025)
  • DOCS
    • Swagger show models by default (#14880)
    • Add missing repo.projects unit into swagger (#14876)
    • Update docs and comments to remove macaron (#14491)
    • Issue template addition: Are you using Gitea behind CloudFlare? (#14098)
    • Generate man pages (#13901)
    • Reformat/fine-tune docs (#13897)
    • Added Table of Contents to long documentation pages (#13890)
    • Add docs command (#13429)
    • Update external-renderers.en-us.md (#13165)
  • MISC
    • Add builds for apple M1 (darwin arm64) (#14951)
    • Migrate to use jsoniter instead of encoding/json (#14841)
    • Reduce make verbosity (#13803)
    • Add git command error directory on log (#13194)

1.13.7 - 2021-04-07

  • SECURITY
    • Update to bluemonday-1.0.6 (#15294) (#15298)
    • Clusterfuzz found another way (#15160) (#15169)
  • API
    • Fix wrong user returned in API (#15139) (#15150)
  • BUGFIXES
    • Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
    • Speed up enry.IsVendor (#15213) (#15246)
    • Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
    • Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
  • MISC
    • Add size to Save function (#15264) (#15271)

1.13.6 - 2021-03-23

  • SECURITY
    • Fix bug on avatar middleware (#15124) (#15125)
    • Fix another clusterfuzz identified issue (#15096) (#15114)
  • API
    • Fix nil exeption for get pull reviews API #15104 (#15106)
  • BUGFIXES
    • Fix markdown rendering in milestone content (#15056) (#15092)

1.13.5 - 2021-03-21

  • SECURITY
    • Update to goldmark 1.3.3 (#15059) (#15061)
    • Another clusterfuzz spotted issue (#15032) (#15034)
  • API
    • Fix set milestone on PR creation (#14981) (#15001)
    • Prevent panic when editing forked repos by API (#14960) (#14963)
  • BUGFIXES
    • Fix bug when upload on web (#15042) (#15055)
    • Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
    • Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
    • Fix several render issues (#14986) (#15013)
    • Make sure sibling images get a link too (#14979) (#14995)
    • Fix Anchor jumping with escaped query components (#14969) (#14977)
    • Fix release mail html template (#14976)
    • Fix excluding more than two labels on issues list (#14962) (#14973)
    • Don't mark each comment poster as OP (#14971) (#14972)
    • Add "captcha" to list of reserved usernames (#14930)
    • Re-enable import local paths after reversion from #13610 (#14925) (#14927)

1.13.4 - 2021-03-07

  • SECURITY
    • Fix issue popups (#14898) (#14899)
  • BUGFIXES
    • Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
    • Fix a couple of issues with a feeds (#14897) (#14903)
    • When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
    • Fix race in local storage (#14888) (#14901)
    • Fix 500 on pull view page if user is not loged in (#14885) (#14886)
  • DOCS
    • Fix how lfs data path is set (#14855) (#14884)

1.13.3 - 2021-03-04

  • BREAKING
    • Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
  • BUGFIXES
    • Fix paging of file commit logs (#14831) (#14879)
    • Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
    • Fix display since time round (#14226) (#14873)
    • When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
    • Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
    • Fix a couple of CommentAsPatch issues. (#14804) (#14820)
    • Disable broken OAuth2 providers at startup (#14802) (#14811)
    • Repo Transfer permission checks (#14792) (#14794)
    • Fix double alert in oauth2 application edit view (#14764) (#14768)
    • Fix broken spans in diffs (#14678) (#14683)
    • Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
    • HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
    • Do not assume all 40 char strings are SHA1s (#14624) (#14648)
    • Allow org labels to be set with issue templates (#14593) (#14647)
    • Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
    • Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
    • Fix GPG key deletion during account deletion (#14561) (#14569)

1.13.2 - 2021-01-31

  • SECURITY
    • Prevent panic on fuzzer provided string (#14405) (#14409)
    • Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
  • API
    • If release publisher is deleted use ghost user (#14375)
  • BUGFIXES
    • Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
    • Set the name Mapper in migrations (#14526) (#14529)
    • Fix wiki preview (#14515)
    • Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
    • ChangeUserName: rename user files back on DB issue (#14447)
    • Fix lfs preview bug (#14428) (#14433)
    • Ensure timeout error is shown on u2f timeout (#14417) (#14431)
    • Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
    • Use path not filepath in routers/editor (#14390) (#14396)
    • Check if label template exist first (#14384) (#14389)
    • Fix migration v141 (#14387) (#14388)
    • Use Request.URL.RequestURI() for fcgi (#14347)
    • Use ServerError provided by Context (#14333) (#14345)
    • Fix edit-label form init (#14337)
    • Fix mailIssueCommentBatch for pull request (#14252) (#14296)
    • Render links for commit hashes followed by comma (#14224) (#14227)
    • Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
    • Fix avatar bugs (#14217) (#14220)
    • Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
    • Fix dashboard issues labels filter bug (#14210) (#14214)
    • When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
    • Fix branch selector on new issue page (#14194) (#14207)
    • Check for notExist on profile repository page (#14197) (#14203)

1.13.1 - 2020-12-29

  • SECURITY
    • Hide private participation in Orgs (#13994) (#14031)
    • Fix escaping issue in diff (#14153) (#14154)
  • BUGFIXES
    • Fix bug of link query order on markdown render (#14156) (#14171)
    • Drop long repo topics during migration (#14152) (#14155)
    • Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143)
    • Fix storage config implementation (#14091) (#14095)
    • Fix panic in BasicAuthDecode (#14046) (#14048)
    • Always wait for the cmd to finish (#14006) (#14039)
    • Don't use simpleMDE editor on mobile devices for 1.13 (#14029)
    • Fix incorrect review comment diffs (#14002) (#14011)
    • Trim the branch prefix from action.GetBranch (#13981) (#13986)
    • Ensure template renderer is available before storage handler (#13164) (#13982)
    • Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)
    • Enforce setting HEAD in wiki to master (#13950) (#13961)
    • Fix feishu webhook caused by API changed (#13938)
    • Fix Quote Reply button on review diff (#13830) (#13898)
    • Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896)
    • Fix mermaid chart size (#13865)
    • Fix branch/tag notifications in mirror sync (#13855) (#13862)
    • Fix crash in short link processor (#13839) (#13841)
    • Update font stack to bootstrap's latest (#13834) (#13837)
    • Make sure email recipients can see issue (#13820) (#13827)
    • Reply button is not removed when deleting a code review comment (#13824)
    • When reinitialising DBConfig reset the database use flags (#13796) (#13811)
  • ENHANCEMENTS
    • Add emoji in label to project boards (#13978) (#14021)
    • Send webhook when tag is removed via Web UI (#14015) (#14019)
    • Use Process Manager to create own Context (#13792) (#13793)
  • API
    • GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047)
    • Return original URL of Repositories (#13885) (#13886)

1.13.0 - 2020-12-01

  • SECURITY
    • Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
    • Prevent git operations for inactive users (#13527) (#13536)
    • Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
    • Mitigate Security vulnerability in the git hook feature (#13058)
    • Disable DSA ssh keys by default (#13056)
    • Set TLS minimum version to 1.2 (#12689)
    • Use argon as default password hash algorithm (#12688)
  • BREAKING
    • Set RUN_MODE prod by default (#13765) (#13767)
    • Don't replace underscores in auto-generated IDs in goldmark (#12805)
    • Add Primary Key to Topic and RepoTopic tables (#12639)
    • Disable password complexity check default (#12557)
    • Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500)
    • Add extension Support to Attachments (allow all types for releases) (#12465)
    • Remove IE11 Support (#11470)
  • FEATURES
    • Adopt repositories (#12920)
    • Check passwords against HaveIBeenPwned (#12716)
    • Gitea 2 Gitea migration (#12657)
    • Support storing Avatars in minio (#12516)
    • Allow addition of gpg keyring with multiple keys (#12487)
    • Add email notify for new release (#12463)
    • Add Access-Control-Expose-Headers (#12446)
    • UserProfile Page: Render Description (#12415)
    • Add command to recreate tables (#12407)
    • Add mermaid JS renderer (#12334)
    • Add ssh certificate support (#12281)
    • Add spent time to referenced issue in commit message (#12220)
    • Initial support for push options (#12169)
    • Provide option to unlink a fork (#11858)
    • Show exact tag for commit on diff view (#11846)
    • Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777)
    • Issue templates directory (#11450)
    • Add a storage layer for attachments (#11387)
    • Add hide activity option (#11353)
    • Add push commits history comment on PR time-line (#11167)
    • Support elastic search for code search (#10273)
    • Kanban board (#8346)
  • API
    • If User is Admin, show 500 error message on PROD mode too (#13115)
    • Add Timestamp to Tag list API (#13026)
    • Return sample message for login error in api context (#12994)
    • Add IsTemplate option in create repo ui and api (#12942)
    • GetReleaseByID return 404 if not found (#12933)
    • Get release by tags endpoint (#12932)
    • NotificationSubject show Issue/Pull State (#12901)
    • Expose its limitation settings (#12714)
    • Add Created & Updated to Milestone (#12662)
    • Milestone endpoints accept names too (#12649)
    • Expose Attachment Settings in the API (#12514)
    • Add Issue and Repo info to StopWatch (#12458)
    • Add cron running API (#12421)
    • Add Update Pull HeadBranch Function (#12419)
    • Add TOTP header to Swagger Documentation (#12402)
    • Delete Token accept names too (#12366)
    • Add name filter for GetMilestoneList (#12336)
    • Fixed count of filtered issues when api request. (#12275)
    • Do not override API issue pagination with UI settings (#12068)
    • Expose useful General Repo settings settings (#11758)
    • Return error when trying to create Mirrors but Mirrors are globally disabled (#11757)
    • Provide diff and patch API endpoints (#11751)
    • Allow to create closed milestones (#11745)
    • Add language Statistics endpoint (#11737)
    • Add Endpoint to get GetGeneralUI Settings (#11735) & (#11854)
    • Issue/Pull expose IsLocked Property on API (#11708)
    • Add endpoint for Branch Creation (#11607)
    • Add pagination headers on endpoints that support total count from database (#11145)
  • BUGFIXES
    • Fix bogus http requests on diffs (#13760) (#13761)
    • Show 'owner' tag for real owner (#13689) (#13743)
    • Validate email before inserting/updating (#13475) (#13666)
    • Fix issue/pull request list assignee filter (#13647) (#13651)
    • Gitlab migration support for subdirectories (#13563) (#13591)
    • Fix logic for preferred license setting (#13550) (#13557)
    • Add missed sync branch/tag webhook (#13538) (#13556)
    • Migration won't fail on non-migrated reactions (#13507)
    • Fix Italian language file parsing error (#13156)
    • Show outdated comments in pull request (#13148) (#13162)
    • Fix parsing of pre-release git version (#13169) (#13172)
    • Fix diff skipping lines (#13154) (#13155)
    • When handling errors in storageHandler check underlying error (#13178) (#13193)
    • Fix size and clickable area on file table back link (#13205) (#13207)
    • Add better error checking for inline html diff code (#13251)
    • Fix initial commit page & binary munching problem (#13249) (#13258)
    • Fix migrations from remote Gitea instances when configuration not set (#13229) (#13273)
    • Store task errors following migrations and display them (#13246) (#13287)
    • Fix bug isEnd detection on getIssues/getPullRequests (#13299) (#13301)
    • When the git ref is unable to be found return broken pr (#13218) (#13303)
    • Ensure topics added using the API are added to the repository (#13285) (#13302)
    • Fix avatar autogeneration (#13233) (#13282)
    • Add migrated pulls to pull request task queue (#13331) (#13334)
    • Issue comment reactions should also check pull type on API (#13349) (#13350)
    • Fix links to repositories in /user/setting/repos (#13360) (#13362)
    • Remove obsolete change of email on profile page (#13341) (#13347)
    • Fix scrolling to resolved comment anchors (#13343) (#13371)
    • Storage configuration support [storage] (#13314) (#13379)
    • When creating line diffs do not split within an html entity (#13357) (#13375) (#13425) (#13427)
    • Fix reactions on code comments (#13390) (#13401)
    • Add missing full names when DEFAULT_SHOW_FULL_NAME is enabled (#13424)
    • Replies to outdated code comments should also be outdated (#13217) (#13433)
    • Fix panic bug in handling multiple references in commit (#13486) (#13487)
    • Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13491)
    • Show original author's reviews on pull summary box (#13127)
    • Update golangci-lint to version 1.31.0 (#13102)
    • Fix line break for MS teams webhook (#13081)
    • Fix Issue & Pull Request comment headers on mobile (#13039)
    • Avoid setting the CONN_STR in queues unless it is meant to be set (#13025)
    • Remove code-view class from diff view (#13011)
    • Fix the color of PR comment hyperlinks. (#13009)
    • (Re)Load issue labels when changing them (#13007)
    • Fix Media links in org files not liked to media files (#12997)
    • Always return a list from GetCommitsFromIDs (#12981)
    • Only set the user password if the password field would have been shown (#12980)
    • Fix admin/config page (#12979)
    • Changed width of commit signature avatar (#12961)
    • Completely quote AppPath and CustomConf paths (#12955)
    • Fix handling of migration errors (#12928)
    • Fix anonymous GL migration (#12862)
    • Fix git open close bug (#12834)
    • Fix markdown meta parsing (#12817)
    • Add default storage configurations (#12813)
    • Show PR settings on empty repos (#12808)
    • Disable watch and star if not signed in (#12807)
    • Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804)
    • Set opengraph attributes on org pages (#12803)
    • Return error when creating gitlabdownloader failed (#12790)
    • Add migration for password algorithm change (#12784)
    • Compare SSH_DOMAIN when parsing submodule URLs (#12753)
    • Fix editor.commit_empty_file_text locale string (#12744)
    • Fix wrong poster message for code comment on Pull view (#11721)
    • Escape failed highlighted files (#12685)
    • Ensure that all migration requests are cancellable (#12669)
    • Ensure RepoPath is lowercased in gitea serv (#12668)
    • Do not disable commit changes button on repost (#12644)
    • Dark theme for line numbers in blame view (#12632)
    • Fix message when deleting last owner from an organization (#12628)
    • Use shellquote to unpack arguments to gitea serv (#12624)
    • Fix signing.wont_sign.%!s() if Require Signing commits but not signed in. (#12581)
    • Set utf8mb4 as the default charset on MySQL if CHARSET is unset (#12563)
    • Set context for running CreateArchive to that of the request (#12555)
    • Prevent redirect back to /user/events (#12462)
    • Re-attempt to delete temporary upload if the file is locked by another process (#12447)
    • Mirror System Notice reports are too frequent (#12438)
    • Do not show arrows on comment diffs on pull comment pages (#12434)
    • Fix milestone links (#12405)
    • Increase size of the language column in language_stat (#12396)
    • Use transaction in V102 migration (#12395)
    • Only use --exclude on name-rev with git >= 2.13 (#12347)
    • Add action feed for new release (#12324)
    • Set NoAutoTime when updating is_archived (#12266)
    • Support Force-update in Mirror and improve Tracing in mirror (#12242)
    • Avoid sending "0 new commits" webhooks (#12212)
    • Fix U2F button icon (#12167)
    • models/repo_sign.go: break out of loops (#12159)
    • Ensure that git commit tree continues properly over the page (#12142)
    • Rewrite GitGraph.js (#12137)
    • Fix repo API listing stability (#12057)
    • Add team support for review request (#12039)
    • Fix 500 error on repos with no tags (#11870)
    • Fix nil pointer in default issue mail template (#11862)
    • Fix commit search in all branches (#11849)
    • Don't consider tag refs as valid for branch name (#11847)
    • Don't add same line code comment box twice (#11837)
    • Fix visibility of forked public repos from private orgs (#11717)
    • Fix chardet test and add ordering option (#11621)
    • Fix number of files, total additions, and deletions on Diff pages (#11614)
    • Properly handle and return empty string for dangling commits in GetBranchName (#11587)
    • Include query in sign in redirect (#11579)
    • Fix Enter not working in SimpleMDE (#11564)
    • Fix bug about can't skip commits base on base branch (#11555)
  • ENHANCEMENTS
    • Only Return JSON for responses (#13511) (#13565)
    • Use existing analyzer module for language detection for highlighting (#13522) (#13551)
    • Return the full rejection message and errors in flash errors (#13221) (#13237)
    • Remove PAM from auth dropdown when unavailable (#13276) (#13281)
    • Add HostCertificate to sshd_config in Docker image (#13143)
    • Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
    • Improve error feedback for duplicate deploy keys (#13112)
    • Set appropriate autocomplete attributes on password fields (#13078)
    • Adding visual cue for "Limited" & "Private" organizations. (#13040)
    • Fix Pull Request merge buttons on mobile (#13035)
    • Gitea serv, hooks, manager and the like should always display Fatals (#13032)
    • CSS tweaks to warning/error segments and misc fixes (#13024)
    • Fix formatting of branches ahead-behind on narrow windows (#12989)
    • Add config option to make create-on-push repositories public by default (#12936)
    • Disable migration items when mirror is selected (#12918)
    • Add the checkbox quick button to the comment tool bar also (#12885)
    • Support GH enterprise (#12863)
    • Simplify CheckUnitUser logic (#12854)
    • Fix background of signed-commits on arc-green of timeline commits (#12837)
    • Move git update-server-info to hooks (#12826)
    • Add ui style for "Open a blank issue" button (#12824)
    • Use a simple format for the big number on ui (#12822)
    • Make SVG size argument optional (#12814)
    • Add placeholder text for bio profile text form (#12792)
    • Set language via AJAX (#12785)
    • Show git-pull-request icon for closed pull request (#12742)
    • Migrate version parsing library to hashicorp/go-version (#12719)
    • Only use async pre-empt hack if go < 1.15 (#12718)
    • Inform user about meaning of an hourglass on reviews (#12713)
    • Add a migrate service type switch page (#12697)
    • Migrations: Gitlab Add Reactions Support for Issues & MergeRequests (#12695)
    • Remove duplicate logic in initListSubmits (#12660)
    • Set avatar image dimensions (#12654)
    • Rename models.ProtectedBranchRepoID/PRID to models.EnvRepoID/PRID and ensure EnvPusherEmail is set (#12646)
    • Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752)
    • Add postgres schema to the search_path on database connection (#12634)
    • Git migration UX improvements (#12619)
    • Add link to home page on swagger ui (#12601)
    • hCaptcha Support (#12594)
    • OpenGraph: use repo avatar if exist (#12586)
    • Reaction picker display improvements (#12576)
    • Fix emoji replacements, make emoji images consistent (#12567)
    • Increase clickable area on files table links (#12553)
    • Set z-index for sticky diff box lower (#12537)
    • Report error if API merge is not allowed (#12528)
    • LFS support to be stored on minio (#12518)
    • Show 2FA info on Admin Pannel: Users List (#12515)
    • Milestone Issue/Pull List: Add octicons type (#12499)
    • Make dashboard newsfeed list length a configurable item (#12469)
    • Add placeholder text for send testing email button in admin/config (#12452)
    • Add SVG favicon (#12437)
    • In issue comments, put issue participants also in completion list when hitting @ (#12433)
    • Collapse Swagger UI tags by default (#12428)
    • Detect full references to issues and pulls in commit messages (#12399)
    • Allow common redis and leveldb connections (#12385)
    • Don't use legacy method to send Matrix Webhook (#12348)
    • Remove padding/border-radius on image diffs (#12346)
    • Render the git graph on the server (#12333)
    • Fix clone panel in wiki position not always align right (#12326)
    • Rework 'make generate-images' (#12316)
    • Refactor webhook payload convertion (#12310)
    • Move jquery-minicolors to npm/webpack (#12305)
    • Support use nvarchar for all varchar columns when using mssql (#12269)
    • Update Octicons to v10 (#12240)
    • Disable search box autofocus (#12229)
    • Replace code fold icons with octicons (#12222)
    • Ensure syntax highlighting is the same inside diffs (#12205)
    • Auto-init repo on license, .gitignore select (#12202)
    • Default to showing closed Issues/PR list when there are only closed issues/PRs (#12200)
    • Enable cloning via Git Wire Protocol v2 over HTTP (#12170)
    • Direct SVG rendering (#12157)
    • Improve arc-green code colors (#12111)
    • Allow admin to merge pr with protected file changes (#12078)
    • Show description on individual milestone view (#12055)
    • Update the wiki repository remote origin while update the mirror repository's Clone From URL (#12053)
    • Server-side syntax highlighting for all code (#12047)
    • Use Fomantic's fluid padded for blame full width (#12023)
    • Use custom SVGs for commit signing lock icon (#12017)
    • Make tabs smaller (#12003)
    • Fix sticky diff stats container (#12002)
    • Move fomantic and jQuery to main webpack bundle (#11997)
    • Use enry language type to detect special languages (#11974)
    • Use only first line of commit when creating referenced comment (#11960)
    • Rename custom/conf/app.ini.sample to custom/conf/app.example.ini for better syntax light on editor (#11926)
    • Fix double divider on issue sidebar (#11919)
    • Shorten markdown heading anchors links (#11903)
    • Add org avatar on top of internal repo icon (#11895)
    • Use label to describe repository type (#11891)
    • Make repository size unclickable on repo summary bar (#11887)
    • Rework blame template and styling (#11885)
    • Fix icon alignment for show/hide outdated link on resolved conversation (#11881)
    • Vertically align review icons on repository sidebar (#11880)
    • Better align items using flex within review request box (#11879)
    • Only write to global gitconfig if necessary (#11876)
    • Disable all typographic replacements in markdown renderer (#11871)
    • Improve label edit buttons labels (#11841)
    • Use crispEdges rendering for octicon-internal-repo (#11801)
    • Show update branch item in merge box when it's necessary (#11761)
    • Add compare link to releases (#11752)
    • Allow site admin to disable mirrors (#11740)
    • Export monaco editor on window.codeEditors (#11739)
    • Add configurable Trust Models (#11712)
    • Show full GPG commit status on PR commit history (#11702)
    • Fix align issues and decrease avatar size on PR timeline (#11689)
    • Replace jquery-datetimepicker with native date input (#11684)
    • Change Style of Tags on Comments (#11668)
    • Fix missing styling for shabox on PR commit history (#11625)
    • Apply padding to approval icons on PR list (#11622)
    • Fix message wrapping on PR commit list (#11616)
    • Right-align status icon on pull request commit history (#11594)
    • Add missing padding for multi-commit list on PR view (#11593)
    • Do not show avatar for "{{user}} added X commits" (#11591)
    • Fix styling and padding for commit list on PR view (#11588)
    • Style code review comment for arc-green (#11572)
    • Use default commit message for wiki edits (#11550)
    • Add internal-repo octicon for public repos of private org (#11529)
    • Fix dropzone color on arc-green (#11514)
    • Insert ui divider directly in templates instead of from inside heatmap vue component (#11508)
    • Move tributejs to npm/webpack (#11497)
    • Fix text-transform on wiki revisions page (#11486)
    • Do not show lock icon on repo list for public repos in private org (#11445)
    • Include LFS when calculating repo size (#11060)
    • Add check for LDAP group membership (#10869)
    • When starting new stopwatch stop previous if it is still running (#10533)
    • Add queue for code indexer (#10332)
    • Move all push update operations to a queue (#10133)
    • Cache last commit when pushing for big repository (#10109)
    • Change/remove a branch of an open issue (#9080)
    • Sortable Tables Header By Click (#7980)
  • TESTING
    • Use community codecov drone plugin (#12468)
    • Add more tests for diff highlighting (#12467)
    • Don't put integration test data outside of test folder (#11746)
    • Add debug option to hooks (#11624)
    • Log slow tests (#11487)
  • TRANSLATION
    • Translate two small lables on commit statuse list (#12821)
    • Make issues.force_push_codes message shorter (#11575)
  • BUILD
    • Bump min required golang to 1.13 (#12717)
    • Add 'make watch' (#12636)
    • Extract Swagger CSS to its own file (#12616)
    • Update eslint config (#12609)
    • Avoid unnecessary system-ui expansion (#12522)
    • Make the default PID file compile-time settable (#12485)
    • Add 'watch-backend' (#12330)
    • Detect version of sed in Makefile (#12319)
    • Update gitea-vet to v0.2.1 (#12282)
    • Add logic to build stable and edge builds for gitea snap (#12052)
    • Fix missing CGO_EXTRA_FLAGS build arg for docker (#11782)
    • Alpine 3.12 (#11720)
    • Enable stylelint's shorthand-property-no-redundant-values (#11436)
  • DOCS
    • Change default log configuration (#13088)
    • Add automatic JS license generation (#11810)
    • Remove page size limit comment from swagger (#11806)
    • Narrow down Edge version in browser support docs (#11640)

1.12.5 - 2020-10-01

  • BUGFIXES
    • Allow U2F with default settings for gitea in subpath (#12990) (#13001)
    • Prevent empty div when editing comment (#12404) (#12991)
    • On mirror update also update address in DB (#12964) (#12967)
    • Allow extended config on cron settings (#12939) (#12943)
    • Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
    • Fix internal server error from ListUserOrgs API (#12910) (#12915)
    • Update only the repository columns that need updating (#12900) (#12912)
    • Fix panic when adding long comment (#12892) (#12894)
    • Add size limit for content of comment on action ui (#12881) (#12890)
    • Convert User expose ID each time (#12855) (#12883)
    • Support slashes in release tags (#12864) (#12882)
    • Add missing information to CreateRepo API endpoint (#12848) (#12867)
    • On Migration respect old DefaultBranch (#12843) (#12858)
    • Fix notifications page links (#12838) (#12853)
    • Stop cloning unnecessarily on PR update (#12839) (#12852)
    • Escape more things that are passed through str2html (#12622) (#12850)
    • Remove double escape on labels addition in comments (#12809) (#12810)
    • Fix "only mail on mention" bug (#12775) (#12789)
    • Fix yet another bug with diff file names (#12771) (#12776)
    • RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
    • Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
  • ENHANCEMENTS
    • gitea dump: include version & Check InstallLock (#12760) (#12762)

1.12.4 - 2020-09-02

  • SECURITY
    • Escape provider name in oauth2 provider redirect (#12648) (#12650)
    • Escape Email on password reset page (#12610) (#12612)
    • When reading expired sessions - expire them (#12686) (#12690)
  • ENHANCEMENTS
    • StaticRootPath configurable at compile time (#12371) (#12652)
  • BUGFIXES
    • Fix to show an issue that is related to a deleted issue (#12651) (#12692)
    • Expire time acknowledged for cache (#12605) (#12611)
    • Fix diff path unquoting (#12554) (#12575)
    • Improve HTML escaping helper (#12562)
    • models: break out of loop (#12386) (#12561)
    • Default empty merger list to those with write permissions (#12535) (#12560)
    • Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
    • Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
    • Remove hardcoded ES indexername (#12521) (#12526)
    • Fix bug preventing transfer to private organization (#12497) (#12501)
    • Keys should not verify revoked email addresses (#12486) (#12495)
    • Do not add prefix on http/https submodule links (#12477) (#12479)
    • Fix ignored login on compare (#12476) (#12478)
    • Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
    • Upgrade google/go-github to v32.1.0 (#12361) (#12390)
    • Render emoji's of Commit message on feed-page (#12373)
    • Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

1.12.3 - 2020-07-28

  • BUGFIXES
    • Don't change creation date when updating Release (#12343) (#12351)
    • Show 404 page when release not found (#12328) (#12332)
    • Fix emoji detection in certain cases (#12320) (#12327)
    • Reduce emoji size (#12317) (#12327)
    • Fix double-indirection bug in logging IDs (#12294) (#12308)
    • Link to pull list page on sidebar when view pr (#12256) (#12263)
    • Extend Notifications API and return pinned notifications by default (#12164) (#12232)

1.12.2 - 2020-07-11

  • BUGFIXES
    • When deleting repository decrese user repository count in cache (#11954) (#12188)
    • Return full commit message instead of summary in commits API (#12186) (#12187)
    • Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182)
    • Ensure GPG Subkeys are verified (#12155) (#12168)
    • Fix failing to cache last commit with key being to long (#12151) (#12161)
    • Multiple small admin dashboard fixes (#12153) (#12156)
    • Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148)
    • Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147)
    • Move EventSource to SharedWorker (#12095) (#12130)
    • Fix ui bug in wiki commit page (#12089) (#12125)
    • Fix gitgraph branch continues after merge (#12044) (#12105)
    • Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
    • Ensure BlameReaders close at end of request (#12102) (#12103)
    • Fix panic when adding review comment (#12058)
  • ENHANCEMENTS
    • Disable dropzone's timeout for file uploads (#12024) (#12032)

1.12.1 - 2020-06-21

  • BUGFIXES
    • Handle multiple merges in gitgraph.js (#11996) (#12000)
    • Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
    • For language detection do not try to analyze big files by content (#11971) (#11975)
  • ENHANCEMENTS
    • Fix scrollable header on dropdowns (#11893) (#11965)

1.11.8 - 2020-06-21

  • BUGFIXES
    • Really fix webpack_public_path for 1.11 (#11961)

1.12.0 - 2020-06-17

  • BREAKING
    • When using API CreateRelease set created_unix to the tag commit time (#11218)
    • Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162)
    • Fix sanitizer config - multiple rules (#11133)
    • Remove check on username when using AccessToken authentication for the API (#11015)
    • Return 404 from Contents API when items don't exist (#10323)
    • Notification API should always return a JSON object with the current count of notifications (#10059)
    • Remove migration support from versions earlier than 1.6.0 (#10026)
  • SECURITY
    • Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)
  • FEATURES
    • Improve config logging when WrappedQueue times out (#11174)
    • Add branch delete to API (#11112)
    • Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047)
    • Add a way to mark Conversation (code comment) resolved (#11037)
    • Handle yaml frontmatter in markdown (#11016)
    • Cache PullRequest Divergence (#10914)
    • Make gitea admin auth list formatting configurable (#10844)
    • Add Matrix webhook (#10831)
    • Add Organization Wide Labels (#10814)
    • Allow to set protected file patterns for files that can not be changed under no conditions (#10806)
    • Option to set default branch at repository creation (#10803)
    • Add request review from specific reviewers feature in pull request (#10756)
    • Add NextCloud oauth (#10562)
    • System-wide webhooks (#10546)
    • Relax sanitization as per https://github.com/jch/html-pipeline (#10527)
    • Use media links for img in post-process (#10515)
    • Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
    • Render READMEs in docs/ .gitea or .github from root (#10361)
    • Add feishu webhook support (#10229)
    • Cache last commit to accelerate the repository directory page visit (#10069)
    • Implement basic app.ini and path checks to doctor cmd (#10064)
    • Make WorkerPools and Queues flushable (#10001)
    • Implement "embedded" command to extract static resources (#9982)
    • Add API endpoint for repo transfer (#9947)
    • Make archive prefixing configurable with a global setting (#9943)
    • Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
    • Issue/PR Context Popups (#9822)
    • Add "Update Branch" button to Pull Requests (#9784)
    • Add require signed commit for protected branch (#9708)
    • Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
    • Add API notification endpoints (#9488)
    • Issue search support elasticsearch (#9428)
    • Add API branch protection endpoint (#9311)
    • Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
    • Add support for migrating from Gitlab (#9084)
    • Add support for database schema in PostgreSQL (#8819)
    • Add setting to set default and global disabled repository units. (#8788)
    • Language statistics bar for repositories (#8037)
    • Restricted users (#6274)
  • BUGFIXES
    • Fix commenting on non-utf8 encoded files (#11916) (#11950)
    • Use google/uuid to instead satori/go.uuid (#11943) (#11946)
    • Align show/hide outdated button on code review block (#11932) (#11944)
    • Update to go-git v5.1.0 (#11936) (#11941)
    • Use ID or Where to instead directly use Get when load object from database (#11925) (#11934)
    • Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915)
    • Invalidate comments when file is shortened (#11882) (#11884)
    • Rework api/user/repos for pagination (#11827) (#11877)
    • Handle more pathological branch and tag names (#11843) (#11863)
    • Add doctor check to set IsArchived false if it is null (partial #11853) (#11859)
    • Prevent panic on empty HOST for mysql (#11850) (#11856)
    • Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836)
    • Fix reply octicon (#11821) (#11822)
    • Honor DEFAULT_PAGING_NUM for API (#11805) (#11813)
    • Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809)
    • In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
    • Fix doer of rename repo (#11789) (#11794)
    • Initialize SimpleMDE when making a code comment (#11749) (#11785)
    • Fix timezone on issue deadline (#11697) (#11784)
    • Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
    • Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
    • Add missing templates for Matrix system webhooks (#11729) (#11748)
    • Fix verification of subkeys of default gpg key (#11713) (#11747)
    • Fix styling for commiter on diff view (#11715) (#11744)
    • Properly truncate system notices (#11714) (#11742)
    • Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
    • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
    • Doctor check & fix db consistency (#11111) (#11676)
    • Exclude generated files from language statistics (#11653) (#11670)
    • Return json on 500 error from API (#11574) (#11659)
    • When must change password only show Signout (#11600) (#11637)
    • Backport various styling fixes (#11619)
    • Fix wrong milestone in webhook message (#11596) (#11611)
    • Fix serviceworker output file and misc improvements (#11562) (#11610)
    • When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
    • Prevent empty query parameter being set on dashboard (#11561) (#11604)
    • Fix images in wiki edit preview (#11546) (#11602)
    • Prevent (caught) panic on login (#11590) (#11597)
    • Prevent transferring repos to invisible orgs (#11517) (#11549)
    • Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
    • API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
    • Fix repo-list private and total count bugs (#11500) (#11532)
    • Fix form action template substitutions on admin pages (backport #11519) (#11531)
    • Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
    • TrimSpace when reading InternalToken from a file (#11502) (#11524)
    • Fix selected line color in arc-green (#11492) (#11520)
    • Make localstorage read ssh or https correctly (#11483) (#11490)
    • Check branch protection on IsUserAllowedToUpdate (#11448)
    • Fix margin on attached segment headers when they are separated by other element (#11425)
    • Fix webhook template when validation errors occur (#11421)
    • Fix NPE in template due to missing signing key on commit page (#11392)
    • Restore active background to Register button on Register page (#11390)
    • Fix hook failure due to relative LFS_CONTENT_PATH (#11362)
    • Correctly set the organization num repos (#11339)
    • Prevent 500 with badly formed task list (#11328)
    • Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327)
    • Handle panics that percolate up to the graceful module (#11291)
    • Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248)
    • Patch fomantic-ui to workaround build issue (#11244)
    • Prevent panic during wrappedConn close at hammertime (#11219)
    • On logout force redirect to start page (#11202)
    • Fix creation of Organization repos by Users with max created personal repos (#11183)
    • Add option to increase provided OAuth2 token maximum size (#11180)
    • Log the indexer path on failure (#11172)
    • Ensure that relative paths in edit preview work (#11143)
    • Make API EditIssue and EditPullRequest issue notifications (#11123)
    • Send 404 immediately for known public requests (#11117)
    • Remove nil inserts in models (#11096)
    • Add GetReviews() to RetryDownloader (#11093)
    • Remove nonexistent serviceworker entries (#11091)
    • Simplify and fix GetApprovalCounts (#11086)
    • Fix wiki revision template and simplify some tmpl conditions (#11080)
    • Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067)
    • Align review-item svg octicons (#11065)
    • Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
    • Users should not be able to prohibit their own login (#10970)
    • Fix scrollbar issues in dropdowns (#10897)
    • Change the order of issues.closed_by to list opening user first (#10876)
    • Allow site admin to check /api/v1/orgs endpoints (#10867)
    • Avoid logging []byte in queue failures - convert to string first (#10865)
    • Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
    • Fix assignees double load bug (#10856)
    • Handle push rejection in branch and upload (#10854)
    • In authorized_keys use double-quote for windows compatibility (#10841)
    • Fix milestone template (#10824)
    • log.Fatal on failure to listen to SSH port (#10795)
    • Fix forked repo has no icon and language stat. (#10791)
    • Fix tag/release deletion (#10663)
    • Fix webhook migration (#10641)
    • Migration for deleting orphaned dependencies (#10617)
    • Add migration to fix the old broken merge-bases (#10604)
    • Update templates for Go 1.14 (#10596)
    • Remove unnecessary parentheses in wiki/view template (#10583)
    • Change default value of DefaultCommandExecutionTimeout to match docs (#10581)
    • Handle panic in indexer initialisation better (#10534)
    • Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456)
    • Fixed wrong AppSubUrl in multiple templates (#10447)
    • Fix profile page CSS (#10406)
    • Inject SVG sprite via ajax (#10320)
    • Fix migration information update bug when linked github account (#10310)
    • Allow admin to check org membership by API for other users (#10201)
    • Fix topics dropdown (#10167)
    • Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
    • Fix IsErrPullClosed (#10093)
    • Accept punctuation after simple+cross repository issue references (#10091)
    • On merge of already closed PR redirect back to the pulls page (#10010)
    • Fix crowdin update script (#9969)
    • Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927)
    • Add option to prevent LDAP from deactivating everything on empty search (#9879)
    • Fix admin handling at merge of PR (#9749)
    • err_admin_name_pattern_not_allowed String Clarification (#9731)
    • Fix wrong original git service type on a migrated repository (#9693)
    • Fix ref links in issue overviews for tags (#8742)
  • ENHANCEMENTS
    • Fix search form button overlap (#11840) (#11864)
    • Make tabular menu styling consistent for arc-green (#11570) (#11798)
    • Add option to API to update PullRequest base branch (#11666) (#11796)
    • Increase maximum SQLite variables count to 32766 (#11696) (#11783)
    • Update emoji dataset with skin tone variants (#11678) (#11763)
    • Add logging to long migrations (#11647) (#11691)
    • Change language statistics to save size instead of percentage (#11681) (#11690)
    • Allow different HardBreaks settings for documents and comments (#11515) (#11599)
    • Fix alignment for commits on dashboard (#11595) (#11680)
    • Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673)
    • Handle expected errors in AddGPGkey API (#11644) (#11661)
    • Close EventSource before unloading the page (#11539) (#11557)
    • Ensure emoji render with regular font-weight (#11541) (#11545)
    • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542)
    • Tweak reaction buttons (#11516)
    • Use more toned colors for selected line (#11493) (#11511)
    • Increase width for authors on commit view (#11441)
    • Hide archived repos by default in repo-list (#11440)
    • Better styling for code review comment textarea (#11428)
    • Support view individual commit for wiki pages (#11415)
    • Fix yellow background on active elements in code review (#11414)
    • Better styling for code review comment form (#11413)
    • Change install description on homepage (#11395)
    • Ensure search action button is coalesced to adjacent input (#11385)
    • Switch code editor to Monaco (#11366)
    • Add paging and archive/private repository filtering to dashboard list (#11321)
    • Changed image of openid-connect logo for better look on arc-green theme (#11312)
    • Load Repo Topics on blame view too (#11307)
    • Change the style in admin notice content view from <p> to <pre> (#11301)
    • Allow log.xxx.default to set logging settings for the default logger only (#11292)
    • Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285)
    • Make sendmail a Process and have default timeout (#11256)
    • Check value of skip-repository flag in dump command (#11254)
    • Fix submit review form (#11252)
    • Allow unauthenticated users to compare (#11240)
    • Add EventSource support (#11235)
    • Refactor Milestone related (#11225)
    • Add pull review API endpoints (#11224)
    • Add a 'this' to issue close/reopened messages (#11204)
    • When migrating from Gitlab map Approvals to approving Reviews (#11147)
    • Improve representation of attachments in issues (#11141)
    • Protect default branch against deletion (#11115)
    • Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113)
    • Fix status label on branches list vertical alignment (#11109)
    • Add single release page and latest redirect (#11102)
    • Add missing commit states to PR checks template (#11085)
    • Change icon on title for merged PR to git-merge (#11064)
    • Add MergePull comment type instead of close for merge PR (#11058)
    • Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055)
    • Consolidate author name across timeline (#11053)
    • Refactor UpdateOAuth2Application (#11034)
    • Support unicode emojis and remove emojify.js (#11032)
    • Add git hook "warning" to admin panel (#11030)
    • Add flash notify for email preference setting success (#11027)
    • Remove package code.gitea.io/gitea/modules/git import out of models (#11025)
    • Match arc-green code tag color to code blocks (#11023)
    • Move syntax highlighting to web worker (#11017)
    • Prevent merge of outdated PRs on protected branches (#11012)
    • Add Get/Update for api/v1/user/applications/oauth2 (#11008)
    • Upgrade to most recent bluemonday (#11007)
    • Tweak code tags in markdown (#11000)
    • Reject duplicate AccessToken names (#10994)
    • Fix Ctrl-Enter shortcut for issues (#10986)
    • Provide OwnerName field for README template (#10981)
    • Prettify Timeline (#10972)
    • Add issue subscription check to API (#10967)
    • Use AJAX for notifications table (#10961)
    • Adjust label padding (#10957)
    • Avoiding directory execution on hook (#10954) (#10955)
    • Migrate ActivityHeatmap to Vue SFC (#10953)
    • Change merge strategy do not check write access if user in merge white list (#10951)
    • Enable GO111MODULE=on globally in Makefile (#10939)
    • API endpoint to get single commit via SHA and Ref (#10915)
    • Add accordion to release list and hide non-latest (#10910)
    • Split dashboard elements into separate template files (#10885)
    • Add more message on sidebar menus (#10872)
    • Set MySQL rowtype to dynamic for new tables (#10833)
    • Completely fix task-list checkbox styling (#10798)
    • Hide gear icon for user who can't use them on sidebar (#10750)
    • Refactor Cron and merge dashboard tasks (#10745)
    • Change review status icons on pr view style to github style (#10737)
    • Make pagination optional for API list notification endpoints (#10714)
    • Fix tab indentation in code view (#10671)
    • Fix task-list checkbox styling (#10668)
    • Multiple LFS improvements (#10667)
    • Make PR message on pushes configurable (#10664)
    • Move dropzone.js to npm/webpack (#10645)
    • Ensure Update button is enabled even when CI has failed (#10640)
    • Add restricted user filter to LDAP authentication (#10600)
    • Add Yandex OAuth2 provider (#8335) (#10564)
    • Make avatar lookup occur at image request (#10540)
    • Prevent accidential selection of language stats bar (#10537)
    • Add fluid-icon (#10491)
    • Inform participants on UI too (#10473)
    • Build with go 1.14 (and raise minimum go version to 1.12) (#10467)
    • Add max-file-size to LFS (#10463)
    • Enable paggination for ListRepoTags API (#10454)
    • Update JS dependencies (#10450)
    • Show the username as a fallback on feeds if full name is blank (#10438)
    • Various dark theme fixes (#10416)
    • Display pull request head branch even the branch deleted or repository deleted (#10413)
    • Prevent Firefox from using apple-touch-icon (#10402)
    • Fix input[type=file] on dark theme (#10382)
    • Improve mobile review-box sizing (#10297)
    • Notification: queue ui.go notification-service (#10281)
    • Add detected file language to code search (#10256)
    • Index code and stats only for non-empty repositories (#10251)
    • Add Approval Counts to pulls list (#10238)
    • Limit label list height on edit issue page (#10216)
    • Improve 404 error message (#10214)
    • Tweak locale to respect singular conflicting file message in PR list (#10177)
    • Fix commit view (#10169)
    • Reorganize frontend files and tooling (#10168)
    • Allow emoji on popup label (#10166)
    • ListIssues add filter for milestones API (#10148)
    • Show if a PR has conflicting files on the PR lists (#10130)
    • Fix inconsistent label color format in API (#10129)
    • Show download count info in release list (#10124)
    • Add Octicon SVG spritemap (#10107)
    • Update aria-fixed semantic-dropdown to fomantic master (#10096)
    • Fix apple-touch-icon, regenerate images (#10065)(#10006)
    • Style blockquote for default issue mail template (#10024)
    • More expansions in template repositories (#10021)
    • Allow list collaborators for users with Read access to repo (#9995)
    • Add explicit dimensions to navbar avatar (#9986)
    • Remove loadCSS and preload woff2 icon fonts (#9976)
    • Fix commit view JS features, reimplement folding (#9968)
    • Fix review avatar image (#9962)
    • Improve notification pager (#9821)
    • Move jquery and jquery-migrate to npm/webpack (#9813)
    • Change font to Roboto to support more charsets (#9803)
    • Move mailer to use a queue (#9789)
    • Issue search on my related repositories (#9758)
    • Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685)
    • Move tracked time api convert to convert package (#9665)
    • Improve PR info in default merge message (#9635)
    • Granular webhook events (#9626)
    • Add Reviewed-on in commit message (#9623)
    • Add top author stats to activity page (#9615)
    • Allow repo admin to merge PR regardless of review status (#9611)
    • Migrate reactions when migrating repository from github (#9599)
    • API orgEditTeam make Fields optional (#9556)
    • Move create/fork repository from models to modules/repository (#9489)
    • Migrate reviews when migrating repository from github (#9463)
    • Times API add filters (#9373)
    • Move push commits from models to modules/repository (#9370)
    • Add API endpoint to check notifications [Extend #9488] (#9595)
    • Add GET /orgs API endpoint (#9560)
    • API add/generalize pagination (#9452)
    • Make create org repo API call same as github (#9186)
  • BUILD
    • Turn off go modules for xgo and gxz (#10963)
    • Add gitea-vet (#10948)
    • Rename scripts to build and add revive command as a new build tool command (#10942)
    • Add 'make lint', restructure 'compliance' pipeline (#10861)
    • Move JS build dependencies to 'dependencies' (#10763)
    • Use whitelist to find go files, run find only once (#10594)
    • Move vue and vue-calendar-heatmap to npm/webpack (#10188)
    • Move jquery.are-you-sure to npm/webpack (#10063)
    • Move highlight.js to npm/webpack (#10011)
    • Generate Bindata if TAGS="bindata" and not up-to-date (#10004)
    • Move CSS build to webpack (#9983)
    • Move fomantic target, update 'make help' (#9945)
    • Add css extraction and minification to webpack (#9944)
    • Misc webpack tweaks (#9924)
    • Make node_modules a order-only prerequisite (#9923)
    • Update documentation for the go module era (#9751)
    • Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714)
    • Use npm to manage fomantic and only build needed components (#9561)
  • MISC
    • Add gnupg to Dockerfile (#11365)
    • Update snapcraft.yaml for core18 and latest features (#11300)
    • Update JS dependencies, min Node.js version 10.13 (#11246)
    • Change default charset for MySQL on install to utf8mb4 (#10989)
    • Return issue subscription status from API subscribe (#10966)
    • Fix queue log param (#10733)
    • Add warning when using relative path to app.ini (#10104)

1.11.7 - 2020-06-18

  • BUGFIXES
    • Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
    • Fix webpack_public_path for 1.11 (#11907)
    • Fix verification of subkeys of default gpg key (#11713) (#11902)
    • Remove unnecessary parentheses in wiki/view template (#11781)
    • Doctor fix xorm.Count nil on sqlite error (#11741)

1.11.6 - 2020-05-30

  • SECURITY
    • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
    • Use session for retrieving org teams (#11438) (#11439)
  • BUGFIXES
    • Return json on 500 error from API (#11574) (#11660)
    • Fix wrong milestone in webhook message (#11596) (#11612)
    • Prevent (caught) panic on login (#11590) (#11598)
    • Fix commit page js error (#11527)
    • Use media links for img in post-process (#10515) (#11504)
    • Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
    • Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461)
    • Allow all members of private orgs to see public repos (#11442) (#11459)
    • Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
    • Forcibly clean and destroy the session on logout (#11447) (#11451)
    • Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381)
    • Add tracked time fix to doctor (part of #11111) (#11138)
    • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
    • Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 (#11481)

1.11.5 - 2020-05-09

  • BUGFIXES
    • Prevent timer leaks in Workerpool and others (#11333) (#11340)
    • Fix tracked time issues (#11349) (#11354)
    • Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
    • Allow X in addition to x in tasks (#10979) (#11335)
    • When delete tracked time through the API return 404 not 500 (#11319) (#11326)
    • Prevent duplicate records in organizations list when creating a repository (#11303) (#11325)
    • Manage port in submodule refurl (#11305) (#11323)
    • api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
    • Show pull request selection even when unrelated branches (#11239) (#11283)
    • Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
    • Fix GetContents(): Dont't ignore Executables (#11192) (#11209)
    • Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
    • Prevent clones and pushes to disabled wiki (#11131) (#11134)
    • Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
    • On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125)
    • Refresh codemirror on show pull comment tab (#11100) (#11122)
    • Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
    • Load pr Issue Poster on API too (#11033) (#11039)
    • Fix release counter on API repository info (#10968) (#10996)
    • Generate Diff and Patch direct from Pull head (#10936) (#10938)
    • Fix rebase conflict detection in git 2.26 (#10929) (#10930)
  • ENHANCEMENT
    • Fix 404 and 500 image size in small size screen (#11043) (#11049)
    • Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)

1.11.4 - 2020-04-01

  • BUGFIXES
    • Only update merge_base if not already merged (#10909)
    • Fix milestones too many SQL variables bug (#10880) (#10904)
    • Protect against NPEs in notifications list (#10879) (#10883)
    • Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
    • Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
    • Account for empty lines in receive-hook message (#10773) (#10784)
    • Fix bug on branch API (#10767) (#10775)
    • Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
    • Fix hiding of fields in authorization source page (#10734) (#10752)
    • Prevent default for linkAction (#10742) (#10743)

1.11.3 - 2020-03-10

  • BUGFIXES
    • Prevent panic in stopwatch (#10670) (#10673)
    • Fix bug on pull view when required status check no ci result (#10648) (#10651)
    • Build explicitly with Go 1.13 (#10684)

1.11.2 - 2020-03-06

  • BREAKING
    • Various fixes in login sources (#10428) (#10429)
  • SECURITY
    • Ensure only own addresses are updated (#10397) (#10399)
    • Logout POST action (#10582) (#10585)
    • Org action fixes and form cleanup (#10512) (#10514)
    • Change action GETs to POST (#10462) (#10464)
    • Fix admin notices (#10480) (#10483)
    • Change admin dashboard to POST (#10465) (#10466)
    • Update markbates/goth (#10444) (#10445)
    • Update crypto vendors (#10385) (#10398)
  • BUGFIXES
    • Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626)
    • Handle deleted base branch in PR (#10618) (#10619)
    • Delete dependencies when deleting a repository (#10608) (#10616)
    • Ensure executable bit is kept on the web editor (#10607) (#10614)
    • Update mergebase in pr checker (#10586) (#10605)
    • Fix release attachments being deleted while upgrading (#10572) (#10573)
    • Fix redirection path if Slack webhook channel is invalid (#10566)
    • Fix head.tmpl og:image picture location (#10531) (#10556)
    • Fix 404 after activating secondary email (#10547) (#10553)
    • Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524)
    • Fix potential bugs (#10513) (#10518)
    • Use [:space:] instead of \s (#10508) (#10509)
    • Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500)
    • Handle push rejection message in Merge & Web Editor (#10373) (#10497)
    • Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493)
    • Fix double PR notification from API (#10482) (#10486)
    • Show the username as a fallback on feeds if full name is blank (#10461)
    • Trigger webhooks on issue label-change via API too (#10421) (#10439)
    • Fix git reference type in webhooks (#10427) (#10432)
    • Prevent panic on merge to PR (#10403) (#10408)
    • Fix wrong num closed issues on repository when close issue via commit… (#10364) (#10380)
    • Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354)
    • Set max-width on review-box comment box (#10348) (#10353)
    • Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344)
    • Fix protected branch status check settings (#10341) (#10343)
    • Truncate long commit message header (#10301) (#10319)
    • Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318)
    • Don't manually replace whitespace during render (#10291) (#10315)
  • ENHANCEMENT
    • Admin page for managing user e-mail activation (#10557) (#10579)

1.11.1 - 2020-02-15

  • BUGFIXES
    • Repo name added to automatically generated commit message when merging (#9997) (#10285)
    • Fix Workerpool deadlock (#10283) (#10284)
    • Divide GetIssueStats query in smaller chunks (#10176) (#10282)
    • Fix reply on code review (#10257)
    • Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
    • Fix filter label emoji width (#10241) (#10244)
    • Fix issue sidebar menus having an infinite height (#10239) (#10240)
    • Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
    • Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
    • Blacklist manifest.json & milestones user (#10292) (#10293)

1.11.0 - 2020-02-10

  • BREAKING
    • Fix followers and following tabs in profile (#10202) (#10203)
    • Make CertFile and KeyFile relative to CustomPath (#9868) (#9874)
    • Remove unused endpoints (#9538)
    • Prefix all user-generated IDs in markup (#9477)
    • Enforce Gitea environment for pushes (#8982)
    • Hide some user information via API if user have not enough permissions (#8655)
    • Move startpage/homepage translation to crowdin (#8596)
  • SECURITY
    • Never allow an empty password to validate (#9682) (#9683)
    • Prevent redirect to Host (#9678) (#9679)
    • Swagger hide search field (#9554)
    • Add "search" to reserved usernames (#9063)
    • Switch to fomantic-ui (#9374)
    • Only serve attachments when linked to issue/release and if accessible by user (#9340)
  • FEATURES
    • Webhooks should only show sender if it makes sense (#9601)
    • Provide Default messages for merges (#9393)
    • Add description to labels on create issue (#9392)
    • Graceful Queues: Issue Indexing and Tasks (#9363)
    • Default NO_REPLY_ADDRESS to DOMAIN (#9325)
    • Allow FCGI over unix sockets (#9298)
    • Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
    • Add API for Reactions (#9220)
    • Graceful: Cancel Process on monitor pages & HammerTime (#9213)
    • Graceful: Allow graceful restart for unix sockets (#9113)
    • Graceful: Allow graceful restart for fcgi (#9112)
    • Sign protected branches (#8993)
    • Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
    • Add Gitea icon to Emojis (#8950)
    • Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924)
    • Allow Custom Reactions (#8886)
    • Close/reopen issues by keywords in titles and comments (#8866)
    • Allow incompletely specified Time Formats (#8816)
    • Prevent upload (overwrite) of lfs locked file (#8769)
    • Template Repositories (#8768)
    • Add /milestones endpoint (#8733)
    • Make repository management section handle lfs locks (#8726)
    • Respect LFS File Lock on UI (#8719)
    • Add team option to grant rights for all organization repositories (#8688)
    • Enabling and disabling the commit button to prevent empty commits (web editor) (#8590)
    • Add setting to disable BASIC authentication (#8586)
    • Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528)
    • Allow Protected Branches to Whitelist Deploy Keys (#8483)
    • Push to create repo (#8419)
    • Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
    • Add basic repository lfs management (#7199)
  • BUGFIXES
    • Fix code-expansion arc-green theme bug (#10180) (#10185)
    • Prevent double wait-group decrement (#10170) (#10175)
    • Allow emoji on review head comments (#10159) (#10174)
    • Fix issue/pull link (#10158) (#10173)
    • Fix push-create SSH bugs (#10145) (#10151)
    • Prevent DeleteUser API abuse (#10125) (#10128)
    • Fix issues/pulls dashboard paging error (#10114) (#10115)
    • Add button to revert SimpleMDE to plain textarea (#10099) (#10102)
    • Fix branch page pull request title and link error (#10092) (#10097)
    • Fix PR API: Only try to get HeadBranch if HeadRepo exist (#10029) (#10088)
    • Update topics repo count when deleting repository (#10051) (#10081)
    • Show pull icon on pull requests (#10061) (#10062)
    • Fix milestone API state parameter unhandled (#10049) (#10052)
    • Move to using a temporary repo for pushing new PRs (#10009) (#10042)
    • Fix wiki raw view on sub path (#10002) (#10040)
    • Ensure that feeds are appropriately restricted (#10018) (#10019)
    • Sanitize credentials in mirror form (#9975) (#9991)
    • Close related pull requests when deleting head repository or head branch (#9927) (#9974)
    • Switch to use -f instead of -F for sendmail (#9961) (#9970)
    • Fix file rename/copy not supported by indexer (#9965) (#9967)
    • Fix repo indexer not updating upon push (#9957) (#9963)
    • Don't convert ellipsis in markdown (#9905) (#9937)
    • Fixed repo link in generated comment for cross repository dependency (#9863) (#9935)
    • Check if diff actually contains sections when rendering (#9926) (#9933)
    • Fix wrong hint when status checking is running on pull request view (#9886) (#9928)
    • Fix RocketChat (#9908) (#9921)
    • Do not try to recreate ldap user if they are already created (#9900) (#9919)
    • Create terminated channel in queue_redis (#9910) (#9911)
    • Prevent empty LDAP search result from deactivating all users (#9879) (#9896)
    • Fix wrong permissions check when issues/prs shared operations (#9885) (#9889)
    • Check user != nil before checking values (#9881) (#9883)
    • Allow hyphen in language name (#9873) (#9880)
    • Ensure that 2fa is checked on reset-password (#9857) (#9876)
    • Fix issues/pulls dependencies problems (#9842) (#9864)
    • Fix markdown anchor links (#9673) (#9840)
    • Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9837)
    • Fix download file wrong content-type (#9825) (#9834)
    • Fix wrong poster identity on a migrated pull request when submit review (#9827) (#9830)
    • Fix database dump when log directory is missing (#9818) (#9819)
    • Fix compare (#9808) (#9814)
    • Fix push-to-create (#9772) (#9797)
    • Fix missing msteam webhook on organization (#9781) (#9794)
    • Fix missing unlock in uniquequeue (#9790) (#9791)
    • Fix add team on collaborator page when same name as organization (#9778)
    • DeleteRepoFile incorrectly handles Delete to new branch (#9769) (#9775)
    • Fix milestones page (#9771)
    • Fix SimpleMDE quote reply (#9757) (#9768)
    • Fix missing updated time on migrated issues and comments (#9744) (#9764)
    • Move Errored PRs out of StatusChecking (#9675) (#9726)
    • Make hook status printing configurable with delay (#9641) (#9725)
    • Fix /repos/issues/search (#9698) (#9724)
    • Silence fomantic error regarding tabs (#9713) (#9718)
    • Remove unused lock (#9709) (#9710)
    • Remove q.lock.Unlock() in setInternal to prevent panic (#9705) (#9706)
    • Load milestone in API PR list (#9671) (#9700)
    • Don't attempt to close issue if already closed (#9696) (#9699)
    • Remove google font call (#9668) (#9681)
    • Eliminate horizontal scroll caused by footer (#9674)
    • Fix nil reference in repo generation (#9660) (#9666)
    • Add HTML URL to API Issues (#9654) (#9661)
    • Add PR review webhook to Telegram (#9653) (#9655)
    • Use filepath.IsAbs instead of path.IsAbs (#9651) (#9652)
    • Disable remove button on repository teams when have access to all (#9640)
    • Clean up old references on branch delete (#9614)
    • Hide public repos owned by private orgs (#9609)
    • Fix access issues on milestone and issue overview pages. (#9603)
    • Fix error logged when repos qs is empty (#9591)
    • Dont trigger notification twice on issue assignee change (#9582)
    • Fix mirror pushed commit actions (#9572)
    • Allow only specific columns to be updated on issue via API (#9189) (#9539)
    • Fix default avatar for ghost user (#9536)
    • Fix download of release attachments with same name (#9529)
    • Resolve deprecated INI conversion (#9525)
    • Ignore empty avatars during database migration (#9520)
    • Fix deleted branch isn't removed when push the branch again (#9516)
    • Fix repository issues pagination bug when there are more than one label filter (#9512)
    • Fix SetExpr failed (#9506)
    • Remove obsolete file private/push_update.go (#9503)
    • When recreating hooks, delete them first so they are recreated with the umask (#9502)
    • Properly enforce gitea environment for pushes (#9501)
    • Fix datarace on repo indexer queue (#9490)
    • Add call to load repo prior to redirect in add/remove dependency code (#9484)
    • Wrap the code indexer (#9476)
    • Use Req.URL.RequestURI() to cope with FCGI urls (#9473)
    • Set default ssh.minimum_key_sizes (#9466)
    • Fixed issue with paging in /repos/{owner}/{repo}/git/trees/{sha} api (#9459)
    • Fix wrong notification on merge (#9450)
    • Issue with Migration rule v111 (#9449)
    • Trigger webhook when deleting a branch after merging a PR (#9424)
    • Add migration to sanitize repository original_url (#9423)
    • Use OriginalURL instead of CloneAddr in migration logging (#9418)
    • Push update after branch is restored (#9416)
    • Fix wrong migration (#9381)
    • Fix show repositories filter (#9234) (#9379)
    • Fix Slack webhook payload title generation to work with Mattermost (#9378)
    • Fix double webhook for new PR (#9375)
    • AuthorizedKeysCommand should not query db directly (#9371)
    • Fix missed change to GetManager() (#9361)
    • Fix cache problem on dashboard (#9358)
    • RepoIndexer: DefaultBranch needs to be prefixed by BranchPrefix (#9356)
    • Fix protected branch using IssueID (#9348)
    • Fix nondeterministic behavior (#9341)
    • Fix PR/issue redirects when having external tracker (#9339)
    • Remove release attachments which repository has been deleted (#9334)
    • Fix issue indexer not triggered when migrating a repository (#9332)
    • Add SyncTags to uploader interface (#9326)
    • Fix bug that release attachment files not deleted when deleting repository (#9322)
    • Only sync tags after all migration release batches are completed (#9319)
    • File Edit: Author/Committer interchanged (#9297)
    • prebuild CSS/JS before xgo release binaries (#9293)
    • Log: Ensure FLAGS=none shows no flags (#9287)
    • Make Diff Detail on Pull Request Changed File UI always on Top (#9280)
    • Switch CSS minifier to cssnano (#9260)
    • Fix latest docker image haven't include static files. (#9252)
    • Don't link wiki revision to commit (#9244)
    • Change review content column to type text in db (#9229)
    • Fixed topic regex pattern and added search by topic links after save (#9219)
    • Add language to user API responce (#9215)
    • Correct tooltip message blocked by dependencies (#9211)
    • Add SimpleMDE and Fix Image Paste for Issue/Comment Editor (#9197)
    • Fix panic when diff (#9187)
    • Fix #9151 - smtp logger configuration sendTos should be an array (#9154)
    • Fix max length check and limit in multiple repo forms (#9148)
    • Always Show Password Field on Link Account Sign-in Page (#9147)
    • Properly fix displaying virtual session provider in admin panel (#9137)
    • Fix race condition on indexer (#9136)
    • Fix team links in HTML rendering (#9127)
    • Fix race condition in ReplaceSanitizer (#9123)
    • Fix what information is shown about user in API (#9115)
    • Fix nil context user for template repositories (#9099)
    • Hide given credentials for migrated repos. (#9097)
    • Fix reCAPTCHA API URL (#9083)
    • Fix password checks on admin create/edit user (#9076)
    • Update golang.org/x/crypto vendor to use acme v2 (#9056)
    • Ensure Written is set in GZIP ProxyResponseWriter (#9018)
    • Fix wrong system notice when repository is empty (#9010)
    • Fix broken link to branch from issue list (#9003)
    • Fix bug when pack js (#8992)
    • New review approvals shouldn't require a message (#8991)
    • Shadow password correctly for session config (#8984)
    • Don't send notification on pending reviews (#8943)
    • Fix Notify Create Ref Error on tag creation (#8936)
    • Convert EOL to UNIX-style to render MD properly (#8925)
    • Migrate temp_repo.go to use git.NewCommand (#8918)
    • Fix issue with user.fullname (#8902)
    • Add Close() method to gogitRepository (#8901)
    • Enable punctuations ending mentions (#8889)
    • Fix password complexity check on registration (#8887)
    • Fix require external registration password (#8885)
    • Fix edit content button on migrated issue content (#8877)
    • Fix permission checks for close/reopen from commit (#8875)
    • Fix API Bug (fail on empty assignees) (#8873)
    • Stop using git count-objects and use raw directory size for repository (#8848)
    • Fix count for commit graph last page (#8843)
    • Fix to close opened io resources as soon as not needed (#8839)
    • Improve notification (#8835)
    • Fix new user form for non-local users (#8826)
    • Fix: remove duplicated signed commit icons (#8820)
    • Fix (open/closed) issue count when label excluded (#8815)
    • Fix SSH2 conditional in key parsing code (#8806)
    • Fix 500 when edit hook (#8782)
    • On windows set core.longpaths true (#8776)
    • Fix commit expand button to not go to commit link (#8745)
    • Avoid re-issuing redundant cross-references. (#8734)
    • Fix milestone close timestamp function (#8728)
    • Move webhook codes from service to webhook notification (#8712)
    • Show zero lines on the line counter if the file empty (#8700)
    • Fix deadline on update issue or PR via API (#8696)
    • make call createMilestoneComment on newIssue func (#8678)
    • Send tag create and push webhook when release created on UI (#8671)
    • Prevent chrome download page as html with alt + click (#8669)
    • Fix 500 when getting user as unauthenticated user (#8653)
    • Graceful fixes (#8645)
    • Add SubURL to redirect path (#8632) (#8634)
    • Fix extra columns from label table (#8633)
    • Add SubURL to redirect path for transferred/renamed repos (#8632)
    • Fix bug when migrate from API (#8631)
    • Allow to merge if file path contains " or \ (#8629)
    • Prevent removal of non-empty emoji panel following selection of duplicate (#8609)
    • Ensure default gpg settings not nil and found commits have reference to repo (#8604)
    • Set webhook Content-Type for application/x-www-form-urlencoded (#8599)
    • Fix #8582 by handling empty repos (#8587)
    • Fix of the diff statistics view on pull request's (#8581)
    • Fix bug on pull requests when transfer head repository (#8564)
    • Fix template error on account page (#8562)
    • Allow externalID to be UUID (#8551)
    • Fix ignored error on editorconfig api (#8550)
    • Fix user avatar name (#8547)
    • Ensure that GitRepo is set on Empty repositories (#8539)
    • Add missed close in ServeBlobLFS (#8527)
    • Fix migrate mirror 500 bug (#8526)
    • Fix password complexity regex for special characters (on master) (#8525)
  • ENHANCEMENTS
    • Explicitly refer to PR in squash-merge commit message in case of external tracker (#9844) (#9855)
    • Add a /user/login landing page option (#9622)
    • Some more e-mail notification fixes (#9596)
    • Add branch protection option to block merge on requested changes. (#9592)
    • Add footer extra links template (#9576)
    • Fix for a wrong URL in activity page of repository. (#9571)
    • Update default issue template (#9568)
    • Change markdown rendering from blackfriday to goldmark (#9533)
    • Extend file create api with dates (#9464)
    • Add ActionCommentPull action (#9456)
    • Response for context on retry database connection (#9444)
    • Refactor webhooks to reduce code duplication (#9422)
    • update couchbase deps for new license (#9419)
    • Add .ignore file for search tools (#9417)
    • Remove unsued struct (#9405)
    • Hide not allowed Reactions (#9387)
    • Remove text from action-only webhooks (#9377)
    • Move PushToBaseRepo from models to services/pull (#9352)
    • Site admin could view org's members (#9346)
    • Sleep longer if request speed is over github limitation (#9335)
    • Refactor comment (#9330)
    • Refactor code indexer (#9313)
    • Remove SavePatch and generate patches on the fly (#9302)
    • Move some pull request functions from models to services (#9266)
    • Update JS dependencies (#9255)
    • Show label list on label set (#9251)
    • Redirect issue if repo has configured external tracker. (#9247)
    • Allow kbd tags (#9245)
    • Remove unused comment actions (#9222)
    • Fixed errors logging in dump.go (#9218)
    • Expose release counter to repo API response (#9214)
    • Make consistent links to repository in the Slack/Mattermost notificiations (#9205)
    • Expose pull request counter to repo API response (#9202)
    • Extend TrackedTimes API (#9200)
    • Extend StopWatch API (#9196)
    • Move code indexer related code to a new package (#9191)
    • Docker: ask s6 to stop all service when gitea stop (#9171)
    • Variable expansion in repository templates (#9163)
    • Add avatar and issue labels to template repositories (#9149)
    • Show single review comments in the PR conversation tab (#9143)
    • Extract createComment (#9125)
    • Move PushUpdateOptions from models to repofiles (#9124)
    • Alternate syntax for cross references (#9116)
    • Add USE_SERVICE_WORKER setting (#9110)
    • Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092)
    • Explore page: Add topic param to pagination (#9077) (#9078)
    • Markdown: Sanitizier Configuration (#9075)
    • Add password requirement info on error (#9074)
    • Allow authors to use act keywords in PR content (#9059)
    • Move modules/gzip to gitea.com/macaron/gzip (#9058)
    • Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055)
    • Context menus for comments, add quote reply (#9043)
    • Update branch API endpoint to show effective branch protection. (#9031)
    • Move git graph from models to modules/graph (#9027)
    • Move merge actions to notification (#9024)
    • Move mirror sync actions to notification (#9022)
    • Add retry for migration http/https requests (#9019)
    • Rewrite delivery of issue and comment mails (#9009)
    • Add review comments to mail notifications (#8996)
    • Refactor pull request review (#8954)
    • Githook highlighter (#8932)
    • Add git hooks and webhooks to template repositories; move to services (#8926)
    • Only view branch or tag if it match refType requested. (#8899)
    • Drop Admin attribute based on LDAP when login (continue #1743) (#8849)
    • Add additional periods to activity page (#8829)
    • Update go-org to optimize code (#8824)
    • Move some actions to notification/action (#8779)
    • Webhook support custom proxy (#8760)
    • Fix API deadline removal (#8759)
    • Mark review comment as invalidated when file is deleted (#8751)
    • Move pull list code to a separate file (#8748)
    • Move webhook to a standalone package under modules (#8747)
    • Multi repo select on issue page (#8741)
    • apply exclude label on milestone issue list (#8739)
    • Move issue notifications and assignee man (#8713)
    • Move issue change content from models to service (#8711)
    • Move issue change status from models to service (#8691)
    • Move more issue assignee code from models to issue service (#8690)
    • Create PR on Current Repository by Default (#8670)
    • Improve Open Graph Protocol (#8637)
    • Batch hook pre- and post-receive calls (#8602)
    • Improve webhooks (#8583)
    • Move transfer repository and rename repository on a service package and start action notification (#8573)
    • Implement/Fix PR review webhooks (#8570)
    • Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
    • Move some repositories' operations to a standalone service package (#8557)
    • Allow more than 255 characters for tokens in external_login_user table (#8554)
    • Move issue label operations to issue service package (#8553)
    • Adjust error reporting from merge failures and use LC_ALL=C for git (#8548)
    • Mail assignee when issue/pull request is assigned (#8546)
    • Allow committing / adding empty files using the web ui (#8420) (#8532)
    • Move sync mirror actions to mirror service package (#8518)
    • Remove arrows on numeric inputs (#8516)
    • Support inline rendering of CUSTOM_URL_SCHEMES (#8496)
    • Recalculate repository access only for specific user (#8481)
    • Add download button for rull request diff- and patch-file (#8470)
    • Add single sign-on support via SSPI on Windows (#8463)
    • Move change issue title from models to issue service package (#8456)
    • Add included tag on branch view (#8449)
    • Make static resouces web browser cache time customized on app.ini (#8442)
    • Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426)
    • Add pagination to commit graph page (#8360)
    • Use templates for issue e-mail subject and body (#8329)
    • Move clearlabels from models to issue service (#8326)
    • Move AddTestPullRequestTask to pull service package from models (#8324)
    • Team permission to create repository in organization (#8312)
    • Allows external rendering of other filetypes (#8300)
    • Add 'Alt + click' feature to exclude labels (#8199)
    • Configurable close and reopen keywords for PRs (#8120)
    • Configurable URL for static resources (#7911)
    • Unifies commit list in repository commit table and wiki revision page (#7907)
    • Allow cross-repository dependencies on issues (#7901)
    • Auto-subscribe user to repository when they commit/tag to it (#7657)
    • Restore Graceful Restarting & Socket Activation (#7274)
    • wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241)
    • Change target branch for pull request (#6488)
    • Display PR commits and diffs using base repo rather than forked (#3648)
  • TESTING
    • Add debug option to serv to help debug problems (#9492)
    • Fix the intermittent TestGPGGit failures (#9360)
    • Testing: Update postgres sequences (#9304)
    • Missed defer prepareTestEnv (#9285)
    • Fix "data race" in testlogger (#9159)
    • Yet another attempt to fix the intermittent failure of gpg git test (#9146)
    • integrations: Fix Dropped Test Errors (#9040)
    • services/mirror: fix dropped test errors (#9007)
    • Fix intermittent GPG Git test failure (#8968)
    • Update Github Migration Tests (#8893) (#8938)
    • Update heatmap fixtures to restore tests (#8615)
  • TRANSLATION
    • Fix Korean locales (#9761) (#9780)
    • Fix placeholders in the error message (#9060)
    • Fix spelling of admin.users.max_repo_creation (#8934)
    • Improve german translation of homepage (#8549)
  • BUILD
    • Fix webpack polyfills (#9735) (#9738)
    • Update gitea.com/macaron to 1.4.0 (#9608)
    • Upgrade lato fonts to v16. (#9498)
    • Update alpine to 3.11 (#9440)
    • Upgrade blevesearch (#9177)
    • Remove built js/css files from git (#9114)
    • Move semantic.dropdown.custom.js to webpack (#9064)
    • Check compiled files during build (#9042)
    • Enable lazy-loading of gitgraph.js (#9036)
    • Pack web_src/js/draw.js to public/js/index.js (#8975)
    • Modernize js and use babel (#8973)
    • Move index.js to web_src and use webpack to pack them (#8598)
    • Restrict modules/graceful to non-windows build and shim IsChild (#8537)
    • Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
  • DOCS
    • Swagger info corrections (#9441) (#9558)
    • Add ALLOW_ONLY_EXTERNAL_REGISTRATION to config cheat sheet (#8986)
    • Rephrase comment about RuntimeDirectory option in systemd config (#8912)
    • Explicitly indicate the socket unit to use the service unit "gitea.service" (#8804)
    • Adjust the must-change-password help (#8755)
    • Add notice to docs for migrating from more recent versions of Gogs (#8724)
    • Add explicit info about customization of homepage (#8694)
    • Change external asciidoctor tool to embedded mode (#8677)
    • Add Docker fail2ban configuration (#8642)
    • Correct some outdated statements in the contributing guidelines (#8612)
    • Basic Design guidelines (describing different parts of the code) (#8601)
    • Display Gitea logo in Readme (#8592)
    • Fix building from source docs to ref AppWorkPath (#8567)
    • Update the provided gitea.service to mention socket activation (#8531)
    • Doc added how to setup email (#8520)
  • MISC
    • Backport Locales [2020-01-14] (#9773)
    • Add translatable Powered by Gitea text in footer (#9600)
    • Add contrib/environment-to-ini (#9519)
    • Remove unnecessary loading of settings in update hook (#9496)
    • Update gitignore list (#9437)
    • Update license list (#9436)
    • Fix background reactions in the arc-green theme (#9421)
    • Update and fix chardet import (#9351)
    • Ensure LF on checkouts and in editors (#9259)
    • Fixed topics margin (#9248)
    • Add comment to exported function WindowsServiceName (make revive) (#9241)
    • Remove empty lines on issues/pulls page (#9232)
    • Fix Add Comment Button's "+" Position (#9140)
    • Add first issue comment hashtag (#9052)
    • Change some label colors (#9051)
    • Fix double scroll in branch dropdown (#9048)
    • Add comment highlight when target from url (#9047)
    • Update display of reactions to issues and comments (#9038)
    • Button tooltip formatting under Branches (#9034)
    • Allow setting default branch via API (#9030)
    • Update dashboard context for PR reviews (#8995)
    • Show repository size in repo home page and settings (#8940)
    • Allow to add and remove all repositories to/from team. (#8867)
    • Show due date in dashboard issues list (#8860)
    • Theme arc-green: reverse heatmap colors (#8840)
    • Project files table style update (#8757)
    • gitignore debugging file from vscode (#8740)
    • Add API for Issue set Subscription (#8729)
    • Make 100% width search bar (#8710)
    • Update color theme for heatmap (#8709)
    • Add margin to title_wip_desc (#8705)
    • Improve visibility of "Pending" indicator (#8685)
    • Improve accessibility of dropdown menus (#8638)
    • Make /users/{username}/repos list private repos the current user has access to (#8621)
    • Prevent .code-view from overriding font on icon fonts (#8614)
    • Add id references on all issue events to allow internal linking (#8608)
    • Upgrade xorm to v0.8.0 (#8536)
    • Upgrade gopkg.in/ini.v1 (#8500)
    • Update CodeMirror to version 5.49.0 (#8381)
    • Wiki editor: enable side-by-side button (#7242)

1.10.6 - 2020-03-10

This is a re-tag version of v1.10.5 and also explicitly built with Go 1.13.

WARNING: v1.10.5 is incorrectly tagged targeting 1.12-dev and should not be used.

1.10.5 - 2020-03-06

  • BUGFIXES
    • Fix release attachments being deleted while upgrading (#10572) (#10574)

1.10.4 - 2020-02-16

  • FEATURE
    • Prevent empty LDAP search from deactivating all users (#9879) (#9890)
  • BUGFIXES
    • Fix reply on code review (#10261) (#10227)
    • Fix branch page pull request title and link error (#10092) (#10098)
    • Fix milestone API state parameter unhandled (#10049) (#10053)
    • Fix wiki raw view on sub path (#10002) (#10041)
    • Fix RocketChat Webhook (#9908) (#9921) (#9925)
    • Fix bug about wrong dependencies permissions check and other wrong permissions check (#9884) (Partial backport #9842)
    • Ensure that 2fa is checked on reset-password (#9857) (#9877)

1.10.3 - 2020-01-17

  • SECURITY
    • Hide credentials when submitting migration (#9102) (#9704)
    • Never allow an empty password to validate (#9682) (#9684)
    • Prevent redirect to Host (#9678) (#9680)
    • Hide public repos owned by private orgs (#9609) (#9616)
  • BUGFIXES
    • Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
    • Fix download file wrong content-type (#9825) (#9835)
    • Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
    • Fix dump non-exist log directory (#9818) (#9820)
    • Fix compare (#9808) (#9815)
    • Fix missing msteam webhook on organization (#9781) (#9795)
    • Fix add team on collaborator page when same name as organization (#9783)
    • Fix cache problem on dashboard (#9358) (#9703)
    • Send tag create and push webhook when release created on UI (#8671) (#9702)
    • Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)

1.10.2 - 2020-01-02

  • BUGFIXES
    • Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
    • Add ErrReactionAlreadyExist error (#9550) (#9564)
    • Fix bug when migrate from API (#8631) (#9563)
    • Use default avatar for ghost user (#9536) (#9537)
    • Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
    • Fix deleted branch not removed when push the branch again (#9516) (#9524)
    • Fix missing repository status when migrating repository via API (#9511)
    • Trigger webhook when deleting a branch after merging a PR (#9510)
    • Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
    • Fix NewCommitStatus (#9434) (#9435)
    • Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
    • Fix Slack webhook payload title generation to work with Mattermost (#9404)
    • DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
    • Fix issue indexer not triggered when migrating a repository (#9333)
    • Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
    • Fix migration releases (#9319) (#9326) (#9328)
    • Fix File Edit: Author/Committer interchanged (#9297) (#9300)

1.10.1 - 2019-12-05

  • BUGFIXES
    • Fix max length check and limit in multiple repo forms (#9148) (#9204)
    • Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
    • Upgrade levelqueue to 0.1.0 (#9192) (#9199)
    • Fix panic when diff (#9187) (#9193)
    • Smtp logger configuration sendTos should be an array (#9154) (#9157)
    • Always Show Password Field on Link Account Sign-in Page (#9150)
    • Create PR on Current Repository by Default (#8670) (#9141)
    • Fix race on indexer (#9136) (#9139)
    • Fix reCAPTCHA URL (#9119)
    • Hide migrated credentials (#9098)
    • Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
    • Fix password checks on admin create/edit user (#9076) (#9081)
    • Fix add search as a reserved username (#9063) (#9065)
    • Fix permission checks for close/reopen from commit (#8875) (#9033)
    • Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
    • Fix broken link to branch from issue list (#9003) (#9021)
    • Fix wrong system notice when repository is empty (#9020)
    • Shadow password correctly for session config (#8984) (#9002)

1.10.0 - 2019-11-13

  • BREAKING
    • Fix deadline on update issue or PR via API (#8698)
    • Hide some user information via API if user doesn't have enough permission (#8655) (#8657)
    • Remove legacy handling of drone token (#8191)
    • Change repo search to use exact match for topic search. (#7941)
    • Add pagination for admin api get orgs and fix only list public orgs bug (#7742)
    • Implement the ability to change the ssh port to match what is in the gitea config (#7286)
  • SECURITY
    • Fix issue with user.fullname (#8903)
    • Ignore mentions for users with no access (#8395)
    • Be more strict with git arguments (#7715)
    • Extract the username and password from the mirror url (#7651)
    • reserve .well-known username (#7637)
  • FEATURES
    • Org/Members: display 2FA members states + optimize sql requests (#7621)
    • SetDefaultBranch on pushing to empty repository (#7610)
    • Adds side-by-side diff for images (#6784)
    • API method to list all commits of a repository (#6408)
    • Password Complexity Checks (#6230)
    • Add option to initialize repository with labels (#6061)
    • Add additional password hash algorithms (#6023)
  • BUGFIXES
    • Allow to merge if file path contains " or \ (#8629) (#8771)
    • On windows set core.longpaths true (#8776) (#8786)
    • Fix 500 when edit hook (#8782) (#8789)
    • Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801)
    • Fix SSH2 conditional in key parsing code (#8806) (#8810)
    • Fix commit expand button to not go to commit link (#8745) (#8825)
    • Fix new user form for non-local users (#8826) (#8828)
    • Fix to close opened io resources as soon as not needed (#8839) (#8846)
    • Fix edit content button on migrated issue content (#8877) (#8884)
    • Fix require external registration password (#8885) (#8890)
    • Fix password complexity check on registration (#8887) (#8888)
    • Update Github Migration Tests (#8896) (#8938) (#8945)
    • Enable punctuations ending mentions (#8889) (#8894)
    • Add Close() method to gogitRepository (#8901) (#8956)
    • Hotfix for review actions and notifications (#8965)
    • Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618)
    • Fix milestone close timestamp (#8728) (#8730)
    • Fix 500 when getting user as unauthenticated user (#8653) (#8663)
    • Fix 'New Issue Missing Milestone Comment' (#8678) (#8681)
    • Use AppSubUrl for more redirections (#8647) (#8651)
    • Add SubURL to redirect path (#8632) (#8634)
    • Fix template error on account page (#8562) (#8622)
    • Allow externalID to be UUID (#8551) (#8624)
    • Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623)
    • Update heatmap fixtures to restore tests (#8615) (#8616)
    • Ensure that diff stats can scroll independently of the diff (#8581) (#8621)
    • Webhook: set Content-Type for application/x-www-form-urlencoded (#8600)
    • Fix #8582 by handling empty repos (#8587) (#8594)
    • Fix bug on pull requests when transfer head repository (#8564) (#8569)
    • Add missed close in ServeBlobLFS (#8527) (#8542)
    • Ensure that GitRepo is set on Empty repositories (#8539) (#8541)
    • Fix migrate mirror 500 bug (#8526) (#8530)
    • Fix password complexity regex for special characters (#8524)
    • Prevent .code-view from overriding font on icon fonts (#8614) (#8627)
    • Allow more than 255 characters for tokens in external_login_user table (#8554)
    • Fix errors in create org UI regarding team access permission (#8506)
    • Fix bug on FindExternalUsersByProvider (#8504)
    • Create .ssh dir as necessary (#8486)
    • IsBranchExist: return false if provided name is empty (#8485)
    • Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477)
    • Add check for empty set when dropping indexes during migration (#8471)
    • LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455)
    • Ensure Request Body Readers are closed in LFS server (#8454)
    • Fix template bug on mirror repository setting page (#8438)
    • Fix migration v96 to keep issue attachments (#8435)
    • Update strk.kbt.io/projects/go/libravatar to latest (#8429)
    • Singular form for files that has only one line (#8416)
    • Check for either escaped or unescaped wiki filenames (#8408)
    • Allow users with explicit read access to give approvals (#8382)
    • Fix editor commit to new branch if PR disabled (#8375)
    • readd .markdown class to all markup renderers (#8357)
    • Upgrade xorm to v0.7.9 to fix some bugs (#8354)
    • Fix column name ambiguity in GetUserIssueStats() (#8347)
    • Change general form binding to gogs form (#8334)
    • Fix pull request commit status in user dashboard list (#8321)
    • Fix repo_admin_change_team_access always checked in org settings (#8319)
    • Update to github.com/lafriks/xormstore@v1.3.0 (#8317)
    • Show correct commit status in PR list (#8316)
    • Bugfix for image compare and minor improvements to image compare (#8289)
    • Update xorm (#8286)
    • Fix API for edit and delete release attachment (#8285)
    • Fix nil object access in some conditions when parsing cross references (#8281)
    • Fix label count (#8267)
    • Only show teams access for organization repositories on collaboration setting page (#8265)
    • Test more reserved usernames (#8263)
    • Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
    • Fix assets key on release webhook (#8253)
    • Allow registration when button is hidden (#8237)
    • Fix release API URL generation (#8234)
    • Fix milestone num_issues (#8221)
    • MS Teams webhook misses commit messages (#8209)
    • Fix data race (#8204)
    • Fix team user api (#8172)
    • Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161)
    • Make show private icon when repo avatar set (#8144)
    • Add reviewers as participants (#8121)
    • Fix Go 1.13 private repository go get issue (#8112)
    • feat: highlight issue references with : (#8101)
    • Make AllowedUsers configurable in sshd_config (#8094)
    • Strict name matching for Repository.GetTagID() (#8074)
    • Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066)
    • Add change title notification for issues (#8061)
    • [ssh] fix the config specification in the authorized_keys template (#8031)
    • Fix reading git notes from nested trees (#8026)
    • Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990)
    • Fix adding default Telegram webhook (#7972)
    • Run CORS handler first for /api routes (#7967)
    • Abort synchronization from LDAP source if there is some error. (#7960)
    • Fix wrong sender when send slack webhook (#7918)
    • Fix bug when migrating a private repository (#7917)
    • Evaluate emojis in commit messages in list view (#7906)
    • Fix upload file type check (#7890)
    • lfs/lock: round locked_at timestamp to second (#7872)
    • fix non existent milestone with 500 error instead of 404 (#7867)
    • gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
    • Fix duplicate call of webhook (#7821)
    • Enable switching to a different source branch when PR already exists (#7819)
    • Convert files to utf-8 for indexing (#7814)
    • Do not fetch all refs in pull-request compare (#7797)
    • Fix multiple bugs with statuses endpoints at API (#7785)
    • Restore functionality for early gits (#7775)
    • Fix Slack webhook fork message (#7774)
    • Rewrite existing repo units if setting is not included in api body (#7763)
    • Fix rename failed when rewrite public keys (#7761)
    • Fix approvals counting (#7757)
    • Add migration step to remove old repo_indexer_status orphaned records (#7746)
    • Fix repo_index_status lingering when deleting a repository (#7734)
    • Remove camel case tokenization from repo indexer (#7733)
    • Fix milestone completness calculation when migrating (#7725)
    • Regression: Include "executable" files in the index, as they are not necessarily … (#7718)
    • Fixes indexed repos keeping outdated indexes when files grow too large (#7712)
    • Skip non-regular files (e.g. submodules) on repo indexing (#7711)
    • Fix dropTableColumns sqlite implementation (#7710)
    • Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705)
    • improve branches list performance and fix protected branch icon when no-login (#7695)
    • Correct wrong datetime format for git (#7689)
    • Move add to hook queue for created repo to outside xorm session. (#7675)
    • sugestion to use range .Branches (#7674)
    • Fix bug on migrating milestone from github (#7665)
    • hide delete/restore button on archived repos (#7658)
    • css: use flex to fix floating paginate (#7656)
    • Fix syntax highlight initialization (#7617)
    • Fix panic on push at - Merging pull request causes 500 error (#7615)
    • Make PKCS8, PEM and SSH2 keys work (#7600)
    • Fix mistake in arc-green.less split-diff css code. (#7587)
    • Handle ErrUserProhibitLogin in http git (#7586)
    • Fix bug create/edit wiki pages when code master branch protected (#7580)
    • Fixes Malformed URLs in API git/commits response (#7565)
    • Fix file header overflow in file and blame views (#7562)
    • Improve SSH key parser to handle newlines in keys (#7522)
    • Fix empty commits now showing in repo overview (#7521)
    • Fix repository's pull request count error (#7518)
    • Fix markdown invoke sequence (#7513)
    • Remove duplicated webhook trigger (#7511)
    • Update User.NumRepos atomically in createRepository (#7493)
    • Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482)
    • Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478)
    • cmd/serv: actually exit after fatal errors (#7458)
    • Fix an issue with some pages throwing 'not defined' js exceptions (#7450)
    • fix Dropzone.js integration (#7445)
    • Fix regex for issues in commit messages (#7444)
    • Diff: Fix indentation on unhighlighted code (#7435)
    • Only show "New Pull Request" button if repo allows pulls (#7426)
    • Upgrade macaron/captcha to fix random error problem (#7407)
    • create class for inline positioned lists (#7393)
    • Fetch refs for successful testing for tag (#7388)
    • add missing template variable on organisation settings (#7385)
    • fix post parameter - on issue list - unset assignee (#7380)
    • fix/define autochecked checkboxes on issue list in firefox (#7320)
    • only return head: null if source branch was deleted (#6705)
  • ENHANCEMENTS
    • Add nofollow to sign in links (#8509)
    • vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495)
    • Update milestone issues numbers when save milestone and other code improvements (#8411)
    • Add extra user information when migrating release (#8331)
    • Require overall success if no context is given for status check (#8318)
    • Transaction-aware retry create issue to cope with duplicate keys (#8307)
    • Change link on issue milestone (#8246)
    • Alwaywas return local url for users avatar (#8245)
    • Move some milestone functions to a standalone package (#8213)
    • Move create issue comment to comments package (#8212)
    • Disable max height property of comment textarea (#8203)
    • Add 'Mentioning you' group to /issues page (#8201)
    • oauth2 with remote Gitea (#8149)
    • Reference issues from pull requests and other issues (#8137)
    • Fix webhooks to use proxy from environment (#8116)
    • Add merged commit id on pull view when it's merged (#8062)
    • Add teams to repo on collaboration page. (#8045)
    • Update swagger to 0.20.1 (#8010)
    • Make link last commit massages in repository home page and commit tables (#8006)
    • Add API endpoint for accessing repo topics (#7963)
    • Include description in repository search (#7942)
    • Use gitea forked macaron (#7933)
    • Fix pull creation with empty changes (#7920)
    • Allow token as authorization for accessing attachments (#7909)
    • Retry create issue to cope with duplicate keys (#7898)
    • Move git diff codes from models to services/gitdiff (#7889)
    • migrate gplus to google oauth2 provider (#7885)
    • Remove unique filter from repo indexer analyzer. (#7878)
    • Detect delimiter in CSV rendering (#7869)
    • Import topics during migration (#7851)
    • Move CreateReview to modules/pull (#7841)
    • vendor: update pdf.js to v2.1.266 (#7834)
    • Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
    • Add Ability for User to Customize Email Notification Frequency (#7813)
    • Move database settings from models to setting (#7806)
    • Display ui time with customize time location (#7792)
    • Implement webhook branch filter (#7791)
    • Restrict repository indexing by glob match (#7767)
    • Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
    • Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
    • deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
    • Apply emoji on commit graph page (#7743)
    • Add a lot of extension to language mappings for syntax highlights (#7741)
    • Add SQL execution on log and indexes on table repository and comment (#7740)
    • Set DB connection error level to error (#7724)
    • Check commit message hashes before making links (#7713)
    • remove unnecessary fmt on generate bindata (#7706)
    • Fix specific highlighting (CMakeLists.txt ...) (#7686)
    • Add file status on API (#7671)
    • Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
    • Provide links in commit summaries in commits table/view list (#7659)
    • Change length of some repository's columns (#7652)
    • Move commit repo action from models to repofiles package (#7645)
    • fix wrong email when use gitea as OAuth2 provider (#7640)
    • [Branch View] add download button (#7604)
    • Update to xorm@v0.7.4 (#7596)
    • use 403 instead of 401 for ErrUserProhibitLogin (#7591)
    • Removed unnecessary conversions (#7557)
    • Un-lambda base.FileSize (#7556)
    • Added missing error checks in tests (#7554)
    • Move create release from models to a standalone package (#7539)
    • Make default branch name link to default branch (#7519)
    • Added total count of contributions to heatmap (#7517)
    • Move mirror to a standalone package from models (#7486)
    • Move models.PushUpdate to repofiles.PushUpdate (#7485)
    • Include thread related headers in issue/coment mail (#7484)
    • Refuse merge until all required status checks success (#7481)
    • convert all js var to let/const (#7464)
    • Only create branches for opened pull requestes when migrating from github (#7463)
    • jQuery 3 (#7425)
    • Add notification placeholder (#7409)
    • Search Commits via Commit Hash (#7400)
    • Move status table to cron package (#7370)
    • wiki - page revisions list (#7369)
    • Display original author and URL information when showing migrated issues/comments (#7352)
    • Refactor filetype is not allowed errors (#7309)
    • switch to use gliderlabs/ssh for builtin server (#7250)
    • Remove settting dependency on modules/session (#7237)
    • Move all mail related codes from models to services/mailer (#7200)
    • Support git.PATH entry in app.ini (#6772)
    • Support setting cookie domain (#6288)
    • Move migrating repository from frontend to backend (#6200)
    • Delete releases attachments if release is deleted (#6068)
  • TRANSLATION
    • Latvian translation for home page (#8468)
    • Add home template italian translation (#8352)
    • fix misprint (#7452)
  • BUILD
    • use go 1.13 (#8088)
  • MISC
    • add file line count info on UI (#8396)
    • Make issues page left menu 100% width and add reponame as title attribute (#8359)
    • [arc-green] white on hover for active menu items (#8344)
    • Move ref (branch or tag) location on issue list page (#8157)
    • apply emoji on dashboard issue list labels (#8156)
    • 1148: Take up the full width when viewing the diff in split view. (#8114)
    • Display description of 'make this repo private' as help text, not as tooltip (#8097)
    • Fixes deformed emoji in pull request reviews (#8047)
    • Add strike to old header on comment (#8046)
    • Add tooltip for the visibility checkbox in /repo/create (#8025)
    • Update github.com/lafriks/xormstore and tidy up mod.go (#8020)
    • keep blame view buttons sequence consistent with normal view when view a file (#8007)
    • Use "Pull Request" instead of "Merge Request" (#8003)
    • Move line number to :before attr to hide from search on browser (#8002)
    • Changed black color to white for (read) number label on issue list page (#8000)
    • [Branch View] show "New Pull Request" Button only if posible (#7977)
    • Fix hook problem by only setting the git environment variables if we are passed them (#7854)
    • Prevent Commit Status and Message From Overflowing On Branch Page (#7800)
    • Fix global search result CSS, misc CSS tweaks (#7789)
    • Tweak label border CSS (#7739)
    • Fix create menu item widths (#7708)
    • [Branch View] Delete duplicate protection symbol (#7624)
    • [Branch View] Delete Table Header (#7622)
    • [Branch View] icons to buttons (#7602)
    • update js dependencies (#7462)
    • Add Extra Info to Branches Page (#7461)
    • Bump lodash from 4.17.11 to 4.17.14 (#7459)
    • wiki history improvements (#7391)
    • ui fixes - compare view and archieved repo issues (#7345)
    • dark theme scrollbars (#7269)
    • wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243)
    • Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141)

1.9.6 - 2019-11-13

  • BUGFIXES
    • Allow to merge if file path contains " or \ (#8629) (#8772)
    • Fix 500 when edit hook (#8782) (#8790)
    • Fix issue with user.fullname (#8904)
    • Update Github Migration Test (#8897) (#8946)
    • Add Close() method to gogitRepository (#8901) (#8958)

1.9.5 - 2019-10-30

  • BREAKING
    • Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
  • BUGFIXES
    • Fix milestone close timestamp (#8728) (#8731)
    • Fix deadline on update issue or PR via API (#8699)
    • Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
    • Fix 500 when getting user as unauthenticated user (#8653) (#8662)
    • Use AppSubUrl for more redirections (#8647) (#8652)
    • Add SubURL to redirect path (#8632) (#8634) (#8640)
    • Fix #8582 by handling empty repos (#8587) (#8593)
    • Fix bug on pull requests when transfer head repository (#8571)
    • Add missed close in ServeBlobLFS (#8527) (#8543)
    • Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
    • Create .ssh dir as necessary (#8369) (#8486) (#8489)
    • Restore functionality for early gits (#7775) (#8476)
    • Add check for empty set when dropping indexes during migration (#8475)
    • Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
    • Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
  • SECURITY
    • Ignore mentions for users with no access (#8395) (#8484)
  • TESTING
    • Update heatmap fixtures to restore tests (#8615) (#8617)

1.9.4 - 2019-10-08

  • BUGFIXES
    • Highlight issue references (#8101) (#8404)
    • Fix bug when migrating a private repository #7917 (#8403)
    • Change general form binding to gogs form (#8334) (#8402)
    • Fix editor commit to new branch if PR disabled (#8375) (#8401)
    • Fix milestone num_issues (#8221) (#8400)
    • Allow users with explicit read access to give approvals (#8398)
    • Fix commit status in PR #8316 and PR #8321 (#8339)
    • Fix API for edit and delete release attachment (#8290)
    • Fix assets on release webhook (#8283)
    • Fix release API URL generation (#8239)
    • Allow registration when button is hidden (#8238)
    • MS Teams webhook misses commit messages (backport v1.9) (#8225)
    • Fix data race (#8206)
    • Fix pull merge 500 error caused by git-fetch breaking behaviors (#8194)
    • Fix the SSH config specification in the authorized_keys template (#8193)
    • Fix reading git notes from nested trees (#8189)
    • Fix team user api (#8172) (#8188)
    • Add reviewers as participants (#8124)
  • BUILD
    • Use vendored go-swagger (#8087) (#8165)
    • Fix version-validation for GO 1.13 (go-macaron/cors) (#8389)
  • MISC
    • Make show private icon when repo avatar set (#8144) (#8175)

1.9.3 - 2019-09-06

  • BUGFIXES
    • Fix go get from a private repository with Go 1.13 (#8100)
    • Strict name matching for Repository.GetTagID() (#8082)
    • Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
    • Add change title notification for issues (#8064)
    • Run CORS handler first for /api routes (#7967) (#8053)
    • Evaluate emojis in commit messages in list view (#8044)
    • Fix failed to synchronize tags to releases for repository (#7990) (#7994)
    • Fix adding default Telegram webhook (#7972) (#7992)
    • Abort synchronization from LDAP source if there is some error (#7965)
    • Fix deformed emoji in commit message (#8071)
  • ENHANCEMENTS
    • Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)

1.9.2 - 2019-08-22

  • BUGFIXES
    • Fix wrong sender when send slack webhook (#7918) (#7924)
    • Upload support text/plain; charset=utf8 (#7899)
    • Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
    • Fix non existent milestone with 500 error (#7867) (#7873)
  • SECURITY
  • ENHANCEMENTS
    • Fix pull creation with empty changes (#7920) (#7926)
  • BUILD
    • Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)

1.9.1 - 2019-08-14

  • BREAKING
    • Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)
  • SECURITY
  • BUGFIXES
    • Fix local runs of ssh-requiring integration tests (#7855) (#7857)
    • Fix hook problem (#7856) (#7754)
    • Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846)
    • Do not fetch all refs (#7797) (#7837)
    • Fix duplicate call of webhook (#7824) (#7821)
    • Enable switching to a different source branch when PR already exists (#7823)
    • Rewrite existing repo units if setting is not included in api body (#7811)
    • Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808)
    • API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807)
    • Fix Slack webhook fork message (1.9 release backport) (#7783)
    • Fix approvals counting (#7757) (#7777)
    • Fix rename failed when rewrite public keys (#7761) (#7769)
    • Fix dropTableColumns sqlite implementation (#7710) (#7765)
    • Fix repo_index_status lingering when deleting a repository (#7738)
    • Fix milestone completness calculation when migrating (#7725) (#7732)
    • Fixes indexed repos keeping outdated indexes when files grow too large (#7731)
    • Skip non-regular files (e.g. submodules) on repo indexing (#7717)
    • Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704)
    • Correct wrong datetime format for git (#7689) (#7690)

1.9.0 - 2019-07-30

  • BREAKING
    • Better logging (#6038) (#6095)
  • SECURITY
    • Shadow the password on cache and session config on admin panel (#7300)
    • Fix markdown invoke sequence (#7513) (#7560)
    • Reserve .well-known username (#7638)
    • Do not leak secrets via timing side channel (#7364)
    • Ensure that decryption of cookie actually suceeds (#7363)
  • FEATURES
    • Content API for Creating, Updating, Deleting Files (#6314)
    • Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229)
    • Add command to convert mysql database from utf8 to utf8mb4 (#7144)
    • Fixes #2738 - Adds the /git/tags API endpoint (#7138)
    • Compare branches, commits and tags with each other (#6991)
    • Show Pull Request button or status of latest PR in branch list (#6990)
    • Repository avatars (#6986)
    • Show git-notes (#6984)
    • Add commit statuses reports on pull request view (#6845)
    • Number of commits ahead/behind in branch overview (#6695)
    • Add CLI commands to manage LDAP authentication source (#6681)
    • Add support for MS Teams webhooks (#6632)
    • OAuth2 Grant UI (#6625)
    • Add SUBJECT_PREFIX mailer config option (#6605)
    • Include custom configuration file in dump (#6516)
    • Add API for manipulating Git hooks (#6436)
    • Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
    • Add option to blame files (#5721)
    • Implement Default Webhooks (#4299)
    • Telegram webhook (#4227)
  • BUGFIXES
    • Send webhook after commit when creating issue with assignees (#7681) (#7684)
    • Upgrade macaron/captcha to fix random error problem (#7407) (#7683)
    • Move add to hook queue for created repo to outside xorm session. (#7682) (#7675)
    • Show protection symbol if needed on default branch (#7660) (#7668)
    • Hide delete/restore button on archived repos (#7660)
    • Fix bug on migrating milestone from github (#7665) (#7666)
    • Use flex to fix floating paginate (#7656) (#7662)
    • Change length of some repository's columns (#7652) (#7655)
    • Fix wrong email when use gitea as OAuth2 provider (#7640) (#7647)
    • Fix syntax highlight initialization (#7617) (#7626)
    • Fix bug create/edit wiki pages when code master branch protected (#7580) (#7623)
    • Fix panic on push at #7611 (#7615) (#7618)
    • Handle ErrUserProhibitLogin in http git (#7586, #7591) (#7590)
    • Fix color of split-diff view in dark theme (#7587) (#7589)
    • Fix file header overflow in file and blame views (#7562) (#7579)
    • Malformed URLs in API git/commits response (#7565) (#7567)
    • Fix empty commits now showing in repo overview (#7521) (#7563)
    • Fix repository's pull request count error (#7518) (#7524)
    • Remove duplicated webhook trigger (#7511) (#7516)
    • Handles all redirects for Web UI File CRUD (#7478) (#7507)
    • Fix regex for issues in commit messages (#7444) (#7466)
    • cmd/serv: actually exit after fatal errors (#7458) (#7460)
    • Fix an issue with some pages throwing 'not defined' js exceptions #7450 (#7453)
    • Fix Dropzone.js integration (#7445) (#7448)
    • Create class for inline positioned lists (#7439) (#7393)
    • Diff: Fix indentation on unhighlighted code (#7435) (#7443)
    • jQuery 3 (#7442) (#7425)
    • Only show "New Pull Request" button if repo allows pulls (#7426) (#7432)
    • Fix vendor references (#7394) (#7396)
    • Only return head: null if source branch was deleted (#6705) (#7376)
    • Add missing template variable on organisation settings (#7386) (#7385)
    • Fix post parameter on issue list which had unset assignee (#7380) (#7383)
    • Fix migration tests due to issue 7 being resolved (#7375) (#7381)
    • Correctly adjust mirror url (#6593)
    • Handle early git version's lack of get-url (#7065)
    • Fix icon position in issue view (#7354)
    • Cut timeline length with last element on issue view (#7355)
    • Fix mirror repository webhooks (#7366)
    • Fix api route for hooks (#7346)
    • Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337)
    • Fix pull view ui merge section (#7335)
    • Fix 7303 - remove unnessesary buttons on archived repos (#7326)
    • Fix topic bar to allow prefixes (#7325)
    • Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
    • Fixes #7238 - Annotated tag commit ID incorrect (#7321)
    • Dark theme fixes (#7319)
    • Gitea own dark codemirror theme (#7317)
    • Fixes #7292 - API File Contents bug (#7301)
    • Fix API link header (#7298)
    • Fix extra newlines when copying from diff in Firefox (#7288)
    • Make diff line-marker non-selectable (#7279)
    • Fix Submodule dection in subdir (#7275)
    • Fix error log when loading issues caused by a xorm bug (#7271)
    • Add .fa icon margin like .octicon (#7258)
    • Fix hljs unintenionally highlighting commit links (#7244)
    • Only check and config git on web subcommand but not others (#7236)
    • Fix migration panic when Head.User is not exist (#7226)
    • Only warn on errors in deleting LFS orphaned files during repo deletion (#7213)
    • Fix duplicated file on pull request conflicted files (#7211)
    • Allow colon between fixing word and issue (#7207)
    • Fix overflow issues in repo (#7190)
    • API error cleanup (#7186)
    • Add error for fork already existing (#7185)
    • Fixes diff on merged pull requests (#7171)
    • If milestone id is zero don't get it from database (#7169)
    • Fix pusher name via ssh push (#7167)
    • Fix database lock when use random repository fallback image (#7166)
    • Various fixes for issue mail notifications (#7165)
    • Allow archived repos to be (un)starred and (un)watched (#7163)
    • Fix GCArgs load from ini (#7156)
    • Detect noreply email address as user (#7133)
    • Avoid arbitrary format strings upon calling fail() function (#7112)
    • Validate External Tracker URL Format (#7089)
    • Repository avatar fallback configuration (#7087)
    • Fix #732: Add LFS objects to base repository on merging (#7082)
    • Install page - Handle invalid administrator username better (#7060)
    • Workaround for posting single comments in split diff view (#7052)
    • Fix possbile mysql invalid connnection error (#7051)
    • Fix charset was not saved after installation finished (#7048)
    • Handle insecure and ports in go get (#7041)
    • Avoid bad database state after failed migration (#7040)
    • Fix wrong init dependency on markup extensions (#7038)
    • Fix default for allowing new organization creation for new users (#7017)
    • Fix content download and /verify LFS handler expecting wrong content-type (#7015)
    • Fix missing repo description when migrating (#7000)
    • Fix LFS Locks over SSH (#6999)
    • Do not attempt to return blob on submodule (#6996)
    • Fix U2F for Chrome >= 74 (#6980)
    • Fix index produces problem when issues/pulls deleted (#6973)
    • Allow collaborators to view repo owned by private org (#6965)
    • Stop running hooks on pr merge (#6963)
    • Run hooks on merge/edit and cope with protected branches (#6961)
    • Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
    • Stop colorizing log files by default (#6949)
    • Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935)
    • Fix plain text overflow line wrap (#6915)
    • Fix input size for dependency select (#6913)
    • Change drone token name to let users know to use oauth2 (#6912)
    • Fix syntax highlight in blame view #6895 (#6909)
    • Use AppURL for Oauth user link (#6894)
    • Fixes #6881 - API users search fix (#6882)
    • Fix 404 when send pull request some situation (#6871)
    • Enforce osusergo build tag for releases (#6862)
    • Fix 500 when reviewer is deleted with integration tests (#6856)
    • Fix v85.go (#6851)
    • Make dropTableColumns drop columns on sqlite and constraints on all (#6849)
    • Fix double-generation of scratch token (#6832) (#6833)
    • When mirroring we should set the remote to mirror (#6824)
    • Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823)
    • Change verbose flag in dump command to avoid colliding with global version flag (#6822)
    • Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
    • Remove seen map from getLastCommitForPaths (#6807)
    • Show scrollbar only when needed (#6802)
    • Restore IsWindows variable assignment (#6722) (#6790)
    • Service worker js is a missing comma (#6788)
    • Fix team edit API panic (#6780)
    • Set user search base field optional in LDAP (simple auth) edit page (#6779)
    • Ignore already existing public keys after ldap sync (#6766)
    • Fix pulls broken when fork repository deleted (#6754)
    • Fix missing return (#6751)
    • Fix new team 500 (#6749)
    • OAuth2 token can be used in basic auth (#6747)
    • Fix org visibility bug when git cloning (#6743)
    • Fix bug when sort repos on org home page login with non-admin (#6741)
    • Stricter domain name pattern in email regex (#6739)
    • Fix admin template error (#6737)
    • Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736)
    • UI: Detect and restore encoding and BOM in content (#6727)
    • Load issue attributes when editing an issue with API (#6723)
    • Fix team members API (#6714)
    • Unfortunately MemProvider Init does not actually Init properly (#6692)
    • Fix partial reversion of #6657 caused by #6314 (#6685)
    • Prevent creating empty sessions (#6677)
    • Fixes #6659 - Swagger schemes selection default to page's protocol (#6660)
    • Update highlight.js to 9.15.6 (#6658)
    • Properly escape on the redirect from the web editor (#6657)
    • Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656)
    • Use ctx.metas for SHA hash links (#6645)
    • Fix wrong GPG expire date (#6643)
    • upgrade version of lib/pq to v1.1.0 (#6640)
    • Fix forking an empty repository (#6637)
    • Fix issuer of OTP URI should be URI-encoded. (#6634)
    • Return a UserList from /api/v1/admin/users (#6629)
    • Add json tags for oauth2 form (#6627)
    • Remove extra slash from twitter card (#6619)
    • remove bash requirement in makefile (#6617)
    • Fix Open Graph og:image link (#6612)
    • Fix cross-compile builds (#6609)
    • Change commit summary to full message in API (#6591)
    • Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579)
    • Prevent server 500 on compare branches with no common history (#6555)
    • Properly escape release attachment URL (#6512)
    • Delete local branch when repo branch is deleted (#6497)
    • Fix bug when user login and want to resend register confirmation email (#6482)
    • Fix upload attachments (#6481)
    • Avoid multi-clicks in oauth2 login (#6467)
    • Hacky fix for alignment of the create-organization dialog (#6455)
    • Change order that PostProcess Processors are run (#6445)
    • Clean up ref name rules (#6437)
    • Fix Hook & HookList in Swagger (#6432)
    • Fixed unitTypeCode not being used in accessLevelUnit (#6419)
    • Display correct error for invalid mirror interval (#6414)
    • Don't Unescape redirect_to cookie value (#6399)
    • Fix dump table name error and add some test for dump database (#6394)
    • Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387)
    • Make sure units of a team are returned (#6379)
    • Fix bug manifest.json will not request with cookie so that session will created every request (#6372)
    • Disable benchmarking during tag events on DroneIO (#6365)
    • Comments list performance optimization (#5305)
  • ENHANCEMENTS
    • Update Drone docker generation to standard format (#7480) (#7496) (#7504)
    • Add API Endpoint for Repo Edit (#7006)
    • Add state param to milestone listing API (#7131)
    • Make captcha and password optional for external accounts (#6606)
    • Detect migrating batch size (#7353)
    • Fix 7255 - wrap long texts on user profile info (#7333)
    • Use commit graph files for listing pages (#7314)
    • Add git command line commitgraph support global default true when git version >= 2.18 (#7313)
    • Add LFS_START_SERVER option to control git-lfs support (#7281)
    • Dark theme markdown fixes (#7260)
    • Update go-git to v4.12.0 (#7249)
    • Show lfs config on admin panel (#7220)
    • Disable same user check for internal SSH (#7215)
    • Add LastLogin to the User API (#7196)
    • Add missing description of label on API (#7159)
    • Use go method to calculate ssh key fingerprint (#7128)
    • Enable Rust highlighting (#7125)
    • Refactor submodule URL parsing (#7100)
    • Change issue mail title. (#7064)
    • Use batch insert on migrating repository to make the process faster (#7050)
    • Improve github downloader on migrations (#7049)
    • When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047)
    • Fix Erlang and Elixir highlight mappings (#7044)
    • API Org Visibility (#7028)
    • Improve handling of non-square avatars (#7025)
    • Bugfix: Align comment label and actions to the right (#7024)
    • Change UpdateRepoIndex api to include watchers (#7012)
    • Move serv hook functionality & drop GitLogger (#6993)
    • Add support of utf8mb4 for mysql (#6992)
    • Make webhook http connections resuable (#6976)
    • Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
    • Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
    • Remove macaron dependent on models (#6940)
    • Add less linter via npx (#6936)
    • Remove macaron dependent on modules/log (#6933)
    • Remove macaron dependent on models/mail.go (#6931)
    • Clean less files (#6921)
    • Fix code overflow (#6914)
    • Style orgs list in user profile (#6911)
    • Improve description of branch protection (fix #6886) (#6906)
    • Move sdk structs to modules/structs (#6905)
    • update sdk to latest (#6903)
    • Escape the commit message on issues update and title in telegram hook (#6901)
    • SearchRepositoryByName improvements and unification (#6897)
    • Change the color of issues/pulls list, merged is purple and closed is red (#6874)
    • Refactor table width to have more info shown in file list (#6867)
    • Monitor all git commands; move blame to git package and replace git as a variable (#6864)
    • Fix config ui error about cache ttl (#6861)
    • Improve localization of git activity stats (#6848)
    • Generate access token in admin cli (#6847)
    • Update github.com/urfave/cli to version 1.2.0 (#6838)
    • Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826)
    • internal/ssh: ignore env command totally (#6825)
    • Allow Recaptcha service url to be configured (#6820)
    • update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815)
    • Use modules/git for git commands (#6775)
    • Add GET requests to webhook (#6771)
    • Move PushUpdate dependency from models to repofiles (#6763)
    • Tweak tab text and icon colors (#6760)
    • Ignore non-standard refs in git push (#6758)
    • Disable web preview for telegram webhook (#6719)
    • Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710)
    • Reorder file actions (#6706)
    • README WordPress the code is overflowing #6679 (#6696)
    • Improve issue reference on commit (#6694)
    • Handle redirects for git clone commands (#6688)
    • Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
    • API OTP Context (#6674)
    • Remove local clones & make hooks run on merge/edit/upload (#6672)
    • Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
    • Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
    • Fix dropdown icon padding (#6651)
    • Add more title attributes on shortened names (#6647)
    • Update UI for topics labels on projects (#6639)
    • Trace Logging on Permission Denied & ColorFormat (#6618)
    • Add .gpg url (match github behaviour) (#6610)
    • Support for custom GITEA_CUSTOM env var in docker(#6608)
    • Show "delete branch" button on closed pull requests (#6570) (#6601)
    • Add option to disable refresh token invalidation (#6584)
    • Fix new repo dropdown alignment (#6583)
    • Fix mail notification when close/reopen issue (#6581)
    • Pre-calculate the absolute path of git (#6575)
    • Minor CSS cleanup for the navbar (#6553)
    • Render SHA1 links as code blocks (#6546)
    • Add username flag in create-user command (#6534)
    • Unifies pagination template usage (#6531) (#6533)
    • Fixes pagination width on mobile view (#5711) (#6532)
    • Improve SHA1 link detection (#6526)
    • Fixes #6446 - Sort team members and team's repositories (#6525)
    • Use stricter boundaries for auto-link detection (#6522)
    • Use regular line-height on frontpage entries (#6518)
    • Fixes #6514 - New Pull Request on files and pulls pages the same (#6515)
    • Make distinction between DisplayName and Username in email templates (#6495)
    • Add X-Auto-Response-Suppress header to outgoing messages (#6492)
    • Cleaned permission checks for API -> site admin can now do anything (#6483)
    • Support search operators for commits search (#6479)
    • Improve listing performance by using go-git (#6478)
    • Fix repo sub_menu font color in arc-green (#6477)
    • Show last commit status in pull request lists (#6465)
    • Add signatures to webhooks (#6428)
    • Optimize all images in public/img (#6427)
    • Add golangci (#6418)
    • Make "Ghost" not link to 404 page (#6410)
    • Include more variables on admin/config page (#6378)
    • Markdown: enable some more extensions (#6362)
    • Include repo name in page title tag (#6343)
    • Show locale string on timestamp (#6324)
    • Handle CORS requests (#6289)
    • Improve issue autolinks (#6273)
    • Migration Tweaks (#6260)
    • Add title attributes to all items in the repo list viewer (#6258)
    • Issue indexer queue redis support (#6218)
    • Add bio field for user (#6113)
    • Make the version within makefile overwriteable (#6080)
    • Updates to API 404 responses (#6077)
    • Use Go1.11 module (#5743)
    • UX + Security current user password reset (#5042)
    • Refactor: append, build variable and type switch (#4940)
    • Git statistics in Activity tab (#4724)
    • Drop the bits argument when generating an ed25519 key (#6504)
  • TESTING
    • Exclude pull_request from fetch-tags step, fixes #7108 (#7120)
    • Refactor and improve git test (#7086)
    • Fix TestSearchRepo by waiting till indexing is done (#7004)
    • Add mssql migration tests (needs #6823) (#6852)
    • Add tests for Org API (#6731)
    • Context.ServerError and NotFound should log from their caller (#6550)
  • TRANSLATION
    • Add french specific rule for translating plural texts (#6846)
  • BUILD
    • Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306)
    • Alpine 3.10 (#7256)
    • Use vfsgen instead of go-bindata (#7080)
    • remove and disable package-lock (#6969)
    • add make targets for js and css, add js linter (#6952)
    • Added tags pull step to drone config to show correct version hashes i… (#6836)
    • Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631)
    • chore: update drone format to 1.0 (#6602)
    • Fix race in integration testlogger (#6556)
    • Quieter Integration Tests (#6513)
    • Drop the docker Makefile from the image (#6507)
    • Add make version on gitea version (#6485)
    • Fix #6468 - Uses space match and adds newline for all sed flavors (#6473)
    • Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
    • Update npm dependencies and various tweaks (#7344)
    • Fix updated drone file (#7336)
    • Add 'npm' and 'npm-update' make targets and lockfile (#7246)
  • DOCS
    • Add work path CLI option (#6922)
    • Fix logging documentation (#6904)
    • Some logging documentation (#6498)
    • Fix link to Hacking on Gitea on From-Source doc page (#6471)
    • Fix typos in docs command-line examples (#6466)
    • Added docker example for backup (#5846)

1.8.3 - 2019-06-17

  • BUGFIXES
    • Always set userID on LFS authentication (#7224) (Part of #6993)
    • Fix LFS Locks over SSH (#6999) (#7223)
    • Fix duplicated file on pull request conflicted files (#7211) (#7214)
    • Detect noreply email address as user (#7133) (#7195)
    • Don't get milestone from DB if ID is zero (#7169) (#7174)
    • Allow archived repos to be (un)starred and (un)watched (#7163) (#7168)
    • Fix GCArgs load from ini (#7156) (#7157)

1.8.2 - 2019-05-29

  • BUGFIXES
    • Fix possbile mysql invalid connnection error (#7051) (#7071)
    • Handle invalid administrator username on install page (#7060) (#7063)
    • Disable arm7 builds (#7037) (#7042)
    • Fix default for allowing new organization creation for new users (#7017) (#7034)
    • SearchRepositoryByName improvements and unification (#6897) (#7002)
    • Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
    • Allow collaborators to view repo owned by private org (#6965) (#6968)
    • Use AppURL for Oauth user link (#6894) (#6925)
    • Escape the commit message on issues update (#6901) (#6902)
    • Fix regression for API users search (#6882) (#6885)
    • Handle early git version's lack of get-url (#7065) (#7076)
    • Fix wrong init dependency on markup extensions (#7038) (#7074)

1.8.1 - 2019-05-08

  • BUGFIXES
    • Fix 404 when sending pull requests in some situations (#6871) (#6873)
    • Enforce osusergo build tag for releases (#6862) (#6869)
    • Don't post process commit summary in templates (#6842) (#6868)
    • Fix 500 when reviewer is deleted (#6856) (#6860)
    • Fix v78 migration for MSSQL (#6823) (#6854)
    • Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
    • Fix double-generation of scratch token (#6833) (#6835)
    • When mirroring we should set the remote to mirror (#6824) (#6834)
    • Show scrollbar only when needed (#6802) (#6803)
    • Service worker js is missing a comma (#6788) (#6795)
    • Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
    • Fix team edit API panic (#6780) (#6785)
    • Minor CSS cleanup for the navbar (#6553) (#6781)
    • Stricter domain name pattern in email regex (#6739) (#6768)
    • Detect and restore encoding and BOM in content (#6727) (#6765)
    • Fix org visibility bug when git cloning (#6743) (#6762)
    • OAuth2 token can be used in basic auth (#6747) (#6761)
    • Fix missing return (#6751) (#6756)
    • Fix sorting repos on org home page with non-admin login (#6741) (#6746)
    • Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
    • Fix team members API (#6714) (#6729)
    • Load issue attributes when editing an issue with API (#6723) (#6725)
    • Fix config ui error about cache ttl (#6861) (#6865)

1.8.0 - 2019-04-20

  • SECURITY
    • Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
    • Resolve 2FA bypass on API (#6676) (#6674)
    • Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
  • BREAKING
    • Add "ghost" and "notifications" to list of reserved user names. (#6208)
    • Change sqlite DB path default to data directory (#6198)
    • Adds MustChangePassword to user create/edit API (#6193)
    • Disable redirect for i18n (#5910)
    • Releases API paging (#5831)
    • Allow Macaron to be set to log through to gitea.log (#5667)
    • Don't close issues via commits on non-default branch (#5622)
  • FEATURES
    • Add regenerate secret feature for oauth2 (#6291)
    • Expose issue stopwatch toggling via API (#5970)
    • Add other session providers (#5963)
    • Pull request conflict files detection (#5951)
    • Integrate OAuth2 Provider (#5378)
    • Implement "conversation lock" for issue comments (#5073)
    • Feature: Archive repos (#5009)
    • Discord Oauth2 support (#4476)
    • Allow to set organization visibility (public, internal, private) (#1763)
    • Added URL mapping for Release attachments like on github.com (#1707)
  • ENHANCEMENTS
    • Add support for client basic auth for exchanging access tokens (#6293)
    • Add ability to sort issues by due date (#6206) (#6244)
    • Style tweaks to issue selection (#6196)
    • Increase Username and Orgname MaxSize 35 -> 40 (#6178)
    • Coverage profile with multiple packages (#6167)
    • Split setting.go to multiple files (#6154)
    • Allow labels to contain emoji (#6063)
    • Disable git fsck for mirrored repos by default (#6018)
    • Add default time out for git operations (#6015)
    • Split setting.go as multiple files (#6014)
    • Make dashboard navbar and footer full-width (#6013)
    • Add lang specific font stacks for CJK (#6007)
    • Fix header menu misalignment (#6002)
    • Enhance closed PR and Issue status in the list (#6000)
    • Make navbar full width (#5998)
    • Add option to close issues via commit on a non master branch (#5992)
    • Support n as a line highlight prefix (#5987)
    • Search for org repos (#3031) (#5986)
    • Minor UI tweaks (#5980)
    • Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
    • Dashboard tweaks (#5974)
    • Fixes for repo topic editor (#5971)
    • Display the branch name in the commit view (#5950)
    • handle milestone events for issues and PR (#5947)
    • Add label names as filter in issue search api (#5946)
    • Repo header tweaks (#5945)
    • Better support for long repo names (#5932)
    • Fix wrapping long code lines (#5927)
    • Change GPG Validation colors and remove inline CSS (#5404) (#5896)
    • Fix "pulls.blocked_by_approvals" text (#5879)
    • Rename reject to 'request changes' (#5858)
    • Move input fields to add members to a team and repos to a team (#5853)
    • Config option to disable automatic repo watching (#5852)
    • New Issue ?body= query (#5851)
    • Add API to list tags (#5850)
    • Pagination for git tree API (#5838)
    • Add InternalTokenURI to load InternalToken from an external file (#5812)
    • Allow markdown files to read from the LFS (#5787)
    • Add the ability to use multiple labels as filters (#5786)
    • Adjust log settings when a user is not found. (#5771)
    • Log IP of failed ssh connection (#5766)
    • Moved defaults in defaults.go to setting.go (#5764)
    • Make DB connect more robust (#5738)
    • Add Default Pull Request Title (#5735)
    • Refactor repo.isBare to repo.isEmpty #5629 (#5714)
    • Add flag to skip repository dumping (#5695)
    • Prioritize "readme.md" (#5691)
    • Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
    • Allow for user specific themes (#5668)
    • Display branch name in delete branch confirmation modal. (#5654)
    • New API routes added (#5594)
    • Refactor notification for indexer (#5111)
    • Refactor mail notification (#5110)
    • Show email if the authenticated user owns the profile page being requested for (#4981)
    • Optimize pulls merging (#4921)
    • Sort Repositories widget by most recently updated (#3963) (#4599)
    • Allow markdown table to scroll (#4401)
    • Automatically clear stopwatch on merging a PR (#4327)
    • Add the Owner Name to differentiate when merging (#3807)
    • Add title attributes to all items in the repo list viewer (#6258) (#6650)
  • BUGFIXES
    • Fix dropdown icon padding (#6651) (#6654)
    • Fix wrong GPG expire date (#6643) (#6644)
    • Fix forking an empty repository (#6637) (#6653)
    • Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
    • Properly escape on the redirect from the web editor (#6657) (#6667)
    • Allow resend of confirmation email when logged in (#6482) (#6486)
    • Fix mail notification when close/reopen issue (#6581) (#6588)
    • Change API commit summary to full message (#6591) (#6592)
    • Add option to disable refresh token invalidation (#6584) (#6587)
    • Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
    • Fix new repo alignment (#6583) (#6585)
    • Prevent server 500 on compare branches with no common history (#6555) (#6558)
    • Properly escape release attachment URL (#6512) (#6523)
    • Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
    • Disable benchmarking during tag events on DroneIO (#6365) (#6366)
    • Make sure units of a team are returned (#6379) (#6381)
    • Don't Unescape redirect_to cookie value (#6399) (#6401)
    • Fix dump table name error and add some test for dump database (#6394) (#6402)
    • Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
    • Display correct error for invalid mirror interval (#6414) (#6429)
    • Clean up ref name rules (#6437) (#6439)
    • Fix Hook & HookList in Swagger (#6432) (#6440)
    • Change order that PostProcess Processors are run (#6445) (#6447)
    • Clean up various use of escape/unescape functions for URL generation (#6334)
    • Return 409 when creating repo if it already exists. (#6330)
    • Add same changes from issues page to milestone->issues page (#6328)
    • Fix ParsePatch function to work with quoted diff --git strings (#6323)
    • Fix reported issue in repo description (#6306)
    • Use url.PathEscape to escape the branchname (#6304)
    • Add robots.txt as reserved username (#6272)
    • Replace linkRegex with xurls library (#6261)
    • Remove visitLinksForShortLinks features (#6257)
    • Add unit types to repo action URL to correctly show 404 when archived (#6247)
    • Check organization visibility before everything else (#6234) (#6235)
    • Prevent double-close of issues (#6233)
    • Override xorm type mapping for U2F counter (#6232)
    • Add isAdmin to user API response (#6231)
    • Update git vendor to fix wrong release commit id and add migrations (#6224)
    • Fix fork button (#6223)
    • Fix renames over redirects (#6216)
    • Fix display dashboard even if require to change password (#6214)
    • Create a repo redirect when transferring ownership (#6210) (#6211)
    • Fix issue update race condition (#6194)
    • Fix bug when migrate repository 500 when repo is existed (#6188)
    • Fix scrollbar always present on page body (#6177)
    • Fix bug when set indexer as db and add tests (#6173)
    • Modify linkRegex to require http|https (#6171)
    • Fix bug user could change private repository to public when force private enabled. (#6156)
    • Fix admin list user/org API (#6143)
    • Make repo creation for API similar to UI (#6142)
    • Make document body a flexbox (#6139)
    • Refactor issue indexer, add some testing and fix a bug (#6131)
    • Load Issue attributes for API call (#6122)
    • Fix bug when update owner team then visit team's repo return 404 (#6119)
    • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
    • Show private organization for admin, fix #6111 (#6112)
    • Fix prohibit login check on authorization (#6106)
    • Move to ldap.v3 to fix #5928 (#6105)
    • Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
    • Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
    • Make sure labels are actually returned (#6053)
    • Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
    • After deleting a repo on admin panel, UI should remember the last sort type (#6033)
    • Default create repository on organisation on its dashboard (#6026)
    • Swagger: Remove spaces in MergePullRequestOption enum (#6016)
    • Fix metrics auth token detection (#6006)
    • Fix repo header issues (#5995)
    • Fix bug when deleting a linked account will removed all (#5989)
    • Make organization dropdown scrollable when using mouse wheel (#5988)
    • Fix empty ssh key importing in ldap (#5984)
    • Admin config page mailertype setting option update (#5973)
    • Fix redirect loop during forced password change (#5965)
    • Show user who created the repository instead of the organisation in action feed (#5948)
    • Remove all CommitStatus when a repo is deleted (#5940)
    • Fix ssh deploy and user key constraints (#1357) (#5939)
    • Fix log output (#5938)
    • Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
    • Fix compare button (#5929)
    • Fix bug when read public repo lfs file (#5912)
    • Only allow local login if password is non-empty (#5906)
    • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
    • Provide better panic handling (#5902)
    • Respect value of REQUIRE_SIGNIN_VIEW (#5901)
    • Show a 404 not a 500 if a repo does not exist (#5900)
    • Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
    • Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
    • Correct footer height if screen-width is to small (fixes #5878) (#5889)
    • In gitea serv switch off console logger to fix #5866 (#5887)
    • Don't allow pull requests to be created on an archived repository (#5883)
    • Support reviews on a deleted file path (#5880)
    • Fix compare button on upstream repo leading to 404 (#5877)
    • Fix null pointer on not logged in attempt to Sudo (#5872)
    • Fix new release creation API to allow empty target (#5870)
    • Fix an error while adding a dependency via UI. (#5862)
    • Fix failing migration v67 (#5849)
    • Fix delete correct temp directory (#5839)
    • Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
    • Fix topics saving internal error and disable for archived repos (#5821)
    • Fix TLS errors when using acme/autocert for local connections (#5820)
    • When creating new repository fsck option should be enabled (#5817)
    • Request for public keys only if LDAP attribute is set (#5816)
    • Fix serving of raw wiki files other than .md (#5814)
    • Fix migration 78 error mssql (#5791)
    • Disallow empty titles (#5785)
    • Fix the v78 migration script (#5776)
    • Ensure valid git author names passed in signatures (#5774)
    • Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
    • Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
    • Fixing PostgreSQL dump creation (#5747)
    • Add proper CORS preflight origin validation (#5740)
    • Disable auto-migrate in docker container (#5730)
    • In basic auth check for tokens before call UserSignIn (#5725)
    • Pooled and buffered gzip implementation (#5722)
    • Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
    • Keep file permissions during database migration (#5707)
    • Use correct value for "MSpan Structures Obtained" #4742 (#5706)
    • Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
    • Update xorm to fix issue #5659 and #5651 (#5680)
    • Fix public will not be reused as public key after deleting as deploy key (#5671)
    • When redirecting, clean the path (#5669)
    • Don't list an issue on its own dependency list UI. (#5658)
    • Fix commit page showing status for current default branch (#5649) (#5650)
    • Only count users own actions for heatmap contributions (#5647)
    • Fix sqlite deadlock when assigning to a PR (#5640)
    • Refactor issue indexer (#5363)
  • TESTING
    • Run benchmark at tag to track performances (#6035)
    • Add test environment for MySQL8 (#5234)
  • BUILD
    • Use go 1.12 for tests and deprecate go 1.9 (#6186)
    • Makefile changes for Windows and easier development (#6103)
    • Update bleve dependency to latest master revision (#6100)
    • Switch to more recent build of xgo (#6070)
    • Add autoprefixer to css build (#6029)
    • Update the version of less (#6010)
    • Make log mailer for testing (#5893)
  • DOCS
    • Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
    • update default value of --must-change-password cli flag (#6032)
    • Update and expand information about building Gitea (#6019)
    • Update U2F Section of app.ini.sample (#5994)
    • Update swagger for release API pagination (#5841)
    • Added docs for the tree api (#5834)
  • MISC
    • Add single commit API support (#5843)
    • Add missing GET teams endpoints (#5382)
    • Migrate database if app.ini found (#5290)

1.7.6 - 2019-04-12

  • SECURITY
    • Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
  • BUGFIXES
    • Allow resend of confirmation email when logged in (#6482) (#6487)

1.7.5 - 2019-03-27

  • BUGFIXES
    • Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
    • Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)
    • Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)

1.7.4 - 2019-03-12

  • SECURITY
    • Fix potential XSS vulnerability in repository description. (#6306) (#6308)
  • BUGFIXES
    • Fix wrong release commit id (#6224) (#6300)
    • Fix panic on empty signed commits (#6292) (#6300)
    • Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
    • Fix displaying dashboard even if required to change password (#6214) (#6215)

1.7.3 - 2019-02-27

  • BUGFIXES
    • Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
    • Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
    • Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
    • Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
    • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
    • Fix prohibit login check on authorization (#6106) (#6115)
    • Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
    • Fix deadlock in webhook PullRequest (#6102) (#6104)
    • Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
    • Fix compare button regression (#5929) (#6098)
    • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)

1.7.2 - 2019-02-14

  • BUGFIXES
    • Remove all CommitStatus when a repo is deleted (#5940) (#5941)
    • Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
    • Silence console logger in gitea serv (#5887) (#5943)
    • Handle milestone webhook events for issues and PR (#5947) (#5955)
    • Show user who created the repository instead of the organization in action feed (#5948) (#5956)
    • Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
    • Fix bug when deleting a linked account will removed all (#5989) (#5990)
    • Fix empty ssh key importing in ldap (#5984) (#6009)
    • Fix metrics auth token detection (#6006) (#6017)
    • Create repository on organisation by default on its dashboard (#6026) (#6048)
    • Make sure labels are actually returned in API (#6053) (#6059)
    • Switch to more recent build of xgo (#6070) (#6072)
    • In basic auth check for tokens before call UserSignIn (#5725) (#6083)

1.7.1 - 2019-01-31

  • SECURITY
    • Disable redirect for i18n (#5910) (#5916)
    • Only allow local login if password is non-empty (#5906) (#5908)
    • Fix go-get URL generation (#5905) (#5907)
  • BUGFIXES
    • Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
    • Request for public keys only if LDAP attribute is set (#5816) (#5819)
    • Fix delete correct temp directory (#5840) (#5839)
    • Fix an error while adding a dependency via UI (#5862) (#5876)
    • Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
    • When creating new repository fsck option should be enabled (#5817) (#5885)
    • Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
    • Fix bug when read public repo lfs file (#5913) (#5912)
    • Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
    • Fix compare button on upstream repo leading to 404 (#5877) (#5914)
  • DOCS
    • Added docs for the tree api (#5835)
  • MISC
    • Include Go toolchain to --version (#5832) (#5830)

1.7.0 - 2019-01-22

  • SECURITY
    • Do not display the raw OpenID error in the UI (#5705) (#5712)
    • When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
    • Prevent DeleteFilePost doing arbitrary deletion (#5631)
  • BREAKING
    • Restrict permission check on repositories and fix some problems (#5314)
    • Show only opened milestones on issues page milestone filter (#5051)
  • FEATURES
    • Implement git refs API for listing references (branches, tags and other) (#5354)
    • Approvals at Branch Protection (#5350)
    • Add raw blob endpoint to get objects by SHA ID (#5334)
    • Add api for user to create org (#5268)
    • Create AuthorizedKeysCommand (#5236)
    • User action heatmap (#5131)
    • Refactor heatmap to vue component (#5401)
    • Webhook for Pull Request approval/rejection (#5027)
    • Add command for migrating database (#4954)
    • Search keyword by splitting provided values by , (#4939)
    • Create Progressive Web App (#4730)
    • Give user a link to create PR after push (#4716)
    • Add rebase with merge commit merge style (#3844) (#4052)
  • BUGFIXES
    • Disallow empty titles (#5785) (#5794)
    • Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
    • Don't close issues via commits on non-default branch. (#5622) (#5643)
    • Fix commit page showing status for current default branch (#5650) (#5653)
    • Only count users own actions for heatmap contributions (#5647) (#5655)
    • Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
    • Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
    • Fix bug on modifying sshd username (#5624)
    • Delete tags in mirror which are removed for original repo. (#5609)
    • Fix wrong text getting saved on editing second comment on an issue. (#5608)
    • Fix nil pointer when adding a due date (#5587)
    • Fix type mismatch of format string (#5574)
    • Fix bug on upload file name (#5571)
    • Issue is not overdue when it is on the same date #5566 (#5568)
    • Fix indexer reindex bug when gitea restart (#5563)
    • Fix table name typo on SQL (#5562)
    • Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
    • Fix makefile generate buildstep (#5556)
    • Fix nil pointer base branch bug (#5555)
    • Fix permission check on api create org (#5523)
    • Fix detect force push failure on deletion of protected branches (#5522)
    • Fix approvals limitation (#5521)
    • Fix bug when a read perm user to edit his issue (#5516)
    • Fix adding reaction fail for read permission user (#5515)
    • Fixing MSSQL timestamp type (#5511)
    • Fix forgot deletion of notification when delete repository (#5506)
    • Fix empty wiki (#5504)
    • Fix clone wiki failed via ssh (#5503)
    • Fix code review on mssql (#5502)
    • Fix lfs version check warning log when using ssh protocol (#5501)
    • Fix topic name length on database (#5493)
    • Ensure that the closed_at is set for closed issues (#5449)
    • Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
    • Word-Break the WebHook url to prevent a ui-break (#5432)
    • Fix forgot removed records when deleting user (#5429)
    • Fix repository deletion when there is large number of issues in it (#5426)
    • Fix heatmap colors for Chrome/Safari (#5421)
    • Fix password variable shadowing (#5405)
    • Fix dependent issue searching when gitea is run in subpath (#5392)
    • Don't force a password change for the admin user when creating an account via cli (#5391)
    • API: '/orgs/:org/repos': return private repos with read access (#5383)
    • Don't send assign webhooks when creating issue (#5365)
    • Removing Labels via EditPullRequest API (#5348)
    • Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
    • Fix bug when users have serval teams with different units on different repositories (#5307)
    • Fix U2F if gitea is configured in subpath (#5302)
    • Fix file edit change preview functionality (#5300)
    • Update gitignore list (#5258)
    • Fixed heatmap not working in mssql (#5248)
    • Fixed wrong api request url for instances running in subfolders (#5247)
    • Fix compatibility heatmap with mysql 8 (#5232)
    • Fix data race on migrate repository (#5224)
    • Fix sqlite and mssql lock (#5214)
    • Fix sqlite lock (#5210)
    • Fix: Accept web-command cli flags if web-command is commited (#5200)
    • Fix: Add secret to all webhook's payload where it has been missing (#5199)
    • Fix race on updatesize (#5190)
    • Fix create team, update team missing units (#5188)
    • Fix sqlite lock (#5184 & #5176)
    • Fix showing pull request link when delete a branch (#5166)
    • Fix JSON result of empty array in heatmap data array (#5154)
    • Update build tags for sqlite_unlock notify (#5144)
    • This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
    • Fix deadlock when sqlite (#5118)
    • Add comment replies (#5104)
    • Fix home page template regression (#5102)
    • Fix regex to support optional end line of old section in diff hunk (#5096)
    • LDAP via simple auth separate bind user and search base (#5055)
    • Fix markdown image with link (#4675)
    • Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
  • ENHANCEMENTS
    • Delete organization endpoint added (#5601)
    • Update Licenses (#5558)
    • Support reverse proxy providing email (#5554)
    • Add git protocol v2 support via SSH on Docker image (#5520)
    • Add tests for api user orgs (#5494)
    • Allow link verification for services like Mastodon (#5481)
    • Improve team members and repositories settings UI (#5457)
    • Remove the required class from optional ssh port in installation page (#5428)
    • Explicitly disable Git credential helper (#5367)
    • Setting Labels via EditPullRequest API (#5347)
    • Implement pasting image from clipboard for browsers that supports that (#5317)
    • Milestone issues and pull requests (#5293)
    • Support envs on external render commands (#5278)
    • Add option to disable automatic mirror syncing. (#5242)
    • Remove unused db init on commands serv, update, hooks (#5225)
    • Serve audio files using HTML5 audio tag (#5221)
    • Pass link prefixes to external markup parsers (#5201)
    • Add AutoHead functionality. (#5186)
    • Fix emojis not showing in commit messages (#5168)
    • Block registration based on email domain (#5157)
    • Update vendor/go-sqlite3 (#5133 & #5162)
    • Update x/net lib (#5169)
    • Show review summary in pull requests (#5132)
    • Use type switch (#5122)
    • Remove duplicated if bodies (#5121)
    • Remove check for negative length (#5120)
    • Make switch more clear (#5119)
    • Use named const instead of a raw string (#5115)
    • Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
    • Refactor: err != nil check, just return error instead (#5093)
    • Add notification interface and refactor UI notifications (#5085)
    • Use APP_NAME on home page (#5048)
    • Explicitly decide whether to use TLS in mailer's configuration (#5024)
    • Generate random password (#5023)
    • UX of link account (Step 1) (#5006)
    • Make sure argsSet verifies string isn't empty too (#4980)
    • Improve performance of dashboard (#4977)
    • Keys API changes (#4960)
    • Add must-change-password flag to cli for creating a user (#4955)
    • Use native go method to get current user rather than environment variable (#4930)
    • Make gitea serv use api/internal (#4886)
    • Add support for search by uid (#4876)
    • Allow to add organization members as collaborators on organization owned repositories (#4748)
  • TESTING
    • Kill testing processes if the test takes too long (#5174)
    • Update outdated Go toolchain version for .drone.yml (#5146)
    • Increase the retry limit to 20 times and the interval to 200ms (#5134)
    • Retry test-fixtures loading in case of transaction rollback (#5125)
    • Added test environment for mssql (#4282)
  • BUILD
    • Replace lint to revive (#5422)
    • Update golang version in Dockerfile (#5246)
  • DOCS
    • Typo in routers/api/v1/org/org.go fixed. (#5598)
    • Update the docs for sqlite_unlock_notify (#5145)
    • CN translation of docs part (#5049)
    • Kubernetes deployment file (#5046)
  • MISC
    • Upgrade alpine to 3.8 (#5423)
    • Git-Trees API (#5403)
    • Only chown directories during docker setup if necessary. Fix #4425 (#5064)

1.6.4 - 2019-01-15

  • BUGFIX
    • Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
    • When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
    • Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)

1.6.3 - 2019-01-04

  • SECURITY
    • Prevent DeleteFilePost doing arbitrary deletion (#5631)
  • BUGFIX
    • Fix wrong text getting saved on editing second comment on an issue (#5608)

1.6.2 - 2018-12-21

  • SECURITY
    • Sanitize uploaded file names (#5571) (#5573)
    • HTMLEncode user added text (#5570) (#5575)
  • BUGFIXES
    • Fix indexer reindex bug when gitea restart (#5563) (#5564)
    • Remove a double slash in the HTTPS redirect with Let's Encrypt (#5537) (#5539)
    • Fix bug when a read perm user to edit his issue (#5516) (#5534)
    • Detect force push failure on deletion of protected branches (#5522) (#5531)
    • Let's Encrypt handler listens on correct port for certificate validation (#5525) (#5527)
    • Fix forgot deletion of notification when delete repository (#5506) (#5514)
    • Fix undeleted content when deleting user (#5429) (#5509)
    • Fix empty wiki (#5504) (#5508)

1.6.1 - 2018-12-08

  • BUGFIXES
    • Fix dependent issue searching when gitea is run in subpath (#5392) (#5400)
    • API: '/orgs/:org/repos': return private repos with read access (#5393)
    • Fix repository deletion when there is large number of issues in it (#5426) (#5434)
    • Word-break the WebHook url to prevent a ui-break (#5445)
    • Admin should be able to delete repos via the API even if they are not a member of the organization (#5443) (#5447)
    • Ensure that the closed_at is set for closed (#5450)
    • Fix topic name length on database (#5493) (#5495)

1.6.0 - 2018-11-22

  • BREAKING
    • Respect email privacy option in user search via API (#4512)
    • Simply remove tidb and deps (#3993)
    • Swagger.v1.json template (#3572)
  • SECURITY
    • Add CSRF checking to reqToken and add reqToken to admin API routes (#5272) (#5250)
    • Improve URL validation for external wiki and external issues (#4710)
    • Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)
    • Don't disclose emails of all users when sending out emails (#4664)
    • Check that repositories can only be migrated to own user or organizations (#4366)
  • FEATURES
    • Add comment replies (#5147) (#5104)
    • Pull request review/approval and comment on code (#3748)
    • Added dependencies for issues (#2196) (#2531)
    • Add the ability to have built in themes in Gitea and provide dark theme arc-green (#4198)
    • Add sudo functionality to the API (#4809)
    • Add oauth providers via cli (#4591)
    • Disable merging a WIP Pull request (#4529)
    • Force user to change password (#4489)
    • Add letsencrypt to Gitea (#4189)
    • Add push webhook support for mirrored repositories (#4127)
    • Add csv file render support defaultly (#4105)
    • Add Recaptcha functionality to Gitea (#4044)
  • ENHANCEMENTS
    • Fix milestones sorted wrongly (#4987)
    • Allow api to create tags for releases if they don't exist (#4890)
    • Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
    • Enforce token on api routes [fixed critical security issue #4357] (#4840)
    • Update legacy branch and tag URLs in dashboard to new format (#4812)
    • Slack webhook channel name cannot be empty or just contain an hashtag (#4786)
    • Add whitespace handling to PR-comparsion (#4683)
    • Make reverse proxy auth optional (#4643)
    • MySQL TLS (#4642)
    • Make sure to set PR split view when creating/previewing a pull request (#4617)
    • Log user in after a successful sign up (#4615)
    • Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578)
    • Allow admin toggle forcing a password change for newly created users (#4563)
    • Update jQuery to v1.12.4 (#4551)
    • Env var GITEA_PUSHER_EMAIL (#4516)
    • Feat(repo): support search repository by topic name (#4505)
    • Small improvements to dependency UI (#4503)
    • Make max commits in graph configurable (#4498)
    • Add valid for lfs oid (#4461)
    • Add shortcut to save wiki page (#4452)
    • Allow administrator to create repository for any organization (#4368)
    • Fix repository last updated time update when delete a user who watched the repo (#4363)
    • Switch plaintext scratch tokens to use hash instead (#4331)
    • Increase default TOTP secret size to 320 bits (#4287)
    • Keep preseeded database password (#4284)
    • Implemented hover text showing user FullName (#4261)
    • Add ability to delete a token (#4235)
    • Fix typos in i18n variable names. (#4080)
    • Api: repos/search: add parameters to control the sort order (#3964)
    • Add missing path in the Docker app.ini template (#2181)
    • Add file name and branch to page title (#4902)
    • Offline use of google fonts (#4872)
    • Add missing History link to directory listings v2 (#4829)
    • Locale for Edit and Remove due date issue (#4802)
    • Disable 'May Import Local Repository' when is disabled by setting (Is… (#4780)
    • API /admin/users/{username} missing parameter (#4775)
    • Display error when adding a user to a team twice (#4746)
    • Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722)
    • Focus title input when clicking helper link (#4696)
    • Add vendor to user reserved words and format words list according alphabet (#4685)
    • Add gitea/issues link to 500 page (#4654)
    • Hide home button when landing page is not set to home (#4651)
    • Remove link to GitHub issues in 404 template (#4639)
    • Cmd/serve: pprof cpu and memory profile dumps to disk (#4560)
    • Add flash message after an account has been successfully activated (#4510)
    • Prevent html entity escaping on delete branch (#4471)
    • Locale for button Edit on protected branch (#4442)
    • Update notification icon (#4343)
    • Added front-end topics validation (#4316)
    • Don't display buttons if there are no system notifications (#4280)
    • Issue due date api (#3890)
  • BUGFIXES
    • dont' send assign webhooks when creating issue (#5365)
    • Fix create team, update team missing units (#5188)
    • Fix file edit change preview functionality (#5300)
    • *ix bug when users have serval teams with different units on different repositories (#5307)
    • Fix U2F if gitea is configured in subpath (#5302)
    • Fix markdown image with link (#4675)
    • Remove maxlines option for file logger (#5282)
    • Fix wrong api request url for instances running in subfolders (#5261) (#5247)
    • Accept web-command cli flags if web-command is commited (#5245) (#5200)
    • Reduce join star, repo_topic, topic tables on repo search, to resolve extra columns problem on MSSQL (#5136) (#5229)
    • Fix data race on migrate repository (#5224) (#5230)
    • Add secret to all webhook's payload where it has been missing (#5208) (#5199)
    • Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218) (#5176) (#5179)
    • Fix race on updatesize (#5190) (#5215)
    • Fix filtering issues by tags on main screen issues (#5219) (#3824)
    • Fix SQL quoting (#5137) (#5117)
    • Fix regex to support optional end line of old section in diff hunk (#5097) (#5096)
    • Fix release creation via API (#5076)
    • Remove links from topics in edit mode (#5026)
    • Fix missing AppSubUrl in few more templates (fixup) (#5021)
    • Fix missing AppSubUrl in some templates (#5020)
    • Hide outdated comments in file view (#5017)
    • Upgrade gopkg.in/testfixtures.v2 (#4999)
    • Disable debug routes unless PPROF is enabled in configuration (#4995)
    • Fix user menu item styling (#4985)
    • Fix layout of the topics editing form (#4971)
    • Fix null pointer dereference in ParseCommitWithSignature (#4962)
    • Fix url in discord webhook (#4953)
    • Detect charset and convert non UTF-8 files for display (#4950)
    • Make sure to catch the right error so it is displayed on the UI (#4945)
    • Fix(topics): don't redirect to explore page. (#4938)
    • Fix bug forget to remove Stopwatch when remove repository (#4928)
    • Fix bug when repo remained bare if multiple branches pushed in single push (#4923)
    • Fix: Crippled diff (#4726) (#4900)
    • Fix trimming of markup section names (#4863)
    • Issues api allow pulls and fix #4832 (#4852)
    • Do not autocreate directory for new users/orgs (#4828) (#4849)
    • Fix redirect with non-ascii branch names (#4764) (#4810)
    • Fix missing release title in webhook (#4783) (#4796)
    • User shouldn't be able to approve or reject his/her own PR (#4729)
    • Make sure to reset commit count in the cache on mirror syncing (#4720)
    • Fixed bug where team with admin privelege type doesn't get any unit (#4719)
    • Fix incorrect caption of webhook setting (#4701) (#4717)
    • Allow WIP marker to contains < or > (#4709)
    • Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680)
    • Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645)
    • Fix custom templates being ignored (#4638)
    • Fix starring icon after semantic ui update (#4628)
    • Fix Split-View line adjustment (#4622)
    • Fix integer constant overflows in tests (#4616)
    • Push whitelist now doesn't apply to branch deletion (#4601) (#4607)
    • Fix bugs when too many IN variables (#4594)
    • Fix failure on creating pull request with assignees (#4419) (#4583)
    • Fix panic issue on update avatar email (#4580) (#4581)
    • Fix status code label for a successful webhook (#4540)
    • An inactive user shouldn't be able to be added as a collaborator (#4535)
    • Don't fail silently if trying to add a collaborator twice (#4533)
    • Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525)
    • Fix out-of-transaction query in removeOrgUser (#4521) (#4522)
    • Fix migration from older releases (#4495)
    • Accept 'Data:' in commit graph (#4487)
    • Update xorm to latest version and fix correct user table referencing in sql (#4473)
    • Relative URLs for LibreJS page (#4460)
    • Redirect to correct page after using scratch token (#4458)
    • Fix column droping for MSSQL that need new transaction for that (#4440)
    • Replace src with raw to fix image paths (#4377)
    • Add default merge options when creating new repository (#4369)
    • Fix docker build (#4358)
    • Fixes repo membership check in API (#4341)
    • Dep upgrade mysql lib (#4161)
    • Fix some issues with special chars in branch names (#3767)
    • Responsive design fixes (#4508)
  • TRANSLATION
    • Fix punctuation in English translation (#4958)
    • Fix translation (#4355)

1.5.3 - 2018-10-31

  • SECURITY
    • Fix remote command execution vulnerability in upstream library (#5177) (#5196)

1.5.2 - 2018-10-09

  • SECURITY
    • Enforce token on api routes (#4840) (#4905)
  • BUGFIXES
    • Remove links from topics in edit mode (#5030)
    • Detect charset and convert non UTF-8 files for display (#4950) (#4994)
    • Fix layout of the topics editing form (#4971) (#4993)
    • Fix null pointer dereference in ParseCommitWithSignature (#4964)
    • Fix url in discord webhook (#4951)
    • Fix font-cropping UI bug in diff (#4726) (#4929)
    • Fix bug forget to remove Stopwatch when remove repository (#4933)
    • Fix bug when repo remained bare if multiple branches pushed (#4927)
    • Fix redirect with non-ascii branch names (#4764) (#4887)
    • Fix issues api allow pulls (#4852) (#4862)
    • Fix trimming of markup section names (#4864)

1.5.1 - 2018-09-03

  • SECURITY
    • Don't disclose emails of all users when sending out emails (#4784)
    • Improve URL validation for external wiki and external issues (#4710) (#4740)
    • Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
  • BUGFIXES
    • Fix missing release title in webhook (#4783) (#4800)
    • Make sure to reset commit count in the cache on mirror syncing (#4770)
    • Fixed bug where team with admin privelege type doesn't get any unit (#4759)
    • Fix failure on creating pull request with assignees (#4583) (#4727)
    • Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
  • TRANSLATION
    • Fix incorrect caption of webhook setting (#4701) (#4718)

1.5.0 - 2018-08-10

  • SECURITY
    • Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
    • Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
    • Do not allow to reuse TOTP passcode (#3878)
  • BUGFIXES
    • Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
    • Redirect to correct page after using scratch token (#4458) (#4472)
    • Replace src with raw to fix image paths (#4377) (#4386)
    • Fixes repo membership check in API (#4341) (#4379)
    • Add default merge options when adding new repository (#4369) (#4373)
    • Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
    • Fix html entity escaping in branch deletion message (#4471) (#4485)
    • Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
    • Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519)
    • Fix panic issue on update avatar email (#4580) (#4590)
    • Fix bugs when too many IN variables (#4594) (#4597)
    • Push whitelist now doesn't apply to branch deletion (#4601) (#4640)
    • Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650)
  • FEATURES
    • Add cli commands to regen hooks & keys (#3979)
    • Add support for FIDO U2F (#3971)
    • Added user language setting (#3875)
    • LDAP Public SSH Keys synchronization (#1844)
    • Add topic support (#3711)
    • Multiple assignees (#3705)
    • Add protected branch whitelists for merging (#3689)
    • Global code search support (#3664)
    • Add label descriptions (#3662)
    • Add issue search via API (#3612)
    • Add repository setting to enable/disable health checks (#3607)
    • Emoji Autocomplete (#3433)
    • Implements generator cli for secrets (#3531)
  • ENHANCEMENTS
    • Add more webhooks support and refactor webhook templates directory (#3929)
    • Add new option to allow only OAuth2/OpenID user registration (#3910)
    • Add option to use paged LDAP search when synchronizing users (#3895)
    • Symlink icons (#1416)
    • Improve release page UI (#3693)
    • Add admin dashboard option to run health checks (#3606)
    • Add branch link in branch list (#3576)
    • Reduce sql query times in retrieveFeeds (#3547)
    • Option to enable or disable swagger endpoints (#3502)
    • Add missing licenses (#3497)
    • Reduce repo indexer disk usage (#3452)
    • Enable caching on assets and avatars (#3376)
    • Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
    • Add Environment Variables to Docker template (#4012)
    • LFS: make HTTP auth period configurable (#4035)
    • Add config path as an optionial flag when changing pass via CLI (#4184)
    • Refactor User Settings sections (#3900)
    • Allow square brackets in external issue patterns (#3408)
    • Add Attachment API (#3478)
    • Add EnableTimetracking option to app settings (#3719)
    • Add config option to enable or disable log executed SQL (#3726)
    • Shows total tracked time in issue and milestone list (#3341)
  • TRANSLATION
    • Improve English grammar and consistency (#3614)
  • DEPLOYMENT
    • Allow Gitea to run as different USER in Docker (#3961)
    • Provide compressed release binaries (#3991)
    • Sign release binaries (#4188)

1.4.3 - 2018-06-26

  • SECURITY
    • HTML-escape plain-text READMEs (#4192) (#4214)
    • Fix open redirect vulnerability on login screen (#4312) (#4312)
  • BUGFIXES
    • Fix broken monitoring page when running processes are shown (#4203) (#4208)
    • Fix delete comment bug (#4216) (#4228)
    • Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
    • Fix wiki URL encoding bug (#4091) (#4254)
    • Fix code tab link when viewing tags (#3908) (#4263)
    • Fix webhook type conflation (#4285) (#4285)

1.4.2 - 2018-06-04

  • BUGFIXES
    • Adjust z-index for floating labels (#3939) (#3950)
    • Add missing token validation on application settings page (#3976) #3978
    • Webhook and hook_task clean up (#4006)
    • Fix webhook bug of response info is not displayed in UI (#4023)
    • Fix writer cannot read bare repo guide (#4033) (#4039)
    • Don't force due date to current time (#3830) (#4057)
    • Fix wiki redirects (#3919) (#4065)
    • Fix attachment ENABLED (#4064) (#4066)
    • Added deletion of an empty line at the end of file (#4054) (#4074)
    • Use ResolveReference instead of path.Join (#4073)
    • Fix #4081 Check for leading / in base before removing it (#4083)
    • Respository's home page not updated after first push (#4075)

1.4.1 - 2018-05-03

  • BREAKING
    • Add "error" as reserved username (#3882) (#3886)
  • SECURITY
    • Do not allow inactive users to access repositories using private key (#3887) (#3889)
    • Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873)
    • Remove unnecessary allowed safe HTML (#3778) (#3779)
    • Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
  • BUGFIXES
    • Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
    • Fix GPG expire time display when time is zero (#3584) (#3884)
    • Fix to update only issue last update time when adding a comment (#3855) (#3860)
    • Fix repository star count after deleting user (#3781) (#3783)
    • Use the active branch for the code tab (#3720) (#3776)
    • Set default branch name on first push (#3715) (#3723)
    • Show clipboard button if disable HTTP of git protocol (#3773) (#3774)

1.4.0 - 2018-03-25

  • BREAKING
    • Drop deprecated GOGS_WORK_DIR use (#2946)
    • Fix API status code for hook creation (#2814)
  • SECURITY
    • Escape branch name in dropdown menu (#3691) (#3692)
    • Refactor and simplify to correctly validate redirect to URL (#3674) (#3676)
    • Fix escaping changed title in comments (#3530) (#3534)  * Escape search query (#3486) (#3488)
    • Sanitize logs for mirror sync (#3057)
  • FEATURES
    • Serve .patch and .diff for pull requests (#3305, #3293)
    • Add repo-sync-releases admin command (#3254)
    • Support default private when creating or migrating repository (#3239)
    • Writable deploy keys (closes #671) (#3225)
    • Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
    • Added progressbar for issues with checkboxes (#1146). (#3171)
    • Mention completion for issue editor. (#3136)
    • Add 'mark all read' option to notifications (#3097)
    • Git LFS lock api (#2938)
    • Add reactions to issues/PR and comments (#2856)
    • Add dingtalk webhook (#2777)
    • Responsive view (#2750)
  • BUGFIXES
    • Fix wiki inter-links with spaces (#3560) (#3632)
    • Fix query protected branch bug (#3563) (#3571)
    • Fix remove team member issue (#3566) (#3570)
    • Fix the protected branch panic issue (#3567) (#3569)
    • If Mirrors repository no content is fetched, updated time should not be changed (#3551) (#3565)
    • Bug fix for mirrored repository releases sorted (#3522) (#3555)
    • Add issue closed time column to fix activity closed issues list (#3537) (#3540)  * Update markbates/goth library to support OAuth2 with new dropbox API (#3533) (#3539)  * Fixes missing avatars in offline mode (#3471) (#3477)  * Fix synchronization bug in repo indexer (#3455) (#3461)  * Fix rendering of wiki page list if wiki repo contains other files (#3454) (#3463)
    • Fix webhook X-GitHub-* headers casing for better compatibility (#3429)
    • Add content type and doctype to requests made with go-get (#3426, #3423)
    • Fix SQL type error for webhooks (#3424)
    • Fix PR merge error (#3421)
    • Recognize more characters in crossreferenced repo name (#3413)
    • Fix MSSQL bug on org (#3405)
    • HTML escape all lines of the search result (#3402)
    • Change local copy origin url after repository rename (#3399)
    • Force-push to base repo's ref/pull/#/head (#3393)
    • Fix bug when a user delete but assigned on issue (#3318)
    • Use issue number/index instead of id for API URL. Fix #3297 (#3298)
    • Fix repo-transfer-and-team-repo-count bug (#3241)
    • Fix always-on SSL Mode checkbox in admin page (#3208)
    • Fix source download link when no code unit allowed (#3166)
    • Fix org owner cannot be removed if he is not in owner team (#3164)
    • Fix run web with -p push failed (#3154)
    • Fix gpg tmpl (#3153)
    • Fix SSH auth lfs locks (#3152)
    • Improvements for supporting UI Location (#3146)
    • Fix new pull request link (#3133)
    • Fix missing branch in release bug (#3108)
    • Allow adding collaborators with (fullname) (#3103)
    • Fix repo links (#3093)
    • fix lfs url refs + keep path upper/lowercase in db. (#3092)
    • Fix redis session failed (#3086)
    • Fix bugs in issue dashboard stats (#3073)
    • Fix avatar URLs (#3069)
    • Fix ref parsing in commit messages (#3067)
    • Fix issue list branch link broken (#3061)
    • sendmail: correct option to set envelope-sender (#3044)
    • Fix missing password length check when change password (#3039)
    • Fix git lfs path (#3016)
    • Fix API-Endpoint release (#3005) (#3012)
    • Set OpenID support on by default when installing new instance (#3010)
    • Various wiki bug fixes (#2996)
    • Fix go-get, src and raw urls to new scheme (#2978)
    • Fix error when add user has full name to team (#2973)
    • Fix memcache support when value is returned as string always (#2924)
  • ENHANCEMENTS
    • Use GiteaServer as the user agent for http requests (#3404)
    • Delete indexer DB entries when (re)creating index (#3385)
    • Change how merged PR commit info are prepared (#3368)
    • Asynchronously populate the repo indexer (#3366)
    • Make the default action for the gitea executable that of running the webserver (#3331)
    • Templates for extra links in top navbar and repo tool tabs. (#3308)
    • Fixed asterisk based tasklist items #3295 (#3296)
    • Add more additional template snippets (#3286)
    • Open external tracker in blank window, consistently with wiki (#3227)
    • Fix repo links on user profile (#3197)
    • Enable emoji for wiki view (#3158)
    • Small improve on deleting attachements (#3145)
    • Reduce overhead of upgrades for users with custom stylesheets/JS (#3051)
    • Default log level to Info without hardcoding it in installer (#3041)
    • Memory usage improvements (#3013)
    • Add fingerprint to ssh key endpoints. (#3009)
    • Improve memory usage when reaching diff limits (#2990)
    • Expandable commit bodies (#2980)
    • Update gitgraph.js to fix blurry commit graph on HiDPI screens (#2957)
    • Fix language names (#2955)
    • Remove render issue link (#2954)
    • Page parameter for repo search API (#2915)
    • Apply LANDING_PAGE config options for logged in users (#2894)
    • Enable admin to search by email (#2888)
    • Hide add key button if SSH is disabled (#2873)
    • Fix comment API paths (#2813)
    • Add an option to allow redirect of http port 80 to https. (#1928)
  • MISC
    • Fix organization profile on mobile devices (#3332)
    • Fix guide link for webhooks in repository settings (#3291) (#3292)
    • Enable Libravatar by default in new installations (#3287)
    • Improve suppressed diff boxes (#3193)
    • fix button heights on commits page (#3091)
    • Minor copy changes (#3074)
    • Sort repos in issues dashboard sidebar (#3072)
    • Remove box-shadow from UI, fix dashboard issue (#3065)
    • Adjust branch button size (#3063)
    • Fix misalignment issue in repo header (#3062)
    • Delete a user's public key via admin api (closes #3014) (#3059)
    • Dashboard: Fix line height problem in issue titles (#3054)
    • Remove duplicate "Max Diff Lines" from config view (#2987)
    • Drop unmaintained gogs migration script (#2947)
    • App restarts to quickly if it fails to start. (#2945)
    • Add owner to delete repo message (#2886)

1.3.1 - 2017-12-08

  • BUGFIXES
    • Sanitize logs for mirror sync (#3057, #3082) (#3078)
    • Fix missing branch in release bug (#3108) (#3117)
    • Fix repo indexer and submodule bug (#3107) (#3110)
    • Fix legacy URL redirects (#3100) (#3106)
    • Fix redis session failed (#3086) (#3089)
    • Fix issue list branch link broken (#3061) (#3070)
    • Fix missing password length check when change password (#3039) (#3071)

1.3.0 - 2017-11-29

  • BREAKING
    • Make URL scheme unambiguous (#2408)
  • FEATURES
    • Add branch overiew page (#2108)
    • Code/repo search (#2582)
    • Add Activity page to repository (#2674)
    • Issue Timetracking (#2211)
    • Add orgmode document type on file view and readme (#2525)
    • Add external markup render support (#2570)
    • Implementation of discord webhook (#2402)
    • Webhooks for repo creation/deletion (#1663)
    • Complete push webhooks (#2530)
    • Add possibility to record branch information in an issue (#780)
    • Create new branch from branch selection dropdown (#2130)
    • Implementation of all repositories of a user from user->settings (#1740)
    • Add LFS object verification step after upload (#2868)
    • Configurable SSH cipher suite (#913)
    • Disable custom Git Hooks globally via configuration file (#2450)
    • Sync releases table with tags on push and for mirrors (#2459)
  • BUGFIXES
    • Fix label comments for French locale (#3017)
    • Remove duplicate "Max Diff Lines" from config view (#3001)
    • Fix over-escaped characters (#2992)
    • Fix go-get, src and raw urls to new scheme (#2986)
    • Fix error when add user has full name to team (#2975)
    • Fix files/commits of merged PRs (#2970)
    • Update golang x/crypto dependencies - Fix SSH transport fail (#2951)
    • Fix memcache support when value is returned as string always (#2950)
    • Fix issue link rendering in commit messages (#2897)
    • Fix adding a new authentication source after selecting OAuth (#2889)
    • Fix new branch creation to new url scheme (#2884)
    • Allow spaces in username for LDAP users (#2880)
    • Fix LFS not returning correct content length when requesting a range … (#2864)
    • Fix fork repository cycle to self (#2860)
    • Fix click create pull request button 404 (#2859)
    • Fix API raw file content access for default branch (#2849)
    • Clean repository ROOT directory name with filepath.Clean (#2846)
    • Fix API raw requests for commits and tags (#2841)
    • Fix order of comments (#2835)
    • Issue content should not be updated when closing with comment (#2833)
    • Fix ordering in app.ini and fix run mode option (#2829)
    • Fix redirect url of legacy commits route (#2825)
    • Fix commits page url (#2823)
    • Fix wrong translations (#2818)
    • Fix dropdown menu position when explore repos (#2808)
    • Fix Git LFS object/repo link storage in database and small refactoring (#2803)
    • Use relative URLs for avatars on the dashboard (#2800)
    • Add checks for commits with missing author and time (#2771)
    • Fix emojify image URL (#2769)
    • Hide unactive on explore users and some refactors (#2741)
    • Fix IE unsupported javascript construction in branch dropdown (#2736)
    • Only update mirror last update after successful sync (#2730)
    • Fix semantic-ui style conflict with v-cloak (#2722)
    • Fixing wrong translation on sort type oldest/latest (#2720)
    • Fix PR, milestone and label functionality if issue unit is disabled (#2710)
    • Fix plain readme didn't render correctly on repo home page (#2705)
    • Fix organization removal from watch table migration (#2703)
    • Fix repository search function (#2689)
    • fix panic on gogs webhook creation (#2675)
    • Fix orgnization user watch repository (#2670)
    • GPG key email verification no longer case sensitive (#2661) (#2663)
    • Fix index column deletion (#2651)
    • table pull_request wasn't updated correctly (#2649)
    • Fix go get response if only app URL is custom in configuration (#2634)
    • Fix doubled issue tab introduced in migration v16 (#2611)
    • Rewrite migrations to not depend on future code changes (#2604)
    • Fix implementation of repo Home func (#2601)
    • Fix translation upload to crowdin (#2599)
    • Reduce usage of allcols on update (#2596)
    • fix go get subpackage bug (#2584)
    • Fix broken migration to add can_push field back to table (#2574)
    • fix readme view bug (#2566)
    • Fix sending mail with a non-latin display name. #2102 (#2559)
    • Restricting access to fork functioanlity to users with Code access (#2534)
    • fix updated update on public key (#2514)
    • Added bucket name to s3 drone plugin (#2505)
    • fixes 500 error on dashboard when using MSSQL (#2504)
    • fix wrong rendering of commit detail page (#2503)
    • Hotfix: Add time manually adds time in nanoseconds (#2499)
    • Remove repository mirrors from "collaborative" list (#2497)
    • fix release failed since the wrong token name (#2496)
    • Fix slice out of bounds error in mailer (#2479)
    • Fix #2470 (#2477)
    • fix orgnization webhooks (#2422)
    • fix webhook test (#2415)
    • fix missing orgnization discord webhook (#2414)
    • Fix route handler order (#2409)
    • Prevent sending emails and notifications to inactive users (#2384)
    • Move themes to plugin directory. Fixes #2372 (#2375)
    • fix duplicated feed (#2370)
    • Fix missing collabrative repos (#2367)
    • Only check at least one email gpg key (#2266)
    • don't check minimum key size when disabled (#1754)
    • Fix run command race (#1470)
    • fix .netrc authentication (#2700)
    • Fix so that user can still fork his own repository to his organizations (#2699)
    • Fix can_push value to false in protected_branch (#2560)
    • Fix copy in email templates (#2801)
    • Fix inconsistencies in user settings UI (#2901)
    • Fix attachments icon size on zoom in/out (#2853)
    • Fix ignored errors in API route (#2850)
    • Fix activity css conflit with semantic ui (#2758)
    • Fix notifications tabs according to semantic-ui docs (#2733)
    • Fix typos in app.ini (#2732)
    • Fix duplicated rel attribute (#2549)
    • Fix tests code to prevent some runtime errors (#2381)
  • ENHANCEMENTS
    • Memory usage improvements and lower minimal git requirement to 1.7.2 (#3013) (#3028)
    • Set OpenID support on by default when installing new instance (#3010) (#3027)
    • Use api.TrackedTime in API (#2807)
    • Configurable SSH key exchange algorithm and MAC suite (#2806)
    • Add Safari pinned tab icon (#2799)
    • Improve force push detect when push (#2798)
    • Add wrapping to long diff lines (#2789)
    • Link members and repositories count to each page on org home. (#2787)
    • Show Sendmail settings on admin config page (#2782)
    • Add commit count caching (#2774)
    • Use identicon image for default gravatar. (#2767)
    • Add default ssh ciphers (#2761)
    • Remove manual of unsupported option (#2757)
    • Add search mode option to /api/repo/search (#2756)
    • Move swagger-ui under /api/v1 (#2746)
    • Add support for extra sendmail arguments (#2731)
    • Use buffersize to reduce database connection when iterate (#2724)
    • Render plain text README.txt monospaced (#2721)
    • Integration test for activity page (#2704)
    • Merge password and 2fa page on user settings (#2695)
    • Allow custom SSH user in UI for built-in SSH server (#2617) (#2678)
    • Refactor duplicated code in repo handlers (#2657)
    • Replace deprecated Id method with ID (#2655)
    • Remove redudant functions and code (#2652)
    • hide navbar when only 1 sign-in method is available (#2444) (#2648)
    • Change default sort order (#2647)
    • Change pull description text (#2075) (#2646)
    • Remove direct user adding to organization members (#2641)
    • Use session when creating user (#2638)
    • Use Semantic UI's Search component for user and repo search (#2636)
    • Use AfterLoad instead of AfterSet on Structs (#2628)
    • Remove redudant CheckUnit calls in router (#2627)
    • Remove repo unit index (#2621)
    • Remove redudant issue LoadAttributes() calls (#2614)
    • Make indexer code more reusable (#2590)
    • Use custom type and constants to hold available order by options (#2572)
    • Use named ActionType constants in template helper (#2545)
    • Make basic functionality work without JavaScript (#2541)
    • Ctrl + Enter to submit forms (#2540)
    • Automatically regenerate indexer for incompatible versions (#2524)
    • Set default lfs content path to data/lfs (#2521)
    • Convert spaces to tabs in footer.tmpl (#2520)
    • Sort repository tree entries in natural way (#2506)
    • Open external wiki in new window (#2489)
    • Use created & updated instead BeforeInsert & BeforeUpdate (#2482)
    • Hide branch on pull request view or create UI (#2454)
    • improve protected branch to add whitelist support (#2451)
    • some refactors for issue and comments (#2419)
    • Restructure markup & markdown to prepare for multiple markup language… (#2411)
    • Improve issue search (#2387)
    • Add UseCompatSSHURI setting (#2356)
    • Use custom search for each filter type in dashboard (#2343)
    • Failed authentication are now properly logged (#2334)
    • Add environment variable support for Docker image (#2201)
    • Set session and indexers' data files rel to AppDataPath (#2192)
    • Display commit status on landing page of repo (#1784)
  • TESTING
    • Add integration test for logging out (#2892)
    • Integration test for user deleting account (#2891)
    • Use different directories for session files in integration tests (#2834)
    • Add deleted_branch table fixture (#2832)
    • Include HTTP method in test error message (#2815)
    • Add repository search unit and integration tests (#2575)
    • Expand fixtures (#2571)
    • Fix /api/repo/search integration tests (#2550)
    • Make integration tests more user-friendly (#2536)
    • Fix unit test race condition (#2516)
    • Add missing fixture to clean gpg_key table (#2494)
    • Hotfix for integration testing (#2473)
    • Make repo private to not interfere with other tests (#2467)
    • Error message for integration test (#2410)
    • Fix "index out of range" runtime error in repo_list tests (#2376)
    • Add git clone test on integration test (#1682)
  • TRANSLATION
    • Fix localization texts that contain semicolon (#2900)
    • Fix activity locale (#2709)
    • Update translation from crowdin (#2368)
  • BUILD
    • change the email and name to GitBot account. (#2848)
    • Fix removing backslash before quotes in translations (#2831)
    • add gitea remote in drone. (#2817)
    • add remote name for git push. (#2816)
    • Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791)
    • Download and pushing translations (#2727)
    • Automatic update of translations (#2585)
    • Add pre-build step for nodejs stuff (#2581)
    • Compress css with nodejs (#2580)
    • Remove go version check for make fmt (#2558)
    • Fix lint errors (#2547)
    • Always run fmt check in CI (#2546)
    • Fix fmt errors (#2544)
    • add codecov.io service. (#2493)
    • Fix some tests : make coverage -> test (#2492)
    • Fix fmt error in mailer (#2490)
    • Allow changing integration test database connection using env variables (#2484)
    • Add changelog config file for generate changelog (#2461)
    • Changes for latest DroneCI (#2362)
    • Use standard lessc and minify CSS using Node.js (#2337)
  • DOCS
    • Update screenshots on README (#2910)
    • Gogs -> Gitea (#2909)
    • Update swagger documentation (#2899)
    • Fix typo (#2810)
    • Fix Polish language name spelling (#2766)
    • Fix Various Grammar Issues and Adjust Unnatural Wording (#2737)
    • Add maintainer label for docker file (#2658)
    • Link to gitea-specific Vagrant example (#2624)
    • add release notes of v1.1.4 (#2463)
    • Wrap most paragraphs to 80 columns (#2396)
    • Update CONTRIBUTING following #2329 discussion (#2394)
    • Update hard-coded version to 1.3.0+dev (#2390)
    • Clarify Translation Process. Also fix branch names (#2378)
    • Admin grammar fixes and improvements (#2056)
  • MISC
    • Sync MaxGitDiffLineCharacters with conf/app.ini (#2779)
    • Dockerfile: Updated alpine image to 3.6. (#2486)
    • Basic VSCode configuration for building and debugging (#2483)
    • Added vendor dir for js/css libs; Documented sources (#1484) (#2241)

1.2.3 - 2017-11-03

  • BUGFIXES
    • Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
    • Fix order of comments (#2835) (#2839)

1.2.2 - 2017-10-26

  • BUGFIXES
    • Add checks for commits with missing author and time (#2771) (#2785)
    • Fix sending mail with a non-latin display name (#2559) (#2783)
    • Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
    • Update vendor git (#2765) (#2772)
    • Fix emojify image URL (#2769) (#2773)

1.2.1 - 2017-10-16

  • BUGFIXES
    • Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
    • Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
    • Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
    • Fix .netrc authentication (#2700) (#2708)
    • Fix slice out of bounds error in mailer (#2479) (#2696)

1.2.0 - 2017-10-10

  • SECURITY
    • Sanitation fix from Gogs (#1461)
  • BREAKING
    • Rename /forget_password url to /forgot_password (#1219)
  • FEATURES
    • Logo: Add task to generate images from SVG and change to new logo (#2194)
    • Status-API (#1332)
    • Show commit status icon in commits table (#1688)
    • Additional OAuth2 providers (#1010)
    • GPG commit validation (#1150)
    • Rework SSH key management UI to add GPG (#1293)
    • Implement GPG api (#710)
    • Login via OpenID-2.0 (#618)
    • Add units to team (#947)
    • Batch updates for issues (#926)
    • Add Gitea Webhook (#1755)
    • API: support '/orgs/:org/repos' (#2047)
    • Display all organization from user settings (#1739)
    • LDAP user synchronization (#1478)
    • Adding #issuecomment to the URL in E-Mail notifications (#1674)
    • Add download count field and unit testing for attachment. (#1512)
    • Add repo mirror sync API endpoint (#1508)
    • Add markup package to prepare for org markup format (#1493)
    • Support for custom html meta (#1423)
    • Per issue/PR watch/unwatch (#1410)
    • Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
    • Repo size in admin panel (#1482)
    • Show user OpenID URIs in their profile (#1314)
    • Add change-password admin command (#1304)
    • Only use issue and wiki on repo. (#1297)
    • Allow push to init a wiki repo (#1279)
  • ENHANCEMENTS
    • Make time diff translatable (#2057)
    • Smaller watch, star, and fork buttons (#2052)
    • Display config file path on admin panel (#2030)
    • Only show SSH clone URL if signed in (#2169) (#2170)
    • Only show "No Description" to repo admins (#2167)
    • Always return valid go-get meta, even if unauthorized (#2010)
    • Enable assignee e-mail notification (#2003)
    • Let not-logged-in users view releases (#1999)
    • No highlighting for .txt files (#1922)
    • Make side nav on dashboard stackable (#1778)
    • Setting to disable authorized_keys backup (#1856)
    • Hide the create organization button (in dashboard/organization section) (#1705)
    • LFS: Return 404 for unimplemented endpoints (#1330)
    • Show a link to password reset from user settings requiring a password (#862)
    • Reserve the "explore" user/org name (#1222)
    • Send notifications to partecipants in issue comments (#1217)
    • Improve style of user OpenID setting page (#1324)
    • Use font-awesome OpenID icon more (#1320)
    • Use readonly input form to show the validated OpenID URI (#1308)
    • Add captcha support to OpenID based signup (#1307)
    • Minor improvements on commit graph UI (#1380)
    • Mirror sync interval specified as duration string (#1407)
    • Make issue in commit graph "clickable" (#1392)
    • Use whole button (commit graph) as link (#1390)
    • Autofocus on 2fa passcode fields (#1460)
    • Sort on repo size in admin panel (#1654)
    • Improve dashboard repo search (#1652)
    • Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
    • Adds Parent property to the repo API (#1687)
    • Add configuration option for default permission to create Organizations (#1686)
    • Remove sha1 hash display in repository table (#1678)
    • Download files to their original filename (#1676)
    • Exposes in API the Repo entity's Size and IsBare property (#1668)
    • Change two factor code entry box from text to number (#1733)
    • Directly show error if user hit repository limit (#1767)
    • Generate small and large logos at 4x resolution (#2233)
    • Tags listed in releases tab (#2389) (#2424)
  • BUGFIXES
    • Fix adding branch as protected to not allow pushing to it (#2556)
    • Orgs: fix org page title when full name is not defined (#1495)
    • Fix double borders on edit page (#1152) (#1153)
    • Search bar fixes for #1187 and #1205 (#1207)
    • Fix upgrade failed after ever rollback (#1194)
    • Fix FCGI (over TCP) support (#1368)
    • Backport of migration fixes (#2604) (#2677)
    • fix panic on gogs webhook creation (#2675) (#2676)
    • Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662)
    • Fix go get response if only app URL is custom in configuration (#2634) (#2640)
    • Fix deletion of unprotected branches (#2630)
    • Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622)
    • v38 migration used an outdated version of RepoUnit model (#2602)
    • fix go get subpackage bug (#2584) (#2589)
    • Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554)
    • Backport: Restricting access to fork functioanlity to users with Code access (#2542)
    • Fix migration from pre-v15 to 1.2.0 (#2460) (#2465)
    • Fix migration from pre-v15 to 1.2.0 (#2460)
    • fix duplicated feed (#2370) (#2413)
    • Fix releases to be counted from database not tags (#2389)
    • Fix missing collabrative repos (#2367) (#2382)
    • Add more test for login links and fix a bug on action retrieve (#2361)
    • Fix SQL condition bug in GetFeeds(..) (#2360)
    • fix bug on create repo link on dashboard (#2359)
    • Fix order of elements in dashboard html (#2344)
    • Fix repo-search template errors for go1.7 (#2336)
    • Add missing forks key for dashboard repository component (#2325)
    • fix template error on explore repos (#2319)
    • Trigger sync webhooks on UI commit (#2302)
    • fix 500 error when view an issue which's milestone deleted (#2297)
    • Only update needed columns when update user (#2296)
    • Fix rendering of external links (#2292)
    • Fix and improve dashboard repo UI (#2285)
    • Make short link pattern greedy (#2259)
    • Temporarily patch go-ini/ini with fork (#2255)
    • Convert xorm literal queries to method calls (#2253)
    • update code.gitea.io/git in vendor to fix delete branch fails (#2250)
    • Replace calls to xorm UseBool with Where (#2237)
    • rhel7 has a git version with four digits (1.8.3.1) (#2236)
    • Fix internal requests when gitea listens to unix socket or only external IP (#2234)
    • Check for access in /repositories/:id (#2227)
    • Fixed robots.txt 404 error (#2226)
    • Fix counts on issues dashboard (#2215)
    • Fix unclosed session bug (#2214)
    • Add collaborative repositories to the dashboard (#2205)
    • Fix issue updated_unix bug (#2204)
    • Fix Commits nil pointer dereference (#2203)
    • Fix bare-repo bugs (#2199)
    • Fix PR nil-dereference bug (#2195)
    • Allow only single fork per user/organization (#2193)
    • Fix key usage time update if the key is used in parallel for multiple operations (#2185)
    • Only allow token authentication with 2FA enabled (#2184)
    • Fix profile update for non-local users (#2178)
    • Fix compiling without sqlite and gcc (#2177)
    • Make compare button URL aware if current repo is a fork (#2162) (#2163)
    • Remove unit types commits and settings (#2161)
    • Fix OpenID registration route (#2160)
    • Fix repository settings collobration list display (#2151)
    • Ignore invalid issue numbers in commit messages. Fixes #2022 (#2150)
    • Fix SHA1 hash linking (#2143)
    • Fix repo API bug (#2133)
    • Use POSIX complaint ! operator in find (#2132)
    • Fix GET /users/:username/repos endpoint (#2125)
    • Fix username rendering bug (#2122)
    • Fix wiki preview links (#2119)
    • vendor: update sqlite to fix "database is locked" errors (#2116)
    • Fix unchecked error bug (#2110)
    • Fix missing-return bug (#2109)
    • Fix API for branches with slashes (#2096)
    • Fix git hooks update to receive required arguments (#2095)
    • upgrade git source code. (#2094)
    • Fix SQL bug in models.PullRequests (#2092)
    • Don't ignore gravatar error (#2083)
    • Fix release display and correct paging (#2080)
    • remove unnecessary blank lines and wrong error log (#2079)
    • Check for valid renamed usernames (#2077)
    • Update git module (#2074)
    • Fix org hooks UI (#2072)
    • Fix #1271: Call location.reload after XHR finishes (#2071)
    • Fix default ghost assignee bug (#2069)
    • Fix bug in issue labels API (#2048)
    • Load label ID in NewLabels (#2045)
    • Fix: http: multiple response.WriteHeader calls (#2038)
    • Pagination on releases page (#2035)
    • repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032)
    • Fix displaying commits and files of PR created from now deleted fork (#2023)
    • Fix #2001 and fix issue comments hidden (#2016)
    • Update code.gitea.io/git (#2014)
    • Keep sort when switching page (#2013)
    • Important: wrong PR merge commit ID saved (#2007)
    • Don't show non-comments in comments API (#2001)
    • Fix "Dashboard shows deleted comments" (#1995)
    • Make branch deletion URL more like GitHub's, fixes #1397 (#1994)
    • Fix fast-forward PR bug (#1989)
    • Fix GPG email checking to be case insensitive (#1988)
    • fix bug for normal user visit public repo (#1984)
    • fix collborators lack of units on orgnization repositories (#1968)
    • Fix diff of renamed and modified file (#1967)
    • Fix uppercase default branch bug (#1965)
    • Fix bug in Action.loadRepo() (#1959)
    • Fix deleted milestone bug (#1942)
    • Fix engine bug in getIssueByID (#1934)
    • Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)
    • Fix setting.AppPath for integration tests (#1923)
    • Fix search by issue type (#1914)
    • Fix ghost user bug (#1913)
    • Require token before checking membership/ownership (#1905)
    • Bug fixes for org member API (#1904)
    • A missing / to provide a correct endpoint (#1903)
    • Fix 500 in public activity page (#1901)
    • Center-aligned login topbar (#1880)
    • Migration to fix existing owner team units (#1873)
    • Fix paginater length (#1866)
    • Fix bug in removeOrgRepo (#1858)
    • Display draft releases (#1854)
    • Fix 404 for external tracking issues (#1852)
    • Update code.gitea.io/git (#1849)
    • Fix user profile activity feed (#1848)
    • Don't ignore error in getMergeCommit (#1843)
    • Fix locking bug in removeOrgRepo (#1842)
    • Fix status table race condition (#1835)
    • Fix PR template error (#1834)
    • Fix pull request compare link (#1832)
    • Use ghost users in issues/PRs (#1831)
    • Commitless repos should be bare (#1829)
    • Update code.gitea.io/git (#1824)
    • Fix invalid reference in feeds template (#1820)
    • fix bug to deny to add orgnization as a member of an orgnization or team (#1815)
    • xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
    • Fix deadlock in updateRepository (#1813)
    • Give all units to owner team (#1812)
    • Fix 500 for GET /teams/:id endpoints (#1811)
    • fix bug not to trim space of login username (#1796)
    • Fix renaming bug (#1786)
    • Fix activity feed (#1779)
    • Make navbar scroll on overflow (#1777)
    • Delete repo redirects on repo deletion (#1776)
    • Fix unloaded owner bug (#1770)
    • Admin should always be allowed to create repositories even if hit limit (#1765)
    • Update HighlightJS and fix YAML files highlighting (#1764)
    • fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762)
    • fix admin lost permission caused by #947 (#1753)
    • More fixes for dashboard search (#1750)
    • fixes wrong after field in webhook payload (#1746)
    • fix avatar update bug (#1729)
    • Fix FOUC on Firefox (#1728)
    • Fix changes introduce by update of go-swagger. (#1727)
    • Fix #1719 (#1722)
    • Correct flash after sending password reset email (#1718)
    • Fix and test for delete user (#1713)
    • Fix rendering of issue checkboxes (#1709)
    • Enforce netgo build tag while cross-compilation (#1690)
    • fix bug when push a branch name with / & fix an integration test bug (#1689)
    • fix potential sqlite lock (#1680)
    • Fix commit sha1 URL rendering in markdown (#1677)
    • Fix static files permission under public/ (#1675)
    • fix: tag contain character ) will http 500 on release page (#1670)
    • Fix CSS for code in wiki markdown (#1660)
    • fix multiple readme file rendering and fix #1657 (#1658)
    • Add primary key and index to external login user table (#1656)
    • fix #1643 and improve integration test (#1645)
    • Fix version in Makefile (#1636)
    • Handle display of GPG key without end date (#1628)
    • fix bug on issue view when not login (#1624)
    • bug fixed for API to get user's repos (#1622)
    • fix lost text color on button on set as primary email (#1621)
    • Add create_at and updated_at in PR json (#1616)
    • update git and fix #1133 (#1614)
    • fix bug on status API (#1533)
    • Do not show empty collaborators segment (#1531)
    • Fix markdown rendering (#1530)
    • fix go get sub package and add domain on installation to let go get work defaultly (#1518)
    • fix #1501 ssh hangs caused by #1461 (#1513)
    • Fix empty file download (#1506)
    • Fix broken v27 migration - change mirror interval from int to bigint (#1504)
    • Do not allow commiting to protected branch from online editor (#1502)
    • Add internal routes for ssh hook comands (#1471)
    • Fix races within code.gitea.io/git.(*Command).RunInDirTimeoutPipeline (#1465)
    • Simple quick fix for #1418 (#1456)
    • fix gpg API panic when no verification (#1451)
    • fix migrate failed and org dashboard failed on MSSQL database (#1448)
    • Optimize and fix autolink function (#1442) (#1444)
    • Fix and simplify repo branches (settings) UI (#1435)
    • Fix disabled fields in repo settings UI (#1431)
    • fixes pull request hanging when it contains normal and LFS files (#1425)
    • Fix races in the log module by using syncmap (#1421)
    • Add length check for the return string (#1420)
    • Fix "Error: No issue number specified" when pushing (#1393)
    • Corrected Mirror.NextUpdate not set (#1388)
    • fix: remove str2html from org full name (#1360)
    • Correct broken unaligned load/store in armv5 (#1355)
    • Remove href on first/last link when on first/last page (#1345)
    • Fix broken table layout (#1344)
    • LFS: Fix SSH authentication for trailing arguments (#1328)
    • Remove empty file (#1326)
    • Fix delete user failed on sqlite (#1321)
    • Fix inconsistency in layout (#1316)
    • Fix gpg wrong column types (#1303)
    • Fix wiki bugs (#1294)
    • Fix missing less sources for oauth (#1288)
    • Make sure both scripts/ can live side by side (#1264)
    • Fix nil-dereference bug (#1258)
    • rewrite pre-commit, post-commit and options hooks (fixes #1250) (#1257)
    • Commit search appearence fixes (#1254)
    • Fix forget migration for wiki hooks (#1227)
    • Fix repo settings external tracker failed and check external urls (#1215)
    • Fix 500 caused by branches settings introduced by #1198 (#1214)
    • fix #1189, commit messages containing a pipe (#1203)
    • Bug fixed for delete repo failed (#1193)
    • Fix migration failed when authorized_keys is not exist (#1180)
    • Fix ini format incomiptable with crowdin (#1177)
  • TESTING
    • Integration tests for issues API (#2059)
    • Add integration tests for signin (#2363)
    • Add INTERNAL_TOKEN to integration .ini file (#2346)
    • Add public links check (#2323)
    • Fix hooks for integration repo (#2216)
    • More integration tests for comment API (#2156)
    • Cache session cookies in tests (#2128)
    • Less verbose integration tests (#2123)
    • Fix improper setup for integration tests (#2050)
    • Improve integration test helper functions (#2049)
    • Add integration test for issue creating (#2002)
    • Use testing/benchmark interface (#1993)
    • Add integration test for repository migration (#1983)
    • Consolidate boilerplate in integration tests (#1979)
    • Set console to debug for integration tests (#1976)
    • Add pull-create integration test (#1972)
    • Coverage reports for integration tests (#1960)
    • Add integration test for pull-request merge (#1912)
    • Add integration test for file editing (#1907)
    • Add integration test for repository forking (#1896)
    • Run unused test (#1875)
    • Don't recreate database in integration tests (#1697)
    • remove sqlite tag when integration test with mysql/postgres and recreate database when init integration test (#1693)
    • MySQL, Postgres integration tests in drone (#1638)
    • improve integration test to resue models/fixtures and store git repos with tests (#1627)
    • Improve govendor testing (#1623)
    • Integration test framework (#1290)
    • Unit tests for issue_list (#1209)
    • Add integration test for signup (#1135)
  • TRANSLATION
    • update translation from crowdin (#2368) (#2380)
    • Small fixes (#2144)
    • Missing signed commit display translations (#2134)
    • Sync latest translations from crowdin (#2104)
    • Add make command update-translations for update translations from crodwin (#2097)
    • Fix some mistakes (#1833)
    • Improve clarity between is_activated and prohibit_login (#1788)
    • Improve grammar (#1775)
    • Fix bad grammar and wordiness (#1741)
    • Make strings translatable (#1188) (#1198)
  • BUILD
    • Dockerfile for aarch64 (#1128) (#1130)
    • backport from v1.2 branch: add secrets for github release (#2588) (#2598)
    • Add secrets for github release to fix drone failed (#2588)
    • Backport changes for latest drone (#2586)
    • Removing .drone.yml.sig (#2579)
    • Fix drone for tags (#2573) (#2576)
    • Backport: Remove go version check for make fmt (#2558) (#2561)
    • Backport: Fix lint, fmt and integration testing errors (#2553)
    • update latest xorm version to vendor (#2353)
    • Remove integration test executables on make clean (#2340)
    • refactor(Makefile): allow overriding default go program (#2310)
    • Revert to upstream ini dependency (#2304)
    • Use /dev/urandom to create random password (#2298)
    • update drone sig file. (#2262)
    • go get github.com/wadey/gocovmerge when needed (#2235)
    • fix typo (#2145)
    • Revert "Reduce number of layer" (#2086)
    • Reduce number of layer (#2078)
    • Skip sqlite integration in CI (#2058)
    • fix golint error and rename func for suggestion. (#1997)
    • fix misspell (#1996)
    • update drone sig file (#1981)
    • send notification if status changed (#1973)
    • switch gitter to discord for drone. (#1971)
    • Fix missing backslash in Dockerfile.rpi (#1952)
    • Don't run 'make release' on PRs (#1908)
    • Update code.gitea.io/git (#1892)
    • Use production version of vuejs (#1869)
    • Add a variable for docker tag (#1825)
    • resign drone and fix #1816 (#1819)
    • Separate generate swagger + fix sed os specific (#1791)
    • Only run coverage on merges/pushes to master (#1783)
    • Remove stale rule from Makefile (#1782)
    • feat: upgrade drone docker image to support multi-stage build. (#1732)
    • Realy don't cache apk index (#1694)
    • Limit clone depth when drone-building (#1644)
    • Refactor Dockerfile (#1632)
    • Check if missing/modified/unused deps in vendor and fix errors (#1468)
    • Add GOFLAGS and EXTRA_GOFLAGS (#1438)
    • Include formatting check to the make test (and thus also check) rule (#1366)
  • DOCS
    • fix wrong changelog title (#2395)
    • fix webhook link (#2289)
    • Improve swagger doc (#2274)
    • Add link to forum in issue template (#2070)
    • add missing lfs config on example file (#2039)
    • Add discourse link (#2027)
    • Fix wording (#2024)
    • Fix typo (#1974)
    • Swagger docs for list/create forks (#1941)
    • Update links to Discord server (#1940)
    • [ci skip] update discord badge. (#1930)
    • Change join chat from gitter to discord (#1929)
    • Update changelog with v1.1.1 (#1926)
    • Correct grammar in APIEmpty documentation (#1748)
    • Add swagger comment for MirrorSync (#1747)
    • Add "Table of Contents" in CONTRIBUTING.md (#1634)
    • Fix service description in Debian init file (#1538)
    • Use MAINTAINERS file in repository in CONTRIBUTING (#1489)
    • Generate swagger json (#1402)
    • Changed text when password reset disabled. (#1364)
    • Removed email copyright year (#1348)
    • Specify that time interval units are seconds (#1311)
    • Gitea OpenID-2.0 login has been tested with livejournal.com too (#1306)
    • Make wording of commit search more clear (#1291)
    • Add notice that LFS mirroring is not supported (#1251)
    • Fix typos in models/ and modules/ (#1248)
    • Refactor and fix incorrect comment (#1247)
    • Fix migration comment (#1241)
    • Update locale_en-US.ini (#1235)
    • Add LibreJS support (#1201)
    • rename OSX to macOS (#1176)
    • add mssql to app.ini db config comment (#1172)
    • Add MSSQL to issues template (#1171)
  • MISC
    • Add badge and link to the Matrix room (#2348)
    • ignore coverage steps. (#2257)
    • Use sqlite3 database as default for Docker image (#2182)
    • update drone discord plugin to 0.0.4 version (#1992)
    • fix typo (#1990)
    • Move 3rd party js/css into public/vendor and document sources (#2383)
    • Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
    • Fix variable name typo (#2327)
    • Make use of Vue more universal (#2318)
    • Remove (almost) server side data rendering from repo-search component (#2317)
    • Add OpenID configuration in install page (#2276)
    • More tweaks to repo top panel (#2267)
    • File path tweaks in UI (#2264)
    • Make SHOW_USER_EMAIL also apply to profiles (#2258)
    • EnableUnit() -> UnitEnabled() (#2242)
    • Prevent selection of diff line numbers (#2240)
    • Remove unused variable on makefile (#2225)
    • No error log entries for repo 404 (#2200)
    • Refactor vue delimeters to use es6 template delimeters (#2171)
    • Replace tmp with TMPDIR. (#2152)
    • Remove unused files (#2124)
    • Improve org error handling (#2117)
    • Absolute path for setting.CustomConf (#2085)
    • remove deprecated code for Gogs compitable (#2041)
    • Refactor session close as xorm already does everything needed internally (#2020)
    • SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
    • Use monospace font in githook editor (#1958)
    • Fix import order (#1951)
    • Gracefully handle bare repositories on API operations. (#1932)
    • Fix errors caused by force push (#1927)
    • Display URLs in integration test logs (#1924)
    • Set TMPDIR enviroment variable for dump command (#1915)
    • Cache ctx.User in retrieveFeeds (#1902)
    • Make LocalCopyPath a setting instead of a hard-coded path (#1881)
    • Add check misspelling (#1877)
    • Fix misspelled variables (#1874)
    • Gofmt (#1868, #1710, #1662)
    • Rename misnamed migration (#1867)
    • Support CRLF when splitting code lines for display (#1862)
    • Add convert less css file step. (#1861)
    • Prevent accidential selection of line numbers in code view (#1860)
    • Delete Public SSH Key tmp file after calculating fingerprint (#1855)
    • Remove annoying difference in button heights. (#1853)
    • Only run test coverage on master branch. (#1838)
    • Error from mktemp command in MacOS. (#1837)
    • Use writeTmpKeyFile in calcFingerprint (#1828)
    • ROOT_URL setting use the default as shown in conf/app.ini (#1823)
    • Rename RepoCreationNum -> MaxCreationLimit (#1766)
    • Add button to admin ui (#1738)
    • Correct spelling mistakes (#1703)
    • Make openid support default false for compitable with v1.1 (#1650)
    • Send mails as HTML as default. Setting for send as plain text. (#1648)
    • fix potential lock when sqlite (#1647)
    • Optimize png images via Google zopflipng [ci skip] (#1639)
    • Upgrade alpine to v3.5 in Dockerfile (#1633)
    • remove unused vendor packages (#1620)
    • markup: microoptimise for many short filenames in directory (#1534)
    • support health check via / and fix #969 (#1520)
    • Remove env user salt since no need to use (#1515)
    • Drop db operations from hook commands (#1514)
    • Better URL validation (#1507)
    • Migrate WatchInfo struct to api (#1492)
    • refactor: show command help message. (#1486)
    • refactor update ssh key use time (#1466)
    • Set VERSION from git once, in a variable (#1447)
    • Remove unused mutex field (#1440)
    • Simplify settings pages with item list (#1389)
    • Clean-up PostgreSQL Tests (#1361)
    • refactor: remove workaround after the golang 1.7 release. (#1349)
    • Delete the useless code (#1335)
    • Run "make fmt" with go-1.6 (#1333)
    • Refactor admin/auth/new.tmpl (#1277)
    • Refactor repo/issue/view_content.tmpl (#1276)
    • Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
    • Cleaner UI for explore page (#1253) (#1255)
    • Synced licenses with github repo (#1246)
    • Synced gitignores with github repo (#1245)
    • Simplify RepositoryList.loadAttributes() (#1211)
    • Move user_follow to separate file (#1210)
    • Reduce conditionals in signin/signup inner forms (#1138)

1.1.4 - 2017-09-04

  • BUGFIXES
    • Fix rendering of external links (#2292) (#2315)
    • Fix deleted milestone bug (#1942) (#2300)
    • fix 500 error when view an issue which's milestone deleted (#2297) (#2299)
    • Fix SHA1 hash linking (#2143) (#2293)
    • back port from #1709 (#2291)

1.1.3 - 2017-08-03

  • BUGFIXES
    • Fix PR template error (#2008)
    • Fix markdown rendering (fix #1530) (#2043)
    • Fix missing less sources for oauth (backport #1288) (#2135)
    • Don't ignore gravatar error (#2138)
    • Fix diff of renamed and modified file (#2136)
    • Fix fast-forward PR bug (#2137)
    • Fix some security bugs

1.1.2 - 2017-06-13

  • BUGFIXES
    • Enforce netgo build tag while cross-compilation (Backport of #1690) (#1731)
    • fix update avatar
    • fix delete user failed on sqlite (#1321)
    • fix bug not to trim space of login username (#1806)
    • Backport bugfixes #1220 and #1393 to v1.1 (#1758)

1.1.1 - 2017-05-04

  • BUGFIXES
    • Markdown Sanitation Fix #1646
    • Fix broken hooks #1376
    • Fix migration issue #1375
    • Fix Wiki Issues #1338
    • Forgotten migration for wiki githooks #1237
    • Commit messages can contain pipes #1218
    • Verify external tracker URLs #1236
    • Allow upgrade after downgrade #1197
    • 500 on delete repo with issue #1195
    • INI compat with CrowdIn #1192

1.1.0 - 2017-03-09

  • BREAKING
    • The SSH keys can potentially break, make sure to regenerate the authorized keys
  • FEATURES
    • Git LFSv2 support #122
    • API endpoints for repo watching #191
    • Search within private repos #222
    • Hide user email address on explore page #336
    • Protected branch system #339
    • Sendmail for mail delivery #355
    • API endpoints for org webhooks #372
    • Enabled MSSQL support #383
    • API endpoints for org teams #370
    • API endpoints for collaborators #375
    • Graceful server restart #416
    • Commitgraph / timeline on commits page #428
    • API endpoints for repo forks #509
    • API endpoints for releases #510
    • Folder jumping #511
    • Stars tab on profile page #519
    • Notification system #523
    • Push and pull through reverse proxy basic auth #524
    • Search for issues and pull requests #530
    • API endpoint for stargazers #597
    • API endpoints for subscribers #598
    • PID file support #610
    • Two factor authentication (2FA) #630
    • API endpoints for org users #645
    • Release attachments #673
    • OAuth2 consumer #679
    • Add ability to fork your own repos #761
    • Search repository on dashboard #773
    • Search bar on user profile #787
    • Track label changes on issue view #788
    • Allow using custom time format #798
    • Redirects for renamed repos #807
    • Track assignee changes on issue view #808
    • Track title changes on issue view #841
    • Archive cleanup action #885
    • Basic Open Graph support #901
    • Take back control of Git hooks #1006
    • API endpoints for user repos #1059
  • BUGFIXES
    • Fixed counting issues for issue filters #413
    • Added back default settings for SSH #500
    • Fixed repo permissions #513
    • Issues cannot be created with labels #622
    • Add a reserved wiki paths check to the wiki #720
    • Update website binding MaxSize to 255 #722
    • User can see the private activity on public history #818
    • Wrong pages number which includes private repositories #844
    • Trim whitespaces for search keyword #893
    • Don't rewrite non-gitea public keys #906
    • Use fingerprint to check instead content for public key #911
    • Fix random avatars #1147
  • ENHANCEMENTS
    • Refactored process manager #75
    • Restrict rights to create new orgs #193
    • Added label and milestone sorting #199
    • Make minimum password length configurable #223
    • Speedup conflict checking on pull requests #276
    • Added button to delete merged pull request branches #441
    • Improved issue references within markdown #471
    • Dutch translation for the landingpage #487
    • Added Gogs migration script #532
    • Support a .gitea folder for issue templates #582
    • Enhanced diff-view coloring #584
    • Added ETag header to avatars #721
    • Added option to config to disable local path imports #724
    • Allow custom public files #782
    • Added pprof endpoint for debugging #801
    • Added X-GitHub-* headers #809
    • Fill SSH key title automatically #863
    • Display Git version on admin panel #921
    • Expose URL field on issue API #982
    • Statically compile the binaries #985
    • Embed build tags into version string #1051
    • Gitignore support for FSharp and Clojure #1072
    • Custom templates for static builds #1087
    • Add ProxyFromEnvironment if none set #1096
  • MISC
    • Replaced remaining Gogs references
    • Added more tests on various packages
    • Use Crowdin for translations again
    • Resolved some XSS attack vectors
    • Optimized and reduced number of database queries

1.0.2 - 2017-02-21

  • BUGFIXES
    • Fixed issue counter #882
    • Fixed XSS vulnerability on wiki page #955
    • Add data dir without session to dump #587
    • Fixed wiki page renaming #958
    • Drop default console logger if not required #960
    • Fixed docker docs link on install page #972
    • Handle SetModel errors #957
    • Fixed XSS vulnerability on milestones #977
    • Fixed XSS vulnerability on alerts #981

1.0.1 - 2017-01-05

  • BUGFIXES
    • Fixed localized MIN_PASSWORD_LENGTH #501
    • Fixed 500 error on organization delete #507
    • Ignore empty wiki repo on migrate #544
    • Proper check access for forking #563
    • Fix SSH domain on installer #506
    • Fix missing data rows on admin UI #580
    • Do not delete tags with releases by default #579
    • Fix missing session config data on admin UI #578
    • Properly show the version within footer on the UI #593

1.0.0 - 2016-12-23

  • BREAKING
    • We have various changes on the API, scripting against API must be updated
  • FEATURES
    • Show last login for admins #121
  • BUGFIXES
    • Fixed sender of notifications #2
    • Fixed keyword hijacking vulnerability #20
    • Fixed non-markdown readme rendering #95
    • Allow updating draft releases #169
    • GitHub API compliance #227
    • Added commit SHA to tag webhook #286
    • Secured links via noopener #315
    • Replace tabs with spaces on wiki title #371
    • Fixed vulnerability on labels and releases #409
    • Fixed issue comment API #449
  • ENHANCEMENTS
    • Use proper import path for libravatar #3
    • Integrated DroneCI for tests and builds #24
    • Integrated dependency manager #29
    • Embedded bindata optionally #30
    • Integrated pagination for releases #73
    • Autogenerate version on every build #91
    • Refactored Docker container #104
    • Added short-hash support for downloads #211
    • Display tooltip for downloads #221
    • Improved HTTP headers for issue attachments #270
    • Integrate public as bindata optionally #293
    • Integrate templates as bindata optionally #314
    • Inject more ENV variables into custom hooks #316
    • Correct LDAP login validation #342
    • Integrate conf as bindata optionally #354
    • Serve video files in browser #418
    • Configurable SSH host binding #431
  • MISC
    • Forked from Gogs and renamed to Gitea
    • Catching more errors with logs
    • Fixed all linting errors
    • Made the go linter entirely happy
    • Really integrated vendoring