Revisions of gitea
Eric Schirra (ecsos)
accepted
request 914055
from
Eric Schirra (ecsos)
(revision 77)
Must use nodejs14 to fix Tumbleweed build error. With 16 Only Leap will build.
Eric Schirra (ecsos)
accepted
request 913990
from
Eric Schirra (ecsos)
(revision 76)
- Update to 1.15.0
* BREAKING
- Make app.ini permissions more restrictive (#16266)
- Refactor Webhook + Add X-Hub-Signature (#16176)
- Add asymmetric JWT signing (#16010)
- Clean-up the settings hierarchy for issue_indexer queue (#16001)
- Change default queue settings to be low go-routines (#15964)
- Improve assets handler middleware (#15961)
- Rename StaticUrlPrefix to AssetUrlPrefix (#15779)
- Use a generic markup class to display externally rendered files and diffs (#15735)
- Add frontend testing, require node 12 (#15315)
- Move (custom) assets into subpath /assets (#15219)
- Use level config in log section when sub log section not set level (#15176)
- Links in markdown should be absolute to the repository not the server (#15088)
- Upgrade to the latest version of golang-jwt (#16590) (#16606)
- Set minimum supported version of go to 1.16 (#16710)
* SECURITY
- Encrypt LDAP bind password in db with SECRET_KEY (#15547)
- Remove random password in Dockerfiles (#15362)
- Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
- Correctly create of git-daemon-export-ok files (#16508) (#16514)
- Don't show private user's repo in explore view (#16550) (#16554)
- Update node tar dependency to 6.1.6 (#16622) (#16623)
* FEATURES
- Update Go-Git to take advantage of LargeObjectThreshold (#16316)
- Support custom mime type mapping for text files (#16304)
- Link to previous blames in file blame page (#16259)
- Add LRU mem cache implementation (#16226)
- Localize Email Templates (#16200)
- Make command in authorized keys a template (#16003)
- Add possibility to make branch in branch page (#15960)
- Add email headers (#15939)
- Make tasklist checkboxes clickable (#15791)
- Add selecting tags on the compare page (#15723)
- Add cron job to delete old actions from database (#15688)
- On open repository open common cat file batch and batch-check (#15667)
- Add tag protection (#15629)
- Add push to remote mirror repository (#15157)
- Add Image Diff for SVG files (#14867)
- Add dashboard milestone search and repo milestone search by name. (#14866)
- Add LFS Migration and Mirror (#14726)
- Improve notifications for WIP draft PR's (#14663)
- Disable Stars config option (#14653)
- GPG Key Ownership verification with Signed Token (#14054)
- OAuth2 auto-register (#5123)
* API
- Return updated repository when changing repository using API (#16420)
- Let branch/tag name be a valid ref to get CI status (#16400)
- Add endpoint to get commits of PR (#16300)
- Allow COMMENT reviews to not specify a body (#16229)
- Add subject-type filter to list notification API endpoints (#16177)
- ListReleases add filter for draft and pre-releases (#16175)
- ListIssues add more filters (#16174)
- Issue Search Add filter for MilestoneNames (#16173)
- GET / SET User Settings (#16169)
- Expose repo.GetReviewers() & repo.GetAssignees() (#16168)
- User expose counters (#16167)
- Add repoGetTag (#16166)
- Add repoCreateTag (#16165)
- Creating a repo from a template repo via API (#15958)
- Add Active and ProhibitLogin to API (#15689)
- Add Location, Website and Description to API (#15675)
- Expose resolver via API (#15167)
- Swagger AccessToken fixes (#16574) (#16597)
- Set AllowedHeaders on API CORS handler (#16524) (#16618)
* ENHANCEMENTS
- Support HTTP/2 in Let's Encrypt (#16371)
- Introduce NotifySubjectType (#16320)
- Add forge emojies (#16296)
- Implemented head_commit for webhooks (#16282)
- Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)
- Add previous/next buttons to review comments (#16273)
- Review comments: break-word for long file names (#16272)
- Add configuration to restrict allowed user visibility modes (#16271)
- Add scroll-margin-top to account for sticky header (#16269)
- Add --quiet and --verbose to gitea web to control initial logging (#16260)
- Use gitea logging module for git module (#16243)
- Add tests for all webhooks (#16214)
- Add button to delete undeleted repositories from failed migrations (#16197)
- Speed up git diff highlight generation (#16180)
- Add OpenID claims "profile" and "email". (#16141)
- Reintroduce squash merge default comment as a config setting (#16134)
- Add sanitizer rules per renderer (#16110)
- Improve performance of dashboard list orgs (#16099)
- Refactor assert statements in tests (#16089)
- Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
- Remove unnecessary goroutine (#16080)
- Add attachments for PR reviews (#16075)
- Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070)
- Add Visible modes function from Organisation to Users too (#16069)
- Add checkbox to delete pull branch after successful merge (#16049)
- Make commit info cancelable (#16032)
- Make modules/context.Context a context.Context (#16031)
- Unified custom config creation (#16012)
- Make sshd_config more flexible regarding connections (#16009)
- Append to existing trailers in generated squash commit message (#15980)
- Always store primary email address into email_address table and also the state (#15956)
- Load issue/PR context popup data only when needed (#15955)
- Remove remaining fontawesome usage in templates (#15952)
- Remove fomantic accordion module (#15951)
- Small refactoring of modules/private (#15947)
- Double the avatar size factor (#15941)
- Add curl to rootless docker image (#15908)
- Replace clipboard.js with async clipboard api (#15899)
- Allow custom highlight mapping beyond file extensions (#15808)
- Add trace logging to SSO methods (#15803)
- Refactor routers directory (#15800)
- Allow only internal registration (#15795)
- Add a new internal hook to save ssh log (#15787)
- Respect default merge message syntax when parsing item references (#15772)
- OAuth2 login: Set account link to "login" as default behavior (#15768)
- Use single shared random string generation function (#15741)
- Hold the event source when there are no listeners (#15725)
- Code comments improvements (#15722)
- Provide OIDC compliant user info endpoint (#15721)
- Fix webkit calendar icon color on arc-green (#15713)
- Improve Light Chroma style (#15699)
- Only use boost workers for leveldb shadow queues (#15696)
- Add compare tag dropdown to releases page (#15695)
- Add caret styling CSS (#15651)
- Remove x-ua-compatible meta tag (#15640)
- Refactor of link creation (#15619)
- Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
- Rewrite of the LFS server (#15523)
- Display more repository type on admin repository management (#15440)
- Remove usage of some JS globals (#15378)
- SHA in merged commit comment should be rendered ui sha (#15376)
- Add well-known config for OIDC (#15355)
- Use route rather than use thus reducing the number of stack frames (#15301)
- Code Formats, Nits & Unused Func/Var deletions (#15286)
- Let package git depend on setting but not opposite (#15241)
- Fixed sanitize errors (#15240)
- response simple text message for not html request when 404 (#15229)
- Remove file-loader dependency (#15196)
- Refactor renders (#15175)
- Add mimetype mapping settings (#15133)
- Add Status Updates whilst Gitea migrations are occurring (#15076)
- Reload locales in initialisation if needed by utilizing i18n.Reset (#15073)
- Counterwork seemingly unclickable repo button labels (#15064)
- Add DefaultMergeStyle option to repository (#14789)
- Added support for gopher URLs. (#14749)
- Rework repository archive (#14723)
- Add links to toggle WIP status (#14677)
- Add Tabular Diff for CSV files (#14661)
- Use milestone deadline when sorting issues (#14551)
* BUGFIXES
- Fix invalid params and typo of email templates (#16394)
- Fix activation of primary email addresses (#16385)
- Fix calculation for finalPage in repo-search component (#16382)
- Specify user in rootless container numerically (#16361)
- Detect encoding changes while parsing diff (#16330)
- Fix U2F error reasons always hidden (#16327)
- Prevent zombie processes (#16314)
- Escape reference to user table in models.SearchEmails (#16313)
- Fix default push instructions on empty repos (#16302)
- Fix modified files list in webhooks when there is a space (#16288)
- Fix webhook commits wrong hash on HEAD reset (#16283)
- Fuzzer finds an NPE due to incorrect URLPrefix (#16249)
- Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238)
- Do not show No match found for tribute (#16231)
- Fix "Copy Link" for pull requests (#16230)
- Fix diff expansion is missing final line in a file (#16222)
- Fix private repo permission problem (#16142)
- Fix not able to update local created non-urlencoded wiki pages (#16139)
- More efficiently parse shas for shaPostProcessor (#16101)
- Fix doctor --run check-db-consistency --fix with label fix (#16094)
- Prevent webhook action buttons from shifting (#16087)
- Change default TMPDIR path in rootless containers (#16077)
- Fix typo and add TODO notice (#16064)
- Use git log name-status in get last commit (#16059)
- Fix 500 Error with branch and tag sharing the same name (#16040)
- Fix get tag when migration (#16014)
- Add custom emoji support (#16004)
- Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
- Add permission check for GenerateRepository (#15946)
- Ensure settings for Service and Mailer are read on the install page (#15943)
- Fix layout of milestone view (#15927)
- Unregister non-matching serviceworkers (#15834)
- Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
- Attachment support repository route (#15580)
- Fix missing icons and colorpicker when mounted on suburl (#15501)
- Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
- Prevent double-login for Git HTTP and LFS and simplify login (#15303)
- Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278)
- Fix heatmap activity (#15252)
- Remove vendored copy of fomantic-dropdown (#15193)
- Update repository size on cron gc task (#15177)
- Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
- Add code block highlight to orgmode back (#14222)
- Remove User.GetOrganizations() (#14032)
- Restore Accessibility for Dropdown (#16576) (#16617)
- Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
- Fix table alignment in markdown (#16596) (#16602)
- Fix 500 on first wiki page (#16586) (#16598)
- Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
- Upgrade levelqueue to v0.4.0 (#16560) (#16561)
- Handle too long PR titles correctly (#16517) (#16549)
- Fix data race in bleve indexer (#16474) (#16509)
- Restore CORS on git smart http protocol (#16496) (#16506)
- Fix race in log (#16490) (#16505)
- Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
- Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
- Update notification table with only latest data (#16445) (#16469)
- Fix crash following ldap authentication update (#16447) (#16448)
- Fix direct creation of external users on admin page (partial #16612) (#16613)
- Prevent 500 on draft releases without tag (#16634) (#16636)
- Restore creation of git-daemon-export-ok files (#16508) (#16514)
- Fix data race in bleve indexer (#16474) (#16509)
- Restore CORS on git smart http protocol (#16496) (#16506)
- Fix race in log (#16490) (#16505)
- Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
- Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
- Update notification table with only latest data (#16445) (#16469)
- Fix crash following ldap authentication update (#16447) (#16448)
- Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
- Fix direct creation of external users on admin page (#16613)
- Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
- Fix NPE in fuzzer (#16680) (#16682)
- Set issue_index when finishing migration (#16685) (#16687)
- Skip patch download when no patch file exists (#16356) (#16681)
- Ensure empty lines are copiable and final new line too (#16678) (#16692)
- Fix wrong user in OpenID response (#16736) (#16741)
- Do not use thin scrollbars on Firefox (#16738) (#16745)
- Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
- Keep attachments on tasklist update (#16750) (#16757)
* TESTING
- Bump postgres and mysql versions (#15710)
- Add tests for clone from wiki (#15513)
- Fix Benchmark tests, remove a broken one & add two new (#15250)
- Create Proper Migration tests (#15116)
* TRANSLATION
- Use a special name for update default branch on repository setting (#15893)
- Fix mirror_lfs source string in en-US locale (#15369)
* BUILD
- Upgrade xorm to v1.1.1 (#16339)
- Disable legal comments in esbuild (#15929)
- Switch to Node 16 to build fronted (#15804)
- Use esbuild to minify CSS (#15756)
- Use binary version of revive linter (#15739)
- Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465)
- Stop packaging node_modules in release tarballs (#15273)
- Introduce esbuild on webpack (#14578)
* DOCS
- Update queue workers documentation (#15999)
- Comment out app.example.ini (#15807)
- Improve logo customization docs (#15754)
- Add some response status on api docs (#15399)
- Rework Token API comments (#15162)
- Add better errors for disabled account recovery (#15117)
* MISC
- Remove utf8 option from installation page (#16126)
- Use Wants= over Requires= in systemd file (#15897)
- Switch again to download node_modules for myself, because upstream has removed node_mules again.
Eric Schirra (ecsos)
accepted
request 910433
from
Eric Schirra (ecsos)
(revision 75)
- Update to 1.14.6
* SECURITY
- Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
- Switch to maintained JWT lib (#16532) (#16535)
- Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
* BUGFIXES
- Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495)
- Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)
Eric Schirra (ecsos)
accepted
request 906647
from
Eric Schirra (ecsos)
(revision 74)
- Update to 1.14.5
* SECURITY
- Hide mirror passwords on repo settings page (#16022) (#16355)
- Update bluemonday to v1.0.15 (#16379) (#16380)
* BUGFIXES
- Retry rename on lock induced failures (#16435) (#16439)
- Validate issue index before querying DB (#16406) (#16410)
- Fix crash following ldap authentication update (#16447) (#16449)
* ENHANCEMENTS
- Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
Eric Schirra (ecsos)
accepted
request 904426
from
Eric Schirra (ecsos)
(revision 73)
- Update to 1.14.4
* BUGFIXES
- Fix relative links in postprocessed images (#16334) (#16340)
- Fix list_options GetStartEnd (#16303) (#16305)
- Fix API to use author for commits instead of committer (#16276) (#16277)
- Handle misencoding of login_source cfg in mssql (#16268) (#16275)
- Fixed issues not updated by commits (#16254) (#16261)
- Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
- Use html.Parse rather than html.ParseFragment (#16223) (#16225)
- Fix milestone counters on new issue (#16183) (#16224)
- reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
Eric Schirra (ecsos)
accepted
request 901002
from
Eric Schirra (ecsos)
(revision 72)
- Update to 1.14.3
* SECURITY
- Encrypt migration credentials at rest (#15895) (#16187)
- Only check access tokens if they are likely to be tokens (#16164) (#16171)
- Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
- Fix setting of SameSite on cookies (#15989) (#15991)
* API
- Repository object only count releases as releases (#16184) (#16190)
- EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190)
- Fix overly strict edit pr permissions (#15900) (#16081)
* BUGFIXES
- Run processors on whole of text (#16155) (#16185)
- Class issue-keyword is being incorrectly stripped off spans (#16163) (#16172)
- Fix language switch for install page (#16043) (#16128)
- Fix bug on getIssueIDsByRepoID (#16119) (#16124)
- Set self-adjusting deadline for connection writing (#16068) (#16123)
- Fix http path bug (#16117) (#16120)
- Fix data URI scramble (#16098) (#16118)
- Merge all deleteBranch as one function and also fix bug when
delete branch don't close related PRs (#16067) (#16097)
- git migration: don't prompt interactively for clone credentials (#15902) (#16082)
- Fix case change in ownernames (#16045) (#16050)
- Don't manipulate input params in email notification (#16011) (#16033)
- Remove branch URL before IssueRefURL (#15968) (#15970)
- Fix layout of milestone view (#15927) (#15940)
- GitHub Migration, migrate draft releases too (#15884) (#15888)
- Close the gitrepo when deleting the repository (#15876) (#15887)
- Upgrade xorm to v1.1.0 (#15869) (#15885)
- Fix blame row height alignment (#15863) (#15883)
- Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882)
- Backport Fix LFS commit finder not working (#15856) (#15874)
- Stop calling WriteHeader in Write (#15862) (#15873)
- Add timeout to writing to responses (#15831) (#15872)
- Return go-get info on subdirs (#15642) (#15871)
- Restore PAM user autocreation functionality (#15825) (#15867)
- Fix truncate utf8 string (#15828) (#15854)
- Fix bound address/port for caddy's certmagic library (#15758) (#15848)
- Upgrade unrolled/render to v1.1.1 (#15845) (#15846)
- Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840)
- Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
- Set autocomplete off on branches selector (#15809) (#15833)
- Add missing error to Doctor log (#15813) (#15824)
- Move restore repo to internal router and invoke from command
to avoid open the same db file or queues files (#15790) (#15816)
* ENHANCEMENTS
- Removable media support to snap package (#16136) (#16138)
- Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
* DOCKER
- Only write config in environment-to-ini if there are changes (#15861) (#15868)
- Only offer hostcertificates if they exist (#15849) (#15853)
- Use gitea-src-1.14.3.tar.gz and gitea-docs-1.14.3.tar.gz from github instead of
source from gitea-fetch_source_and_node_modules.sh.
- Add docs package.
Eric Schirra (ecsos)
accepted
request 891822
from
Eric Schirra (ecsos)
(revision 71)
- Update to 1.14.2
* API
- Make change repo settings work on empty repos (#15778) (#15789)
- Add pull "merged" notification subject status to API (#15344) (#15654)
* BUGFIXES
- Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798)
- Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775)
- Set GIT_DIR correctly if it is not set (#15751) (#15769)
- Fix bug where repositories appear unadopted (#15757) (#15767)
- Not show ref-in-new-issue pop when issue was disabled (#15761) (#15765)
- Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762)
- Fix setting version table in dump (#15753) (#15759)
- Fix close button change on delete in simplemde area (#15737) (#15747)
- Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746)
- Fix some ui bug about draft release (#15137) (#15745)
- Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715)
- Move tooltip down to allow selection of Remove File on error (#15672) (#15714)
- Fix setting redis db path (#15698) (#15708)
- Fix DB session cleanup (#15697) (#15700)
- Fixed several activation bugs (#15473) (#15685)
- Delete references if repository gets deleted (#15681) (#15684)
- Fix orphaned objects deletion bug (#15657) (#15683)
- Delete protected branch if repository gets removed (#15658) (#15676)
- Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652)
- Not update updated uinx for git gc (#15637) (#15641)
- Fix commit graph author link (#15627) (#15630)
- Fix webhook timeout bug (#15613) (#15621)
- Resolve panic on failed interface conversion in migration v156 (#15604) (#15610)
- Fix missing storage init (#15589) (#15598)
- If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594)
- Fix lfs management find (#15537) (#15578)
- Fix NPE on view commit with notes (#15561) (#15573)
- Fix bug on commit graph (#15517) (#15530)
- Send size to /avatars if requested (#15459) (#15528)
- Prevent migration 156 failure if tag commit missing (#15519) (#15527)
* ENHANCEMENTS
- Display conflict-free merge messages for pull requests (#15773) (#15796)
- Exponential Backoff for ByteFIFO (#15724) (#15793)
- Issue list alignment tweaks (#15483) (#15766)
- Implement delete release attachments and update release attachments' name (#14130) (#15666)
- Add placeholder text to deploy key textarea (#15575) (#15576)
- Project board improvements (#15429) (#15560)
- Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
* MISC
- Fix webkit calendar icon color on arc-green (#15713) (#15728)
- Performance improvement for last commit cache and show-ref (#15455) (#15701)
- Bump unrolled/render to v1.1.0 (#15581) (#15608)
- Add ETag header (#15370) (#15552)
Eric Schirra (ecsos)
accepted
request 885898
from
Eric Schirra (ecsos)
(revision 70)
- Update to 1.14.1
* BUGFIXES
- Fix bug clone wiki (#15499) (#15502)
- Github Migration ignore rate limit, if not enabled (#15490) (#15495)
- Use subdir for URL (#15446) (#15493)
- Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
- Ensure review dismissal only dismisses the correct review (#15477) (#15489)
- Use index of the supported tags to choose user lang (#15452) (#15488)
- Fix wrong file link in code search page (#15466) (#15486)
- Quick template fix for built-in SSH server in admin config (#15464) (#15481)
- Prevent superfluous response.WriteHeader (#15456) (#15476)
- Fix ambiguous argument error on tags (#15432) (#15474)
- Add created_unix instead of expiry to migration (#15458) (#15463)
- Fix repository search (#15428) (#15442)
- Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
- Fix wiki clone urls (#15430) (#15431)
- Fix dingtalk icon url at webhook (#15417) (#15426)
- Standardise icon on projects PR page (#15387) (#15408)
* ENHANCEMENTS
- Add option to skip LFS/attachment files for dump (#15407) (#15492)
- Clone panel fixes (#15436)
- Use semantic dropdown for code search query type (#15276) (#15364)
* BUILD
- Build go-git variants for windows (#15482) (#15487)
- Lock down build-images dependencies (Partial #15479) (#15480)
* MISC
- Performance improvement for list pull requests (#15447) (#15500)
- Fix potential copy lfs records failure when fork a repository (#15441) (#15485)
Eric Schirra (ecsos)
accepted
request 884484
from
Eric Schirra (ecsos)
(revision 69)
- Update to 1.14.0
* SECURITY
* Respect approved email domain list for externally validated user registration (#15014)
* Add reverse proxy configuration support for remote IP address detection (#14959)
* Ensure validation occurs on clone addresses too (#14994)
Eric Schirra (ecsos)
accepted
request 884471
from
Eric Schirra (ecsos)
(revision 68)
- Enable support for sqlite3 database.
Eric Schirra (ecsos)
accepted
request 883858
from
Eric Schirra (ecsos)
(revision 67)
- Update to 1.13.7
* SECURITY
- Update to bluemonday-1.0.6 (#15294) (#15298)
- Clusterfuzz found another way (#15160) (#15169)
* API
- Fix wrong user returned in API (#15139) (#15150)
* BUGFIXES
- Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
- Speed up enry.IsVendor (#15213) (#15246)
- Response 404 for diff/patch of a commit that not exist
(#15221) (#15238)
- Prevent NPE in CommentMustAsDiff if no hunk header
(#15199) (#15201)
* MISC
- Add size to Save function (#15264) (#15271)
Eric Schirra (ecsos)
accepted
request 880867
from
Eric Schirra (ecsos)
(revision 66)
- Update to 1.13.6
* SECURITY
- Fix bug on avatar middleware (#15124) (#15125)
- Fix another clusterfuzz identified issue (#15096) (#15114)
* API
- Fix nil exeption for get pull reviews API #15104 (#15106)
* BUGFIXES
- Fix markdown rendering in milestone content (#15056) (#15092)
Eric Schirra (ecsos)
accepted
request 880702
from
Eric Schirra (ecsos)
(revision 65)
- Fix build error in Tumbleweed. (npm>10 has problems)
Eric Schirra (ecsos)
accepted
request 880511
from
Eric Schirra (ecsos)
(revision 64)
- Update to 1.13.5
* SECURITY
- Update to goldmark 1.3.3 (#15059) (#15061)
- Another clusterfuzz spotted issue (#15032) (#15034)
* API
- Fix set milestone on PR creation (#14981) (#15001)
- Prevent panic when editing forked repos by API (#14960) (#14963)
* BUGFIXES
- Fix bug when upload on web (#15042) (#15055)
- Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
- Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
- Fix several render issues (#14986) (#15013)
- Make sure sibling images get a link too (#14979) (#14995)
- Fix Anchor jumping with escaped query components (#14969) (#14977)
- Fix release mail html template (#14976)
- Fix excluding more than two labels on issues list (#14962) (#14973)
- Don't mark each comment poster as OP (#14971) (#14972)
- Add "captcha" to list of reserved usernames (#14930)
- Re-enable import local paths after reversion from #13610 (#14925) (#14927)
Eric Schirra (ecsos)
accepted
request 877695
from
Eric Schirra (ecsos)
(revision 63)
- Update to 1.13.4
* SECURITY
- Fix issue popups (#14898) (#14899)
* BUGFIXES
- Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
- Fix a couple of issues with a feeds (#14897) (#14903)
- When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
- Fix race in local storage (#14888) (#14901)
- Fix 500 on pull view page if user is not loged in (#14885) (#14886)
* DOCS
- Fix how lfs data path is set (#14855) (#14884)
Eric Schirra (ecsos)
accepted
request 876783
from
Eric Schirra (ecsos)
(revision 62)
- Update to 1.13.3
* BREAKING & SECURITY
- Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
* BUGFIXES
- Fix paging of file commit logs (#14831) (#14879)
- Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
- Fix display since time round (#14226) (#14873)
- When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
- Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
- Fix a couple of CommentAsPatch issues. (#14804) (#14820)
- Disable broken OAuth2 providers at startup (#14802) (#14811)
- Repo Transfer permission checks (#14792) (#14794)
- Fix double alert in oauth2 application edit view (#14764) (#14768)
- Fix broken spans in diffs (#14678) (#14683)
- Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
- HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
- Do not assume all 40 char strings are SHA1s (#14624) (#14648)
- Allow org labels to be set with issue templates (#14593) (#14647)
- Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
- Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
- Fix GPG key deletion during account deletion (#14561) (#14569)
- Update to 1.13.2
* SECURITY
- Prevent panic on fuzzer provided string (#14405) (#14409)
- Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
* API
- If release publisher is deleted use ghost user (#14375)
* BUGFIXES
- Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
- Set the name Mapper in migrations (#14526) (#14529)
- Fix wiki preview (#14515)
- Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
- ChangeUserName: rename user files back on DB issue (#14447)
- Fix lfs preview bug (#14428) (#14433)
- Ensure timeout error is shown on u2f timeout (#14417) (#14431)
- Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
- Use path not filepath in routers/editor (#14390) (#14396)
- Check if label template exist first (#14384) (#14389)
- Fix migration v141 (#14387) (#14388)
- Use Request.URL.RequestURI() for fcgi (#14347)
- Use ServerError provided by Context (#14333) (#14345)
- Fix edit-label form init (#14337)
- Fix mailIssueCommentBatch for pull request (#14252) (#14296)
- Render links for commit hashes followed by comma (#14224) (#14227)
- Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
- Fix avatar bugs (#14217) (#14220)
- Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
- Fix dashboard issues labels filter bug (#14210) (#14214)
- When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
- Fix branch selector on new issue page (#14194) (#14207)
- Check for notExist on profile repository page (#14197) (#14203)
Eric Schirra (ecsos)
accepted
request 859096
from
Eric Schirra (ecsos)
(revision 61)
- Update to 1.13.1
* SECURITY
- Hide private participation in Orgs (#13994) (#14031)
- Fix escaping issue in diff (#14153) (#14154)
* BUGFIXES
- Fix bug of link query order on markdown render (#14156) (#14171)
- Drop long repo topics during migration (#14152) (#14155)
- Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143)
- Fix storage config implementation (#14091) (#14095)
- Fix panic in BasicAuthDecode (#14046) (#14048)
- Always wait for the cmd to finish (#14006) (#14039)
- Don't use simpleMDE editor on mobile devices for 1.13 (#14029)
- Fix incorrect review comment diffs (#14002) (#14011)
- Trim the branch prefix from action.GetBranch (#13981) (#13986)
- Ensure template renderer is available before storage handler (#13164) (#13982)
- Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)
- Enforce setting HEAD in wiki to master (#13950) (#13961)
- Fix feishu webhook caused by API changed (#13938)
- Fix Quote Reply button on review diff (#13830) (#13898)
- Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896)
- Fix mermaid chart size (#13865)
- Fix branch/tag notifications in mirror sync (#13855) (#13862)
- Fix crash in short link processor (#13839) (#13841)
- Update font stack to bootstrap's latest (#13834) (#13837)
- Make sure email recipients can see issue (#13820) (#13827)
- Reply button is not removed when deleting a code review comment (#13824)
- When reinitialising DBConfig reset the database use flags (#13796) (#13811)
* ENHANCEMENTS
- Add emoji in label to project boards (#13978) (#14021)
- Send webhook when tag is removed via Web UI (#14015) (#14019)
- Use Process Manager to create own Context (#13792) (#13793)
* API
- GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047)
- Return original URL of Repositories (#13885) (#13886)
Eric Schirra (ecsos)
accepted
request 855567
from
Eric Schirra (ecsos)
(revision 60)
- Put apache configuration files in separate subpackage.
Eric Schirra (ecsos)
accepted
request 852572
from
Eric Schirra (ecsos)
(revision 59)
- Update to 1.13.0
* SECURITY
* Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
- Prevent git operations for inactive users (#13527) (#13536)
- Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
- Mitigate Security vulnerability in the git hook feature (#13058)
- Disable DSA ssh keys by default (#13056)
- Set TLS minimum version to 1.2 (#12689)
- Use argon as default password hash algorithm (#12688)
Eric Schirra (ecsos)
accepted
request 848911
from
Eric Schirra (ecsos)
(revision 58)
- Update to 1.12.6
* SECURITY
- Prevent git operations for inactive users (#13527) (#13537)
- Disallow urlencoded new lines in git protocol paths if there
is a port (#13521) (#13525)
* BUGFIXES
- API should only return Json (#13511) (#13564)
- Fix before and since query arguments at API (#13559) (#13560)
- Prevent panic on git blame by limiting lines to 4096 bytes at
most (#13470) (#13492)
- Fix link detection in repository description with tailing '_'
(#13407) (#13408)
- Remove obsolete change of email on profile page
(#13341) (#13348)
- Fix permission check on get Reactions API endpoints
(#13344) (#13346)
- Add migrated pulls to pull request task queue
(#13331) (#13335)
- API deny wrong pull creation options (#13308) (#13327)
- Fix initial commit page & binary munching problem
(#13249) (#13259)
- Fix diff parsing (#13157) (#13136) (#13139)
- Return error 404 not 500 from API if team does not exist
(#13118) (#13119)
- Prohibit automatic downgrades (#13108) (#13111)
- Fix GitLab Migration Option AuthToken (#13101)
- GitLab Label Color Normalizer (#12793) (#13100)
- Log the underlying panic in runMigrateTask (#13096) (#13098)
- Fix attachments list in edit comment (#13036) (#13097)
- Fix deadlock when deleting team user (#13093)
- Fix error create comment on outdated file (#13041) (#13042)
- Fix repository create/delete event webhooks (#13008) (#13027)
- Fix internal server error on README in submodule
(#13006) (#13016)
Displaying revisions 81 - 100 of 157
