- Update to 1.12.6
  * SECURITY
    - Prevent git operations for inactive users (#13527) (#13537)
    - Disallow urlencoded new lines in git protocol paths if there
      is a port (#13521) (#13525)
  * BUGFIXES
    - API should only return Json (#13511) (#13564)
    - Fix before and since query arguments at API (#13559) (#13560)
    - Prevent panic on git blame by limiting lines to 4096 bytes at
      most (#13470) (#13492)
    - Fix link detection in repository description with tailing '_' 
      (#13407) (#13408)
    - Remove obsolete change of email on profile page
      (#13341) (#13348)
    - Fix permission check on get Reactions API endpoints
      (#13344) (#13346)
    - Add migrated pulls to pull request task queue
      (#13331) (#13335)
    - API deny wrong pull creation options (#13308) (#13327)
    - Fix initial commit page & binary munching problem
      (#13249) (#13259)
    - Fix diff parsing (#13157) (#13136) (#13139)
    - Return error 404 not 500 from API if team does not exist
      (#13118) (#13119)
    - Prohibit automatic downgrades (#13108) (#13111)
    - Fix GitLab Migration Option AuthToken (#13101)
    - GitLab Label Color Normalizer (#12793) (#13100)
    - Log the underlying panic in runMigrateTask (#13096) (#13098)
    - Fix attachments list in edit comment (#13036) (#13097)
    - Fix deadlock when deleting team user (#13093)
    - Fix error create comment on outdated file (#13041) (#13042)
    - Fix repository create/delete event webhooks (#13008) (#13027)
    - Fix internal server error on README in submodule
      (#13006) (#13016)

• Files Changed
• Browse Source

- Update to 1.12.5 
  * BUGFIXES
    - Allow U2F with default settings for gitea in subpath
      (#12990) (#13001)
    - Prevent empty div when editing comment (#12404) (#12991)
    - On mirror update also update address in DB (#12964) (#12967)
    - Allow extended config on cron settings (#12939) (#12943)
    - Open transaction when adding Avatar email-hash pairs to the
      DB (#12577) (#12940)
    - Fix internal server error from ListUserOrgs API
      (#12910) (#12915)
    - Update only the repository columns that need updating
      (#12900) (#12912)
    - Fix panic when adding long comment (#12892) (#12894)
    - Add size limit for content of comment on action ui
      (#12881) (#12890)
    - Convert User expose ID each time (#12855) (#12883)
    - Support slashes in release tags (#12864) (#12882)
    - Add missing information to CreateRepo API endpoint
      (#12848) (#12867)
    - On Migration respect old DefaultBranch (#12843) (#12858)
    - Fix notifications page links (#12838) (#12853)
    - Stop cloning unnecessarily on PR update (#12839) (#12852)
    - Escape more things that are passed through str2html
      (#12622) (#12850)
    - Remove double escape on labels addition in comments
      (#12809) (#12810)
    - Fix "only mail on mention" bug (#12775) (#12789)
    - Fix yet another bug with diff file names (#12771) (#12776)
    - RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
    - Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear)
      (#12745) (#12750)
  * ENHANCEMENTS
    - gitea dump: include version & Check InstallLock
    (#12760) (#12762)

• Files Changed
• Browse Source

- Fix build error in Tumbleweed.
  - Remove macros %{goprep} code.gitea.io/gitea, %{goinstall} and
    %{gosrc}, because not need and it is a bug boo#1163689 in macro
    %{gosrc} from package golang-packaging since version 15.0.12.

• Files Changed
• Browse Source

- Update to 1.12.4
  * SECURITY
    - Escape provider name in oauth2 provider redirect
      (#12648) (#12650)
    - Escape Email on password reset page (#12610) (#12612)
    - When reading expired sessions - expire them
      (#12686) (#12690)
  * ENHANCEMENTS
    - StaticRootPath configurable at compile time (#12371) (#12652)
  * BUGFIXES
    - Fix to show an issue that is related to a deleted issue
      (#12651) (#12692)
    - Expire time acknowledged for cache (#12605) (#12611)
    - Fix diff path unquoting (#12554) (#12575)
    - Improve HTML escaping helper (#12562)
    - models: break out of loop (#12386) (#12561)
    - Default empty merger list to those with write permissions
      (#12535) (#12560)
    - Skip SSPI authentication attempts for /api/internal
      (#12556) (#12559)
    - Prevent NPE on commenting on lines with invalidated comments
      (#12549) (#12550)
    - Remove hardcoded ES indexername (#12521) (#12526)
    - Fix bug preventing transfer to private organization
      (#12497) (#12501)
    - Keys should not verify revoked email addresses
      (#12486) (#12495)
    - Do not add prefix on http/https submodule links
      (#12477) (#12479)
    - Fix ignored login on compare (#12476) (#12478)
    - Fix incorrect error logging in Stats indexer and OAuth2
      (#12387) (#12422)
    - Upgrade google/go-github to v32.1.0 (#12361) (#12390)
    - Render emoji's of Commit message on feed-page (#12373)
    - Fix handling of diff on unrelated branches when Git 2.28 used
      (#12370)

• Files Changed
• Browse Source

- Update to 1.12.3
  - Don't change creation date when updating Release (#12343)
    (#12351)
  - Show 404 page when release not found (#12328) (#12332)
  - Fix emoji detection in certain cases (#12320) (#12327)
  - Reduce emoji size (#12317) (#12327)
  - Fix double-indirection bug in logging IDs (#12294) (#12308)
  - Link to pull list page on sidebar when view pr (#12256)
    (#12263)
  - Extend Notifications API and return pinned notifications 
    by default (#12164) (#12232)
- Cleanup npx section in spec.
- Add gitea-apache-vhost.conf  example in doc.
- Correct README.SUSE and rename gitea.conf in gitea-apache.conf
  in doc.

• Files Changed
• Browse Source

- Update to 1.12.2
  * BUGFIXES
    - When deleting repository decrese user repositry count in 
      cache (#11954) (#12188)
    - Gitea commits API again returns commit summaries, not full
      messages (#12186) (#12187)
    - Properly set HEAD when a repo is created with a non-master
      default branch (#12135) (#12182)
    - Ensure Subkeys are verified (#12155) (#12168)
    - Fix failing to cache last commit with key being to long
      (#12151) (#12161)
    - Multiple small admin dashboard fixes (#12153) (#12156)
    - Remove spurious logging (#12139) (#12148)
    - Fix repository setup instructions when default branch is not
      master (#12122) (#12147)
    - Move EventSource to SharedWorker (#12095) (#12130)
    - Fix ui bug in wiki commit page (#12089) (#12125)
    - Fix gitgraph branch continues after merge (#12044) (#12105)
    - Set the base url when migrating from Gitlab using access token
      or username without password (#11852) (#12104)
    - Ensure BlameReaders close at end of request (#12102) (#12103)
    - Fix comments webhook panic backport (#12058)
  * ENHANCEMENTS
    - Disable dropzone's timeout (#12024) (#12032)
- Changes from 1.12.1
  * BUGFIXES
    - Handle multiple merges in gitgraph.js (#11996) (#12000)
    - Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
    - For language detection do not try to analyze big files by
      content (#11971) (#11975)
  * ENHANCEMENTS
    - Fix scrollable header on dropdowns (#11893) (#11965)
- Changes from 1.12.0
  Too many changes. 
  Please see: https://github.com/go-gitea/gitea/releases/tag/v1.12.0

• Files Changed
• Browse Source

Change download-script.

• Files Changed
• Browse Source

- Update to 1.11.8
  * BUGFIXES
    - Really fix webpack_public_path for 1.11 (#11961)

• Files Changed
• Browse Source

- Update to 1.11.7
  * BUGFIXES
    - Use ID or Where to instead directly use Get when load object
      from database (#11925) (#11935)
    - Fix __webpack_public_path__ for 1.11 (#11907)
    - Fix verification of subkeys of default gpg key
      (#11713) (#11902)
    - Remove unnecessary parentheses in wiki/view template
      (#11781)
    - Doctor fix xorm.Count nil on sqlite error (#11741)
  

• Files Changed
• Browse Source

- Update to 1.11.6
  * SECURITY
    - Fix missing authorization check on pull for public repos of
      private/limited org (#11656) (#11683)
    - Use session for retrieving org teams (#11438) (#11439)
  * BUGFIXES
    - Return json on 500 error from API (#11574) (#11660)
    - Fix wrong milestone in webhook message (#11596) (#11612)
    - Prevent (caught) panic on login (#11590) (#11598)
    - Fix commit page js error (#11527)
    - Use media links for img in post-process (#10515) (#11504)
    - Ensure public repositories in private organizations are
      visible and fix admin organizations list (#11465) (#11475)
    - Set correct Content-Type value for Gogs/Gitea webhooks
      (#9504) (#10456) (#11461)
    - Allow all members of private orgs to see public repos
      (#11442) (#11459)
    - Whenever the ctx.Session is updated, release it to save it
      before sending the redirect (#11456) (#11457)
    - Forcibly clean and destroy the session on logout
      (#11447) (#11451)
    - Fix /api/v1/orgs/* endpoints by changing parameter to :org 
      from :orgname (#11381)
    - Add tracked time fix to doctor (part of #11111) (#11138)
    - Fix webpack chunk loading with STATIC_URL_PREFIX
      (#11526) (#11544)
    - Remove unnecessary parentheses in wiki/revision.tmpl to allow
      1.11 to build on go1.14 (#11481)

• Files Changed
• Browse Source

- Update to 1.11.5
  * BUGFIXES
    - Prevent timer leaks in Workerpool and others 
      (#11333) (#11340)
    - Fix tracked time issues (#11349) (#11354)
    - Add NotifySyncPushCommits to indexer notifier 
      (#11309) (#11338)
    - Allow X in addition to x in tasks (#10979) (#11335)
    - When delete tracked time through the API return 404 not 500
      (#11319) (#11326)
    - Prevent duplicate records in organizations list when creating
      a repository (#11303) (#11325)
    - Manage port in submodule refurl (#11305) (#11323)
    - api.Context.NotFound(...) should tolerate nil
      (#11288) (#11306)
    - Show pull request selection even when unrelated branches
      (#11239) (#11283)
    - Repo: milestone: make /milestone/:id endpoint accessible
      (#11264) (#11282)
    - Fix GetContents(): Dont't ignore Executables
      (#11192) (#11209)
    - Fix submodule paths when AppSubUrl is not root
      (#11098) (#11176)
    - Prevent clones and pushes to disabled wiki
      (#11131) (#11134)
    - Remove errant third closing curly-bracket from account.tmpl
      and send account ID in account.tmpl (#11130)
    - On Repo Deletion: Delete related TrackedTimes too
      (#11110) (#11125)
    - Refresh codemirror on show pull comment tab
      (#11100) (#11122)
    - Fix merge dialog on protected branch with missing required
      statuses (#11074) (#11084)
    - Load pr Issue Poster on API too (#11033) (#11039)
    - Fix release counter on API repository info (#10968) (#10996)
    - Generate Diff and Patch direct from Pull head
      (#10936) (#10938)
    - Fix rebase conflict detection in git 2.26 (#10929) (#10930)
  * ENHANCEMENT
    - Fix 404 and 500 image size in small size screen
      (#11043) (#11049)
    - Multiple Gitea Doctor improvements (#10943) (#10990) (#10064)
      (#9095) (#10991)

• Files Changed
• Browse Source

- Update to 1.11.4
  * BUGFIXES
    - Only update merge_base if not already merged (#10909)
    - Fix milestones too many SQL variables bug (#10880) (#10904)
    - Protect against NPEs in notifications list (#10879) (#10883)
    - Convert plumbing.ErrObjectNotFound to git.ErrNotExist in 
      getCommit (#10862) (#10868)
    - Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in
      GetRefCommitID (#10676) (#10797)
    - Account for empty lines in receive-hook message 
      (#10773) (#10784)
    - Fix bug on branch API (#10767) (#10775)
    - Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
    - Fix hiding of fields in authorization source page
      (#10734) (#10752)
    - Prevent default for linkAction (#10742) (#10743)

• Files Changed
• Browse Source

- Update to 1.11.3
  * BUGFIXES
    - Prevent panic in stopwatch (#10670) (#10673)
    - Fix bug on pull view when required status check no ci result
      (#10648) (#10651)
    - Build explicitly with Go 1.13 (#10684)

• Files Changed
• Browse Source

- Update to 1.11.2
  * BREAKING
    - Various fixes in login sources (#10428) (#10429)
  * SECURITY
    - Ensure only own addresses are updated (#10397) (#10399)
    - Logout POST action (#10582) (#10585)
    - Org action fixes and form cleanup (#10512) (#10514)
    - Change action GETs to POST (#10462) (#10464)
    - Fix admin notices (#10480) (#10483)
    - Change admin dashboard to POST (#10465) (#10466)
    - Update markbates/goth (#10444) (#10445)
    - Update crypto vendors (#10385) (#10398)
  * BUGFIXES
    - Allow users with write permissions to modify issue 
      descriptions and comments. (#10623) (#10626)
    - Handle deleted base branch in PR (#10618) (#10619)
    - Delete dependencies when deleting a repository
      (#10608) (#10616)
    - Ensure executable bit is kept on the web editor
      (#10607) (#10614)
    - Update mergebase in pr checker (#10586) (#10605)
    - Fix release attachments being deleted while upgrading
      (#10572) (#10573)
    - Fix redirection path if Slack webhook channel is invalid
      (#10566)
    - Fix head.tmpl og:image picture location (#10531) (#10556)
    - Fix 404 after activating secondary email (#10547) (#10553)
    - Show Signer in commit lists and add basic trust
      (#10425 & #10511) (#10524)
    - Fix potential bugs (#10513) (#10518)
    - Use [:space:] instead of \s (#10508) (#10509)
    - Avoid mailing users that have explicitly unwatched an issue
      (#10475) (#10500)
    - Handle push rejection message in Merge & Web Editor
      (#10373) (#10497)
    - Fix SQLite concurrency problems by using BEGIN IMMEDIATE
      (#10368) (#10493)
    - Fix double PR notification from API (#10482) (#10486)
    - Show the username as a fallback on feeds if full name is
      blank (#10461)
    - Trigger webhooks on issue label-change via API too
      (#10421) (#10439)
    - Fix git reference type in webhooks (#10427) (#10432)
    - Prevent panic on merge to PR (#10403) (#10408)
    - Fix wrong num closed issues on repository when close issue 
      via commit… (#10364) (#10380)
    - Reading pull attachments should depend on read
      UnitTypePullRequests (#10346) (#10354)
    - Set max-width on review-box comment box (#10348) (#10353)
    - Prevent nil pointer in GetPullRequestCommitStatusState
      (#10342) (#10344)
    - Fix protected branch status check settings (#10341) (#10343)
    - Truncate long commit message header (#10301) (#10319)
    - Set the initial commit status to Success otherwise it will
      always be Pending (#10317) (#10318)
    - Don't manually replace whitespace during render
      (#10291) (#10315)
  * ENHANCEMENTS
    - Admin page for managing user e-mail activation
      (#10557) (#10579)

• Files Changed
• Browse Source

- Fix generation of arc-green theme.

• Files Changed
• Browse Source

- Update to 1.11.1
  * BUGFIXES
    - Repo name added to automatically generated commit message 
      when merging (#9997) (#10285)
    - Fix Workerpool deadlock (#10283) (#10284)
    - Divide GetIssueStats query in smaller chunks 
      (#10176) (#10282)
    - Fix reply on code review (#10257)
    - Stop hanging issue indexer initialisation from preventing
      shutdown (#10243) (#10249)
    - Fix filter label emoji width (#10241) (#10244)
    - Fix issue sidebar menus having an infinite height
      (#10239) (#10240)
    - Fix commit between two commits calculation if there is only
      last commit (#10225) (#10226)
    - Only check for conflicts/merging if the PR has not been
       merged in the interim (#10132) (#10206)
    - Blacklist manifest.json & milestones user (#10292) (#10293)
- Fix position-independent-executable-suggested.

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Change AppWorkPath to /var/lib/gitea.
- Set default CustomPath and AppWorkPath in gitea binary.

• Files Changed
• Browse Source

- Update to 1.11.0
  There are to many changes.
  Please look in CHANGELOG.md or at: 
  https://github.com/go-gitea/gitea/releases/tag/v1.11.0
- New version needs webpack and nodejs modules to run.
  Create a script gitea-fetch_source_and_node_modules.sh to
  generate needed files.
- Run spec-cleaner.

• Files Changed
• Browse Source

Rollback to version 1.10.3 (rev 37) because 1.11.0 does not run. 

• Files Changed
• Browse Source