# Changelog This changelog goes through all the changes that have been made in each release without substantial changes to our git log; to see the highlights of what has been added to each release, please refer to the [blog](https://blog.gitea.io). ## [1.19.3](https://github.com/go-gitea/gitea/releases/tag/1.19.3) - 2023-05-03 * SECURITY * Use golang 1.20.4 to fix CVE-2023-24539, CVE-2023-24540, and CVE-2023-29400 * ENHANCEMENTS * Enable whitespace rendering on selection in Monaco (#24444) (#24485) * Improve milestone filter on issues page (#22423) (#24440) * BUGFIXES * Fix api error message if fork exists (#24487) (#24493) * Fix user-cards format (#24428) (#24431) * Fix incorrect CurrentUser check for docker rootless (#24435) * Getting the tag list does not require being signed in (#24413) (#24416) ## [1.19.2](https://github.com/go-gitea/gitea/releases/tag/1.19.2) - 2023-04-26 * SECURITY * Require repo scope for PATs for private repos and basic authentication (#24362) (#24364) * Only delete secrets belonging to its owner (#24284) (#24286) * API * Fix typo in API route (#24310) (#24332) * Fix access token issue on some public endpoints (#24194) (#24259) * ENHANCEMENTS * Fix broken clone script on an empty archived repo (#24339) (#24348) * Fix Monaco IOS keyboard button (#24341) (#24347) * Don't set meta `theme-color` by default (#24340) (#24346) * Wrap too long push mirror addresses (#21120) (#24334) * Add --font-weight-bold and set previous bold to 601 (#24307) (#24331) * Unify nightly naming across binaries and docker images (#24116) (#24308) * Fix footer display (#24251) (#24269) * Fix label color, fix divider in dropdown (#24215) (#24244) * Vertical widths of containers removed (#24184) (#24211) * Use correct locale key for forks page (#24172) (#24175) * Sort repo topic labels by name (#24123) (#24153) * Highlight selected file in the PR file tree (#23947) (#24126) * BUGFIXES * Fix auth check bug (#24382) (#24387) * Add tags list for repos whose release setting is disabled (#23465) (#24369) * Fix wrong error info in RepoRefForAPI (#24344) (#24351) * Fix no edit/close/delete button in org repo project view page (#24349) * Respect the REGISTER_MANUAL_CONFIRM setting when registering via OIDC (#24035) (#24333) * Remove org users who belong to no teams (#24247) (#24313) * Fix bug when deleting wiki with no code write permission (#24274) (#24295) * Handle canceled workflow as a warning instead of a fail (#24282) (#24292) * Load reviewer for comments when dismissing a review (#24281) (#24288) * Show commit history for closed/merged PRs (#24238) (#24261) * Fix owner team access mode value in team_unit table (#24224) * Fix issue attachment handling (#24202) (#24221) * Fix incorrect CORS default values (#24206) (#24217) * Fix template error in pull request with deleted head repo (#24192) (#24216) * Don't list root repository on compare page if pulls not allowed (#24183) (#24210) * Fix calReleaseNumCommitsBehind (#24148) (#24197) * Fix Org edit page bugs: renaming detection, maxlength (#24161) (#24171) * Update redis library to support redis v7 (#24114) (#24156) * Use 1.18's aria role for dropdown menus (#24144) (#24155) * Fix 2-dot direct compare to use the right base commit (#24133) (#24150) * Fix incorrect server error content in RunnersList (#24118) (#24121) * Fix mismatch between hook events and github event types (#24048) (#24091) * BUILD * Support converting varchar to nvarchar for mssql database (#24105) (#24168) ## [1.19.1](https://github.com/go-gitea/gitea/releases/tag/v1.19.1) - 2023-04-12 * BREAKING * Rename actions unit to `repo.actions` and add docs for it (#23733) (#23881) * ENHANCEMENTS * Add card type to org/user level project on creation, edit and view (#24043) (#24066) * Refactor commit status for Actions jobs (#23786) (#24060) * Show errors for KaTeX and mermaid on the preview tab (#24009) (#24019) * Show protected branch rule names again (#23907) (#24018) * Adjust sticky PR header to cover background (#23956) (#23999) * Discolor pull request tab labels (#23950) (#23987) * Treat PRs with agit flow as fork PRs when triggering actions. (#23884) (#23967) * Left-align review comments (#23937) * Fix image border-radius (#23886) (#23930) * Scroll collapsed file into view (#23702) (#23929) * Fix code view (diff) broken layout (#23096) (#23918) * Org pages style fixes (#23901) (#23914) * Fix user profile description rendering (#23882) (#23902) * Fix review box viewport overflow issue (#23800) (#23898) * Prefill input values in OAuth settings as intended (#23829) (#23871) * CSS color tweaks (#23828) (#23842) * Fix incorrect visibility dropdown list in add/edit user page (#23804) (#23833) * Add CSS rules for basic colored labels (#23774) (#23777) * Add creation time in tag list page (#23693) (#23773) * Fix br display for packages curls (#23737) (#23764) * Fix issue due date edit toggle bug (#23723) (#23758) * Improve commit graph page UI alignment (#23751) (#23754) * Use GitHub Actions compatible globbing for `branches`, `tag`, `path` filter (#22804) (#23740) * Redirect to project again after editing it (#23326) (#23739) * Remove row clicking from notification table (#22695) (#23706) * Remove conflicting CSS rules on notifications, improve notifications table (#23565) (#23621) * Fix diff tree height and adjust target file style (#23616) * BUGFIXES * Improve error logging for LFS (#24072) (#24082) * Fix custom mailer template on Windows platform (#24081) * Update the value of `diffEnd` when clicking the `Show More` button in the DiffFileTree (#24069) (#24078) * Make label templates have consistent behavior and priority (#23749) * Fix accidental overwriting of LDAP team memberships (#24050) (#24065) * Fix branch protection priority (#24045) (#24061) * Use actions job link as commit status URL instead of run link (#24023) (#24032) * Add actions support to package auth verification (#23729) (#24028) * Fix protected branch for API (#24013) (#24027) * Do not escape space between PyPI repository URL and package name… (#23981) (#24008) * Fix redirect bug when creating issue from a project (#23971) (#23997) * Set `ref` to fully-formed of the tag when trigger event is `release` (#23944) (#23989) * Use Get/Set instead of Rename when regenerating session ID (#23975) (#23983) * Ensure RSS icon is present on all repo tabs (#23904) (#23973) * Remove `Repository.getFilesChanged` to fix Actions `paths` and `paths-ignore` filter (#23920) (#23969) * Delete deleted release attachments immediately from storage (#23913) (#23958) * Use ghost user if package creator does not exist (#23822) (#23915) * User/Org Feed render description as per web (#23887) (#23906) * Fix `cases.Title` crash for concurrency (#23885) (#23903) * Convert .Source.SkipVerify to $cfg.SkipVerify (#23839) (#23899) * Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path ... (#23874) (#23878) * Fix JS error when changing PR's target branch (#23862) (#23864) * Fix 500 error if there is a name conflict when editing authentication source (#23832) (#23852) * Fix closed PR also triggers Webhooks and actions (#23782) (#23834) * Fix checks for `needs` in Actions (#23789) (#23831) * Fix "Updating branch by merge" bug in "update_branch_by_merge.tmpl" (#23790) (#23825) * Fix cancel button in the page of project edit not work (#23655) (#23813) * Don't apply the group filter when listing LDAP group membership if it is empty (#23745) (#23788) * Fix profile page email display, respect settings (#23747) (#23756) * Fix project card preview select and template select (#23684) (#23731) * Check LFS/Packages settings in dump and doctor command (#23631) (#23730) * Add git dashes separator to some "log" and "diff" commands (#23606) (#23720) * Create commit status when event is `pull_request_sync` (#23683) (#23691) * Fix incorrect `HookEventType` of pull request review comments (#23650) (#23678) * Fix incorrect `show-modal` and `show-panel` class (#23660) (#23663) * Improve workflow event triggers (#23613) (#23648) * Introduce path Clean/Join helper functions, partially backport&refactor (#23495) (#23607) * Fix pagination on `/notifications/watching` (#23564) (#23603) * Fix submodule is nil panic (#23588) (#23601) * Polyfill the window.customElements (#23592) (#23595) * Avoid too long names for actions (#23162) (#23190) * TRANSLATION * Backport locales (with manual fixes) (#23808, #23634, #24083) * BUILD * Hardcode the path to docker images (#23955) (#23968) * DOCS * Update documentation to explain which projects allow Gitea to host static pages (#23993) (#24058) * Merge `push to create`, `open PR from push`, and `push options` docs articles into one (#23744) (#23959) * Fix code blocks in the cheat sheet (#23664) (#23669) * MISC * Do not crash when parsing an invalid workflow file (#23972) (#23976) * Remove assertion debug code for show/hide refactoring (#23576) (#23868) * Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766) (#23791) * Make minio package support legacy MD5 checksum (#23768) (#23770) * Improve template error reporting (#23396) (#23600) ## [1.19.0](https://github.com/go-gitea/gitea/releases/tag/v1.19.0) - 2023-03-19 * BREAKING * Add loading yaml label template files (#22976) (#23232) * Make issue and code search support camel case for Bleve (#22829) * Repositories: by default disable all units except code and pulls on forks (#22541) * Support template for merge message description (#22248) * Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962) * Implement actions (#21937) * Remove deprecated DSA host key from Docker Container (#21522) * Improve valid user name check (#20136) * SECURITY * Return 404 instead of 403 if user can not access the repo (#23155) (#23158) * Support scoped access tokens (#20908) * FEATURES * Add support for commit cross references (#22645) * Scoped labels (#22585) * Add Chef package registry (#22554) * Support asciicast files as new markup (#22448) * cgo cross-compile for freebsd (#22397) * Add cron method to gc LFS MetaObjects (#22385) * Add new captcha: cloudflare turnstile (#22369) * Enable `@<user>`- completion popup on the release description textarea (#22359) * make /{username}.png redirect to user/org avatar (#22356) * Add Conda package registry (#22262) * Support org/user level projects (#22235) * Add Mermaid copy button (#22225) * Add user secrets (#22191) * Secrets storage with SecretKey encrypted (#22142) * Preview images for Issue cards in Project Board view (#22112) * Add support for incoming emails (#22056) * Add Cargo package registry (#21888) * Add option to prohibit fork if user reached maximum limit of repositories (#21848) * Add attention blocks within quote blocks for `Note` and `Warning` (#21711) * Add Feed for Releases and Tags (#21696) * Add package registry cleanup rules (#21658) * Add "Copy" button to file view of raw text (#21629) * Allow disable sitemap (#21617) * Add package registry quota limits (#21584) * Map OIDC groups to Orgs/Teams (#21441) * Keep languages defined in .gitattributes (#21403) * Add Webhook authorization header (#20926) * Supports wildcard protected branch (#20825) * Copy citation file content, in APA and BibTex format, on repo home page (#19999) * API * Match api migration behavior to web behavior (#23552) (#23573) * Purge API comment (#23451) (#23452) * User creation API: allow custom "created" timestamps (#22549) * Add `updated_at` field to PullReview API object (#21812) * Add API management for issue/pull and comment attachments (#21783) * Add API endpoint to get latest release (#21267) * Support system hook API (#14537) * ENHANCEMENTS * Add `.patch` to `attachment.ALLOWED_TYPES` (#23580) (#23582) * Fix sticky header in diff view (#23554) (#23568) * Refactor merge/update git command calls (#23366) (#23544) * Fix review comment context menu clipped bug (#23523) (#23543) * Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) (#23513) (#23540) * Increase horizontal page padding (#23507) (#23537) * Use octicon-verified for gpg signatures (#23529) (#23536) * Make time tooltips interactive (#23526) (#23527) * Replace Less with CSS (#23508) * Fix 'View File' button in code search (#23478) (#23483) * Convert GitHub event on actions and fix some pull_request events. (#23037) (#23471) * Support reflogs (#22451) (#23438) * Fix actions frontend bugs (pagination, long name alignment) and small simplify (#23370) (#23436) * Scoped label display and documentation tweaks (#23430) (#23433) * Add missing tabs to org projects page (#22705) (#23412) * Fix and move "Use this template" button (#23398) (#23408) * Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397) (#23403) * Rename `canWriteUnit` to `canWriteProjects` (#23386) (#23399) * Refactor and tidy-up the merge/update branch code (#22568) (#23365) * Refactor `setting.Database.UseXXX` to methods (#23354) (#23356) * Fix incorrect project links and use symlink icon for org-wide projects (#23325) (#23336) * Fix PR view misalignment caused by long name file (#23321) (#23335) * Scoped labels: don't require holding alt key to remove (#23303) (#23331) * Add context when rendering labels or emojis (#23281) (#23319) * Change interactiveBorder to fix popup preview (#23169) (#23314) * Scoped labels: set aria-disabled on muted Exclusive option for a11y (#23306) (#23311) * update to mermaid v10 (#23178) (#23299) * Fix code wrap for unbroken lines (#23268) (#23293) * Use async await to fix empty quote reply at first time (#23168) (#23256) * Fix switched citation format (#23250) (#23253) * Allow `<video>` in MarkDown (#22892) (#23236) * Order pull request conflict checking by recently updated, for each push (#23220) (#23225) * Fix Fomantic UI's `touchstart` fastclick, always use `click` for click events (#23065) (#23195) * Add word-break to sidebar-item-link (#23146) (#23180) * Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177) * Fix height for sticky head on large screen on PR page (#23111) (#23123) * Change style to improve whitespaces trimming inside inline markdown code (#23093) (#23120) * Avoid warning for system setting when start up (#23054) (#23116) * Add accessibility to the menu on the navbar (#23059) (#23095) * Improve accessibility for issue comments (#22612) (#23083) * Remove delete button for review comment (#23036) * Remove dashes between organization member avatars on hover (#23034) * Use `gt-relative` class instead of the ambiguous `gt-pr` class (#23008) * handle deprecated settings (#22992) * Add scopes to API to create token and display them (#22989) * Improve PR Review Box UI (#22986) * Improve issues.LoadProject (#22982) * Add all units to the units permission list in org team members sidebar (#22971) * Rename `GetUnits` to `LoadUnits` (#22970) * Rename `repo.GetOwner` to `repo.LoadOwner` (#22967) * Rename "People" to "Members" in organization page and use a better icon (#22960) * Fix avatar misalignment (#22955) * Sort issues and pulls by recently updated in user and organization home (#22925) * Add `title` to PR file tree items (#22918) * First step to refactor the `.hide` to `.gt-hidden` (#22916) * Add tooltip to issue reference (#22913) * Always show the `command line instructions` button even if there are conflicts (#22909) * Fix dark-colored description text in arc-green theme (#22908) * Remove Fomantic-UI's `.hidden` CSS class for menu elements (#22895) * Move helpers to be prefixed with `gt-` (#22879) * Move `IsReadmeFile*` from `modules/markup/` to `modules/util` (#22877) * Highlight focused diff file (#22870) * Add some headings to repo views (#22869) * Fix milestone title font problem (#22863) * Pull Requests: setting to allow edits by maintainers by default, tweak UI (#22862) * Introduce customized HTML elements, fix incorrect AppUrl usages in templates (#22861) * Add `/$count` endpoints for NuGet v2 (#22855) * Remove Fomantic-UI's `.hidden` CSS class for checkbox elements (#22851) * Fix notification and stopwatch empty states (#22845) * Always go full width in PR view (#22844) * Improve AppUrl/ROOT_URL checking (#22836) * Fix style of actions rerun button (#22835) * Fix more HTMLURL in templates (#22831) * Fix inconsistent Filter Project name in issue list (#22827) * include build info in Prometheus metrics (#22819) * Make clone URL use current page's host (#22808) * Refactor legacy strange git operations (#22756) * Improve error report when user passes a private key (#22726) * set user dashboard org visibility to basic (#22706) * Fix diff UI for unexpandable items (#22700) * Remove 'primary' class from tab counter labels (#22687) * Add more events details supports for actions (#22680) * Refactor git command package to improve security and maintainability (#22678) * Use relative url in actions view (#22675) * set user visibility class to basic (#22674) * Add repository setting to enable/disable releases unit (#22671) * Remove label color from global issue filters (#22660) * Fix poor alignment of organization description on organization home page (#22656) * Small refactor for loading PRs (#22652) * Allow setting access token scope by CLI (#22648) * Improve accessibility of navigation bar and footer (#22635) * Fixes accessibility behavior of Watching, Staring and Fork buttons (#22634) * Fixes accessibility of empty repository commit status (#22632) * Pull request yaml template support for including commit body in a field (#22629) * Show migration validation error (#22619) * set org visibility class to basic in header (#22605) * Fix cache-control header clearing comment text when editing issue (#22604) * Add ARIA support for Fomantic UI checkboxes (#22599) * Add templates to customize text when creating and migrating repositories (#22597) * Allow setting `redirect_to` cookie on OAuth login (#22594) * Improve checkbox accessibility a bit by adding the title attribute (#22593) * Allow issue templates to not render title (#22589) * Webhooks: for issue close/reopen action, add commit ID that caused it (#22583) * Fix missing title and filter in issue sidebar project menu (#22557) * Issues: support setting issue template field values with query (#22545) * Issues: add Project filter to issues list and search (#22544) * Pull Requests: add color to approved/reject icon in pull requests list (#22543) * Mute all links in issue timeline (#22533) * Dropzone: Add "Copy link" button for new uploads (#22517) * Support importing comment types (#22510) * Load asciicast css async (#22502) * Move delete user to service (#22478) * Change use of Walk to WalkDir to improve disk performance (#22462) * Add reply hint to mail text (#22459) * fix wrong theme class when logged out if default theme is changed (#22408) * Refactor the setting to make unit test easier (#22405) * Improve utils of slices (#22379) * Use context parameter in models/git (#22367) * Always reuse transaction (#22362) * Fix unstable emoji sort (#22346) * Add context cache as a request level cache (#22294) * Reminder for no more logs to console (#22282) * Support estimated count with multiple schemas (#22276) * Move `convert` package to services (#22264) * Use dynamic package type list (#22263) * Hide file borders on sticky diff box (#22217) * Improve notification and stopwatch styles (#22169) * Fixed Project view .board-column height for tall screens. (#22108) * Use multi reader instead to concat strings (#22099) * Use git command instead of exec.Cmd in blame (#22098) * Fix autofilled text visibility in dark mode (#22088) * Rename almost all Ctx functions (#22071) * Rename actions to operations on UI (#22067) * refactor bind functions based on generics (#22055) * Support disabling database auto migration (#22053) * remove duplicated read file code (#22042) * Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986) * Skip initing disabled storages (#21985) * Add doctor command for full GC of LFS (#21978) * Util type to parse ref name (#21969) * Replace fmt.Sprintf with hex.EncodeToString (#21960) * Use random bytes to generate access token (#21959) * Add index for access_token (#21908) * Move all remaining colors into CSS variables (#21903) * Webhook list enhancements (#21893) * Embed Matrix icon as SVG (#21890) * Remove useless "Cancel" buttons (#21872) * fix(web): keep the pages of the navigation in the center (#21867) * fix(web): reduce page jitter on browsers that support overlay scrollbar (#21850) * Improvements for Content Copy (#21842) * Tweak katex options (#21828) * Show syntax lexer name in file view/blame (#21814) * Remove `href="javascript:;"` in "save topics (Done)" button (#21813) * Render number of commits in repo page in a user friendly way (#21786) * Adjust clone timeout error to suggest increasing timeout (#21769) * Update message of reach_limit_of_creation (#21757) * Allow detect whether it's in a database transaction for a context.Context (#21756) * Add configuration for CORS allowed headers (#21747) * Move svg html render to modules/svg (#21716) * Release and Tag List tweaks (#21712) * Remove template previewer (#21701) * Clean up formatting on install page (#21668) * Configure update checker on installation page (#21655) * Merge db.Iterate and IterateObjects (#21641) * Add option to enable CAPTCHA validation for login (#21638) * Allow disable RSS/Atom feed (#21622) * Use CSS color-scheme instead of invert (#21616) * Localize time units on activity heatmap (#21570) * Fix UI column width, button overflow Fomantic's grid (#21559) * feat: notify doers of a merge when automerging (#21553) * Split migrations folder (#21549) * feat: add button to quickly clear merge message (#21548) * Add `context.Context` to more methods (#21546) * Add index for hook_task table (#21545) * Allow disable code tab (#20805) * BUGFIXES * Fix template error when reference Project (#23584) * Fix dropdown icon misalignment when using fomantic icon (#23558) (#23577) * Fix diff detail buttons wrapping, use tippy for review box (#23271) (#23546) * Handle missing `README` in create repos API (#23387) (#23510) * Disable sending email after push a commit to a closed PR (#23462) (#23492) * Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem (#23450) (#23486) * Fix due date being wrong on issue list (#23475) (#23477) * Remove wrongly added column on migration test fixtures (#23456) (#23470) * Make branches list page operations remember current page (#23420) (#23460) * Fix missing commit status in PR which from forked repo (#23351) (#23453) * Show edit/close/delete button on organization wide repositories (#23388) (#23429) * Preserve file size when creating attachments (#23406) (#23426) * Fix broken Chroma CSS styles (#23174) (#23402) * Fix incorrect NotFound conditions in org/projects.go (#23384) (#23395) * Set `X-Gitea-Debug` header once (#23361) (#23381) * Pass context to avatar for projects view (#23359) (#23378) * Fix panic when getting notes by ref (#23372) (#23377) * Do not recognize text files as audio (#23355) (#23368) * Fix adding of empty class name (#23352) (#23360) * Fix various ImageDiff/SVG bugs (#23312) (#23358) * Fix incorrect display for comment context menu (#23343) (#23344) * Remove unnecessary space on link (#23334) (#23340) * Fix incorrect redirect link of delete org project (#23327) (#23339) * Fix cannot reopen after pushing commits to a closed PR (#23189) (#23324) * Fix broken code editor diff preview (#23307) (#23320) * Support sanitising the URL by removing extra slashes in the URL (#21333) (#23300) * Avoid panic caused by broken payload when creating commit status (#23216) (#23294) * Fill head commit to in payload when notifying push commits for mirroring (#23215) (#23292) * Fix various bugs for "install" page (#23194) (#23286) * Fix GetFilesChangedBetween if the file name may be escaped (#23272) (#23279) * Revert relative links to absolute links in mail templates (#23267) (#23269) * Fix commit retrieval by tag (#21804) (#23266) * Use correct README link to render the README (#23152) (#23264) * Close the temp file when dumping database to make the temp file can be deleted on Windows (#23249) (#23251) * Use the correct selector to hide the checkmark of selected labels on clear (#23224) (#23228) * Fix incorrect checkbox behaviors in the dashboard repolist's filter (#23147) (#23205) * Properly flush unique queues on startup (#23154) (#23201) * Pass `--global` when calling `git config --get`, for consistency with `git config --set` (#23157) (#23199) * Make `gitea serv` respect git binary home (#23138) (#23197) * Change button text for commenting and closing an issue at the same time (#23135) (#23182) * Fix DBConsistency checks on MSSQL (#23132) (#23134) * Show empty repos in Admin Repository Management page (#23114) (#23130) * Redirect to the commit page after applying patch (#23056) (#23127) * Fix nil context in RenderMarkdownToHtml (#23092) (#23108) * Make issue meta dropdown support Enter, confirm before reloading (#23014) (#23102) * Fix SyncOnCommit always return false in API of push_mirrors (#23088) (#23100) * Fix commit name in Apply Patch page (#23086) (#23099) * Fix some more hidden problems (#23074) (#23075) * Bump golang.org/x/net from 0.4.0 to 0.7.0 (#22980) * Get rules by id when editing branch protection rule (#22932) * Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) (#22921) * Increase Content field size of gpg_import_key to MEDIUMTEXT (#22897) * Fix hidden commit status on multiple checks (#22889) * Fix update by rebase being wrongly disabled by protected base branch (#22825) * Make issue title edit buttons focusable and fix incorrect ajax requests (#22807) * Fix rerun button of Actions (#22798) * remove update language in ProfilePost (#22748) * Do not overwrite empty DefaultBranch (#22708) * Fix ref to trigger Actions (#22679) * Fix time to NotifyPullRequestSynchronized (#22650) * Show all projects, not just repo projects and open/closed projects (#22640) * Project links should use parent link methods (#22587) * Fix group filter for ldap source sync (#22506) * Check quota limits for container uploads (#22450) * Fix halfCommitter and WithTx (#22366) * Attempt to fix TestExportUserGPGKeys (#22159) * Fix heatmap first color being unused (#22157) * Fix scroll over mermaid frame (#21925) * Move migration test fixtures to the correct directories (#21901) * fix(web): add `alt` for logo in home page (#21887) * Fix webhook attachment text is not set in review comment (#21763) * Alter package_version.metadata_json to LONGTEXT (#21667) * Ensure that Webhook tasks are not double delivered (#21558) * TESTING * Make CI use a dummy password hasher for all tests (#22983) * Disable test for incoming email (#22686) * Move fuzz tests into tests/fuzz (#22376) * Test views of LFS files (#22196) * Specify ID in `TestAPITeam` (#22192) * verify nodeinfo response by schema (#22137) * Skip GitHub migration tests if the API token is undefined (#21824) * Add a simple test for external renderer (#20033) * TRANSLATION * Use "Title Case" for text "Reference in new issue" (#22936) * BUILD * Wrap unless-check in docker manifests (#23079) (#23081) * Adjust manifest to prevent tagging latest on rcs (#22811) * update to build with go1.20 (#22732) * Add Bash and Zsh completion scripts (#22646) * Add Contributed backport command (#22643) * Remove deprecated packages & staticcheck fixes (#22012) * Update to Alpine 3.17 (#21904) * Fix webpack license warning (#21815) * DOCS * Update documentation for the new YAML label file format (#23020) (#23341) * Update hacking-on-gitea-zh_cn documentation (#23315) (#23323) * Add basic documentation for labels, including scoped labels (#23304) (#23309) * Re-add accidentally removed `hacking-on-gitea.zh-cn.md` (#23297) (#23305) * Fix secrets overview page missing from docs sidebar (#23143) (#23145) * Add some guidelines for refactoring (#22880) * Explain that the no-access team unit does not affect public repositories (#22661) * Fix incorrect Redis URL snippets in the example app.ini (#22573) * docs: add swagger.json file location to FAQ (#22489) * Update index.de-de.md (#22363) * Update Gmail mailer configuration (#22291) * Add missed reverse proxy authentication documentation (#22250) * Add plural definitions for German translations (#21802) * Attempt clarify AppWorkPath etc. (#21656) * Add some documentation to packages (#21648) * MISC * Use `<nav>` instead of `<div>` in the global navbar (#23125) (#23533) * Do not create commit graph for temporary repos (#23219) (#23229) * Update button is shown when a Pull Request is marked WIP - Issue #21740 (#22683) * Add main landmark to templates and adjust titles (#22670) * Fix error on account activation with wrong passwd (#22609) * Update JS dependencies (#22538) * Display unreferenced packages total size in package admin panel (#22498) * Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. (#22152) * Update chroma to v2.4.0 (#22000) * Hide collapse icon in diff with no lines (#21094) ## [1.18.5](https://github.com/go-gitea/gitea/releases/tag/v1.18.5) - 2023-02-21 * ENHANCEMENTS * Hide 2FA status from other members in organization members list (#22999) (#23023) * BUGFIXES * Add force_merge to merge request and fix checking mergable (#23010) (#23032) * Use `--message=%s` for git commit message (#23028) (#23029) * Render access log template as text instead of HTML (#23013) (#23025) * Fix the Manually Merged form (#23015) (#23017) * Use beforeCommit instead of baseCommit (#22949) (#22996) * Display attachments of review comment when comment content is blank (#23035) (#23046) * Return empty url for submodule tree entries (#23043) (#23048) ## [1.18.4](https://github.com/go-gitea/gitea/releases/tag/1.18.4) - 2023-02-20 * SECURITY * Provide the ability to set password hash algorithm parameters (#22942) (#22943) * Add command to bulk set must-change-password (#22823) (#22928) * ENHANCEMENTS * Use import of OCI structs (#22765) (#22805) * Fix color of tertiary button on dark theme (#22739) (#22744) * Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642) * BUGFIXES * Notify on container image create (#22806) (#22965) * Fix blame view missing lines (#22826) (#22929) * Fix incorrect role labels for migrated issues and comments (#22914) (#22923) * Fix PR file tree folders no longer collapsing (#22864) (#22872) * Escape filename when assemble URL (#22850) (#22871) * Fix isAllowed of escapeStreamer (#22814) (#22837) * Load issue before accessing index in merge message (#22822) (#22830) * Improve trace logging for pulls and processes (#22633) (#22812) * Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794) * Add default user visibility to cli command "admin user create" (#22750) (#22760) * Escape path for the file list (#22741) (#22757) * Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721) * Add missing close bracket in imagediff (#22710) (#22712) * Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707) * Fix line spacing for plaintext previews (#22699) (#22701) * Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698) * Fix README TOC links (#22577) (#22677) * Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658) * Improve checkIfPRContentChanged (#22611) (#22644) * Prevent duplicate labels when importing more than 99 (#22591) (#22598) * Don't return duplicated users who can create org repo (#22560) (#22562) * BUILD * Upgrade golangcilint to v1.51.0 (#22764) * MISC * Use proxy for pull mirror (#22771) (#22772) * Use `--index-url` in PyPi description (#22620) (#22636) ## [1.18.3](https://github.com/go-gitea/gitea/releases/tag/v1.18.3) - 2023-01-23 * SECURITY * Prevent multiple `To` recipients (#22566) (#22569) * BUGFIXES * Truncate commit summary on repo files table. (#22551) (#22552) * Mute all links in issue timeline (#22534) ## [1.18.2](https://github.com/go-gitea/gitea/releases/tag/v1.18.2) - 2023-01-19 * BUGFIXES * Fix issue not auto-closing when it includes a reference to a branch (#22514) (#22521) * Fix invalid issue branch reference if not specified in template (#22513) (#22520) * Fix 500 error viewing pull request when fork has pull requests disabled (#22512) (#22515) * Reliable selection of admin user (#22509) (#22511) * Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479) (#22496) * BUILD * cgo cross-compile for freebsd (#22397) (#22519) ## [1.18.1](https://github.com/go-gitea/gitea/releases/tag/v1.18.1) - 2023-01-17 * API * Add `sync_on_commit` option for push mirrors api (#22271) (#22292) * BUGFIXES * Update `github.com/zeripath/zapx/v15` (#22485) * Fix pull request API field `closed_at` always being `null` (#22482) (#22483) * Fix container blob mount (#22226) (#22476) * Fix error when calculating repository size (#22392) (#22474) * Fix Operator does not exist bug on explore page with ONLY_SHOW_RELEVANT_REPOS (#22454) (#22472) * Fix environments for KaTeX and error reporting (#22453) (#22473) * Remove the netgo tag for Windows build (#22467) (#22468) * Fix migration from GitBucket (#22477) (#22465) * Prevent panic on looking at api "git" endpoints for empty repos (#22457) (#22458) * Fix PR status layout on mobile (#21547) (#22441) * Fix wechatwork webhook sends empty content in PR review (#21762) (#22440) * Remove duplicate "Actions" label in mobile view (#21974) (#22439) * Fix leaving organization bug on user settings -> orgs (#21983) (#22438) * Fixed colour transparency regex matching in project board sorting (#22092) (#22437) * Correctly handle select on multiple channels in Queues (#22146) (#22428) * Prepend refs/heads/ to issue template refs (#20461) (#22427) * Restore function to "Show more" buttons (#22399) (#22426) * Continue GCing other repos on error in one repo (#22422) (#22425) * Allow HOST has no port (#22280) (#22409) * Fix omit avatar_url in discord payload when empty (#22393) (#22394) * Don't display stop watch top bar icon when disabled and hidden when click other place (#22374) (#22387) * Don't lookup mail server when using sendmail (#22300) (#22383) * Fix gravatar disable bug (#22337) * Fix update settings table on install (#22326) (#22327) * Fix sitemap (#22272) (#22320) * Fix code search title translation (#22285) (#22316) * Fix due date rendering the wrong date in issue (#22302) (#22306) * Fix get system setting bug when enabled redis cache (#22298) * Fix bug of DisableGravatar default value (#22297) * Fix key signature error page (#22229) (#22230) * TESTING * Remove test session cache to reduce possible concurrent problem (#22199) (#22429) * MISC * Restore previous official review when an official review is deleted (#22449) (#22460) * Log STDERR of external renderer when it fails (#22442) (#22444) ## [1.18.0](https://github.com/go-gitea/gitea/releases/tag/v1.18.0) - 2022-12-29 * SECURITY * Remove ReverseProxy authentication from the API (#22219) (#22251) * Support Go Vulnerability Management (#21139) * Forbid HTML string tooltips (#20935) * BREAKING * Rework mailer settings (#18982) * Remove U2F support (#20141) * Refactor `i18n` to `locale` (#20153) * Enable contenthash in filename for dynamic assets (#20813) * FEATURES * Add color previews in markdown (#21474) * Allow package version sorting (#21453) * Add support for Chocolatey/NuGet v2 API (#21393) * Add API endpoint to get changed files of a PR (#21177) * Add filetree on left of diff view (#21012) * Support Issue forms and PR forms (#20987) * Add support for Vagrant packages (#20930) * Add support for `npm unpublish` (#20688) * Add badge capabilities to users (#20607) * Add issue filter for Author (#20578) * Add KaTeX rendering to Markdown. (#20571) * Add support for Pub packages (#20560) * Support localized README (#20508) * Add support mCaptcha as captcha provider (#20458) * Add team member invite by email (#20307) * Added email notification option to receive all own messages (#20179) * Switch Unicode Escaping to a VSCode-like system (#19990) * Add user/organization code search (#19977) * Only show relevant repositories on explore page (#19361) * User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) * Add sitemap support (#18407) * Allow creation of OAuth2 applications for orgs (#18084) * Add system setting table with cache and also add cache supports for user setting (#18058) * Add pages to view watched repos and subscribed issues/PRs (#17156) * Support Proxy protocol (#12527) * Implement sync push mirror on commit (#19411) * API * Allow empty assignees on pull request edit (#22150) (#22214) * Make external issue tracker regexp configurable via API (#21338) * Add name field for org api (#21270) * Show teams with no members if user is admin (#21204) * Add latest commit's SHA to content response (#20398) * Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079) * Add new endpoints for push mirrors management (#19841) * ENHANCEMENTS * Add setting to disable the git apply step in test patch (#22130) (#22170) * Multiple improvements for comment edit diff (#21990) (#22007) * Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21928) * Fix flex layout for repo list icons (#21896) (#21920) * Fix vertical align of committer avatar rendered by email address (#21884) (#21918) * Fix setting HTTP headers after write (#21833) (#21877) * Color and Style enhancements (#21784, #21799) (#21868) * Ignore line anchor links with leading zeroes (#21728) (#21776) * Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738) * Use CSS color-scheme instead of invert (#21616) (#21623) * Respect user's locale when rendering the date range in the repo activity page (#21410) * Change `commits-table` column width (#21564) * Refactor git command arguments and make all arguments to be safe to be used (#21535) * CSS color enhancements (#21534) * Add link to user profile in markdown mention only if user exists (#21533, #21554) * Add option to skip index dirs (#21501) * Diff file tree tweaks (#21446) * Localize all timestamps (#21440) * Add `code` highlighting in issue titles (#21432) * Use Name instead of DisplayName in LFS Lock (#21415) * Consolidate more CSS colors into variables (#21402) * Redirect to new repository owner (#21398) * Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396) * Use weighted algorithm for string matching when finding files in repo (#21370) * Show private data in feeds (#21369) * Refactor parseTreeEntries, speed up tree list (#21368) * Add GET and DELETE endpoints for Docker blob uploads (#21367) * Add nicer error handling on template compile errors (#21350) * Add `stat` to `ToCommit` function for speed (#21337) * Support instance-wide OAuth2 applications (#21335) * Record OAuth client type at registration (#21316) * Add new CSS variables --color-accent and --color-small-accent (#21305) * Improve error descriptions for unauthorized_client (#21292) * Case-insensitive "find files in repo" (#21269) * Consolidate more CSS rules, fix inline code on arc-green (#21260) * Log real ip of requests from ssh (#21216) * Save files in local storage as group readable (#21198) * Enable fluid page layout on medium size viewports (#21178) * File header tweaks (#21175) * Added missing headers on user packages page (#21172) * Display image digest for container packages (#21170) * Skip dirty check for team forms (#21154) * Keep path when creating a new branch (#21153) * Remove fomantic image module (#21145) * Make labels clickable in the comments section. (#21137) * Sort branches and tags by date descending (#21136) * Better repo API unit checks (#21130) * Improve commit status icons (#21124) * Limit length of repo description and repo url input fields (#21119) * Show .editorconfig errors in frontend (#21088) * Allow poster to choose reviewers (#21084) * Remove black labels and CSS cleanup (#21003) * Make e-mail sanity check more precise (#20991) * Use native inputs in whitespace dropdown (#20980) * Enhance package date display (#20928) * Display total blob size of a package version (#20927) * Show language name on hover (#20923) * Show instructions for all generic package files (#20917) * Refactor AssertExistsAndLoadBean to use generics (#20797) * Move the official website link at the footer of gitea (#20777) * Add support for full name in reverse proxy auth (#20776) * Remove useless JS operation for relative time tooltips (#20756) * Replace some icons with SVG (#20741) * Change commit status icons to SVG (#20736) * Improve single repo action for issue and pull requests (#20730) * Allow multiple files in generic packages (#20661) * Add option to create new issue from /issues page (#20650) * Background color of private list-items updated (#20630) * Added search input field to issue filter (#20623) * Increase default item listing size `ISSUE_PAGING_NUM` to 20 (#20547) * Modify milestone search keywords to be case insensitive again (#20513) * Show hint to link package to repo when viewing empty repo package list (#20504) * Add Tar ZSTD support (#20493) * Make code review checkboxes clickable (#20481) * Add "X-Gitea-Object-Type" header for GET `/raw/` & `/media/` API (#20438) * Display project in issue list (#20434) * Prepend commit message to template content when opening a new PR (#20429) * Replace fomantic popup module with tippy.js (#20428) * Allow to specify colors for text in markup (#20363) * Allow access to the Public Organization Member lists with minimal permissions (#20330) * Use default values when provided values are empty (#20318) * Vertical align navbar avatar at middle (#20302) * Delete cancel button in repo creation page (#21381) * Include login_name in adminCreateUser response (#20283) * fix: icon margin in user/settings/repos (#20281) * Remove blue text on migrate page (#20273) * Modify milestone search keywords to be case insensitive (#20266) * Move some files into models' sub packages (#20262) * Add tooltip to repo icons in explore page (#20241) * Remove deprecated licenses (#20222) * Webhook for Wiki changes (#20219) * Share HTML template renderers and create a watcher framework (#20218) * Allow enable LDAP source and disable user sync via CLI (#20206) * Adds a checkbox to select all issues/PRs (#20177) * Refactor `i18n` to `locale` (#20153) * Disable status checks in template if none found (#20088) * Allow manager logging to set SQL (#20064) * Add order by for assignee no sort issue (#20053) * Take a stab at porting existing components to Vue3 (#20044) * Add doctor command to write commit-graphs (#20007) * Add support for authentication based on reverse proxy email (#19949) * Enable spellcheck for EasyMDE, use contenteditable mode (#19776) * Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663) * Rework mailer settings (#18982) * Add option to purge users (#18064) * Add author search input (#21246) * Make rss/atom identifier globally unique (#21550) * BUGFIXES * Auth interface return error when verify failure (#22119) (#22259) * Use complete SHA to create and query commit status (#22244) (#22257) * Update bleve and zapx to fix unaligned atomic (#22031) (#22218) * Prevent panic in doctor command when running default checks (#21791) (#21807) * Load GitRepo in API before deleting issue (#21720) (#21796) * Ignore line anchor links with leading zeroes (#21728) (#21776) * Set last login when activating account (#21731) (#21755) * Fix UI language switching bug (#21597) (#21749) * Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738) * Allow local package identifiers for PyPI packages (#21690) (#21727) * Deal with markdown template without metadata (#21639) (#21654) * Fix opaque background on mermaid diagrams (#21642) (#21652) * Fix repository adoption on Windows (#21646) (#21650) * Sync git hooks when config file path changed (#21619) (#21626) * Fix 500 on PR files API (#21602) (#21607) * Fix `Timestamp.IsZero` (#21593) (#21603) * Fix viewing user subscriptions (#21482) * Fix mermaid-related bugs (#21431) * Fix branch dropdown shifting on page load (#21428) * Fix default theme-auto selector when nologin (#21346) * Fix and improve incorrect error messages (#21342) * Fix formatted link for PR review notifications to matrix (#21319) * Center-aligning content of WebAuthN page (#21127) * Remove follow from commits by file (#20765) * Fix commit status popup (#20737) * Fix init mail render logic (#20704) * Use correct page size for link header pagination (#20546) * Preserve unix socket file (#20499) * Use tippy.js for context popup (#20393) * Add missing parameter for error in log message (#20144) * Do not allow organisation owners add themselves as collaborator (#20043) * Rework file highlight rendering and fix yaml copy-paste (#19967) * Improve code diff highlight, fix incorrect rendered diff result (#19958) * TESTING * Improve OAuth integration tests (#21390) * Add playwright tests (#20123) * BUILD * Switch to building with go1.19 (#20695) * Update JS dependencies, adjust eslint (#20659) * Add more linters to improve code readability (#19989) ## [1.17.4](https://github.com/go-gitea/gitea/releases/tag/v1.17.4) - 2022-12-21 * SECURITY * Do not allow Ghost access to limited visible user/org (#21849) (#21875) * Fix package access for admins and inactive users (#21580) (#21592) * ENHANCEMENTS * Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21927) * Fix vertical align of committer avatar rendered by email address (#21884) (#21919) * Fix setting HTTP headers after write (#21833) (#21874) * Ignore line anchor links with leading zeroes (#21728) (#21777) * Enable Monaco automaticLayout (#21516) * BUGFIXES * Do not list active repositories as unadopted (#22034) (#22167) * Correctly handle moved files in apply patch (#22118) (#22136) * Fix condition for is_internal (#22095) (#22131) * Fix permission check on issue/pull lock (#22114) * Fix sorting admin user list by last login (#22081) (#22106) * Workaround for container registry push/pull errors (#21862) (#22069) * Fix issue/PR numbers (#22037) (#22045) * Handle empty author names (#21902) (#22028) * Fix ListBranches to handle empty case (#21921) (#22025) * Fix enabling partial clones on 1.17 (#21809) * Prevent panic in doctor command when running default checks (#21791) (#21808) * Upgrade golang.org/x/crypto (#21792) (#21794) * Init git module before database migration (#21764) (#21766) * Set last login when activating account (#21731) (#21754) * Add HEAD fix to gitea doctor (#21352) (#21751) * Fix UI language switching bug (#21597) (#21748) * Remove semver compatible flag and change pypi to an array of test cases (#21708) (#21729) * Allow local package identifiers for PyPI packages (#21690) (#21726) * Fix repository adoption on Windows (#21646) (#21651) * Sync git hooks when config file path changed (#21619) (#21625) * Added check for disabled Packages (#21540) (#21614) * Fix `Timestamp.IsZero` (#21593) (#21604) * Fix issues count bug (#21600) * Support binary deploy in npm packages (#21589) * Update milestone counters when issue is deleted (#21459) (#21586) * SessionUser protection against nil pointer dereference (#21581) * Case-insensitive NuGet symbol file GUID (#21409) (#21575) * Suppress `ExternalLoginUserNotExist` error (#21504) (#21572) * Prevent Authorization header for presigned LFS urls (#21531) (#21569) * Update binding to fix bugs (#21560) * Fix generating compare link (#21519) (#21530) * Ignore error when retrieving changed PR review files (#21487) (#21524) * Fix incorrect notification commit url (#21479) (#21483) * Display total commit count in hook message (#21400) (#21481) * Enforce grouped NuGet search results (#21442) (#21480) * Return 404 when user is not found on avatar (#21476) (#21477) * Normalize NuGet package version on upload (#22186) (#22201) * MISC * Check for zero time instant in TimeStamp.IsZero() (#22171) (#22173) * Fix warn in database structs sync (#22111) * Allow for resolution of NPM registry paths that match upstream (#21568) (#21723) ## [1.17.3](https://github.com/go-gitea/gitea/releases/tag/v1.17.3) - 2022-10-15 * SECURITY * Sanitize and Escape refs in git backend (#21464) (#21463) * Bump `golang.org/x/text` (#21412) (#21413) * Update bluemonday (#21281) (#21287) * ENHANCEMENTS * Fix empty container layer history and UI (#21251) (#21278) * Use en-US as fallback when using other default language (#21200) (#21256) * Make the vscode clone link respect transport protocol (#20557) (#21128) * BUGFIXES * Do DB update after merge in hammer context (#21401) (#21416) * Add Num{Issues,Pulls} stats checks (#21404) (#21414) * Stop logging CheckPath returns error: context canceled (#21064) (#21405) * Parse OAuth Authorization header when request omits client secret (#21351) (#21374) * Ignore port for loopback redirect URIs (#21293) (#21373) * Set SemverCompatible to false for Conan packages (#21275) (#21366) * Tag list should include draft releases with existing tags (#21263) (#21365) * Fix linked account translation (#21331) (#21334) * Make NuGet service index publicly accessible (#21242) (#21277) * Foreign ID conflicts if ID is 0 for each item (#21271) (#21272) * Use absolute links in feeds (#21229) (#21265) * Prevent invalid behavior for file reviewing when loading more files (#21230) (#21234) * Respect `REQUIRE_SIGNIN_VIEW` for packages (#20873) (#21232) * Treat git object mode 40755 as directory (#21195) (#21218) * Allow uppercase ASCII alphabet in PyPI package names (#21095) (#21217) * Fix limited user cannot view himself's profile (#21212) * Fix template bug of admin monitor (#21209) * Fix reaction of issues (#21185) (#21196) * Fix CSV diff for added/deleted files (#21189) (#21193) * Fix pagination limit parameter problem (#21111) * TESTING * Fix missing m.Run() in TestMain (#21341) * BUILD * Use Go 1.19 fmt for Gitea 1.17, sync emoji data (#21239) ## [1.17.2](https://github.com/go-gitea/gitea/releases/tag/v1.17.2) - 2022-09-06 * SECURITY * Double check CloneURL is acceptable (#20869) (#20892) * Add more checks in migration code (#21011) (#21050) * ENHANCEMENTS * Fix hard-coded timeout and error panic in API archive download endpoint (#20925) (#21051) * Improve arc-green code theme (#21039) (#21042) * Enable contenthash in filename for dynamic assets (#20813) (#20932) * Don't open new page for ext wiki on same repository (#20725) (#20910) * Disable doctor logging on panic (#20847) (#20898) * Remove calls to load Mirrors in user.Dashboard (#20855) (#20897) * Update codemirror to 5.65.8 (#20875) * Rework repo buttons (#20602, #20718) (#20719) * BUGFIXES * Ensure delete user deletes all comments (#21067) (#21068) * Delete unreferenced packages when deleting a package version (#20977) (#21060) * Redirect if user does not exist on admin pages (#20981) (#21059) * Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (#20902) (#21058) * Fix 500 on time in timeline API (#21052) (#21057) * Fill the specified ref in webhook test payload (#20961) (#21055) * Add another index for Action table on postgres (#21033) (#21054) * Fix broken insecureskipverify handling in redis connection uris (#20967) (#21053) * Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (#21017) (#21044) * Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037) * Fix modified due date message (#20388) (#21032) * Fix missed sort bug (#21006) * Fix input.value attr for RequiredClaimName/Value (#20946) (#21001) * Change review buttons to icons to make space for text (#20934) (#20978) * Fix download archiver of a commit (#20962) (#20971) * Return 404 NotFound if requested attachment does not exist (#20886) (#20941) * Set no-tags in git fetch on compare (#20893) (#20936) * Allow multiple metadata files for Maven packages (#20674) (#20916) * Increase Content field size of gpg_key and public_key to MEDIUMTEXT (#20896) (#20911) * Fix mirror address setting not working (#20850) (#20904) * Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901) * Fix panic when an invalid oauth2 name is passed (#20820) (#20900) * In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it (#20837) (#20899) * Ensure that graceful start-up is informed of unused SSH listener (#20877) (#20888) * Pad GPG Key ID with preceding zeroes (#20878) (#20885) * Fix SQL Query for `SearchTeam` (#20844) (#20872) * Fix the mode of custom dir to 0700 in docker-rootless (#20861) (#20867) * Fix UI mis-align for PR commit history (#20845) (#20859) ## [1.17.1](https://github.com/go-gitea/gitea/releases/tag/1.17.1) - 2022-08-17 * SECURITY * Correctly escape within tribute.js (#20831) (#20832) * ENHANCEMENTS * Add support for NuGet API keys (#20721) (#20734) * Display project in issue list (#20583) * Add disable download source configuration (#20548) (#20579) * Add username check to doctor (#20140) (#20671) * Enable Wire 2 for Internal SSH Server (#20616) (#20617) * BUGFIXES * Use the total issue count for UI (#20785) (#20827) * Add proxy host into allow list (#20798) (#20819) * Add missing translation for queue flush workers (#20791) (#20792) * Improve comment header for mobile (#20781) (#20789) * Fix git.Init for doctor sub-command (#20782) (#20783) * Check webhooks slice length before calling xorm (#20642) (#20768) * Remove manual rollback for failed generated repositories (#20639) (#20762) * Use correct field name in npm template (#20675) (#20760) * Keep download count on Container tag overwrite (#20728) (#20735) * Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707) * Use request timeout for git service rpc (#20689) (#20693) * Send correct NuGet status codes (#20647) (#20677) * Use correct context to get package content (#20673) (#20676) * Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663) * Add default commit messages to PR for squash merge (#20618) (#20645) * Fix package upload for files >32mb (#20622) (#20635) * Fix the new-line copy-paste for rendered code (#20612) * Clean up and fix clone button script (#20415 & #20600) (#20599) * Fix default merge style (#20564) (#20565) * Add repository condition for issue count (#20454) (#20496) * Make branch icon stand out more (#20726) (#20774) * Fix loading button with invalid form (#20754) (#20759) * Fix SecToTime edge-cases (#20610) (#20611) * Executable check always returns true for windows (#20637) (#20835) * Check issue labels slice length before calling xorm Insert (#20655) (#20836) * Fix owners cannot create organization repos bug (#20841) (#20854) * Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848) ## [1.17.0](https://github.com/go-gitea/gitea/releases/tag/v1.17.0) - 2022-07-30 * BREAKING * Require go1.18 for Gitea 1.17 (#19918) * Make AppDataPath absolute against the AppWorkPath if it is not (#19815) * Nuke the incorrect permission report on /api/v1/notifications (#19761) * Refactor git module, make Gitea use internal git config (#19732) * Remove `RequireHighlightJS` field, update plantuml example. (#19615) * Increase minimal required git version to 2.0 (#19577) * Add a directory prefix `gitea-src-VERSION` to release-tar-file (#19396) * Use "main" as default branch name (#19354) * Make cron task no notice on success (#19221) * Add pam account authorization check (#19040) * Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971) * Refactor mirror code & fix StartToMirror (#18904) * Remove deprecated SSH ciphers from default (#18697) * Add the possibility to allow the user to have a favicon which differs from the main logo (#18542) * Update reserved usernames list (#18438) * Support custom ACME provider (#18340) * Change initial TrustModel to committer (#18335) * Update HTTP status codes (#18063) * Upgrade Alpine from 3.13 to 3.15 (#18050) * Restrict email address validation (#17688) * Refactor Router Logger (#17308) * SECURITY * Use git.HOME_PATH for Git HOME directory (#20114) (#20293) * Add write check for creating Commit Statuses (#20332) (#20333) * Remove deprecated SSH ciphers from default (#18697) * FEDERATION * Return statistic information for nodeinfo (#19561) * Add Webfinger endpoint (#19462) * Store the foreign ID of issues during migration (#18446) * FEATURES * Automatically render wiki TOC (#19873) * Adding button to link accounts from user settings (#19792) * Allow set default merge style while creating repo (#19751) * Auto merge pull requests when all checks succeeded (#9307 & #19648) * Improve reviewing PR UX (#19612) * Add support for rendering console output with colors (#19497) * Add Helm Chart registry (#19406) * Add Goroutine stack inspector to admin/monitor (#19207) * RSS/Atom support for Orgs & Repos (#17714 & #19055) * Add button for issue deletion (#19032) * Allow to mark files in a PR as viewed (#19007) * Add Index to comment for migrations and mirroring (#18806) * Add health check endpoint (#18465) * Add packagist webhook (#18224) * Add "Allow edits from maintainer" feature (#18002) * Add apply-patch, basic revert and cherry-pick functionality (#17902) * Add Package Registry (#16510) * Add LDAP group sync to Teams (#16299) * Pause queues (#15928) * Added auto-save whitespace behavior if it changed manually (#15566) * Find files in repo (#15028) * Provide configuration to allow camo-media proxying (#12802) * API * Add endpoint to serve blob or LFS file content (#19689) * Add endpoint to check if team has repo access (#19540) * More commit info (#19252) * Allow to create file on empty repo (#19224) * Allow removing issues (#18879) * Add endpoint to query collaborators permission for a repository (#18761) * Return primary language and repository language stats API URL (#18396) * Implement http signatures support for the API (#17565) * ENHANCEMENTS * Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269) * Adjust max-widths for the repository file table (#20243) (#20247) * Display full name (#20171) (#20246) * Add dbconsistency checks for Stopwatches (#20010) * Add fetch.writeCommitGraph to gitconfig (#20006) * Add fgprof pprof profiler (#20005) * Move agit dependency (#19998) * Empty log queue on flush and close (#19994) * Remove tab/TabName usage where it's not needed (#19973) * Improve file header on mobile (#19945) * Move issues related files into models/issues (#19931) * Add breaking email restrictions checker in doctor (#19903) * Improve UX on modal for deleting an access token (#19894) * Add alt text to logo (#19892) * Move some code into models/git (#19879) * Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861) * Make user profile image show full image on mobile (#19840) * Replace blue button and label classes with primary (#19763) * Remove fomantic progress module (#19760) * Allows repo search to match against "owner/repo" pattern strings (#19754) * Move org functions (#19753) * Move almost all functions' parameter db.Engine to context.Context (#19748) * Show source/target branches on PR's list (#19747) * Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739) * Add doctor orphan check for orphaned pull requests without an existing base repo (#19731) * Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729) * Update go-chi/cache to utilize Ping() (#19719) * Improve commit list/view on mobile (#19712) * Move some repository related code into sub package (#19711) * Use a better OlderThan for DeleteInactiveUsers (#19693) * Introduce eslint-plugin-jquery (#19690) * Tidy up `<head>` template (#19678) * Calculate filename hash only once (#19654) * Simplify `IsVendor` (#19626) * Add "Reference" section to Issue view sidebar (#19609) * Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581) * Use for a repo action one database transaction (#19576) * Simplify loops to copy (#19569) * Added X-Mailer header to outgoing emails (#19562) * use middleware to open gitRepo (#19559) * Mute link in diff header (#19556) * Improve UI on mobile (#19546) * Fix Pull Request comment filename word breaks (#19535) * Permalink files In PR diff (#19534) * PullService lock via pullID (#19520) * Make repository file list useable on mobile (#19515) * more context for models (#19511) * Refactor readme file renderer (#19502) * By default force vertical tabs on mobile (#19486) * Github style following followers (#19482) * Improve action table indices (#19472) * Use horizontal tabs for repo header on mobile (#19468) * pass gitRepo down since its used for main repo and wiki (#19461) * Admin should not delete himself (#19423) * Use queue instead of memory queue in webhook send service (#19390) * Simplify the code to get issue count (#19380) * Add commit status popup to issuelist (#19375) * Add RSS Feed buttons to Repo, User and Org pages (#19370) * Add logic to switch between source/rendered on Markdown (#19356) * Move some helper files out of models (#19355) * Move access and repo permission to models/perm/access (#19350) * Disallow selecting the text of buttons (#19330) * Allow custom redirect for landing page (#19324) * Remove dependent on session auth for api/v1 routers (#19321) * Never use /api/v1 from Gitea UI Pages (#19318) * Remove legacy unmaintained packages, refactor to support change default locale (#19308) * Move milestone to models/issues/ (#19278) * Configure OpenSSH log level via Environment in Docker (#19274) * Move reaction to models/issues/ (#19264) * Make git.OpenRepository accept Context (#19260) * Move some issue methods as functions (#19255) * Show last cron messages on monitor page (#19223) * New cron task: delete old system notices (#19219) * Add Redis Sentinel Authentication Support (#19213) * Add auto logging of goroutine pid label (#19212) * Set OpenGraph title to DisplayName in profile pages (#19206) * Add pprof labels in processes and for lifecycles (#19202) * Let web and API routes have different auth methods group (#19168) * Move init repository related functions to modules (#19159) * Feeds: render markdown to html (#19058) * Allow users to self-request a PR review (#19030) * Allow render HTML with css/js external links (#19017) * Fix script compatiable with OpenWrt (#19000) * Support ignore all santize for external renderer (#18984) * Add note to GPG key response if user has no keys (#18961) * Improve Stopwatch behavior (#18930) * Improve mirror iterator (#18928) * Uncapitalize errors (#18915) * Prevent Stats Indexer reporting error if repo dir missing (#18870) * Refactor SecToTime() function (#18863) * Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796) * Move deletebeans into models/db (#18781) * Fix display time of milestones (#18753) * Add config option to disable "Update branch by rebase" (#18745) * Display template path of current page in dev mode (#18717) * Add number in queue status to monitor page (#18712) * Change git.cmd to RunWithContext (#18693) * Refactor i18n, use Locale to provide i18n/translation related functions (#18648) * Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552) * Move organization related structs into sub package (#18518) * Warn at startup if the provided `SCRIPT_TYPE` is not on the PATH (#18467) * Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) * Use explicit jQuery import, remove unused eslint globals (#18435) * Allow to filter repositories by language in explore, user and organization repositories lists (#18430) * Use base32 for 2FA scratch token (#18384) * Unexport var git.GlobalCommandArgs (#18376) * Don't underline commit status icon on hover (#18372) * Always use git command but not os.Command (#18363) * Switch to non-deprecation setting (#18358) * Set the LastModified header for raw files (#18356) * Refactor jwt.StandardClaims to RegisteredClaims (#18344) * Enable deprecation error for v1.17.0 (#18341) * Refactor httplib (#18338) * Limit max-height of CodeMirror editors for issue comment and wiki (#18271) * Validate migration files (#18203) * Format with gofumpt (#18184) * Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177) * Prettify number of issues (#17760) * Add a "admin user generate-access-token" subcommand (#17722) * Custom regexp external issues (#17624) * Add smtp password to install page (#17564) * Add config options to hide issue events (#17414) * Prevent double click new issue/pull/comment button (#16157) * Show issue assignee on project board (#15232) * BUGFIXES * WebAuthn CredentialID field needs to be increased in size (#20530) (#20555) * Ensure that all unmerged files are merged when conflict checking (#20528) (#20536) * Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529) * Add labels to two buttons that were missing them (#20419) (#20524) * Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503) * Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407) * Allow RSA 2047 bit keys (#20272) (#20396) * Add missing return for when topic isn't found (#20351) (#20395) * Fix commit status icon when in subdirectory (#20285) (#20385) * Initialize cron last (#20373) (#20384) * Set target on create release with existing tag (#20381) (#20382) * Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372) * Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370) * Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361) * Correctly handle draft releases without a tag (#20314) (#20335) * Prevent "empty" scrollbars on Firefox (#20294) (#20308) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306) * Bump goldmark to v1.4.13 (#20300) (#20301) * Do not create empty ".ssh" directory when loading config (#20289) (#20298) * Fix NPE when using non-numeric (#20277) (#20278) * Store read access in access for team repositories (#20275) (#20276) * EscapeFilter the group dn membership (#20200) (#20254) * Only show Followers that current user can access (#20220) (#20252) * Update Bluemonday to v1.0.19 (#20199) (#20209) * Refix indices on actions table (#20158) (#20198) * Check if project has the same repository id with issue when assign project to issue (#20133) (#20188) * Fix remove file on initial comment (#20127) (#20128) * Catch the error before the response is processed by goth (#20000) (#20102) * Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099) * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) * Return 404 when tag is broken (#20017) (#20024) * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) * Return 404 when tag is broken (#20017) (#20024) * Write Commit-Graphs in RepositoryDumper (#20004) * Use DisplayName() instead of FullName in Oauth Provider (#19991) * Don't buffer doctor logger (#19982) * Always try to fetch repo for mirrors (#19975) * Uppercase first languages letters (#19965) * Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953) * Ensure minimum mirror interval is reported on settings page (#19895) * Exclude Archived repos from Dashboard Milestones (#19882) * gitconfig: set safe.directory = * (#19870) * Prevent NPE on update mirror settings (#19864) * Only return valid stopwatches to the EventSource (#19863) * Prevent NPE whilst migrating if there is a team request review (#19855) * Fix inconsistency in doctor output (#19836) * Fix release tag for webhook (#19830) * Add title attribute to dependencies in sidebar (#19807) * Estimate Action Count in Statistics (#19775) * Do not update user stars numbers unless fix is specified (#19750) * Improved ref comment link when origin is body/title (#19741) * Fix nodeinfo caching and prevent NPE if cache non-existent (#19721) * Fix duplicate entry error when add team member (#19702) * Fix sending empty notifications (#19589) * Update image URL for Discord webhook (#19536) * Don't let repo clone URL overflow (#19517) * Allow commit status popup on /pulls page (#19507) * Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494) * Fix logging of Transfer API (#19456) * Fix panic in teams API when requesting members (#19360) * Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337) * An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300) * Move checks for pulls before merge into own function (#19271) * Fix `contrib/upgrade.sh` (#19222) * Set the default branch for repositories generated from templates (#19136) * Fix EasyMDE error when input Enter (#19004) * Don't clean up hardcoded `tmp` (#18983) * Delete related notifications on issue deletion too (#18953) * Fix trace log to show value instead of pointers (#18926) * Fix behavior or checkbox submission. (#18851) * Add `ContextUser` (#18798) * Fix some mirror bugs (#18649) * Quote MAKE to prevent path expansion with space error (#18622) * Preserve users if restoring a repository on the same Gitea instance (#18604) * Fix non-ASCII search on database (#18437) * Automatically pause queue if index service is unavailable (#15066) * TESTING * Allow postgres integration tests to run over unix pipe (#19875) * Prevent intermittent NPE in queue tests (#19301) * Add test for importing pull requests in gitea uploader for migrations (#18752) * Remove redundant comparison in repo dump/restore (#18660) * More repo dump/restore tests, including pull requests (#18621) * Add test coverage for original author conversion during migrations (#18506) * TRANSLATION * Update issue_no_dependencies description (#19112) * Refactor webhooks i18n (#18380) * BUILD * Use alpine 3.16 (#19797) * Require node 14.0 (#19451) * DOCS * Update documents (git/fomantic/db, etc) (#19868) * Update the ROOT documentation and error messages (#19832) * Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` for Docker (#19794) * Update documentation to disable duration settings with -1 instead of 0 (#19647) * Add warning to set SENDMAIL_ARGS to -- (#19102) * Update nginx reverse proxy docs (#18922) * Add example to render html files (#18736) * Make SSH passtrough documentation better (#18687) * Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470) * Update the SSH passthrough documentation (#18366) * Add `contrib/upgrade.sh` (#18286) * MISC * Fix aria for logo (#19955) * In code search, get code unit accessible repos in one (main) query (#19764) * Add tooltip to pending PR comments (#19662) * Improve sync performance for pull-mirrors (#19125) * Improve dashboard's repo list performance (#18963) * Avoid database lookups for `DescriptionHTML` (#18924) * Remove CodeMirror dependencies (#18911) * Disable unnecessary mirroring elements (#18527) * Disable unnecessary OpenID/OAuth2 elements (#18491) * Disable unnecessary GitHooks elements (#18485) * Change some logging levels (#18421) * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18385) * Use correct translation key for errors (#18342) ## [1.16.9](https://github.com/go-gitea/gitea/releases/tag/v1.16.9) - 2022-07-12 * SECURITY * Add write check for creating Commit status (#20332) (#20334) * Check for permission when fetching user controlled issues (#20133) (#20196) * BUGFIXES * Hide notify mail setting ui if not enabled (#20138) (#20337) * Add write check for creating Commit status (#20332) (#20334) * Only show Followers that current user can access (#20220) (#20253) * Release page show all tags in compare dropdown (#20070) (#20071) * Fix permission check for delete tag (#19985) (#20001) * Only log non ErrNotExist errors in git.GetNote (#19884) (#19905) * Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893) * Set Setpgid on child git processes (#19865) (#19881) * Import git from alpine 3.16 repository as 2.30.4 is needed for `safe.directory = '*'` to work but alpine 3.13 has 2.30.3 (#19876) * Ensure responses are context.ResponseWriters (#19843) (#19859) * Fix incorrect usage of `Count` function (#19850) * Fix raw endpoint PDF file headers (#19825) (#19826) * Make WIP prefixes case insensitive, e.g. allow `Draft` as a WIP prefix (#19780) (#19811) * Don't return 500 on NotificationUnreadCount (#19802) * Prevent NPE when cache service is disabled (#19703) (#19783) * Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774) * Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770) * Fix bug with assigneees (#19757) ## [1.16.8](https://github.com/go-gitea/gitea/releases/tag/v1.16.8) - 2022-05-16 * ENHANCEMENTS * Add doctor check/fix for bogus action rows (#19656) (#19669) * Make .cs highlighting legible on dark themes. (#19604) (#19605) * BUGFIXES * Fix oauth setting list bug (#19681) * Delete user related oauth stuff on user deletion too (#19677) (#19680) * Fix new release from tags list UI (#19670) (#19673) * Prevent NPE when checking repo units if the user is nil (#19625) (#19630) * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629) * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607) * Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591) * Fix sending empty notifications (#19589) (#19590) * Ignore DNS error when doing migration allow/block check (#19566) (#19567) * Fix issue overview for teams (#19652) (#19653) ## [1.16.7](https://github.com/go-gitea/gitea/releases/tag/v1.16.7) - 2022-05-02 * SECURITY * Escape git fetch remote (#19487) (#19490) * BUGFIXES * Don't overwrite err with nil (#19572) (#19574) * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568) * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560) * Don't error when branch's commit doesn't exist (#19547) (#19548) * Support `hostname:port` to pass host matcher's check (#19543) (#19544) * Prevent intermittent race in attribute reader close (#19537) (#19539) * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532) * Prevent dangling archiver goroutine (#19516) (#19526) * Fix migrate release from github (#19510) (#19523) * When view _Siderbar or _Footer, just display once (#19501) (#19522) * Fix blame page select range error and some typos (#19503) * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484) * User specific repoID or xorm builder conditions for issue search (#19475) (#19476) * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466) * RepoAssignment ensure to close before overwrite (#19449) (#19460) * Set correct PR status on 3way on conflict checking (#19457) (#19458) * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446) ## [1.16.6](https://github.com/go-gitea/gitea/releases/tag/v1.16.6) - 2022-04-20 * ENHANCEMENTS * Only request write when necessary (#18657) (#19422) * Disable service worker by default (#18914) (#19342) * BUGFIXES * When dumping trim the standard suffices instead of a random suffix (#19440) (#19447) * Fix DELETE request for non-existent public key (#19443) (#19444) * Don't panic on ErrEmailInvalid (#19441) (#19442) * Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438) * Warn on SSH connection for incorrect configuration (#19317) (#19437) * Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436) * When updating mirror repo intervals by API reschedule next update too (#19429) (#19433) * Fix nil error when some pages are rendered outside request context (#19427) (#19428) * Fix double blob-hunk on diff page (#19404) (#19405) * Don't allow merging PR's which are being conflict checked (#19357) (#19358) * Fix middleware function's placements (#19377) (#19378) * Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338) * Restore user autoregistration with email addresses (#19261) (#19312) * Move checks for pulls before merge into own function (#19271) (#19277) * Granular webhook events in editHook (#19251) (#19257) * Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248) * Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236) * Touch mirrors on even on fail to update (#19217) (#19233) * Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231) * Fix clone url JS error for the empty repo page (#19209) * Bump goldmark to v1.4.11 (#19201) (#19203) * TESTING * Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228) * BUILD * Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319) * MISC * Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289) * Check go and nodejs version by go.mod and package.json (#19197) (#19254) ## [1.16.5](https://github.com/go-gitea/gitea/releases/tag/v1.16.5) - 2022-03-23 * BREAKING * Bump to build with go1.18 (#19120 et al) (#19127) * SECURITY * Prevent redirect to Host (2) (#19175) (#19186) * Try to prevent autolinking of displaynames by email readers (#19169) (#19183) * Clean paths when looking in Storage (#19124) (#19179) * Do not send notification emails to inactive users (#19131) (#19139) * Do not send activation email if manual confirm is set (#19119) (#19122) * ENHANCEMENTS * Use the new/choose link for New Issue on project page (#19172) (#19176) * BUGFIXES * Fix showing issues in your repositories (#18916) (#19191) * Fix compare link in active feeds for new branch (#19149) (#19185) * Redirect .wiki/* ui link to /wiki (#18831) (#19184) * Ensure deploy keys with write access can push (#19010) (#19182) * Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177) * Cleanup protected branches when deleting users & teams (#19158) (#19174) * Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160) * Fix NPE /repos/issues/search when not signed in (#19154) (#19155) * Use custom favicon when viewing static files if it exists (#19130) (#19152) * Fix the editor height in review box (#19003) (#19147) * Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146) * Fix wrong scopes caused by empty scope input (#19029) (#19145) * Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141) * Handle email address not exist (#19089) (#19121) * MISC * Update json-iterator to allow compilation with go1.18 (#18644) (#19100) * Update golang.org/x/crypto (#19097) (#19098) ## [1.16.4](https://github.com/go-gitea/gitea/releases/tag/v1.16.4) - 2022-03-14 * SECURITY * Restrict email address validation (#17688) (#19085) * Fix lfs bug (#19072) (#19080) * ENHANCEMENTS * Improve SyncMirrors logging (#19045) (#19050) * BUGFIXES * Refactor mirror code & fix `StartToMirror` (#18904) (#19075) * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060) * Prevent 500 when there is an error during new auth source post (#19041) (#19059) * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056) * Fix flag validation (#19046) (#19051) * Add pam account authorization check (#19040) (#19047) * Ignore missing comment for user notifications (#18954) (#19043) * Set `rel="nofollow noindex"` on new issue links (#19023) (#19042) * Upgrading binding package (#19034) (#19035) * Don't show context cancelled errors in attribute reader (#19006) (#19027) * Fix update hint bug (#18996) (#19002) * MISC * Fix potential assignee query for repo (#18994) (#18999) ## [1.16.3](https://github.com/go-gitea/gitea/releases/tag/v1.16.3) - 2022-03-02 * SECURITY * Git backend ignore replace objects (#18979) (#18980) * ENHANCEMENTS * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938) * BUGFIXES * Set max text height to prevent overflow (#18862) (#18977) * Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974) * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964) * Send 404 on `/{org}.gpg` (#18959) (#18962) * Fix admin user list pagination (#18957) (#18960) * Fix lfs management setting (#18947) (#18946) * Fix login with email panic when email is not exist (#18942) * Update go-org to v1.6.1 (#18932) (#18933) * Fix `<strong>` html in translation (#18929) (#18931) * Fix page and missing return on unadopted repos API (#18848) (#18927) * Allow adminstrator teams members to see other teams (#18918) (#18919) * Don't treat BOM escape sequence as hidden character. (#18909) (#18910) * Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908) * Fix redirect when using lowercase repo name (#18775) (#18902) * Fix migration v210 (#18893) (#18892) * Fix team management UI (#18887) (18886) * BeforeSourcePath should point to base commit (#18880) (#18799) * TRANSLATION * Backport locales from master (#18944) * MISC * Don't update email for organisation (#18905) (#18906) ## [1.16.2](https://github.com/go-gitea/gitea/releases/tag/v1.16.2) - 2022-02-24 * ENHANCEMENTS * Show fullname on issue edits and gpg/ssh signing info (#18828) * Immediately Hammer if second kill is sent (#18823) (#18826) * Allow mermaid render error to wrap (#18791) * BUGFIXES * Fix ldap user sync missed email in email_address table (#18786) (#18876) * Update assignees check to include any writing team and change org sidebar (#18680) (#18873) * Don't report signal: killed errors in serviceRPC (#18850) (#18865) * Fix bug where certain LDAP settings were reverted (#18859) * Update go-org to 1.6.0 (#18824) (#18839) * Fix login with email for ldap users (#18800) (#18836) * Fix bug for get user by email (#18834) * Fix panic in EscapeReader (#18820) (#18821) * Fix ldap loginname (#18789) (#18804) * Remove redundant call to UpdateRepoStats during migration (#18591) (#18794) * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788) * Fix template bug of LFS lock (#18784) (#18787) * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771) * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765) * Fix a broken link in commits_list_small.tmpl (#18763) (#18764) * Increase the size of the webauthn_credential credential_id field (#18739) (#18756) * Prevent dangling GetAttribute calls (#18754) (#18755) * Fix isempty detection of git repository (#18746) (#18750) * Fix source code line highlighting on external tracker (#18729) (#18740) * Prevent double encoding of branch names in delete branch (#18714) (#18738) * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737) * Fix forked repositories missed tags (#18719) (#18735) * Fix release typo (#18728) (#18731) * Separate the details links of commit-statuses in headers (#18661) (#18730) * Update object repo with the migrated repository (#18684) (#18726) * Fix bug for version update hint (#18701) (#18705) * Fix issue with docker-rootless shimming script (#18690) (#18699) * Let `MinUnitAccessMode` return correct perm (#18675) (#18689) * Prevent security failure due to bad APP_ID (#18678) (#18682) * Restart zero worker if there is still work to do (#18658) (#18672) * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645) * TESTING * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767) * BUILD * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741) * MISC * Put buttons back in org dashboard (#18817) (#18825) * Various Mermaid improvements (#18776) (#18780) * C preprocessor colors improvement (#18671) (#18696) * Fix the missing i18n key for update checker (#18646) (#18665) ## [1.16.1](https://github.com/go-gitea/gitea/releases/tag/v1.16.1) - 2022-02-06 * SECURITY * Update JS dependencies, fix lint (#18389) (#18540) * ENHANCEMENTS * Add dropdown icon to label set template dropdown (#18564) (#18571) * BUGFIXES * comments on migrated issues/prs must link to the comment ID (#18630) (#18637) * Stop logging an error when notes are not found (#18626) (#18635) * Ensure that blob-excerpt links work for wiki (#18587) (#18624) * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620) * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606) * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588) * Prevent panic on prohibited user login with oauth2 (#18562) (#18563) * Collaborator trust model should trust collaborators (#18539) (#18557) * Detect conflicts with 3way merge (#18536) (#18537) * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535) * Add `GetUserTeams` (#18499) (#18531) * Fix review excerpt (#18502) (#18530) * Fix for AvatarURL database type (#18487) (#18529) * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505) * Fix OAuth Source Edit Page (#18495) (#18503) * Use "read" value for General Access (#18496) (#18500) * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473) * BUILD * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569) * DOCS * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534) ## [1.16.0](https://github.com/go-gitea/gitea/releases/tag/v1.16.0) - 2022-01-30 * BREAKING * Remove golang vendored directory (#18277) * Paginate releases page & set default page size to 10 (#16857) * Use shadowing script for docker (#17846) * Only allow webhook to send requests to allowed hosts (#17482) * SECURITY * Disable content sniffing on `PlainTextBytes` (#18359) (#18365) * Only view milestones from current repo (#18414) (#18417) * Sanitize user-input on file name (#17666) * Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks (#17605) * FEATURES * Add/update SMTP auth providers via cli (#18197) * Support webauthn (#17957) * Team permission allow different unit has different permission (#17811) * Implement Well-Known URL for password change (#17777) * Add support for ssh commit signing (#17743) * Allow Loading of Diffs that are too large (#17739) * Add copy button to markdown code blocks (#17638) * Add .gitattribute assisted language detection to blame, diff and render (#17590) * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568) * Add Reindex buttons to repository settings page (#17494) * Make SSL cipher suite configurable (#17440) * Add groups scope/claim to OIDC/OAuth2 Provider (#17367) * Add simple update checker to Gitea (#17212) * Migrated Repository will show modifications when possible (#17191) * Create pub/priv keypair for federation (#17071) * Make LDAP be able to skip local 2FA (#16954) * Add nodeinfo endpoint for federation purposes (#16953) * Save and view issue/comment content history (#16909) * Use git attributes to determine generated and vendored status for language stats and diffs (#16773) * Add migrate from Codebase (#16768) * Add migration from GitBucket (#16767) * Add OAuth2 introspection endpoint (#16752) * Add proxy settings and support for migration and webhook (#16704) * Add microsoft oauth2 providers (#16544) * Send registration email on user autoregistration (#16523) * Defer Last Commit Info (#16467) * Support unprotected file patterns (#16395) * Add migrate from OneDev (#16356) * Add option to update pull request by `rebase` (#16125) * Add RSS/Atom feed support for user actions (#16002) * Add support for corporate WeChat webhooks (#15910) * Add a simple way to rename branch like gh (#15870) * Add bundle download for repository (#14538) * Add agit flow support in gitea (#14295) * API * Add MirrorUpdated field to Repository API type (#18267) * Adjust Fork API to allow setting a custom repository name (#18066) * Add API to manage repo tranfers (#17963) * Add API to get file commit history (#17652) * Add API to get issue/pull comments and events (timeline) (#17403) * Add API to get/edit wiki (#17278) * Add API for get user org permissions (#17232) * Add HTML urls to notification API (#17178) * Add API to get commit diff/patch (#17095) * Respond with updated notifications in API (#17064) * Add API to fetch git notes (#16649) * Generalize list header for API (#16551) * Add API Token Cache (#16547) * Allow Token API calls be authorized using the reverse-proxy header (#15119) * ENHANCEMENTS * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319) * Return nicer error if trying to pull from non-existent user (#18288) * Show pull link for agit pull request also (#18235) * Enable partial clone by default (#18195) * Added replay of webhooks (#18191) * Show OAuth callback error message (#18185) * Increase Salt randomness (#18179) * Add MP4 as default allowed attachment type (#18170) * Include folders into size cost (#18158) * Remove `/email2user` endpoint (#18127) * Handle invalid issues (#18111) * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069) * Support open compare page directly (#17975) * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954) * Clean legacy SimpleMDE code (#17926) * Refactor install page (db type) (#17919) * Improve interface when comparing a branch which has created a pull request (#17911) * Allow default branch to be inferred on compare page (#17908) * Display issue/comment role even if repo archived (#17907) * Always set a message-id on mails (#17900) * Change `<a>` elements to underline on hover (#17898) * Render issue references in file table (#17897) * Handle relative unix socket paths (#17836) * Move accessmode into models/perm (#17828) * Fix some org style problems (#17807) * Add List-Unsubscribe header (#17804) * Create menus for organization pages (#17802) * Switch archive URL code back to href attributes (#17796) * Refactor "refs/*" string usage by using constants (#17784) * Allow forks to org if you can create repos (#17783) * Improve install code to avoid low-level mistakes. (#17779) * Improve ellipsis buttons (#17773) * Add restrict and no-user-rc to authorized_keys (#17772) * Add copy Commit ID button in commits list (#17759) * Make `bind` error more readable (#17750) * Fix navbar on project view (#17749) * More pleasantly handle broken or missing git repositories (#17747) * Use `*PushUpdateOptions` as receiver (#17724) * Remove unused `user` paramater (#17723) * Better builtin avatar generator (#17707) * Cleanup and use global style on popups (#17674) * Move user/org deletion to services (#17673) * Added comment for changing issue ref (#17672) * Allow admins to change user avatars (#17661) * Only set `data-path` once for each file in diff pages (#17657) * Add icon to vscode clone link (#17641) * Add download button for file viewer (#17640) * Add pagination to fork list (#17639) * Use a standalone struct name for Organization (#17632) * Minor readability patch. (#17627) * Add context support for GetUserByID (#17602) * Move merge-section to `> .content` (#17582) * Remove NewSession method from db.Engine interface (#17577) * Move unit into models/unit/ (#17576) * Restrict GetDeletedBranchByID to the repositories deleted branches (#17570) * Refactor commentTags functionality (#17558) * Make Repo Code Indexer an Unique Queue (#17515) * Simplify Gothic to use our session store instead of creating a different store (#17507) * Add settings to allow different SMTP envelope from address (#17479) * Properly determine CSV delimiter (#17459) * Hide label comments if labels were added and removed immediately (#17455) * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438) * Add appearance section in settings (#17433) * Move key forms before list and add cancel button (#17432) * When copying executables to the docker chmod them (#17423) * Remove deprecated `extendDefaultPlugins` method of svgo (#17399) * Fix the click behavior for <tr> and <td> with [data-href] (#17388) * Refactor update checker to use AppState (#17387) * Improve async/await usage, and sort init calls in `index.js` (#17386) * Use a variable but a function for IsProd because of a slight performance increment (#17368) * Frontend refactor, PascalCase to camelCase, remove unused code (#17365) * Hide command line merge instructions when user can't push (#17339) * Move session to models/login (#17338) * Sync gitea app path for git hooks and authorized keys when starting (#17335) * Make the Mirror Queue a queue (#17326) * Add "Copy branch name" button to pull request page (#17323) * Fix repository summary on mobile (#17322) * Split `index.js` to separate files (#17315) * Show direct match on top for user search (#17303) * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301) * Upgrade chi to v5 (#17298) * Disable form autofill (#17291) * Improve behavior of "Fork" button (#17288) * Open markdown image links in new window (#17287) * Add hints for special Wiki pages (#17283) * Move add deploy key form before the list and add a cancel button (#17228) * Allow adding multiple issues to a project (#17226) * Add metrics to get issues by repository (#17225) * Add specific event type to header (#17222) * Redirect on project after issue created (#17211) * Reference in new issue modal: dont pre-populate issue title (#17208) * Always set a unique Message-ID header (#17206) * Add projects and project boards in exposed metrics (#17202) * Add metrics to get issues by label (#17201) * Add protection to disable Gitea when run as root (#17168) * Don't return binary file changes in raw PR diffs by default (#17158) * Support sorting for project board issuses (#17152) * Force color-adjust for markdown checkboxes (#17146) * Add option to copy line permalink (#17145) * Move twofactor to models/login (#17143) * Multiple tokens support for migrating from github (#17134) * Unify issue and PR subtitles (#17133) * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125) * Fix problem when database id is not increment as expected (#17124) * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123) * Re-allow clipboard copy on non-https sites (#17118) * DBContext is just a Context (#17100) * Move login related structs and functions to models/login (#17093) * Add SkipLocal2FA option to pam and smtp sources (#17078) * Move db related basic functions to models/db (#17075) * Fixes username tagging in "Reference in new issue" (#17074) * Use light/dark theme based on system preference (#17051) * Always emit the configuration path (#17036) * Add `AbsoluteListOptions` (#17028) * Use common sessioner for API and Web (#17027) * Fix overflow label in small view (#17020) * Report the associated filter if there is an error in LDAP (#17014) * Add "new issue" btn on project (#17001) * Add doctor dbconsistency check for release and attachment (#16978) * Disable Fomantic's CSS tooltips (#16974) * Add Cache-Control to avatar redirects (#16973) * Make mirror feature more configurable (#16957) * Add skip and limit to git.GetTags (#16897) * Remove ParseQueueConnStr as it is unused (#16878) * Remove unused Fomantic sidebar module (#16853) * Allow LDAP Sources to provide Avatars (#16851) * Remove Dashboard/Home button from the navbar (#16844) * Use conditions but not repo ids as query condition (#16839) * Add user settings key/value DB table (#16834) * Add buttons to allow loading of incomplete diffs (#16829) * Add information for migrate failure (#16803) * Add EdDSA JWT signing algorithm (#16786) * Add user status filter to admin user management page (#16770) * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766) * Do not use thin scrollbars on Firefox (#16738) * Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731) * Compute proper foreground color for labels (#16729) * Add edit button to wiki sidebar and footer (#16719) * Fix migration svg color (#16715) * Add link to vscode to repo header (#16664) * Add filter by owner and team to issue/pulls search endpoint (#16662) * Kanban colored boards (#16647) * Allow setting X-FRAME-OPTIONS (#16643) * Separate open and closed issue in metrics (#16637) * Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635) * Add setting to OAuth handlers to skip local 2FA authentication (#16594) * Make PR merge options more intuitive (#16582) * Show correct text when comparing commits on empty pull request (#16569) * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556) * Add an abstract json layout to make it's easier to change json library (#16528) * Make Mermaid.js limit configurable (#16519) * Improve 2FA autofill (#16473) * Add modals to Organization and Team remove/leave (#16471) * Show tag name on dashboard items list (#16466) * Change default cron schedules from @every 24h to @midnight (#16431) * Prevent double sanitize (#16386) * Replace `list.List` with slices (#16311) * Add configuration option to restrict users by default (#16256) * Move login out of models (#16199) * Support pagination of organizations on user settings pages (#16083) * Switch migration icon to svg (#15954) * Add left padding for chunk header of split diff view (#13397) * Allow U2F 2FA without TOTP (#11573) * BUGFIXES * GitLab reviews may not have the updated_at field set (#18450) (#18461) * Fix detection of no commits when the default branch is not master (#18422) (#18423) * Fix broken oauth2 authentication source edit page (#18412) (#18419) * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404) * Fix restore without topic failure (#18387) (#18400) * Fix commit's time (#18375) (#18392) * Fix partial cloning a repo (#18373) (#18377) * Stop trimming preceding and suffixing spaces from editor filenames (#18334) * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18386) * Fix mime-type detection for HTTP server (#18370) (#18371) * Stop trimming preceding and suffixing spaces from editor filenames (#18334) * Restore propagation of ErrDependenciesLeft (#18325) * Fix PR comments UI (#18323) * Use indirect comparison when showing pull requests (#18313) * Replace satori/go.uuid with gofrs/uuid (#18311) * Fix commit links on compare page (#18310) * Don't show double error response in git hook (#18292) * Handle missing default branch better in owner/repo/branches page (#18290) * Fix CheckRepoStats and reuse it during migration (#18264) * Prevent underline hover on cards (#18259) * Don't delete branch if other PRs with this branch are open (#18164) * Require codereview to have content (#18156) * Allow admin to associate missing LFS objects for repositories (#18143) * When attempting to subscribe other user to issue report why access denied (#18091) * Add option to convert CRLF to LF line endings for sendmail (#18075) * Only create pprof files for gitea serv if explicitly asked for (#18068) * Abort merge if head has been updated before pressing merge (#18032) * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004) * Use JSON module instead of stdlib json (#18003) * Fixed issue merged/closed wording (#17973) * Return nicer error for ForcePrivate (#17971) * Fix overflow in commit graph (#17947) * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941) * Use disable_form_autofill on Codebase and Gitbucket (#17936) * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928) * Fix markdown URL parsing (#17924) * Apply CSS Variables to all message elements (#17920) * Improve checkBranchName (#17901) * Update chi/middleware to chi/v5/middleware (#17888) * Fix position of label color picker colors (#17866) * Fix ListUnadoptedRepositories incorrect total count (#17865) * Remove whitespace inside rendered code `<td>` (#17859) * Make Co-committed-by and co-authored-by trailers optional (#17848) * Fix value of User.IsRestricted when oauth2 user registration (#17839) * Use new OneDev /milestones endpoint (#17782) * Prevent deadlock in TestPersistableChannelQueue (#17717) * Simplify code for writing SHA to name-rev (#17696) * Fix database deadlock when update issue labels (#17649) * Add warning for BIDI characters in page renders and in diffs (#17562) * Fix ipv6 parsing for builtin ssh server (#17561) * Multiple Escaping Improvements (#17551) * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442) * Show client-side error if wiki page is empty (#17415) * Fix context popup error (#17398) * Stop sanitizing full name in API (#17396) * Fix issue close/comment buttons on mobile (#17317) * Fix navbar UI (#17235) * Fix problem when database id is not increment as expected (#17229) * Open the DingTalk link in browser (#17084) * Remove heads pointing to missing old refs (#17076) * Fix commit status index problem (#17061) * Handle broken references in mirror sync (#17013) * Fix for create repo page layout (#17012) * Improve LDAP synchronization efficiency (#16994) * Add repo_id for attachment (#16958) * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705) * Remove duplicate csv import in modules/csv/csv.go (#16631) * Improve SMTP authentication and Fix user creation bugs (#16612) * Fixed emoji alias not parsed in links (#16221) * Calculate label URL on API (#16186) * TRANSLATION * Fix mispelling of starred as stared (#17465) * Re-separate the color translation strings (#17390) * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998) * BUILD * Add lockfile-check (#18285) * Don't store assets modified time into generated files (#18193) * MISC * Update JS dependencies (#17611) ## [1.15.11](https://github.com/go-gitea/gitea/releases/tag/v1.15.11) - 2022-01-29 * SECURITY * Only view milestones from current repo (#18414) (#18418) * BUGFIXES * Fix broken when no commits and default branch is not master (#18422) (#18424) * Fix commit's time (#18375) (#18409) * Fix restore without topic failure (#18387) (#18401) * Fix mermaid import in 1.15 (it uses ESModule now) (#18382) * Update to go/text 0.3.7 (#18336) * MISC * Upgrade EasyMDE to 2.16.1 (#18278) (#18279) ## [1.15.10](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) - 2022-01-14 * BUGFIXES * Fix inconsistent PR comment counts (#18260) (#18261) * Fix release link broken (#18252) (#18253) * Fix update user from site administration page bug (#18250) (#18251) * Set HeadCommit when creating tags (#18116) (#18173) * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152) * Fix purple color in suggested label colors (#18241) (#18242) * SECURITY * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206) ## [1.15.9](https://github.com/go-gitea/gitea/releases/tag/v1.15.9) - 2021-12-30 * BUGFIXES * Fix wrong redirect on org labels (#18128) (#18134) * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095) * Revert "Fix delete u2f keys bug (#18042)" (#18107) * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104) * Prevent NPE if gitea uploader fails to open url (#18080) (#18101) * Reset locale on login (#17734) (#18100) * Correctly handle failed migrations (#17575) (#18099) * Instead of using routerCtx just escape the url before routing (#18086) (#18098) * Quote references to the user table in consistency checks (#18072) (#18073) * Add NotFound handler (#18062) (#18067) * Ensure that git repository is closed before transfer (#18049) (#18057) * Use common sessioner for API and web routes (#18114) * TRANSLATION * Fix code search result hint on zh-CN (#18053) ## [1.15.8](https://github.com/go-gitea/gitea/releases/tag/v1.15.8) - 2021-12-20 * BUGFIXES * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046) * Fix delete u2f keys bug (#18040) (#18042) * Reset Session ID on login (#18018) (#18041) * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035) * Stop printing 03d after escaped characters in logs (#18030) (#18034) * Reset locale on login (#18023) (#18025) * Fix reset password email template (#17025) (#18022) * Fix outType on gitea dump (#18000) (#18016) * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015) * Fix rename notification bug (#18011) * Prevent double decoding of % in url params (#17997) (#18001) * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992) * Prevent deadlock in create issue (#17970) (#17982) * TESTING * Use non-expiring key. (#17984) (#17985) ## [1.15.7](https://github.com/go-gitea/gitea/releases/tag/v1.15.7) - 2021-12-01 * ENHANCEMENTS * Only allow webhook to send requests to allowed hosts (#17482) (#17510) * Fix login redirection links (#17451) (#17473) * BUGFIXES * Fix database inconsistent when admin change user email (#17549) (#17840) * Use correct user on releases (#17806) (#17818) * Fix commit count in tag view (#17698) (#17790) * Fix close issue but time watcher still running (#17643) (#17761) * Fix Migrate Description (#17692) (#17727) * Fix bug when project board get open issue number (#17703) (#17726) * Return 400 but not 500 when request archive with wrong format (#17691) (#17700) * Fix bug when read mysql database max lifetime (#17682) (#17690) * Fix database deadlock when update issue labels (#17649) (#17665) * Fix bug on detect issue/comment writer (#17592) * Remove appSubUrl from pasted images (#17572) (#17588) * Make `ParsePatch` more robust (#17573) (#17580) * Fix stats upon searching issues (#17566) (#17578) * Escape issue titles in comments list (#17555) (#17556) * Fix zero created time bug on commit api (#17546) (#17547) * Fix database keyword quote problem on migration v161 (#17522) (#17523) * Fix email with + when active (#17518) (#17520) * Stop double encoding blame commit messages (#17498) (#17500) * Quote the table name in CountOrphanedObjects (#17487) (#17488) * Run Migrate in Install rather than just SyncTables (#17475) (#17486) * BUILD * Fix golangci-lint warnings (#17598 et al) (#17668) * MISC * Preserve color when inverting emojis (#17797) (#17799) ## [1.15.6](https://github.com/go-gitea/gitea/releases/tag/v1.15.6) - 2021-10-28 * BUGFIXES * Prevent panic in serv.go with Deploy Keys (#17434) (#17435) * Fix CSV render error (#17406) (#17431) * Read expected buffer size (#17409) (#17430) * Ensure that restricted users can access repos for which they are members (#17460) (#17464) * Make commit-statuses popup show correctly (#17447) (#17466) * TESTING * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463) ## [1.15.5](https://github.com/go-gitea/gitea/releases/tag/v1.15.5) - 2021-10-21 * SECURITY * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) * BUGFIXES * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) * Ensure popup text is aligned left (backport for 1.15) (#17343) * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) * Disable core.protectNTFS (#17300) (#17302) * Use pointer for wrappedConn methods (#17295) (#17296) * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) * Handle duplicate keys on GPG key ring (#17242) (#17284) * Fix SVG side by side comparison link (#17375) (#17391) ## [1.15.4](https://github.com/go-gitea/gitea/releases/tag/v1.15.4) - 2021-10-08 * BUGFIXES * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272) * Don't allow merged PRs to be reopened (#17192) (#17271) * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266) * Fix unwanted team review request deletion (#17257) (#17264) * Fix broken Activities link in team dashboard (#17255) (#17258) * API pull's head/base have correct permission(#17214) (#17245) * Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227) * Upgrade xorm to v1.2.5 (#17177) (#17188) * Fix missing repo link in issue/pull assigned emails (#17183) (#17184) * Fix bug of get context user (#17169) (#17172) * Nicely handle missing user in collaborations (#17049) (#17166) * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164) * Fix wrong i18n keys (#17150) (#17153) * Fix Archive Creation: correct transaction ending (#17151) * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141) * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) * ENHANCEMENT * Check user instead of organization when creating a repo from a template via API (#16346) (#17195) * TRANSLATION * v1.15 fix Sprintf format 'verbs' in locale files (#17187) ## [1.15.3](https://github.com/go-gitea/gitea/releases/tag/v1.15.3) - 2021-09-19 * ENHANCEMENTS * Add fluid to ui container class to remove margin (#16396) (#16976) * Add caller to cat-file batch calls (#17082) (#17089) * BUGFIXES * Render full plain readme. (#17083) (#17090) * Upgrade xorm to v1.2.4 (#17059) * Fix bug of migrate comments which only fetch one page (#17055) (#17058) * Do not show issue context popup on external issues (#17050) (#17054) * Decrement Fork Num when converting from Fork (#17035) (#17046) * Correctly rollback in ForkRepository (#17034) (#17045) * Fix missing close in WalkGitLog (#17008) (#17009) * Add prefix to SVG id/class attributes (#16997) (#17000) * Fix bug of migrated repository not index (#16991) (#16996) * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990) * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) * Fix issue with issue default mail template (#16956) (#16975) * Ensure that rebase conflicts are handled in updates (#16952) (#16960) * Prevent panic on diff generation (#16950) (#16951) ## [1.15.2](https://github.com/go-gitea/gitea/releases/tag/v1.15.2) - 2021-09-03 * BUGFIXES * Add unique constraint back into issue_index (#16938) * Close storage objects before cleaning (#16934) (#16942) ## [1.15.1](https://github.com/go-gitea/gitea/releases/tag/v1.15.1) - 2021-09-02 * BUGFIXES * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923) * Prevent leave changes dialogs due to autofill fields (#16912) (#16920) * Ignore review comment when ref commit is missed (#16905) (#16919) * Fix wrong attachment removal (#16915) (#16917) * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913) * Correctly return the number of Repositories for Organizations (#16807) (#16911) * Test if LFS object is accessible (#16865) (#16904) * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900) * Fix dump and restore respository (#16698) (#16898) * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895) * Fix wiki raw commit diff/patch view (#16891) (#16892) * Ensure wiki repos are all closed (#16886) (#16888) * List limited and private orgs if authenticated on API (#16866) (#16879) * Simplify split diff view generation and remove JS dependency (#16775) (#16863) * Ensure that the default visibility is set on the user create page (#16845) (#16862) * In Render tolerate not being passed a context (#16842) (#16858) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) * Report the correct number of pushes on the feeds (#16811) (#16822) * Add primary_key to issue_index (#16813) (#16820) * Prevent NPE on empty commit (#16812) (#16819) * Fix branch pagination error (#16805) (#16816) * Add missing return to handleSettingRemoteAddrError (#16794) (#16795) * Remove spurious / from issues.opened_by (#16793) * Ensure that template compilation panics are sent to the logs (#16788) (#16792) * Update caddyserver/certmagic (#16789) (#16790) ## [1.15.0](https://github.com/go-gitea/gitea/releases/tag/v1.15.0) - 2021-08-21 * BREAKING * Make app.ini permissions more restrictive (#16266) * Refactor Webhook + Add X-Hub-Signature (#16176) * Add asymmetric JWT signing (#16010) * Clean-up the settings hierarchy for issue_indexer queue (#16001) * Change default queue settings to be low go-routines (#15964) * Improve assets handler middleware (#15961) * Rename StaticUrlPrefix to AssetUrlPrefix (#15779) * Use a generic markup class to display externally rendered files and diffs (#15735) * Add frontend testing, require node 12 (#15315) * Move (custom) assets into subpath `/assets` (#15219) * Use level config in log section when sub log section not set level (#15176) * Links in markdown should be absolute to the repository not the server (#15088) * Upgrade to the latest version of golang-jwt (#16590) (#16606) * Set minimum supported version of go to 1.16 (#16710) * SECURITY * Encrypt LDAP bind password in db with SECRET_KEY (#15547) * Remove random password in Dockerfiles (#15362) * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * Correctly create of git-daemon-export-ok files (#16508) (#16514) * Don't show private user's repo in explore view (#16550) (#16554) * Update node tar dependency to 6.1.6 (#16622) (#16623) * FEATURES * Update Go-Git to take advantage of LargeObjectThreshold (#16316) * Support custom mime type mapping for text files (#16304) * Link to previous blames in file blame page (#16259) * Add LRU mem cache implementation (#16226) * Localize Email Templates (#16200) * Make command in authorized keys a template (#16003) * Add possibility to make branch in branch page (#15960) * Add email headers (#15939) * Make tasklist checkboxes clickable (#15791) * Add selecting tags on the compare page (#15723) * Add cron job to delete old actions from database (#15688) * On open repository open common cat file batch and batch-check (#15667) * Add tag protection (#15629) * Add push to remote mirror repository (#15157) * Add Image Diff for SVG files (#14867) * Add dashboard milestone search and repo milestone search by name. (#14866) * Add LFS Migration and Mirror (#14726) * Improve notifications for WIP draft PR's (#14663) * Disable Stars config option (#14653) * GPG Key Ownership verification with Signed Token (#14054) * OAuth2 auto-register (#5123) * API * Return updated repository when changing repository using API (#16420) * Let branch/tag name be a valid ref to get CI status (#16400) * Add endpoint to get commits of PR (#16300) * Allow COMMENT reviews to not specify a body (#16229) * Add subject-type filter to list notification API endpoints (#16177) * ListReleases add filter for draft and pre-releases (#16175) * ListIssues add more filters (#16174) * Issue Search Add filter for MilestoneNames (#16173) * GET / SET User Settings (#16169) * Expose repo.GetReviewers() & repo.GetAssignees() (#16168) * User expose counters (#16167) * Add repoGetTag (#16166) * Add repoCreateTag (#16165) * Creating a repo from a template repo via API (#15958) * Add Active and ProhibitLogin to API (#15689) * Add Location, Website and Description to API (#15675) * Expose resolver via API (#15167) * Swagger AccessToken fixes (#16574) (#16597) * Set AllowedHeaders on API CORS handler (#16524) (#16618) * ENHANCEMENTS * Support HTTP/2 in Let's Encrypt (#16371) * Introduce NotifySubjectType (#16320) * Add forge emojies (#16296) * Implemented head_commit for webhooks (#16282) * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278) * Add previous/next buttons to review comments (#16273) * Review comments: break-word for long file names (#16272) * Add configuration to restrict allowed user visibility modes (#16271) * Add scroll-margin-top to account for sticky header (#16269) * Add --quiet and --verbose to gitea web to control initial logging (#16260) * Use gitea logging module for git module (#16243) * Add tests for all webhooks (#16214) * Add button to delete undeleted repositories from failed migrations (#16197) * Speed up git diff highlight generation (#16180) * Add OpenID claims "profile" and "email". (#16141) * Reintroduce squash merge default comment as a config setting (#16134) * Add sanitizer rules per renderer (#16110) * Improve performance of dashboard list orgs (#16099) * Refactor assert statements in tests (#16089) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086) * Remove unnecessary goroutine (#16080) * Add attachments for PR reviews (#16075) * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070) * Add Visible modes function from Organisation to Users too (#16069) * Add checkbox to delete pull branch after successful merge (#16049) * Make commit info cancelable (#16032) * Make modules/context.Context a context.Context (#16031) * Unified custom config creation (#16012) * Make sshd_config more flexible regarding connections (#16009) * Append to existing trailers in generated squash commit message (#15980) * Always store primary email address into email_address table and also the state (#15956) * Load issue/PR context popup data only when needed (#15955) * Remove remaining fontawesome usage in templates (#15952) * Remove fomantic accordion module (#15951) * Small refactoring of modules/private (#15947) * Double the avatar size factor (#15941) * Add curl to rootless docker image (#15908) * Replace clipboard.js with async clipboard api (#15899) * Allow custom highlight mapping beyond file extensions (#15808) * Add trace logging to SSO methods (#15803) * Refactor routers directory (#15800) * Allow only internal registration (#15795) * Add a new internal hook to save ssh log (#15787) * Respect default merge message syntax when parsing item references (#15772) * OAuth2 login: Set account link to "login" as default behavior (#15768) * Use single shared random string generation function (#15741) * Hold the event source when there are no listeners (#15725) * Code comments improvements (#15722) * Provide OIDC compliant user info endpoint (#15721) * Fix webkit calendar icon color on arc-green (#15713) * Improve Light Chroma style (#15699) * Only use boost workers for leveldb shadow queues (#15696) * Add compare tag dropdown to releases page (#15695) * Add caret styling CSS (#15651) * Remove x-ua-compatible meta tag (#15640) * Refactor of link creation (#15619) * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) * Rewrite of the LFS server (#15523) * Display more repository type on admin repository management (#15440) * Remove usage of some JS globals (#15378) * SHA in merged commit comment should be rendered ui sha (#15376) * Add well-known config for OIDC (#15355) * Use route rather than use thus reducing the number of stack frames (#15301) * Code Formats, Nits & Unused Func/Var deletions (#15286) * Let package git depend on setting but not opposite (#15241) * Fixed sanitize errors (#15240) * response simple text message for not html request when 404 (#15229) * Remove file-loader dependency (#15196) * Refactor renders (#15175) * Add mimetype mapping settings (#15133) * Add Status Updates whilst Gitea migrations are occurring (#15076) * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073) * Counterwork seemingly unclickable repo button labels (#15064) * Add DefaultMergeStyle option to repository (#14789) * Added support for gopher URLs. (#14749) * Rework repository archive (#14723) * Add links to toggle WIP status (#14677) * Add Tabular Diff for CSV files (#14661) * Use milestone deadline when sorting issues (#14551) * BUGFIXES * Fix invalid params and typo of email templates (#16394) * Fix activation of primary email addresses (#16385) * Fix calculation for finalPage in repo-search component (#16382) * Specify user in rootless container numerically (#16361) * Detect encoding changes while parsing diff (#16330) * Fix U2F error reasons always hidden (#16327) * Prevent zombie processes (#16314) * Escape reference to `user` table in models.SearchEmails (#16313) * Fix default push instructions on empty repos (#16302) * Fix modified files list in webhooks when there is a space (#16288) * Fix webhook commits wrong hash on HEAD reset (#16283) * Fuzzer finds an NPE due to incorrect URLPrefix (#16249) * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238) * Do not show No match found for tribute (#16231) * Fix "Copy Link" for pull requests (#16230) * Fix diff expansion is missing final line in a file (#16222) * Fix private repo permission problem (#16142) * Fix not able to update local created non-urlencoded wiki pages (#16139) * More efficiently parse shas for shaPostProcessor (#16101) * Fix `doctor --run check-db-consistency --fix` with label fix (#16094) * Prevent webhook action buttons from shifting (#16087) * Change default TMPDIR path in rootless containers (#16077) * Fix typo and add TODO notice (#16064) * Use git log name-status in get last commit (#16059) * Fix 500 Error with branch and tag sharing the same name (#16040) * Fix get tag when migration (#16014) * Add custom emoji support (#16004) * Use filepath.ToSlash and Join in indexer defaults and queues (#15971) * Add permission check for ``GenerateRepository`` (#15946) * Ensure settings for Service and Mailer are read on the install page (#15943) * Fix layout of milestone view (#15927) * Unregister non-matching serviceworkers (#15834) * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693) * Attachment support repository route (#15580) * Fix missing icons and colorpicker when mounted on suburl (#15501) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304) * Prevent double-login for Git HTTP and LFS and simplify login (#15303) * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278) * Fix heatmap activity (#15252) * Remove vendored copy of fomantic-dropdown (#15193) * Update repository size on cron gc task (#15177) * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153) * Add code block highlight to orgmode back (#14222) * Remove User.GetOrganizations() (#14032) * Restore Accessibility for Dropdown (#16576) (#16617) * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) * Fix table alignment in markdown (#16596) (#16602) * Fix 500 on first wiki page (#16586) (#16598) * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) * Upgrade levelqueue to v0.4.0 (#16560) (#16561) * Handle too long PR titles correctly (#16517) (#16549) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Fix direct creation of external users on admin page (partial #16612) (#16613) * Prevent 500 on draft releases without tag (#16634) (#16636) * Restore creation of git-daemon-export-ok files (#16508) (#16514) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Restore compatibility with SQLServer 2008 R2 in migrations (#16638) * Fix direct creation of external users on admin page (#16613) * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659) * Fix NPE in fuzzer (#16680) (#16682) * Set issue_index when finishing migration (#16685) (#16687) * Skip patch download when no patch file exists (#16356) (#16681) * Ensure empty lines are copiable and final new line too (#16678) (#16692) * Fix wrong user in OpenID response (#16736) (#16741) * Do not use thin scrollbars on Firefox (#16738) (#16745) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739) * Keep attachments on tasklist update (#16750) (#16757) * TESTING * Bump `postgres` and `mysql` versions (#15710) * Add tests for clone from wiki (#15513) * Fix Benchmark tests, remove a broken one & add two new (#15250) * Create Proper Migration tests (#15116) * TRANSLATION * Use a special name for update default branch on repository setting (#15893) * Fix mirror_lfs source string in en-US locale (#15369) * BUILD * Upgrade xorm to v1.1.1 (#16339) * Disable legal comments in esbuild (#15929) * Switch to Node 16 to build fronted (#15804) * Use esbuild to minify CSS (#15756) * Use binary version of revive linter (#15739) * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465) * Stop packaging node_modules in release tarballs (#15273) * Introduce esbuild on webpack (#14578) * DOCS * Update queue workers documentation (#15999) * Comment out app.example.ini (#15807) * Improve logo customization docs (#15754) * Add some response status on api docs (#15399) * Rework Token API comments (#15162) * Add better errors for disabled account recovery (#15117) * MISC * Remove utf8 option from installation page (#16126) * Use Wants= over Requires= in systemd file (#15897) ## [1.14.7](https://github.com/go-gitea/gitea/releases/tag/v1.14.7) - 2021-09-02 * BUGFIXES * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896) * Fix wiki raw commit diff/patch view (#16891) (#16893) * Ensure wiki repos are all closed (#16886) (#16889) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740) ## [1.14.6](https://github.com/go-gitea/gitea/releases/tag/v1.14.6) - 2021-08-04 * SECURITY * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540) * Switch to maintained JWT lib (#16532) (#16535) * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607) * BUGFIXES * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481) ## [1.14.5](https://github.com/go-gitea/gitea/releases/tag/v1.14.5) - 2021-07-16 * SECURITY * Hide mirror passwords on repo settings page (#16022) (#16355) * Update bluemonday to v1.0.15 (#16379) (#16380) * BUGFIXES * Retry rename on lock induced failures (#16435) (#16439) * Validate issue index before querying DB (#16406) (#16410) * Fix crash following ldap authentication update (#16447) (#16449) * ENHANCEMENTS * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378) ## [1.14.4](https://github.com/go-gitea/gitea/releases/tag/v1.14.4) - 2021-07-06 * BUGFIXES * Fix relative links in postprocessed images (#16334) (#16340) * Fix list_options GetStartEnd (#16303) (#16305) * Fix API to use author for commits instead of committer (#16276) (#16277) * Handle misencoding of login_source cfg in mssql (#16268) (#16275) * Fixed issues not updated by commits (#16254) (#16261) * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255) * Use html.Parse rather than html.ParseFragment (#16223) (#16225) * Fix milestone counters on new issue (#16183) (#16224) * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219) ## [1.14.3](https://github.com/go-gitea/gitea/releases/tag/v1.14.3) - 2021-06-18 * SECURITY * Encrypt migration credentials at rest (#15895) (#16187) * Only check access tokens if they are likely to be tokens (#16164) (#16171) * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039) * Fix setting of SameSite on cookies (#15989) (#15991) * API * Repository object only count releases as releases (#16184) (#16190) * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190) * Fix overly strict edit pr permissions (#15900) (#16081) * BUGFIXES * Run processors on whole of text (#16155) (#16185) * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172) * Fix language switch for install page (#16043) (#16128) * Fix bug on getIssueIDsByRepoID (#16119) (#16124) * Set self-adjusting deadline for connection writing (#16068) (#16123) * Fix http path bug (#16117) (#16120) * Fix data URI scramble (#16098) (#16118) * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097) * git migration: don't prompt interactively for clone credentials (#15902) (#16082) * Fix case change in ownernames (#16045) (#16050) * Don't manipulate input params in email notification (#16011) (#16033) * Remove branch URL before IssueRefURL (#15968) (#15970) * Fix layout of milestone view (#15927) (#15940) * GitHub Migration, migrate draft releases too (#15884) (#15888) * Close the gitrepo when deleting the repository (#15876) (#15887) * Upgrade xorm to v1.1.0 (#15869) (#15885) * Fix blame row height alignment (#15863) (#15883) * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882) * Backport Fix LFS commit finder not working (#15856) (#15874) * Stop calling WriteHeader in Write (#15862) (#15873) * Add timeout to writing to responses (#15831) (#15872) * Return go-get info on subdirs (#15642) (#15871) * Restore PAM user autocreation functionality (#15825) (#15867) * Fix truncate utf8 string (#15828) (#15854) * Fix bound address/port for caddy's certmagic library (#15758) (#15848) * Upgrade unrolled/render to v1.1.1 (#15845) (#15846) * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840) * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839) * Set autocomplete off on branches selector (#15809) (#15833) * Add missing error to Doctor log (#15813) (#15824) * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816) * ENHANCEMENTS * Removable media support to snap package (#16136) (#16138) * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892) * DOCKER * Only write config in environment-to-ini if there are changes (#15861) (#15868) * Only offer hostcertificates if they exist (#15849) (#15853) ## [1.14.2](https://github.com/go-gitea/gitea/releases/tag/v1.14.2) - 2021-05-09 * API * Make change repo settings work on empty repos (#15778) (#15789) * Add pull "merged" notification subject status to API (#15344) (#15654) * BUGFIXES * Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798) * Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775) * Set GIT_DIR correctly if it is not set (#15751) (#15769) * Fix bug where repositories appear unadopted (#15757) (#15767) * Not show `ref-in-new-issue` pop when issue was disabled (#15761) (#15765) * Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762) * Fix setting version table in dump (#15753) (#15759) * Fix close button change on delete in simplemde area (#15737) (#15747) * Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746) * Fix some ui bug about draft release (#15137) (#15745) * Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715) * Move tooltip down to allow selection of Remove File on error (#15672) (#15714) * Fix setting redis db path (#15698) (#15708) * Fix DB session cleanup (#15697) (#15700) * Fixed several activation bugs (#15473) (#15685) * Delete references if repository gets deleted (#15681) (#15684) * Fix orphaned objects deletion bug (#15657) (#15683) * Delete protected branch if repository gets removed (#15658) (#15676) * Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652) * Not update updated uinx for `git gc` (#15637) (#15641) * Fix commit graph author link (#15627) (#15630) * Fix webhook timeout bug (#15613) (#15621) * Resolve panic on failed interface conversion in migration v156 (#15604) (#15610) * Fix missing storage init (#15589) (#15598) * If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594) * Fix lfs management find (#15537) (#15578) * Fix NPE on view commit with notes (#15561) (#15573) * Fix bug on commit graph (#15517) (#15530) * Send size to /avatars if requested (#15459) (#15528) * Prevent migration 156 failure if tag commit missing (#15519) (#15527) * ENHANCEMENTS * Display conflict-free merge messages for pull requests (#15773) (#15796) * Exponential Backoff for ByteFIFO (#15724) (#15793) * Issue list alignment tweaks (#15483) (#15766) * Implement delete release attachments and update release attachments' name (#14130) (#15666) * Add placeholder text to deploy key textarea (#15575) (#15576) * Project board improvements (#15429) (#15560) * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365) * MISC * Fix webkit calendar icon color on arc-green (#15713) (#15728) * Performance improvement for last commit cache and show-ref (#15455) (#15701) * Bump unrolled/render to v1.1.0 (#15581) (#15608) * Add ETag header (#15370) (#15552) ## [1.14.1](https://github.com/go-gitea/gitea/releases/tag/v1.14.1) - 2021-04-15 * BUGFIXES * Fix bug clone wiki (#15499) (#15502) * Github Migration ignore rate limit, if not enabled (#15490) (#15495) * Use subdir for URL (#15446) (#15493) * Query the DB for the hash before inserting in to email_hash (#15457) (#15491) * Ensure review dismissal only dismisses the correct review (#15477) (#15489) * Use index of the supported tags to choose user lang (#15452) (#15488) * Fix wrong file link in code search page (#15466) (#15486) * Quick template fix for built-in SSH server in admin config (#15464) (#15481) * Prevent superfluous response.WriteHeader (#15456) (#15476) * Fix ambiguous argument error on tags (#15432) (#15474) * Add created_unix instead of expiry to migration (#15458) (#15463) * Fix repository search (#15428) (#15442) * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439) * Fix wiki clone urls (#15430) (#15431) * Fix dingtalk icon url at webhook (#15417) (#15426) * Standardise icon on projects PR page (#15387) (#15408) * ENHANCEMENTS * Add option to skip LFS/attachment files for `dump` (#15407) (#15492) * Clone panel fixes (#15436) * Use semantic dropdown for code search query type (#15276) (#15364) * BUILD * Build go-git variants for windows (#15482) (#15487) * Lock down build-images dependencies (Partial #15479) (#15480) * MISC * Performance improvement for list pull requests (#15447) (#15500) * Fix potential copy lfs records failure when fork a repository (#15441) (#15485) ## [1.14.0](https://github.com/go-gitea/gitea/releases/tag/v1.14.0) - 2021-04-11 * SECURITY * Respect approved email domain list for externally validated user registration (#15014) * Add reverse proxy configuration support for remote IP address detection (#14959) * Ensure validation occurs on clone addresses too (#14994) * Fix several render issues highlighted during fuzzing (#14986) * BREAKING * Fix double 'push tag' action feed (#15078) (#15083) * Remove possible resource leak (#15067) (#15082) * Handle unauthorized user events gracefully (#15071) (#15074) * Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475) * Migrate from Macaron to Chi framework (#14293) * Deprecate building for mips (#14174) * Consolidate Logos and update README header (#14136) * Inline manifest.json (#14038) * Store repository data in data path if not previously set (#13991) * Rename "gitea" png to "logo" (#13974) * Standardise logging of failed authentication attempts in internal SSH (#13962) * Add markdown support in organization description (#13549) * Improve users management through the CLI (#6001) (#10492) * FEATURES * Create a new issue with reference to lines of code from file view (#14863) * Repository transfer has to be confirmed, if user can not create repo for new owner (#14792) * Allow blocking some email domains from registering an account (#14667) * Create a new issue based on reference to an issue comment (#14366) * Add support to migrate from gogs (#14342) * Add pager to the branches page (#14202) * Minimal OpenID Connect implementation (#14139) * Display current stopwatch in navbar (#14122) * Display SVG files as images instead of text (#14101) * Disable SSH key deletion of externally managed Keys (#13985) * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462) * Add support for Mastodon OAuth2 provider (#13293) * Add gitea sendmail command (#13079) * Create DB session provider(based on xorm) (#13031) * Add dismiss review feature (#12674) * Make manual merge autodetection optional and add manual merge as merge method (#12543) * Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) * Create Rootless Docker image (#10154) * API * Speedup issue search (#15179) (#15192) * Get pull, return head branch sha, even if deleted (#14931) * Export LFS & TimeTracking function status (#14753) * Show Gitea version in swagger (#14654) * Fix PATCH /repos/{owner}/{repo} panic (#14637) * Add Restricted Field to User (#14630) * Add support for ref parameter to get raw file API (#14602) * Add affected files of commits to commit struct (#14579) * Fix CJK fonts again and misc. font issues (#14575) * Add delete release by tag & delete tag (#14563) & (#13358) * Add pagination to ListBranches (#14524) * Add signoff option in commit form (#14516) * GetRelease by tag only return release (#14397) * Add MirrorInterval to the API (#14163) * Make BasicAuth Prefix case insensitive (#14106) * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081) * Add ref to create/edit issue options & deprecated assignee (#13992) * Add Ref to Issue (#13946) * Expose default theme in meta and API (#13809) * Send error message when CSRF token is missing (#13676) * List, Check, Add & delete endpoints for repository teams (#13630) * Admin EditUser: Make FullName, Email, Website & Location optional (#13562) * Add more filters to issues search (#13514) * Add review request api (#11355) * BUGFIXES * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396) * Always set the merge base used to merge the commit (#15352) (#15385) * Upgrade to bluemonday 1.0.7 (#15379) (#15380) * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377) * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361) * Show diff on rename with diff changes (#15338) (#15339) * Fix handling of logout event (#15323) (#15337) * Fix CanCreateRepo check (#15311) (#15321) * Fix xorm log stack level (#15285) (#15316) * Fix bug in Wrap (#15302) (#15309) * Drop the event source if we are unauthorized (#15275) (#15280) * Backport Fix graph pagination (#15225) (#15249) * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200) * should run RetrieveRepoMetas() for empty pr (#15187) (#15190) * Move setting to enable closing issue via commit in non default branch to repo settings (#14965) * Show correct issues for team dashboard (#14952) * Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932) * Only allow issue labels from owner repository or organization (#14928) * Fix alignment of People and Teams right arrow on org homepage (#14924) * Fix overdue marking of closed issues and milestones (#14923) * Prevent panic when empty MilestoneID in repo/issue/list (#14911) * Fix migration context data (#14910) * Handle URLs with trailing slash (#14852) * Add CORS config on to /login/oauth/access_token endpoint (#14850) * Make searching issues by keyword case insensitive on DB (#14848) * Prevent use of double sub-path and incorrect asset path in manifest (#14827) * Fix link account ui (#14763) * Fix preview status switch button on wiki editor (#14742) * Fix github download on migration (#14703) * Fix svg spacing (#14638) * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623) * Truncated organizations name (#14615) * Exclude the current dump file from the dump (#14606) * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604) * Ensure memcache caching works when TTL greater than 30 days (#14592) * Remove NULs byte arrays passed to PostProcess (#14587) * Restore detection of branches are equal on compare page (#14586) * Fix incorrect key name so registerManualConfirm works (#14455) * Fix close/reopen with comment (#14436) * Allow passcode invalid error to appear (#14371) * Escape branch names in compare url (#14364) * Label and milestone webhooks on issue/pull creation (#14363) * Handle NotifyCreateRef as create branch in feeds (#14245) * Prevent clipping input text in Chrome + Segoe UI Font (#14179) * Fix UI on edit auth source page (#14137) * Fix git.parseTagData (#14105) * Refactor get tag to remove unnecessary steps (#14058) * Fix integrations test error with space in CURDIR path (#14056) * Dropdown triangle fixes (#14028) * Fix label of --id in admin delete user (#14005) * Cause NotifyMigrateRepository to emit a repo create webhook (#14004) * Update HEAD to match defaultBranch in template generation (#13948) * Fix action avatar loading (#13909) * Fix issue participants (#13893) * Fix avatar template error (#13833) * Fix review request notification email links when external issue tracker is enabled (#13723) * Fix blame line alignment (#13542) * Include OriginalAuthor in Reaction constraint (#13505) * Comments on review should have the same sha (#13448) * Fix whitespace rendering in diff (#13415) * Fixed git args duplication (#13411) * Fix bug on release publisherid migrations (#13410) * Fix --port setting (#13288) * Keep database transactions not too big (#13254) * Git version check, ignore pre-releases constraints (#13234) * Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) * Update Mirror IsEmpty status on synchronize (#13185) * Use GO variable in go-check target (#13146) (#13147) * ENHANCEMENTS * UI style improvements * Dropzone styling improvements (#15291) (#15374) * Add size to Save function (#15264) (#15270) * Monaco improvements (#15333) (#15345) * Support .mailmap in code activity stats (#15009) * Sort release attachments by name (#15008) * Add ui.explore settings to control view of explore pages (#14094) * Make internal SSH server host key path configurable (#14918) * Hide resync all ssh principals when using internal ssh server (#14904) * Add SameSite setting for cookies (#14900) * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781) * Add environment-to-ini to docker image (#14762) * Add preview support for wiki editor when disable simpleMDE (#14757) * Add easyMDE(simpleMDE) support for release content editor (#14744) * Organization removal confirmation using name not password (#14738) * Make branch names in PR description clickable (#14716) * Add Password Algorithm option to install page (#14701) * Add fullTextSearch to dropdowns by default (#14694) * Fix truncated organization names (#14655) * Whitespace in commits (#14650) * Sort / move project boards (#14634) * Make fileheader sticky in diffs (#14616) * Add helper descriptions on new repo page (#14591) * Move the stopwatches to the eventsource stream (#14588) * Add Content-Length header to HEAD requests (#14542) * Add Image Diff options in Diff view (#14450) * Improve Description in new/ edit Project template (#14429) * Allow ssh-keygen on Windows to detect ssh key type (#14413) * Display error if twofaSecret cannot be retrieved (#14372) * Sort issue search results by revelance (#14353) * Implement ghost comment mitigation (#14349) * Upgrade blevesearch dependency to v2.0.1 (#14346) * Add edit, delete and reaction support to code review comments on issue page (#14339) * Merge default and system webhooks under one menu (#14244) * Add option for administrator to reset user 2FA (#14243) * Add option to change username to the admin panel (#14229) * Check for 'main' as potential default branch name (#14193) * Project: show referenced PRs in issue cards (#14183) * Use caddy's certmagic library for extensible/robust ACME handling (#14177) * CLI support for OAuth sources custom icons (#14166) * Custom icons for OAuth sources (#14161) * Team dashboards (#14159) * KanBan: be able to set default board (#14147) * Disable Fomantic's custom scrollbars (#14109) * Add UI to delete tracked times (#14100) * Rework heatmap permissions (#14080) * Issue and pull request filters on organization dashboard (#14072) * Fix webhook list styling (#14001) * Show dropdown with all statuses for commit (#13977) * Show status check for merged PRs (#13975) * Diff stat improvements (#13954) * Report permissions denied in internal SSH (#13953) * Markdown task list improvements (#13952) * Heatmap days clickable (#13935) * chore: use octicon-mirror for feeds display (#13928) * Move diff split code into own template file (#13919) * Markdown: Enable wrapping in code blocks and a color tweak (#13894) * Do not reload page after adding comments in Pull Request reviews (#13877) * Add pull request manually merge instruction (#13840) * add thumbnail preview section to issue attachments (#13826) * Move Repo APIFormat to convert package (#13787) * Move notification APIFormat (#13783) * Swap swagger-ui with swagger-ui-dist (#13777) * User Settings: Ignore empty language codes & validate (#13755) * Improve migrate page and add card CSS (#13751) * Add block on official review requests branch protection (#13705) * Add review requested filter on pull request overview (#13701) * Use chronological commit order in default squash message (#13696) * Clickable links in pull request (and issue) titles (#13695) * Support shortened commit SHAs in URLs (#13686) * Use native git variants by default with go-git variants as build tag (#13673) * Don't render dropdown when only 1 merge style is available (#13670) * Move webhook type from int to string (#13664) * Direct avatar rendering (#13649) * Verify password for local-account activation (#13631) * Prevent clone protocol button flash on page load (#13626) * Remove fetch request from heatmap (#13623) * Refactor combine label comments with tests (#13619) * Move metrics from macaron to chi (#13601) * Issue and Pulls lists rework (#13594) * HTTP cache rework and enable caching for storage assets (#13569) * Use mount but not register for chi routes (#13555) * Use monaco for the git hook editor (#13552) * Make heatmap colors more distinct (#13533) * Lazy-load issue reviewers and assignees avatars (#13526) * Change search and filter icons to SVG (#13473) * Create tag on ui (#13467) * updateSize when create a repo with init commit (#13441) * Added title and action buttons to Project view page (#13437) * Override fomantic monospace fonts and set size (#13435) * Rework focused comment styling (#13434) * Tags cleanup (#13428) * Various style tweaks (#13418) * Refactor push update (#13381) * Comment box tweaks and SVG dropdown triangles (#13376) * Various style fixes (#13372) * Change repo home page icons to SVG (#13364) * Use CSS Vars for primary color (#13361) * Refactor image paste code (#13354) * Switch from SimpleMDE to EasyMDE (#13333) * Group Label Changed Comments in timeline (#13304) * Make the logger an interface (#13294) * Fix PR/Issue titles on mobile (#13292) * Rearrange the order of the merged by etc. in locale (#13284) * Replace footer and modal icons with SVG (#13245) * Issues overview should not show issues from archived repos (#13220) * Show stale label for stale code comment which is marked as resolved (#13213) * Use CSS Variables for fonts, remove postcss-loader (#13204) * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) * Move install pages out of main macaron routes (#13195) * Update outdated label to use Fomantic UI style (#13181) * Added option to disable webhooks (#13176) * Change order of possible-owner organizations to alphabetical (#13160) * Log IP on SSH authentication failure for Built-in SSH server (#13150) * Added option to disable migrations (#13114) * New "Add Mirror" Button in the Organization view (#13105) * Manually approve new registration (#13083) * Cron job to cleanup hook_task table (#13080) * Use the headline comment of pull-request as the squash commit's message (#13071) * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) * Slightly simplify the queue settings code to help reduce the risk of problems (#12976) * Add precise search type for Elastic Search (#12869) * Move APIFormat functions into convert package (#12856) * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766) * Add TrN for repository limit (#12492) * Refactor doctor (#12264) * Add the tag list page to the release page (#12096) * Redirect on changed user and org name (#11649) * load U2F js only on pages which need it (#11585) * Make archival asynchronous (#11296) * Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420) * Improve vfsgen to not unzip bindata files but send to browser directly (#7109) * Enhance release list (#6025) * DOCS * Swagger show models by default (#14880) * Add missing repo.projects unit into swagger (#14876) * Update docs and comments to remove macaron (#14491) * Issue template addition: Are you using Gitea behind CloudFlare? (#14098) * Generate man pages (#13901) * Reformat/fine-tune docs (#13897) * Added Table of Contents to long documentation pages (#13890) * Add docs command (#13429) * Update external-renderers.en-us.md (#13165) * MISC * Add builds for apple M1 (darwin arm64) (#14951) * Migrate to use jsoniter instead of encoding/json (#14841) * Reduce make verbosity (#13803) * Add git command error directory on log (#13194) ## [1.13.7](https://github.com/go-gitea/gitea/releases/tag/v1.13.7) - 2021-04-07 * SECURITY * Update to bluemonday-1.0.6 (#15294) (#15298) * Clusterfuzz found another way (#15160) (#15169) * API * Fix wrong user returned in API (#15139) (#15150) * BUGFIXES * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317) * Speed up `enry.IsVendor` (#15213) (#15246) * Response 404 for diff/patch of a commit that not exist (#15221) (#15238) * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201) * MISC * Add size to Save function (#15264) (#15271) ## [1.13.6](https://github.com/go-gitea/gitea/releases/tag/v1.13.6) - 2021-03-23 * SECURITY * Fix bug on avatar middleware (#15124) (#15125) * Fix another clusterfuzz identified issue (#15096) (#15114) * API * Fix nil exeption for get pull reviews API #15104 (#15106) * BUGFIXES * Fix markdown rendering in milestone content (#15056) (#15092) ## [1.13.5](https://github.com/go-gitea/gitea/releases/tag/v1.13.5) - 2021-03-21 * SECURITY * Update to goldmark 1.3.3 (#15059) (#15061) * Another clusterfuzz spotted issue (#15032) (#15034) * API * Fix set milestone on PR creation (#14981) (#15001) * Prevent panic when editing forked repos by API (#14960) (#14963) * BUGFIXES * Fix bug when upload on web (#15042) (#15055) * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051) * Fix postgres ID sequences broken by recreate-table (#15015) (#15029) * Fix several render issues (#14986) (#15013) * Make sure sibling images get a link too (#14979) (#14995) * Fix Anchor jumping with escaped query components (#14969) (#14977) * Fix release mail html template (#14976) * Fix excluding more than two labels on issues list (#14962) (#14973) * Don't mark each comment poster as OP (#14971) (#14972) * Add "captcha" to list of reserved usernames (#14930) * Re-enable import local paths after reversion from #13610 (#14925) (#14927) ## [1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4) - 2021-03-07 * SECURITY * Fix issue popups (#14898) (#14899) * BUGFIXES * Fix race in LFS ContentStore.Put(...) (#14895) (#14913) * Fix a couple of issues with a feeds (#14897) (#14903) * When transfering repository and database transaction failed, rollback the renames (#14864) (#14902) * Fix race in local storage (#14888) (#14901) * Fix 500 on pull view page if user is not loged in (#14885) (#14886) * DOCS * Fix how lfs data path is set (#14855) (#14884) ## [1.13.3](https://github.com/go-gitea/gitea/releases/tag/v1.13.3) - 2021-03-04 * BREAKING * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675) * BUGFIXES * Fix paging of file commit logs (#14831) (#14879) * Print useful error if SQLite is used in settings but not supported (#14476) (#14874) * Fix display since time round (#14226) (#14873) * When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842) * Set HCaptchaSiteKey on Link Account pages (#14834) (#14839) * Fix a couple of CommentAsPatch issues. (#14804) (#14820) * Disable broken OAuth2 providers at startup (#14802) (#14811) * Repo Transfer permission checks (#14792) (#14794) * Fix double alert in oauth2 application edit view (#14764) (#14768) * Fix broken spans in diffs (#14678) (#14683) * Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676) * HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649) * Do not assume all 40 char strings are SHA1s (#14624) (#14648) * Allow org labels to be set with issue templates (#14593) (#14647) * Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607) * Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573) * Fix GPG key deletion during account deletion (#14561) (#14569) ## [1.13.2](https://github.com/go-gitea/gitea/releases/tag/v1.13.2) - 2021-01-31 * SECURITY * Prevent panic on fuzzer provided string (#14405) (#14409) * Add secure/httpOnly attributes to the lang cookie (#14279) (#14280) * API * If release publisher is deleted use ghost user (#14375) * BUGFIXES * Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530) * Set the name Mapper in migrations (#14526) (#14529) * Fix wiki preview (#14515) * Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497) * ChangeUserName: rename user files back on DB issue (#14447) * Fix lfs preview bug (#14428) (#14433) * Ensure timeout error is shown on u2f timeout (#14417) (#14431) * Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425) * Use path not filepath in routers/editor (#14390) (#14396) * Check if label template exist first (#14384) (#14389) * Fix migration v141 (#14387) (#14388) * Use Request.URL.RequestURI() for fcgi (#14347) * Use ServerError provided by Context (#14333) (#14345) * Fix edit-label form init (#14337) * Fix mailIssueCommentBatch for pull request (#14252) (#14296) * Render links for commit hashes followed by comma (#14224) (#14227) * Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221) * Fix avatar bugs (#14217) (#14220) * Ensure that schema search path is set with every connection on postgres (#14131) (#14216) * Fix dashboard issues labels filter bug (#14210) (#14214) * When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213) * Fix branch selector on new issue page (#14194) (#14207) * Check for notExist on profile repository page (#14197) (#14203) ## [1.13.1](https://github.com/go-gitea/gitea/releases/tag/v1.13.1) - 2020-12-29 * SECURITY * Hide private participation in Orgs (#13994) (#14031) * Fix escaping issue in diff (#14153) (#14154) * BUGFIXES * Fix bug of link query order on markdown render (#14156) (#14171) * Drop long repo topics during migration (#14152) (#14155) * Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143) * Fix storage config implementation (#14091) (#14095) * Fix panic in BasicAuthDecode (#14046) (#14048) * Always wait for the cmd to finish (#14006) (#14039) * Don't use simpleMDE editor on mobile devices for 1.13 (#14029) * Fix incorrect review comment diffs (#14002) (#14011) * Trim the branch prefix from action.GetBranch (#13981) (#13986) * Ensure template renderer is available before storage handler (#13164) (#13982) * Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967) * Enforce setting HEAD in wiki to master (#13950) (#13961) * Fix feishu webhook caused by API changed (#13938) * Fix Quote Reply button on review diff (#13830) (#13898) * Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896) * Fix mermaid chart size (#13865) * Fix branch/tag notifications in mirror sync (#13855) (#13862) * Fix crash in short link processor (#13839) (#13841) * Update font stack to bootstrap's latest (#13834) (#13837) * Make sure email recipients can see issue (#13820) (#13827) * Reply button is not removed when deleting a code review comment (#13824) * When reinitialising DBConfig reset the database use flags (#13796) (#13811) * ENHANCEMENTS * Add emoji in label to project boards (#13978) (#14021) * Send webhook when tag is removed via Web UI (#14015) (#14019) * Use Process Manager to create own Context (#13792) (#13793) * API * GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047) * Return original URL of Repositories (#13885) (#13886) ## [1.13.0](https://github.com/go-gitea/gitea/releases/tag/v1.13.0) - 2020-12-01 * SECURITY * Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776) * Prevent git operations for inactive users (#13527) (#13536) * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524) * Mitigate Security vulnerability in the git hook feature (#13058) * Disable DSA ssh keys by default (#13056) * Set TLS minimum version to 1.2 (#12689) * Use argon as default password hash algorithm (#12688) * BREAKING * Set RUN_MODE prod by default (#13765) (#13767) * Don't replace underscores in auto-generated IDs in goldmark (#12805) * Add Primary Key to Topic and RepoTopic tables (#12639) * Disable password complexity check default (#12557) * Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500) * Add extension Support to Attachments (allow all types for releases) (#12465) * Remove IE11 Support (#11470) * FEATURES * Adopt repositories (#12920) * Check passwords against HaveIBeenPwned (#12716) * Gitea 2 Gitea migration (#12657) * Support storing Avatars in minio (#12516) * Allow addition of gpg keyring with multiple keys (#12487) * Add email notify for new release (#12463) * Add Access-Control-Expose-Headers (#12446) * UserProfile Page: Render Description (#12415) * Add command to recreate tables (#12407) * Add mermaid JS renderer (#12334) * Add ssh certificate support (#12281) * Add spent time to referenced issue in commit message (#12220) * Initial support for push options (#12169) * Provide option to unlink a fork (#11858) * Show exact tag for commit on diff view (#11846) * Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777) * Issue templates directory (#11450) * Add a storage layer for attachments (#11387) * Add hide activity option (#11353) * Add push commits history comment on PR time-line (#11167) * Support elastic search for code search (#10273) * Kanban board (#8346) * API * If User is Admin, show 500 error message on PROD mode too (#13115) * Add Timestamp to Tag list API (#13026) * Return sample message for login error in api context (#12994) * Add IsTemplate option in create repo ui and api (#12942) * GetReleaseByID return 404 if not found (#12933) * Get release by tags endpoint (#12932) * NotificationSubject show Issue/Pull State (#12901) * Expose its limitation settings (#12714) * Add Created & Updated to Milestone (#12662) * Milestone endpoints accept names too (#12649) * Expose Attachment Settings in the API (#12514) * Add Issue and Repo info to StopWatch (#12458) * Add cron running API (#12421) * Add Update Pull HeadBranch Function (#12419) * Add TOTP header to Swagger Documentation (#12402) * Delete Token accept names too (#12366) * Add name filter for GetMilestoneList (#12336) * Fixed count of filtered issues when api request. (#12275) * Do not override API issue pagination with UI settings (#12068) * Expose useful General Repo settings settings (#11758) * Return error when trying to create Mirrors but Mirrors are globally disabled (#11757) * Provide diff and patch API endpoints (#11751) * Allow to create closed milestones (#11745) * Add language Statistics endpoint (#11737) * Add Endpoint to get GetGeneralUI Settings (#11735) & (#11854) * Issue/Pull expose IsLocked Property on API (#11708) * Add endpoint for Branch Creation (#11607) * Add pagination headers on endpoints that support total count from database (#11145) * BUGFIXES * Fix bogus http requests on diffs (#13760) (#13761) * Show 'owner' tag for real owner (#13689) (#13743) * Validate email before inserting/updating (#13475) (#13666) * Fix issue/pull request list assignee filter (#13647) (#13651) * Gitlab migration support for subdirectories (#13563) (#13591) * Fix logic for preferred license setting (#13550) (#13557) * Add missed sync branch/tag webhook (#13538) (#13556) * Migration won't fail on non-migrated reactions (#13507) * Fix Italian language file parsing error (#13156) * Show outdated comments in pull request (#13148) (#13162) * Fix parsing of pre-release git version (#13169) (#13172) * Fix diff skipping lines (#13154) (#13155) * When handling errors in storageHandler check underlying error (#13178) (#13193) * Fix size and clickable area on file table back link (#13205) (#13207) * Add better error checking for inline html diff code (#13251) * Fix initial commit page & binary munching problem (#13249) (#13258) * Fix migrations from remote Gitea instances when configuration not set (#13229) (#13273) * Store task errors following migrations and display them (#13246) (#13287) * Fix bug isEnd detection on getIssues/getPullRequests (#13299) (#13301) * When the git ref is unable to be found return broken pr (#13218) (#13303) * Ensure topics added using the API are added to the repository (#13285) (#13302) * Fix avatar autogeneration (#13233) (#13282) * Add migrated pulls to pull request task queue (#13331) (#13334) * Issue comment reactions should also check pull type on API (#13349) (#13350) * Fix links to repositories in /user/setting/repos (#13360) (#13362) * Remove obsolete change of email on profile page (#13341) (#13347) * Fix scrolling to resolved comment anchors (#13343) (#13371) * Storage configuration support `[storage]` (#13314) (#13379) * When creating line diffs do not split within an html entity (#13357) (#13375) (#13425) (#13427) * Fix reactions on code comments (#13390) (#13401) * Add missing full names when DEFAULT_SHOW_FULL_NAME is enabled (#13424) * Replies to outdated code comments should also be outdated (#13217) (#13433) * Fix panic bug in handling multiple references in commit (#13486) (#13487) * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13491) * Show original author's reviews on pull summary box (#13127) * Update golangci-lint to version 1.31.0 (#13102) * Fix line break for MS teams webhook (#13081) * Fix Issue & Pull Request comment headers on mobile (#13039) * Avoid setting the CONN_STR in queues unless it is meant to be set (#13025) * Remove code-view class from diff view (#13011) * Fix the color of PR comment hyperlinks. (#13009) * (Re)Load issue labels when changing them (#13007) * Fix Media links in org files not liked to media files (#12997) * Always return a list from GetCommitsFromIDs (#12981) * Only set the user password if the password field would have been shown (#12980) * Fix admin/config page (#12979) * Changed width of commit signature avatar (#12961) * Completely quote AppPath and CustomConf paths (#12955) * Fix handling of migration errors (#12928) * Fix anonymous GL migration (#12862) * Fix git open close bug (#12834) * Fix markdown meta parsing (#12817) * Add default storage configurations (#12813) * Show PR settings on empty repos (#12808) * Disable watch and star if not signed in (#12807) * Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804) * Set opengraph attributes on org pages (#12803) * Return error when creating gitlabdownloader failed (#12790) * Add migration for password algorithm change (#12784) * Compare SSH_DOMAIN when parsing submodule URLs (#12753) * Fix editor.commit_empty_file_text locale string (#12744) * Fix wrong poster message for code comment on Pull view (#11721) * Escape failed highlighted files (#12685) * Ensure that all migration requests are cancellable (#12669) * Ensure RepoPath is lowercased in gitea serv (#12668) * Do not disable commit changes button on repost (#12644) * Dark theme for line numbers in blame view (#12632) * Fix message when deleting last owner from an organization (#12628) * Use shellquote to unpack arguments to gitea serv (#12624) * Fix signing.wont_sign.%!s(<nil>) if Require Signing commits but not signed in. (#12581) * Set utf8mb4 as the default charset on MySQL if CHARSET is unset (#12563) * Set context for running CreateArchive to that of the request (#12555) * Prevent redirect back to /user/events (#12462) * Re-attempt to delete temporary upload if the file is locked by another process (#12447) * Mirror System Notice reports are too frequent (#12438) * Do not show arrows on comment diffs on pull comment pages (#12434) * Fix milestone links (#12405) * Increase size of the language column in language_stat (#12396) * Use transaction in V102 migration (#12395) * Only use --exclude on name-rev with git >= 2.13 (#12347) * Add action feed for new release (#12324) * Set NoAutoTime when updating is_archived (#12266) * Support Force-update in Mirror and improve Tracing in mirror (#12242) * Avoid sending "0 new commits" webhooks (#12212) * Fix U2F button icon (#12167) * models/repo_sign.go: break out of loops (#12159) * Ensure that git commit tree continues properly over the page (#12142) * Rewrite GitGraph.js (#12137) * Fix repo API listing stability (#12057) * Add team support for review request (#12039) * Fix 500 error on repos with no tags (#11870) * Fix nil pointer in default issue mail template (#11862) * Fix commit search in all branches (#11849) * Don't consider tag refs as valid for branch name (#11847) * Don't add same line code comment box twice (#11837) * Fix visibility of forked public repos from private orgs (#11717) * Fix chardet test and add ordering option (#11621) * Fix number of files, total additions, and deletions on Diff pages (#11614) * Properly handle and return empty string for dangling commits in GetBranchName (#11587) * Include query in sign in redirect (#11579) * Fix Enter not working in SimpleMDE (#11564) * Fix bug about can't skip commits base on base branch (#11555) * ENHANCEMENTS * Only Return JSON for responses (#13511) (#13565) * Use existing analyzer module for language detection for highlighting (#13522) (#13551) * Return the full rejection message and errors in flash errors (#13221) (#13237) * Remove PAM from auth dropdown when unavailable (#13276) (#13281) * Add HostCertificate to sshd_config in Docker image (#13143) * Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) * Improve error feedback for duplicate deploy keys (#13112) * Set appropriate `autocomplete` attributes on password fields (#13078) * Adding visual cue for "Limited" & "Private" organizations. (#13040) * Fix Pull Request merge buttons on mobile (#13035) * Gitea serv, hooks, manager and the like should always display Fatals (#13032) * CSS tweaks to warning/error segments and misc fixes (#13024) * Fix formatting of branches ahead-behind on narrow windows (#12989) * Add config option to make create-on-push repositories public by default (#12936) * Disable migration items when mirror is selected (#12918) * Add the checkbox quick button to the comment tool bar also (#12885) * Support GH enterprise (#12863) * Simplify CheckUnitUser logic (#12854) * Fix background of signed-commits on arc-green of timeline commits (#12837) * Move git update-server-info to hooks (#12826) * Add ui style for "Open a blank issue" button (#12824) * Use a simple format for the big number on ui (#12822) * Make SVG size argument optional (#12814) * Add placeholder text for bio profile text form (#12792) * Set language via AJAX (#12785) * Show git-pull-request icon for closed pull request (#12742) * Migrate version parsing library to hashicorp/go-version (#12719) * Only use async pre-empt hack if go < 1.15 (#12718) * Inform user about meaning of an hourglass on reviews (#12713) * Add a migrate service type switch page (#12697) * Migrations: Gitlab Add Reactions Support for Issues & MergeRequests (#12695) * Remove duplicate logic in initListSubmits (#12660) * Set avatar image dimensions (#12654) * Rename models.ProtectedBranchRepoID/PRID to models.EnvRepoID/PRID and ensure EnvPusherEmail is set (#12646) * Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752) * Add postgres schema to the search_path on database connection (#12634) * Git migration UX improvements (#12619) * Add link to home page on swagger ui (#12601) * hCaptcha Support (#12594) * OpenGraph: use repo avatar if exist (#12586) * Reaction picker display improvements (#12576) * Fix emoji replacements, make emoji images consistent (#12567) * Increase clickable area on files table links (#12553) * Set z-index for sticky diff box lower (#12537) * Report error if API merge is not allowed (#12528) * LFS support to be stored on minio (#12518) * Show 2FA info on Admin Pannel: Users List (#12515) * Milestone Issue/Pull List: Add octicons type (#12499) * Make dashboard newsfeed list length a configurable item (#12469) * Add placeholder text for send testing email button in admin/config (#12452) * Add SVG favicon (#12437) * In issue comments, put issue participants also in completion list when hitting @ (#12433) * Collapse Swagger UI tags by default (#12428) * Detect full references to issues and pulls in commit messages (#12399) * Allow common redis and leveldb connections (#12385) * Don't use legacy method to send Matrix Webhook (#12348) * Remove padding/border-radius on image diffs (#12346) * Render the git graph on the server (#12333) * Fix clone panel in wiki position not always align right (#12326) * Rework 'make generate-images' (#12316) * Refactor webhook payload convertion (#12310) * Move jquery-minicolors to npm/webpack (#12305) * Support use nvarchar for all varchar columns when using mssql (#12269) * Update Octicons to v10 (#12240) * Disable search box autofocus (#12229) * Replace code fold icons with octicons (#12222) * Ensure syntax highlighting is the same inside diffs (#12205) * Auto-init repo on license, .gitignore select (#12202) * Default to showing closed Issues/PR list when there are only closed issues/PRs (#12200) * Enable cloning via Git Wire Protocol v2 over HTTP (#12170) * Direct SVG rendering (#12157) * Improve arc-green code colors (#12111) * Allow admin to merge pr with protected file changes (#12078) * Show description on individual milestone view (#12055) * Update the wiki repository remote origin while update the mirror repository's Clone From URL (#12053) * Server-side syntax highlighting for all code (#12047) * Use Fomantic's fluid padded for blame full width (#12023) * Use custom SVGs for commit signing lock icon (#12017) * Make tabs smaller (#12003) * Fix sticky diff stats container (#12002) * Move fomantic and jQuery to main webpack bundle (#11997) * Use enry language type to detect special languages (#11974) * Use only first line of commit when creating referenced comment (#11960) * Rename custom/conf/app.ini.sample to custom/conf/app.example.ini for better syntax light on editor (#11926) * Fix double divider on issue sidebar (#11919) * Shorten markdown heading anchors links (#11903) * Add org avatar on top of internal repo icon (#11895) * Use label to describe repository type (#11891) * Make repository size unclickable on repo summary bar (#11887) * Rework blame template and styling (#11885) * Fix icon alignment for show/hide outdated link on resolved conversation (#11881) * Vertically align review icons on repository sidebar (#11880) * Better align items using flex within review request box (#11879) * Only write to global gitconfig if necessary (#11876) * Disable all typographic replacements in markdown renderer (#11871) * Improve label edit buttons labels (#11841) * Use crispEdges rendering for octicon-internal-repo (#11801) * Show update branch item in merge box when it's necessary (#11761) * Add compare link to releases (#11752) * Allow site admin to disable mirrors (#11740) * Export monaco editor on window.codeEditors (#11739) * Add configurable Trust Models (#11712) * Show full GPG commit status on PR commit history (#11702) * Fix align issues and decrease avatar size on PR timeline (#11689) * Replace jquery-datetimepicker with native date input (#11684) * Change Style of Tags on Comments (#11668) * Fix missing styling for shabox on PR commit history (#11625) * Apply padding to approval icons on PR list (#11622) * Fix message wrapping on PR commit list (#11616) * Right-align status icon on pull request commit history (#11594) * Add missing padding for multi-commit list on PR view (#11593) * Do not show avatar for "{{user}} added X commits" (#11591) * Fix styling and padding for commit list on PR view (#11588) * Style code review comment for arc-green (#11572) * Use default commit message for wiki edits (#11550) * Add internal-repo octicon for public repos of private org (#11529) * Fix dropzone color on arc-green (#11514) * Insert ui divider directly in templates instead of from inside heatmap vue component (#11508) * Move tributejs to npm/webpack (#11497) * Fix text-transform on wiki revisions page (#11486) * Do not show lock icon on repo list for public repos in private org (#11445) * Include LFS when calculating repo size (#11060) * Add check for LDAP group membership (#10869) * When starting new stopwatch stop previous if it is still running (#10533) * Add queue for code indexer (#10332) * Move all push update operations to a queue (#10133) * Cache last commit when pushing for big repository (#10109) * Change/remove a branch of an open issue (#9080) * Sortable Tables Header By Click (#7980) * TESTING * Use community codecov drone plugin (#12468) * Add more tests for diff highlighting (#12467) * Don't put integration test data outside of test folder (#11746) * Add debug option to hooks (#11624) * Log slow tests (#11487) * TRANSLATION * Translate two small lables on commit statuse list (#12821) * Make issues.force_push_codes message shorter (#11575) * BUILD * Bump min required golang to 1.13 (#12717) * Add 'make watch' (#12636) * Extract Swagger CSS to its own file (#12616) * Update eslint config (#12609) * Avoid unnecessary system-ui expansion (#12522) * Make the default PID file compile-time settable (#12485) * Add 'watch-backend' (#12330) * Detect version of sed in Makefile (#12319) * Update gitea-vet to v0.2.1 (#12282) * Add logic to build stable and edge builds for gitea snap (#12052) * Fix missing CGO_EXTRA_FLAGS build arg for docker (#11782) * Alpine 3.12 (#11720) * Enable stylelint's shorthand-property-no-redundant-values (#11436) * DOCS * Change default log configuration (#13088) * Add automatic JS license generation (#11810) * Remove page size limit comment from swagger (#11806) * Narrow down Edge version in browser support docs (#11640) ## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01 * BUGFIXES * Allow U2F with default settings for gitea in subpath (#12990) (#13001) * Prevent empty div when editing comment (#12404) (#12991) * On mirror update also update address in DB (#12964) (#12967) * Allow extended config on cron settings (#12939) (#12943) * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940) * Fix internal server error from ListUserOrgs API (#12910) (#12915) * Update only the repository columns that need updating (#12900) (#12912) * Fix panic when adding long comment (#12892) (#12894) * Add size limit for content of comment on action ui (#12881) (#12890) * Convert User expose ID each time (#12855) (#12883) * Support slashes in release tags (#12864) (#12882) * Add missing information to CreateRepo API endpoint (#12848) (#12867) * On Migration respect old DefaultBranch (#12843) (#12858) * Fix notifications page links (#12838) (#12853) * Stop cloning unnecessarily on PR update (#12839) (#12852) * Escape more things that are passed through str2html (#12622) (#12850) * Remove double escape on labels addition in comments (#12809) (#12810) * Fix "only mail on mention" bug (#12775) (#12789) * Fix yet another bug with diff file names (#12771) (#12776) * RepoInit Respect AlternateDefaultBranch (#12746) (#12751) * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750) * ENHANCEMENTS * gitea dump: include version & Check InstallLock (#12760) (#12762) ## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02 * SECURITY * Escape provider name in oauth2 provider redirect (#12648) (#12650) * Escape Email on password reset page (#12610) (#12612) * When reading expired sessions - expire them (#12686) (#12690) * ENHANCEMENTS * StaticRootPath configurable at compile time (#12371) (#12652) * BUGFIXES * Fix to show an issue that is related to a deleted issue (#12651) (#12692) * Expire time acknowledged for cache (#12605) (#12611) * Fix diff path unquoting (#12554) (#12575) * Improve HTML escaping helper (#12562) * models: break out of loop (#12386) (#12561) * Default empty merger list to those with write permissions (#12535) (#12560) * Skip SSPI authentication attempts for /api/internal (#12556) (#12559) * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550) * Remove hardcoded ES indexername (#12521) (#12526) * Fix bug preventing transfer to private organization (#12497) (#12501) * Keys should not verify revoked email addresses (#12486) (#12495) * Do not add prefix on http/https submodule links (#12477) (#12479) * Fix ignored login on compare (#12476) (#12478) * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422) * Upgrade google/go-github to v32.1.0 (#12361) (#12390) * Render emoji's of Commit message on feed-page (#12373) * Fix handling of diff on unrelated branches when Git 2.28 used (#12370) ## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28 * BUGFIXES * Don't change creation date when updating Release (#12343) (#12351) * Show 404 page when release not found (#12328) (#12332) * Fix emoji detection in certain cases (#12320) (#12327) * Reduce emoji size (#12317) (#12327) * Fix double-indirection bug in logging IDs (#12294) (#12308) * Link to pull list page on sidebar when view pr (#12256) (#12263) * Extend Notifications API and return pinned notifications by default (#12164) (#12232) ## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11 * BUGFIXES * When deleting repository decrese user repository count in cache (#11954) (#12188) * Return full commit message instead of summary in commits API (#12186) (#12187) * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182) * Ensure GPG Subkeys are verified (#12155) (#12168) * Fix failing to cache last commit with key being to long (#12151) (#12161) * Multiple small admin dashboard fixes (#12153) (#12156) * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148) * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147) * Move EventSource to SharedWorker (#12095) (#12130) * Fix ui bug in wiki commit page (#12089) (#12125) * Fix gitgraph branch continues after merge (#12044) (#12105) * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104) * Ensure BlameReaders close at end of request (#12102) (#12103) * Fix panic when adding review comment (#12058) * ENHANCEMENTS * Disable dropzone's timeout for file uploads (#12024) (#12032) ## [1.12.1](https://github.com/go-gitea/gitea/releases/tag/v1.12.1) - 2020-06-21 * BUGFIXES * Handle multiple merges in gitgraph.js (#11996) (#12000) * Add serviceworker.js to KnownPublicEntries (#11992) (#11994) * For language detection do not try to analyze big files by content (#11971) (#11975) * ENHANCEMENTS * Fix scrollable header on dropdowns (#11893) (#11965) ## [1.11.8](https://github.com/go-gitea/gitea/releases/tag/v1.11.8) - 2020-06-21 * BUGFIXES * Really fix __webpack_public_path__ for 1.11 (#11961) ## [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) - 2020-06-17 * BREAKING * When using API CreateRelease set created_unix to the tag commit time (#11218) * Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162) * Fix sanitizer config - multiple rules (#11133) * Remove check on username when using AccessToken authentication for the API (#11015) * Return 404 from Contents API when items don't exist (#10323) * Notification API should always return a JSON object with the current count of notifications (#10059) * Remove migration support from versions earlier than 1.6.0 (#10026) * SECURITY * Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662) * FEATURES * Improve config logging when WrappedQueue times out (#11174) * Add branch delete to API (#11112) * Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047) * Add a way to mark Conversation (code comment) resolved (#11037) * Handle yaml frontmatter in markdown (#11016) * Cache PullRequest Divergence (#10914) * Make `gitea admin auth list` formatting configurable (#10844) * Add Matrix webhook (#10831) * Add Organization Wide Labels (#10814) * Allow to set protected file patterns for files that can not be changed under no conditions (#10806) * Option to set default branch at repository creation (#10803) * Add request review from specific reviewers feature in pull request (#10756) * Add NextCloud oauth (#10562) * System-wide webhooks (#10546) * Relax sanitization as per https://github.com/jch/html-pipeline (#10527) * Use media links for img in post-process (#10515) * Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437) * Render READMEs in docs/ .gitea or .github from root (#10361) * Add feishu webhook support (#10229) * Cache last commit to accelerate the repository directory page visit (#10069) * Implement basic app.ini and path checks to doctor cmd (#10064) * Make WorkerPools and Queues flushable (#10001) * Implement "embedded" command to extract static resources (#9982) * Add API endpoint for repo transfer (#9947) * Make archive prefixing configurable with a global setting (#9943) * Add Unique Queue infrastructure and move TestPullRequests to this (#9856) * Issue/PR Context Popups (#9822) * Add "Update Branch" button to Pull Requests (#9784) * Add require signed commit for protected branch (#9708) * Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) * Add API notification endpoints (#9488) * Issue search support elasticsearch (#9428) * Add API branch protection endpoint (#9311) * Add a new command doctor to check if some wrong configurations on gitea instance (#9095) * Add support for migrating from Gitlab (#9084) * Add support for database schema in PostgreSQL (#8819) * Add setting to set default and global disabled repository units. (#8788) * Language statistics bar for repositories (#8037) * Restricted users (#6274) * BUGFIXES * Fix commenting on non-utf8 encoded files (#11916) (#11950) * Use google/uuid to instead satori/go.uuid (#11943) (#11946) * Align show/hide outdated button on code review block (#11932) (#11944) * Update to go-git v5.1.0 (#11936) (#11941) * Use ID or Where to instead directly use Get when load object from database (#11925) (#11934) * Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915) * Invalidate comments when file is shortened (#11882) (#11884) * Rework api/user/repos for pagination (#11827) (#11877) * Handle more pathological branch and tag names (#11843) (#11863) * Add doctor check to set IsArchived false if it is null (partial #11853) (#11859) * Prevent panic on empty HOST for mysql (#11850) (#11856) * Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836) * Fix reply octicon (#11821) (#11822) * Honor DEFAULT_PAGING_NUM for API (#11805) (#11813) * Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809) * In File Create/Update API return 404 if Branch does not exist (#11791) (#11795) * Fix doer of rename repo (#11789) (#11794) * Initialize SimpleMDE when making a code comment (#11749) (#11785) * Fix timezone on issue deadline (#11697) (#11784) * Fix to allow comment poster to edit or delete his own comments (#11671) (#11774) * Show full 500 error in API when Gitea in dev mode (#11641) (#11753) * Add missing templates for Matrix system webhooks (#11729) (#11748) * Fix verification of subkeys of default gpg key (#11713) (#11747) * Fix styling for commiter on diff view (#11715) (#11744) * Properly truncate system notices (#11714) (#11742) * Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718) * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682) * Doctor check & fix db consistency (#11111) (#11676) * Exclude generated files from language statistics (#11653) (#11670) * Return json on 500 error from API (#11574) (#11659) * When must change password only show Signout (#11600) (#11637) * Backport various styling fixes (#11619) * Fix wrong milestone in webhook message (#11596) (#11611) * Fix serviceworker output file and misc improvements (#11562) (#11610) * When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608) * Prevent empty query parameter being set on dashboard (#11561) (#11604) * Fix images in wiki edit preview (#11546) (#11602) * Prevent (caught) panic on login (#11590) (#11597) * Prevent transferring repos to invisible orgs (#11517) (#11549) * Move serviceworker to workbox and fix SSE interference (#11538) (#11547) * API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533) * Fix repo-list private and total count bugs (#11500) (#11532) * Fix form action template substitutions on admin pages (backport #11519) (#11531) * Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530) * TrimSpace when reading InternalToken from a file (#11502) (#11524) * Fix selected line color in arc-green (#11492) (#11520) * Make localstorage read ssh or https correctly (#11483) (#11490) * Check branch protection on IsUserAllowedToUpdate (#11448) * Fix margin on attached segment headers when they are separated by other element (#11425) * Fix webhook template when validation errors occur (#11421) * Fix NPE in template due to missing signing key on commit page (#11392) * Restore active background to Register button on Register page (#11390) * Fix hook failure due to relative LFS_CONTENT_PATH (#11362) * Correctly set the organization num repos (#11339) * Prevent 500 with badly formed task list (#11328) * Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327) * Handle panics that percolate up to the graceful module (#11291) * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248) * Patch fomantic-ui to workaround build issue (#11244) * Prevent panic during wrappedConn close at hammertime (#11219) * On logout force redirect to start page (#11202) * Fix creation of Organization repos by Users with max created personal repos (#11183) * Add option to increase provided OAuth2 token maximum size (#11180) * Log the indexer path on failure (#11172) * Ensure that relative paths in edit preview work (#11143) * Make API EditIssue and EditPullRequest issue notifications (#11123) * Send 404 immediately for known public requests (#11117) * Remove nil inserts in models (#11096) * Add GetReviews() to RetryDownloader (#11093) * Remove nonexistent serviceworker entries (#11091) * Simplify and fix GetApprovalCounts (#11086) * Fix wiki revision template and simplify some tmpl conditions (#11080) * Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067) * Align review-item svg octicons (#11065) * Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997) * Users should not be able to prohibit their own login (#10970) * Fix scrollbar issues in dropdowns (#10897) * Change the order of issues.closed_by to list opening user first (#10876) * Allow site admin to check /api/v1/orgs endpoints (#10867) * Avoid logging []byte in queue failures - convert to string first (#10865) * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863) * Fix assignees double load bug (#10856) * Handle push rejection in branch and upload (#10854) * In authorized_keys use double-quote for windows compatibility (#10841) * Fix milestone template (#10824) * log.Fatal on failure to listen to SSH port (#10795) * Fix forked repo has no icon and language stat. (#10791) * Fix tag/release deletion (#10663) * Fix webhook migration (#10641) * Migration for deleting orphaned dependencies (#10617) * Add migration to fix the old broken merge-bases (#10604) * Update templates for Go 1.14 (#10596) * Remove unnecessary parentheses in wiki/view template (#10583) * Change default value of DefaultCommandExecutionTimeout to match docs (#10581) * Handle panic in indexer initialisation better (#10534) * Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456) * Fixed wrong AppSubUrl in multiple templates (#10447) * Fix profile page CSS (#10406) * Inject SVG sprite via ajax (#10320) * Fix migration information update bug when linked github account (#10310) * Allow admin to check org membership by API for other users (#10201) * Fix topics dropdown (#10167) * Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134) * Fix IsErrPullClosed (#10093) * Accept punctuation after simple+cross repository issue references (#10091) * On merge of already closed PR redirect back to the pulls page (#10010) * Fix crowdin update script (#9969) * Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927) * Add option to prevent LDAP from deactivating everything on empty search (#9879) * Fix admin handling at merge of PR (#9749) * err_admin_name_pattern_not_allowed String Clarification (#9731) * Fix wrong original git service type on a migrated repository (#9693) * Fix ref links in issue overviews for tags (#8742) * ENHANCEMENTS * Fix search form button overlap (#11840) (#11864) * Make tabular menu styling consistent for arc-green (#11570) (#11798) * Add option to API to update PullRequest base branch (#11666) (#11796) * Increase maximum SQLite variables count to 32766 (#11696) (#11783) * Update emoji dataset with skin tone variants (#11678) (#11763) * Add logging to long migrations (#11647) (#11691) * Change language statistics to save size instead of percentage (#11681) (#11690) * Allow different HardBreaks settings for documents and comments (#11515) (#11599) * Fix alignment for commits on dashboard (#11595) (#11680) * Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673) * Handle expected errors in AddGPGkey API (#11644) (#11661) * Close EventSource before unloading the page (#11539) (#11557) * Ensure emoji render with regular font-weight (#11541) (#11545) * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542) * Tweak reaction buttons (#11516) * Use more toned colors for selected line (#11493) (#11511) * Increase width for authors on commit view (#11441) * Hide archived repos by default in repo-list (#11440) * Better styling for code review comment textarea (#11428) * Support view individual commit for wiki pages (#11415) * Fix yellow background on active elements in code review (#11414) * Better styling for code review comment form (#11413) * Change install description on homepage (#11395) * Ensure search action button is coalesced to adjacent input (#11385) * Switch code editor to Monaco (#11366) * Add paging and archive/private repository filtering to dashboard list (#11321) * Changed image of openid-connect logo for better look on arc-green theme (#11312) * Load Repo Topics on blame view too (#11307) * Change the style in admin notice content view from `<p>` to `<pre>` (#11301) * Allow log.xxx.default to set logging settings for the default logger only (#11292) * Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285) * Make sendmail a Process and have default timeout (#11256) * Check value of skip-repository flag in dump command (#11254) * Fix submit review form (#11252) * Allow unauthenticated users to compare (#11240) * Add EventSource support (#11235) * Refactor Milestone related (#11225) * Add pull review API endpoints (#11224) * Add a 'this' to issue close/reopened messages (#11204) * When migrating from Gitlab map Approvals to approving Reviews (#11147) * Improve representation of attachments in issues (#11141) * Protect default branch against deletion (#11115) * Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113) * Fix status label on branches list vertical alignment (#11109) * Add single release page and latest redirect (#11102) * Add missing commit states to PR checks template (#11085) * Change icon on title for merged PR to git-merge (#11064) * Add MergePull comment type instead of close for merge PR (#11058) * Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055) * Consolidate author name across timeline (#11053) * Refactor UpdateOAuth2Application (#11034) * Support unicode emojis and remove emojify.js (#11032) * Add git hook "warning" to admin panel (#11030) * Add flash notify for email preference setting success (#11027) * Remove package code.gitea.io/gitea/modules/git import out of models (#11025) * Match arc-green code tag color to code blocks (#11023) * Move syntax highlighting to web worker (#11017) * Prevent merge of outdated PRs on protected branches (#11012) * Add Get/Update for api/v1/user/applications/oauth2 (#11008) * Upgrade to most recent bluemonday (#11007) * Tweak code tags in markdown (#11000) * Reject duplicate AccessToken names (#10994) * Fix Ctrl-Enter shortcut for issues (#10986) * Provide `OwnerName` field for README template (#10981) * Prettify Timeline (#10972) * Add issue subscription check to API (#10967) * Use AJAX for notifications table (#10961) * Adjust label padding (#10957) * Avoiding directory execution on hook (#10954) (#10955) * Migrate ActivityHeatmap to Vue SFC (#10953) * Change merge strategy: do not check write access if user in merge white list (#10951) * Enable GO111MODULE=on globally in Makefile (#10939) * API endpoint to get single commit via SHA and Ref (#10915) * Add accordion to release list and hide non-latest (#10910) * Split dashboard elements into separate template files (#10885) * Add more message on sidebar menus (#10872) * Set MySQL rowtype to dynamic for new tables (#10833) * Completely fix task-list checkbox styling (#10798) * Hide gear icon for user who can't use them on sidebar (#10750) * Refactor Cron and merge dashboard tasks (#10745) * Change review status icons on pr view style to github style (#10737) * Make pagination optional for API list notification endpoints (#10714) * Fix tab indentation in code view (#10671) * Fix task-list checkbox styling (#10668) * Multiple LFS improvements (#10667) * Make PR message on pushes configurable (#10664) * Move dropzone.js to npm/webpack (#10645) * Ensure Update button is enabled even when CI has failed (#10640) * Add restricted user filter to LDAP authentication (#10600) * Add Yandex OAuth2 provider (#8335) (#10564) * Make avatar lookup occur at image request (#10540) * Prevent accidential selection of language stats bar (#10537) * Add fluid-icon (#10491) * Inform participants on UI too (#10473) * Build with go 1.14 (and raise minimum go version to 1.12) (#10467) * Add max-file-size to LFS (#10463) * Enable paggination for ListRepoTags API (#10454) * Update JS dependencies (#10450) * Show the username as a fallback on feeds if full name is blank (#10438) * Various dark theme fixes (#10416) * Display pull request head branch even the branch deleted or repository deleted (#10413) * Prevent Firefox from using apple-touch-icon (#10402) * Fix input[type=file] on dark theme (#10382) * Improve mobile review-box sizing (#10297) * Notification: queue ui.go notification-service (#10281) * Add detected file language to code search (#10256) * Index code and stats only for non-empty repositories (#10251) * Add Approval Counts to pulls list (#10238) * Limit label list height on edit issue page (#10216) * Improve 404 error message (#10214) * Tweak locale to respect singular conflicting file message in PR list (#10177) * Fix commit view (#10169) * Reorganize frontend files and tooling (#10168) * Allow emoji on popup label (#10166) * ListIssues add filter for milestones API (#10148) * Show if a PR has conflicting files on the PR lists (#10130) * Fix inconsistent label color format in API (#10129) * Show download count info in release list (#10124) * Add Octicon SVG spritemap (#10107) * Update aria-fixed semantic-dropdown to fomantic master (#10096) * Fix apple-touch-icon, regenerate images (#10065)(#10006) * Style blockquote for default issue mail template (#10024) * More expansions in template repositories (#10021) * Allow list collaborators for users with Read access to repo (#9995) * Add explicit dimensions to navbar avatar (#9986) * Remove loadCSS and preload woff2 icon fonts (#9976) * Fix commit view JS features, reimplement folding (#9968) * Fix review avatar image (#9962) * Improve notification pager (#9821) * Move jquery and jquery-migrate to npm/webpack (#9813) * Change font to Roboto to support more charsets (#9803) * Move mailer to use a queue (#9789) * Issue search on my related repositories (#9758) * Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685) * Move tracked time api convert to convert package (#9665) * Improve PR info in default merge message (#9635) * Granular webhook events (#9626) * Add Reviewed-on in commit message (#9623) * Add top author stats to activity page (#9615) * Allow repo admin to merge PR regardless of review status (#9611) * Migrate reactions when migrating repository from github (#9599) * API orgEditTeam make Fields optional (#9556) * Move create/fork repository from models to modules/repository (#9489) * Migrate reviews when migrating repository from github (#9463) * Times API add filters (#9373) * Move push commits from models to modules/repository (#9370) * Add API endpoint to check notifications [Extend #9488] (#9595) * Add GET /orgs API endpoint (#9560) * API add/generalize pagination (#9452) * Make create org repo API call same as github (#9186) * BUILD * Turn off go modules for xgo and gxz (#10963) * Add gitea-vet (#10948) * Rename scripts to build and add revive command as a new build tool command (#10942) * Add 'make lint', restructure 'compliance' pipeline (#10861) * Move JS build dependencies to 'dependencies' (#10763) * Use whitelist to find go files, run find only once (#10594) * Move vue and vue-calendar-heatmap to npm/webpack (#10188) * Move jquery.are-you-sure to npm/webpack (#10063) * Move highlight.js to npm/webpack (#10011) * Generate Bindata if TAGS="bindata" and not up-to-date (#10004) * Move CSS build to webpack (#9983) * Move fomantic target, update 'make help' (#9945) * Add css extraction and minification to webpack (#9944) * Misc webpack tweaks (#9924) * Make node_modules a order-only prerequisite (#9923) * Update documentation for the go module era (#9751) * Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714) * Use npm to manage fomantic and only build needed components (#9561) * MISC * Add gnupg to Dockerfile (#11365) * Update snapcraft.yaml for core18 and latest features (#11300) * Update JS dependencies, min Node.js version 10.13 (#11246) * Change default charset for MySQL on install to utf8mb4 (#10989) * Return issue subscription status from API subscribe (#10966) * Fix queue log param (#10733) * Add warning when using relative path to app.ini (#10104) ## [1.11.7](https://github.com/go-gitea/gitea/releases/tag/v1.11.7) - 2020-06-18 * BUGFIXES * Use ID or Where to instead directly use Get when load object from database (#11925) (#11935) * Fix __webpack_public_path__ for 1.11 (#11907) * Fix verification of subkeys of default gpg key (#11713) (#11902) * Remove unnecessary parentheses in wiki/view template (#11781) * Doctor fix xorm.Count nil on sqlite error (#11741) ## [1.11.6](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) - 2020-05-30 * SECURITY * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683) * Use session for retrieving org teams (#11438) (#11439) * BUGFIXES * Return json on 500 error from API (#11574) (#11660) * Fix wrong milestone in webhook message (#11596) (#11612) * Prevent (caught) panic on login (#11590) (#11598) * Fix commit page js error (#11527) * Use media links for img in post-process (#10515) (#11504) * Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475) * Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461) * Allow all members of private orgs to see public repos (#11442) (#11459) * Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457) * Forcibly clean and destroy the session on logout (#11447) (#11451) * Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381) * Add tracked time fix to doctor (part of #11111) (#11138) * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544) * Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 (#11481) ## [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) - 2020-05-09 * BUGFIXES * Prevent timer leaks in Workerpool and others (#11333) (#11340) * Fix tracked time issues (#11349) (#11354) * Add NotifySyncPushCommits to indexer notifier (#11309) (#11338) * Allow X in addition to x in tasks (#10979) (#11335) * When delete tracked time through the API return 404 not 500 (#11319) (#11326) * Prevent duplicate records in organizations list when creating a repository (#11303) (#11325) * Manage port in submodule refurl (#11305) (#11323) * api.Context.NotFound(...) should tolerate nil (#11288) (#11306) * Show pull request selection even when unrelated branches (#11239) (#11283) * Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282) * Fix GetContents(): Dont't ignore Executables (#11192) (#11209) * Fix submodule paths when AppSubUrl is not root (#11098) (#11176) * Prevent clones and pushes to disabled wiki (#11131) (#11134) * Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130) * On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125) * Refresh codemirror on show pull comment tab (#11100) (#11122) * Fix merge dialog on protected branch with missing required statuses (#11074) (#11084) * Load pr Issue Poster on API too (#11033) (#11039) * Fix release counter on API repository info (#10968) (#10996) * Generate Diff and Patch direct from Pull head (#10936) (#10938) * Fix rebase conflict detection in git 2.26 (#10929) (#10930) * ENHANCEMENT * Fix 404 and 500 image size in small size screen (#11043) (#11049) * Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991) ## [1.11.4](https://github.com/go-gitea/gitea/releases/tag/v1.11.4) - 2020-04-01 * BUGFIXES * Only update merge_base if not already merged (#10909) * Fix milestones too many SQL variables bug (#10880) (#10904) * Protect against NPEs in notifications list (#10879) (#10883) * Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868) * Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797) * Account for empty lines in receive-hook message (#10773) (#10784) * Fix bug on branch API (#10767) (#10775) * Migrate to go-git/go-git v5.0.0 (#10735) (#10753) * Fix hiding of fields in authorization source page (#10734) (#10752) * Prevent default for linkAction (#10742) (#10743) ## [1.11.3](https://github.com/go-gitea/gitea/releases/tag/v1.11.3) - 2020-03-10 * BUGFIXES * Prevent panic in stopwatch (#10670) (#10673) * Fix bug on pull view when required status check no ci result (#10648) (#10651) * Build explicitly with Go 1.13 (#10684) ## [1.11.2](https://github.com/go-gitea/gitea/releases/tag/v1.11.2) - 2020-03-06 * BREAKING * Various fixes in login sources (#10428) (#10429) * SECURITY * Ensure only own addresses are updated (#10397) (#10399) * Logout POST action (#10582) (#10585) * Org action fixes and form cleanup (#10512) (#10514) * Change action GETs to POST (#10462) (#10464) * Fix admin notices (#10480) (#10483) * Change admin dashboard to POST (#10465) (#10466) * Update markbates/goth (#10444) (#10445) * Update crypto vendors (#10385) (#10398) * BUGFIXES * Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626) * Handle deleted base branch in PR (#10618) (#10619) * Delete dependencies when deleting a repository (#10608) (#10616) * Ensure executable bit is kept on the web editor (#10607) (#10614) * Update mergebase in pr checker (#10586) (#10605) * Fix release attachments being deleted while upgrading (#10572) (#10573) * Fix redirection path if Slack webhook channel is invalid (#10566) * Fix head.tmpl og:image picture location (#10531) (#10556) * Fix 404 after activating secondary email (#10547) (#10553) * Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524) * Fix potential bugs (#10513) (#10518) * Use \[:space:\] instead of \\s (#10508) (#10509) * Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500) * Handle push rejection message in Merge & Web Editor (#10373) (#10497) * Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493) * Fix double PR notification from API (#10482) (#10486) * Show the username as a fallback on feeds if full name is blank (#10461) * Trigger webhooks on issue label-change via API too (#10421) (#10439) * Fix git reference type in webhooks (#10427) (#10432) * Prevent panic on merge to PR (#10403) (#10408) * Fix wrong num closed issues on repository when close issue via commit… (#10364) (#10380) * Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354) * Set max-width on review-box comment box (#10348) (#10353) * Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344) * Fix protected branch status check settings (#10341) (#10343) * Truncate long commit message header (#10301) (#10319) * Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318) * Don't manually replace whitespace during render (#10291) (#10315) * ENHANCEMENT * Admin page for managing user e-mail activation (#10557) (#10579) ## [1.11.1](https://github.com/go-gitea/gitea/releases/tag/v1.11.1) - 2020-02-15 * BUGFIXES * Repo name added to automatically generated commit message when merging (#9997) (#10285) * Fix Workerpool deadlock (#10283) (#10284) * Divide GetIssueStats query in smaller chunks (#10176) (#10282) * Fix reply on code review (#10257) * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249) * Fix filter label emoji width (#10241) (#10244) * Fix issue sidebar menus having an infinite height (#10239) (#10240) * Fix commit between two commits calculation if there is only last commit (#10225) (#10226) * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206) * Blacklist manifest.json & milestones user (#10292) (#10293) ## [1.11.0](https://github.com/go-gitea/gitea/releases/tag/v1.11.0) - 2020-02-10 * BREAKING * Fix followers and following tabs in profile (#10202) (#10203) * Make CertFile and KeyFile relative to CustomPath (#9868) (#9874) * Remove unused endpoints (#9538) * Prefix all user-generated IDs in markup (#9477) * Enforce Gitea environment for pushes (#8982) * Hide some user information via API if user have not enough permissions (#8655) * Move startpage/homepage translation to crowdin (#8596) * SECURITY * Never allow an empty password to validate (#9682) (#9683) * Prevent redirect to Host (#9678) (#9679) * Swagger hide search field (#9554) * Add "search" to reserved usernames (#9063) * Switch to fomantic-ui (#9374) * Only serve attachments when linked to issue/release and if accessible by user (#9340) * FEATURES * Webhooks should only show sender if it makes sense (#9601) * Provide Default messages for merges (#9393) * Add description to labels on create issue (#9392) * Graceful Queues: Issue Indexing and Tasks (#9363) * Default NO_REPLY_ADDRESS to DOMAIN (#9325) * Allow FCGI over unix sockets (#9298) * Graceful: Xorm, RepoIndexer, Cron and Others (#9282) * Add API for Reactions (#9220) * Graceful: Cancel Process on monitor pages & HammerTime (#9213) * Graceful: Allow graceful restart for unix sockets (#9113) * Graceful: Allow graceful restart for fcgi (#9112) * Sign protected branches (#8993) * Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964) * Add Gitea icon to Emojis (#8950) * Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924) * Allow Custom Reactions (#8886) * Close/reopen issues by keywords in titles and comments (#8866) * Allow incompletely specified Time Formats (#8816) * Prevent upload (overwrite) of lfs locked file (#8769) * Template Repositories (#8768) * Add /milestones endpoint (#8733) * Make repository management section handle lfs locks (#8726) * Respect LFS File Lock on UI (#8719) * Add team option to grant rights for all organization repositories (#8688) * Enabling and disabling the commit button to prevent empty commits (web editor) (#8590) * Add setting to disable BASIC authentication (#8586) * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) * Allow Protected Branches to Whitelist Deploy Keys (#8483) * Push to create repo (#8419) * Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) * Add basic repository lfs management (#7199) * BUGFIXES * Fix code-expansion arc-green theme bug (#10180) (#10185) * Prevent double wait-group decrement (#10170) (#10175) * Allow emoji on review head comments (#10159) (#10174) * Fix issue/pull link (#10158) (#10173) * Fix push-create SSH bugs (#10145) (#10151) * Prevent DeleteUser API abuse (#10125) (#10128) * Fix issues/pulls dashboard paging error (#10114) (#10115) * Add button to revert SimpleMDE to plain textarea (#10099) (#10102) * Fix branch page pull request title and link error (#10092) (#10097) * Fix PR API: Only try to get HeadBranch if HeadRepo exist (#10029) (#10088) * Update topics repo count when deleting repository (#10051) (#10081) * Show pull icon on pull requests (#10061) (#10062) * Fix milestone API state parameter unhandled (#10049) (#10052) * Move to using a temporary repo for pushing new PRs (#10009) (#10042) * Fix wiki raw view on sub path (#10002) (#10040) * Ensure that feeds are appropriately restricted (#10018) (#10019) * Sanitize credentials in mirror form (#9975) (#9991) * Close related pull requests when deleting head repository or head branch (#9927) (#9974) * Switch to use -f instead of -F for sendmail (#9961) (#9970) * Fix file rename/copy not supported by indexer (#9965) (#9967) * Fix repo indexer not updating upon push (#9957) (#9963) * Don't convert ellipsis in markdown (#9905) (#9937) * Fixed repo link in generated comment for cross repository dependency (#9863) (#9935) * Check if diff actually contains sections when rendering (#9926) (#9933) * Fix wrong hint when status checking is running on pull request view (#9886) (#9928) * Fix RocketChat (#9908) (#9921) * Do not try to recreate ldap user if they are already created (#9900) (#9919) * Create terminated channel in queue_redis (#9910) (#9911) * Prevent empty LDAP search result from deactivating all users (#9879) (#9896) * Fix wrong permissions check when issues/prs shared operations (#9885) (#9889) * Check user != nil before checking values (#9881) (#9883) * Allow hyphen in language name (#9873) (#9880) * Ensure that 2fa is checked on reset-password (#9857) (#9876) * Fix issues/pulls dependencies problems (#9842) (#9864) * Fix markdown anchor links (#9673) (#9840) * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9837) * Fix download file wrong content-type (#9825) (#9834) * Fix wrong poster identity on a migrated pull request when submit review (#9827) (#9830) * Fix database dump when log directory is missing (#9818) (#9819) * Fix compare (#9808) (#9814) * Fix push-to-create (#9772) (#9797) * Fix missing msteam webhook on organization (#9781) (#9794) * Fix missing unlock in uniquequeue (#9790) (#9791) * Fix add team on collaborator page when same name as organization (#9778) * DeleteRepoFile incorrectly handles Delete to new branch (#9769) (#9775) * Fix milestones page (#9771) * Fix SimpleMDE quote reply (#9757) (#9768) * Fix missing updated time on migrated issues and comments (#9744) (#9764) * Move Errored PRs out of StatusChecking (#9675) (#9726) * Make hook status printing configurable with delay (#9641) (#9725) * Fix /repos/issues/search (#9698) (#9724) * Silence fomantic error regarding tabs (#9713) (#9718) * Remove unused lock (#9709) (#9710) * Remove q.lock.Unlock() in setInternal to prevent panic (#9705) (#9706) * Load milestone in API PR list (#9671) (#9700) * Don't attempt to close issue if already closed (#9696) (#9699) * Remove google font call (#9668) (#9681) * Eliminate horizontal scroll caused by footer (#9674) * Fix nil reference in repo generation (#9660) (#9666) * Add HTML URL to API Issues (#9654) (#9661) * Add PR review webhook to Telegram (#9653) (#9655) * Use filepath.IsAbs instead of path.IsAbs (#9651) (#9652) * Disable remove button on repository teams when have access to all (#9640) * Clean up old references on branch delete (#9614) * Hide public repos owned by private orgs (#9609) * Fix access issues on milestone and issue overview pages. (#9603) * Fix error logged when repos qs is empty (#9591) * Dont trigger notification twice on issue assignee change (#9582) * Fix mirror pushed commit actions (#9572) * Allow only specific columns to be updated on issue via API (#9189) (#9539) * Fix default avatar for ghost user (#9536) * Fix download of release attachments with same name (#9529) * Resolve deprecated INI conversion (#9525) * Ignore empty avatars during database migration (#9520) * Fix deleted branch isn't removed when push the branch again (#9516) * Fix repository issues pagination bug when there are more than one label filter (#9512) * Fix SetExpr failed (#9506) * Remove obsolete file private/push_update.go (#9503) * When recreating hooks, delete them first so they are recreated with the umask (#9502) * Properly enforce gitea environment for pushes (#9501) * Fix datarace on repo indexer queue (#9490) * Add call to load repo prior to redirect in add/remove dependency code (#9484) * Wrap the code indexer (#9476) * Use Req.URL.RequestURI() to cope with FCGI urls (#9473) * Set default ssh.minimum_key_sizes (#9466) * Fixed issue with paging in /repos/{owner}/{repo}/git/trees/{sha} api (#9459) * Fix wrong notification on merge (#9450) * Issue with Migration rule v111 (#9449) * Trigger webhook when deleting a branch after merging a PR (#9424) * Add migration to sanitize repository original_url (#9423) * Use OriginalURL instead of CloneAddr in migration logging (#9418) * Push update after branch is restored (#9416) * Fix wrong migration (#9381) * Fix show repositories filter (#9234) (#9379) * Fix Slack webhook payload title generation to work with Mattermost (#9378) * Fix double webhook for new PR (#9375) * AuthorizedKeysCommand should not query db directly (#9371) * Fix missed change to GetManager() (#9361) * Fix cache problem on dashboard (#9358) * RepoIndexer: DefaultBranch needs to be prefixed by BranchPrefix (#9356) * Fix protected branch using IssueID (#9348) * Fix nondeterministic behavior (#9341) * Fix PR/issue redirects when having external tracker (#9339) * Remove release attachments which repository has been deleted (#9334) * Fix issue indexer not triggered when migrating a repository (#9332) * Add SyncTags to uploader interface (#9326) * Fix bug that release attachment files not deleted when deleting repository (#9322) * Only sync tags after all migration release batches are completed (#9319) * File Edit: Author/Committer interchanged (#9297) * prebuild CSS/JS before xgo release binaries (#9293) * Log: Ensure FLAGS=none shows no flags (#9287) * Make Diff Detail on Pull Request Changed File UI always on Top (#9280) * Switch CSS minifier to cssnano (#9260) * Fix latest docker image haven't include static files. (#9252) * Don't link wiki revision to commit (#9244) * Change review content column to type text in db (#9229) * Fixed topic regex pattern and added search by topic links after save (#9219) * Add language to user API responce (#9215) * Correct tooltip message blocked by dependencies (#9211) * Add SimpleMDE and Fix Image Paste for Issue/Comment Editor (#9197) * Fix panic when diff (#9187) * Fix #9151 - smtp logger configuration sendTos should be an array (#9154) * Fix max length check and limit in multiple repo forms (#9148) * Always Show Password Field on Link Account Sign-in Page (#9147) * Properly fix displaying virtual session provider in admin panel (#9137) * Fix race condition on indexer (#9136) * Fix team links in HTML rendering (#9127) * Fix race condition in ReplaceSanitizer (#9123) * Fix what information is shown about user in API (#9115) * Fix nil context user for template repositories (#9099) * Hide given credentials for migrated repos. (#9097) * Fix reCAPTCHA API URL (#9083) * Fix password checks on admin create/edit user (#9076) * Update golang.org/x/crypto vendor to use acme v2 (#9056) * Ensure Written is set in GZIP ProxyResponseWriter (#9018) * Fix wrong system notice when repository is empty (#9010) * Fix broken link to branch from issue list (#9003) * Fix bug when pack js (#8992) * New review approvals shouldn't require a message (#8991) * Shadow password correctly for session config (#8984) * Don't send notification on pending reviews (#8943) * Fix Notify Create Ref Error on tag creation (#8936) * Convert EOL to UNIX-style to render MD properly (#8925) * Migrate temp_repo.go to use git.NewCommand (#8918) * Fix issue with user.fullname (#8902) * Add Close() method to gogitRepository (#8901) * Enable punctuations ending mentions (#8889) * Fix password complexity check on registration (#8887) * Fix require external registration password (#8885) * Fix edit content button on migrated issue content (#8877) * Fix permission checks for close/reopen from commit (#8875) * Fix API Bug (fail on empty assignees) (#8873) * Stop using git count-objects and use raw directory size for repository (#8848) * Fix count for commit graph last page (#8843) * Fix to close opened io resources as soon as not needed (#8839) * Improve notification (#8835) * Fix new user form for non-local users (#8826) * Fix: remove duplicated signed commit icons (#8820) * Fix (open/closed) issue count when label excluded (#8815) * Fix SSH2 conditional in key parsing code (#8806) * Fix 500 when edit hook (#8782) * On windows set core.longpaths true (#8776) * Fix commit expand button to not go to commit link (#8745) * Avoid re-issuing redundant cross-references. (#8734) * Fix milestone close timestamp function (#8728) * Move webhook codes from service to webhook notification (#8712) * Show zero lines on the line counter if the file empty (#8700) * Fix deadline on update issue or PR via API (#8696) * make call createMilestoneComment on newIssue func (#8678) * Send tag create and push webhook when release created on UI (#8671) * Prevent chrome download page as html with alt + click (#8669) * Fix 500 when getting user as unauthenticated user (#8653) * Graceful fixes (#8645) * Add SubURL to redirect path (#8632) (#8634) * Fix extra columns from `label` table (#8633) * Add SubURL to redirect path for transferred/renamed repos (#8632) * Fix bug when migrate from API (#8631) * Allow to merge if file path contains " or \ (#8629) * Prevent removal of non-empty emoji panel following selection of duplicate (#8609) * Ensure default gpg settings not nil and found commits have reference to repo (#8604) * Set webhook Content-Type for application/x-www-form-urlencoded (#8599) * Fix #8582 by handling empty repos (#8587) * Fix of the diff statistics view on pull request's (#8581) * Fix bug on pull requests when transfer head repository (#8564) * Fix template error on account page (#8562) * Allow externalID to be UUID (#8551) * Fix ignored error on editorconfig api (#8550) * Fix user avatar name (#8547) * Ensure that GitRepo is set on Empty repositories (#8539) * Add missed close in ServeBlobLFS (#8527) * Fix migrate mirror 500 bug (#8526) * Fix password complexity regex for special characters (on master) (#8525) * ENHANCEMENTS * Explicitly refer to PR in squash-merge commit message in case of external tracker (#9844) (#9855) * Add a /user/login landing page option (#9622) * Some more e-mail notification fixes (#9596) * Add branch protection option to block merge on requested changes. (#9592) * Add footer extra links template (#9576) * Fix for a wrong URL in activity page of repository. (#9571) * Update default issue template (#9568) * Change markdown rendering from blackfriday to goldmark (#9533) * Extend file create api with dates (#9464) * Add ActionCommentPull action (#9456) * Response for context on retry database connection (#9444) * Refactor webhooks to reduce code duplication (#9422) * update couchbase deps for new license (#9419) * Add .ignore file for search tools (#9417) * Remove unsued struct (#9405) * Hide not allowed Reactions (#9387) * Remove text from action-only webhooks (#9377) * Move PushToBaseRepo from models to services/pull (#9352) * Site admin could view org's members (#9346) * Sleep longer if request speed is over github limitation (#9335) * Refactor comment (#9330) * Refactor code indexer (#9313) * Remove SavePatch and generate patches on the fly (#9302) * Move some pull request functions from models to services (#9266) * Update JS dependencies (#9255) * Show label list on label set (#9251) * Redirect issue if repo has configured external tracker. (#9247) * Allow kbd tags (#9245) * Remove unused comment actions (#9222) * Fixed errors logging in dump.go (#9218) * Expose release counter to repo API response (#9214) * Make consistent links to repository in the Slack/Mattermost notificiations (#9205) * Expose pull request counter to repo API response (#9202) * Extend TrackedTimes API (#9200) * Extend StopWatch API (#9196) * Move code indexer related code to a new package (#9191) * Docker: ask s6 to stop all service when gitea stop (#9171) * Variable expansion in repository templates (#9163) * Add avatar and issue labels to template repositories (#9149) * Show single review comments in the PR conversation tab (#9143) * Extract createComment (#9125) * Move PushUpdateOptions from models to repofiles (#9124) * Alternate syntax for cross references (#9116) * Add USE_SERVICE_WORKER setting (#9110) * Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092) * Explore page: Add topic param to pagination (#9077) (#9078) * Markdown: Sanitizier Configuration (#9075) * Add password requirement info on error (#9074) * Allow authors to use act keywords in PR content (#9059) * Move modules/gzip to gitea.com/macaron/gzip (#9058) * Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Context menus for comments, add quote reply (#9043) * Update branch API endpoint to show effective branch protection. (#9031) * Move git graph from models to modules/graph (#9027) * Move merge actions to notification (#9024) * Move mirror sync actions to notification (#9022) * Add retry for migration http/https requests (#9019) * Rewrite delivery of issue and comment mails (#9009) * Add review comments to mail notifications (#8996) * Refactor pull request review (#8954) * Githook highlighter (#8932) * Add git hooks and webhooks to template repositories; move to services (#8926) * Only view branch or tag if it match refType requested. (#8899) * Drop Admin attribute based on LDAP when login (continue #1743) (#8849) * Add additional periods to activity page (#8829) * Update go-org to optimize code (#8824) * Move some actions to notification/action (#8779) * Webhook support custom proxy (#8760) * Fix API deadline removal (#8759) * Mark review comment as invalidated when file is deleted (#8751) * Move pull list code to a separate file (#8748) * Move webhook to a standalone package under modules (#8747) * Multi repo select on issue page (#8741) * apply exclude label on milestone issue list (#8739) * Move issue notifications and assignee man (#8713) * Move issue change content from models to service (#8711) * Move issue change status from models to service (#8691) * Move more issue assignee code from models to issue service (#8690) * Create PR on Current Repository by Default (#8670) * Improve Open Graph Protocol (#8637) * Batch hook pre- and post-receive calls (#8602) * Improve webhooks (#8583) * Move transfer repository and rename repository on a service package and start action notification (#8573) * Implement/Fix PR review webhooks (#8570) * Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560) * Move some repositories' operations to a standalone service package (#8557) * Allow more than 255 characters for tokens in external_login_user table (#8554) * Move issue label operations to issue service package (#8553) * Adjust error reporting from merge failures and use LC_ALL=C for git (#8548) * Mail assignee when issue/pull request is assigned (#8546) * Allow committing / adding empty files using the web ui (#8420) (#8532) * Move sync mirror actions to mirror service package (#8518) * Remove arrows on numeric inputs (#8516) * Support inline rendering of CUSTOM_URL_SCHEMES (#8496) * Recalculate repository access only for specific user (#8481) * Add download button for rull request diff- and patch-file (#8470) * Add single sign-on support via SSPI on Windows (#8463) * Move change issue title from models to issue service package (#8456) * Add included tag on branch view (#8449) * Make static resouces web browser cache time customized on app.ini (#8442) * Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426) * Add pagination to commit graph page (#8360) * Use templates for issue e-mail subject and body (#8329) * Move clearlabels from models to issue service (#8326) * Move AddTestPullRequestTask to pull service package from models (#8324) * Team permission to create repository in organization (#8312) * Allows external rendering of other filetypes (#8300) * Add 'Alt + click' feature to exclude labels (#8199) * Configurable close and reopen keywords for PRs (#8120) * Configurable URL for static resources (#7911) * Unifies commit list in repository commit table and wiki revision page (#7907) * Allow cross-repository dependencies on issues (#7901) * Auto-subscribe user to repository when they commit/tag to it (#7657) * Restore Graceful Restarting & Socket Activation (#7274) * wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241) * Change target branch for pull request (#6488) * Display PR commits and diffs using base repo rather than forked (#3648) * TESTING * Add debug option to serv to help debug problems (#9492) * Fix the intermittent TestGPGGit failures (#9360) * Testing: Update postgres sequences (#9304) * Missed defer prepareTestEnv (#9285) * Fix "data race" in testlogger (#9159) * Yet another attempt to fix the intermittent failure of gpg git test (#9146) * integrations: Fix Dropped Test Errors (#9040) * services/mirror: fix dropped test errors (#9007) * Fix intermittent GPG Git test failure (#8968) * Update Github Migration Tests (#8893) (#8938) * Update heatmap fixtures to restore tests (#8615) * TRANSLATION * Fix Korean locales (#9761) (#9780) * Fix placeholders in the error message (#9060) * Fix spelling of admin.users.max_repo_creation (#8934) * Improve german translation of homepage (#8549) * BUILD * Fix webpack polyfills (#9735) (#9738) * Update gitea.com/macaron to 1.4.0 (#9608) * Upgrade lato fonts to v16. (#9498) * Update alpine to 3.11 (#9440) * Upgrade blevesearch (#9177) * Remove built js/css files from git (#9114) * Move semantic.dropdown.custom.js to webpack (#9064) * Check compiled files during build (#9042) * Enable lazy-loading of gitgraph.js (#9036) * Pack web_src/js/draw.js to public/js/index.js (#8975) * Modernize js and use babel (#8973) * Move index.js to web_src and use webpack to pack them (#8598) * Restrict modules/graceful to non-windows build and shim IsChild (#8537) * Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501) * DOCS * Swagger info corrections (#9441) (#9558) * Add ALLOW_ONLY_EXTERNAL_REGISTRATION to config cheat sheet (#8986) * Rephrase comment about RuntimeDirectory option in systemd config (#8912) * Explicitly indicate the socket unit to use the service unit "gitea.service" (#8804) * Adjust the must-change-password help (#8755) * Add notice to docs for migrating from more recent versions of Gogs (#8724) * Add explicit info about customization of homepage (#8694) * Change external asciidoctor tool to embedded mode (#8677) * Add Docker fail2ban configuration (#8642) * Correct some outdated statements in the contributing guidelines (#8612) * Basic Design guidelines (describing different parts of the code) (#8601) * Display Gitea logo in Readme (#8592) * Fix building from source docs to ref AppWorkPath (#8567) * Update the provided gitea.service to mention socket activation (#8531) * Doc added how to setup email (#8520) * MISC * Backport Locales [2020-01-14] (#9773) * Add translatable Powered by Gitea text in footer (#9600) * Add contrib/environment-to-ini (#9519) * Remove unnecessary loading of settings in update hook (#9496) * Update gitignore list (#9437) * Update license list (#9436) * Fix background reactions in the arc-green theme (#9421) * Update and fix chardet import (#9351) * Ensure LF on checkouts and in editors (#9259) * Fixed topics margin (#9248) * Add comment to exported function WindowsServiceName (make revive) (#9241) * Remove empty lines on issues/pulls page (#9232) * Fix Add Comment Button's "+" Position (#9140) * Add first issue comment hashtag (#9052) * Change some label colors (#9051) * Fix double scroll in branch dropdown (#9048) * Add comment highlight when target from url (#9047) * Update display of reactions to issues and comments (#9038) * Button tooltip formatting under Branches (#9034) * Allow setting default branch via API (#9030) * Update dashboard context for PR reviews (#8995) * Show repository size in repo home page and settings (#8940) * Allow to add and remove all repositories to/from team. (#8867) * Show due date in dashboard issues list (#8860) * Theme arc-green: reverse heatmap colors (#8840) * Project files table style update (#8757) * gitignore debugging file from vscode (#8740) * Add API for Issue set Subscription (#8729) * Make 100% width search bar (#8710) * Update color theme for heatmap (#8709) * Add margin to title_wip_desc (#8705) * Improve visibility of "Pending" indicator (#8685) * Improve accessibility of dropdown menus (#8638) * Make /users/{username}/repos list private repos the current user has access to (#8621) * Prevent .code-view from overriding font on icon fonts (#8614) * Add id references on all issue events to allow internal linking (#8608) * Upgrade xorm to v0.8.0 (#8536) * Upgrade gopkg.in/ini.v1 (#8500) * Update CodeMirror to version 5.49.0 (#8381) * Wiki editor: enable side-by-side button (#7242) ## [1.10.6](https://github.com/go-gitea/gitea/releases/tag/v1.10.6) - 2020-03-10 This is a re-tag version of v1.10.5 and also explicitly built with Go 1.13. WARNING: v1.10.5 is incorrectly tagged targeting 1.12-dev and should __not__ be used. ## [1.10.5](https://github.com/go-gitea/gitea/releases/tag/v1.10.5) - 2020-03-06 * BUGFIXES * Fix release attachments being deleted while upgrading (#10572) (#10574) ## [1.10.4](https://github.com/go-gitea/gitea/releases/tag/v1.10.4) - 2020-02-16 * FEATURE * Prevent empty LDAP search from deactivating all users (#9879) (#9890) * BUGFIXES * Fix reply on code review (#10261) (#10227) * Fix branch page pull request title and link error (#10092) (#10098) * Fix milestone API state parameter unhandled (#10049) (#10053) * Fix wiki raw view on sub path (#10002) (#10041) * Fix RocketChat Webhook (#9908) (#9921) (#9925) * Fix bug about wrong dependencies permissions check and other wrong permissions check (#9884) (Partial backport #9842) * Ensure that 2fa is checked on reset-password (#9857) (#9877) ## [1.10.3](https://github.com/go-gitea/gitea/releases/tag/v1.10.3) - 2020-01-17 * SECURITY * Hide credentials when submitting migration (#9102) (#9704) * Never allow an empty password to validate (#9682) (#9684) * Prevent redirect to Host (#9678) (#9680) * Hide public repos owned by private orgs (#9609) (#9616) * BUGFIXES * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838) * Fix download file wrong content-type (#9825) (#9835) * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831) * Fix dump non-exist log directory (#9818) (#9820) * Fix compare (#9808) (#9815) * Fix missing msteam webhook on organization (#9781) (#9795) * Fix add team on collaborator page when same name as organization (#9783) * Fix cache problem on dashboard (#9358) (#9703) * Send tag create and push webhook when release created on UI (#8671) (#9702) * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639) ## [1.10.2](https://github.com/go-gitea/gitea/releases/tag/v1.10.2) - 2020-01-02 * BUGFIXES * Allow only specific Columns to be updated on Issue via API (#9539) (#9580) * Add ErrReactionAlreadyExist error (#9550) (#9564) * Fix bug when migrate from API (#8631) (#9563) * Use default avatar for ghost user (#9536) (#9537) * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528) * Fix deleted branch not removed when push the branch again (#9516) (#9524) * Fix missing repository status when migrating repository via API (#9511) * Trigger webhook when deleting a branch after merging a PR (#9510) * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482) * Fix NewCommitStatus (#9434) (#9435) * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420) * Fix Slack webhook payload title generation to work with Mattermost (#9404) * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359) * Fix issue indexer not triggered when migrating a repository (#9333) * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329) * Fix migration releases (#9319) (#9326) (#9328) * Fix File Edit: Author/Committer interchanged (#9297) (#9300) ## [1.10.1](https://github.com/go-gitea/gitea/releases/tag/v1.10.1) - 2019-12-05 * BUGFIXES * Fix max length check and limit in multiple repo forms (#9148) (#9204) * Properly fix displaying virtual session provider in admin panel (#9137) (#9203) * Upgrade levelqueue to 0.1.0 (#9192) (#9199) * Fix panic when diff (#9187) (#9193) * Smtp logger configuration sendTos should be an array (#9154) (#9157) * Always Show Password Field on Link Account Sign-in Page (#9150) * Create PR on Current Repository by Default (#8670) (#9141) * Fix race on indexer (#9136) (#9139) * Fix reCAPTCHA URL (#9119) * Hide migrated credentials (#9098) * Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085) * Fix password checks on admin create/edit user (#9076) (#9081) * Fix add search as a reserved username (#9063) (#9065) * Fix permission checks for close/reopen from commit (#8875) (#9033) * Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025) * Fix broken link to branch from issue list (#9003) (#9021) * Fix wrong system notice when repository is empty (#9020) * Shadow password correctly for session config (#8984) (#9002) ## [1.10.0](https://github.com/go-gitea/gitea/releases/tag/v1.10.0) - 2019-11-13 * BREAKING * Fix deadline on update issue or PR via API (#8698) * Hide some user information via API if user doesn't have enough permission (#8655) (#8657) * Remove legacy handling of drone token (#8191) * Change repo search to use exact match for topic search. (#7941) * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) * Implement the ability to change the ssh port to match what is in the gitea config (#7286) * SECURITY * Fix issue with user.fullname (#8903) * Ignore mentions for users with no access (#8395) * Be more strict with git arguments (#7715) * Extract the username and password from the mirror url (#7651) * reserve .well-known username (#7637) * FEATURES * Org/Members: display 2FA members states + optimize sql requests (#7621) * SetDefaultBranch on pushing to empty repository (#7610) * Adds side-by-side diff for images (#6784) * API method to list all commits of a repository (#6408) * Password Complexity Checks (#6230) * Add option to initialize repository with labels (#6061) * Add additional password hash algorithms (#6023) * BUGFIXES * Allow to merge if file path contains " or \ (#8629) (#8771) * On windows set core.longpaths true (#8776) (#8786) * Fix 500 when edit hook (#8782) (#8789) * Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801) * Fix SSH2 conditional in key parsing code (#8806) (#8810) * Fix commit expand button to not go to commit link (#8745) (#8825) * Fix new user form for non-local users (#8826) (#8828) * Fix to close opened io resources as soon as not needed (#8839) (#8846) * Fix edit content button on migrated issue content (#8877) (#8884) * Fix require external registration password (#8885) (#8890) * Fix password complexity check on registration (#8887) (#8888) * Update Github Migration Tests (#8896) (#8938) (#8945) * Enable punctuations ending mentions (#8889) (#8894) * Add Close() method to gogitRepository (#8901) (#8956) * Hotfix for review actions and notifications (#8965) * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618) * Fix milestone close timestamp (#8728) (#8730) * Fix 500 when getting user as unauthenticated user (#8653) (#8663) * Fix 'New Issue Missing Milestone Comment' (#8678) (#8681) * Use AppSubUrl for more redirections (#8647) (#8651) * Add SubURL to redirect path (#8632) (#8634) * Fix template error on account page (#8562) (#8622) * Allow externalID to be UUID (#8551) (#8624) * Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623) * Update heatmap fixtures to restore tests (#8615) (#8616) * Ensure that diff stats can scroll independently of the diff (#8581) (#8621) * Webhook: set Content-Type for application/x-www-form-urlencoded (#8600) * Fix #8582 by handling empty repos (#8587) (#8594) * Fix bug on pull requests when transfer head repository (#8564) (#8569) * Add missed close in ServeBlobLFS (#8527) (#8542) * Ensure that GitRepo is set on Empty repositories (#8539) (#8541) * Fix migrate mirror 500 bug (#8526) (#8530) * Fix password complexity regex for special characters (#8524) * Prevent .code-view from overriding font on icon fonts (#8614) (#8627) * Allow more than 255 characters for tokens in external_login_user table (#8554) * Fix errors in create org UI regarding team access permission (#8506) * Fix bug on FindExternalUsersByProvider (#8504) * Create .ssh dir as necessary (#8486) * IsBranchExist: return false if provided name is empty (#8485) * Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477) * Add check for empty set when dropping indexes during migration (#8471) * LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455) * Ensure Request Body Readers are closed in LFS server (#8454) * Fix template bug on mirror repository setting page (#8438) * Fix migration v96 to keep issue attachments (#8435) * Update strk.kbt.io/projects/go/libravatar to latest (#8429) * Singular form for files that has only one line (#8416) * Check for either escaped or unescaped wiki filenames (#8408) * Allow users with explicit read access to give approvals (#8382) * Fix editor commit to new branch if PR disabled (#8375) * readd .markdown class to all markup renderers (#8357) * Upgrade xorm to v0.7.9 to fix some bugs (#8354) * Fix column name ambiguity in GetUserIssueStats() (#8347) * Change general form binding to gogs form (#8334) * Fix pull request commit status in user dashboard list (#8321) * Fix repo_admin_change_team_access always checked in org settings (#8319) * Update to github.com/lafriks/xormstore@v1.3.0 (#8317) * Show correct commit status in PR list (#8316) * Bugfix for image compare and minor improvements to image compare (#8289) * Update xorm (#8286) * Fix API for edit and delete release attachment (#8285) * Fix nil object access in some conditions when parsing cross references (#8281) * Fix label count (#8267) * Only show teams access for organization repositories on collaboration setting page (#8265) * Test more reserved usernames (#8263) * Rewrite reference processing code in preparation for opening/closing from comment references (#8261) * Fix assets key on release webhook (#8253) * Allow registration when button is hidden (#8237) * Fix release API URL generation (#8234) * Fix milestone num_issues (#8221) * MS Teams webhook misses commit messages (#8209) * Fix data race (#8204) * Fix team user api (#8172) * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161) * Make show private icon when repo avatar set (#8144) * Add reviewers as participants (#8121) * Fix Go 1.13 private repository go get issue (#8112) * feat: highlight issue references with : (#8101) * Make AllowedUsers configurable in sshd_config (#8094) * Strict name matching for Repository.GetTagID() (#8074) * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066) * Add change title notification for issues (#8061) * [ssh] fix the config specification in the authorized_keys template (#8031) * Fix reading git notes from nested trees (#8026) * Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990) * Fix adding default Telegram webhook (#7972) * Run CORS handler first for /api routes (#7967) * Abort synchronization from LDAP source if there is some error. (#7960) * Fix wrong sender when send slack webhook (#7918) * Fix bug when migrating a private repository (#7917) * Evaluate emojis in commit messages in list view (#7906) * Fix upload file type check (#7890) * lfs/lock: round locked_at timestamp to second (#7872) * fix non existent milestone with 500 error instead of 404 (#7867) * gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846) * Fix duplicate call of webhook (#7821) * Enable switching to a different source branch when PR already exists (#7819) * Convert files to utf-8 for indexing (#7814) * Do not fetch all refs in pull-request compare (#7797) * Fix multiple bugs with statuses endpoints at API (#7785) * Restore functionality for early gits (#7775) * Fix Slack webhook fork message (#7774) * Rewrite existing repo units if setting is not included in api body (#7763) * Fix rename failed when rewrite public keys (#7761) * Fix approvals counting (#7757) * Add migration step to remove old repo_indexer_status orphaned records (#7746) * Fix repo_index_status lingering when deleting a repository (#7734) * Remove camel case tokenization from repo indexer (#7733) * Fix milestone completness calculation when migrating (#7725) * Regression: Include "executable" files in the index, as they are not necessarily … (#7718) * Fixes indexed repos keeping outdated indexes when files grow too large (#7712) * Skip non-regular files (e.g. submodules) on repo indexing (#7711) * Fix dropTableColumns sqlite implementation (#7710) * Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705) * improve branches list performance and fix protected branch icon when no-login (#7695) * Correct wrong datetime format for git (#7689) * Move add to hook queue for created repo to outside xorm session. (#7675) * sugestion to use range .Branches (#7674) * Fix bug on migrating milestone from github (#7665) * hide delete/restore button on archived repos (#7658) * css: use flex to fix floating paginate (#7656) * Fix syntax highlight initialization (#7617) * Fix panic on push at - Merging pull request causes 500 error (#7615) * Make PKCS8, PEM and SSH2 keys work (#7600) * Fix mistake in arc-green.less split-diff css code. (#7587) * Handle ErrUserProhibitLogin in http git (#7586) * Fix bug create/edit wiki pages when code master branch protected (#7580) * Fixes Malformed URLs in API git/commits response (#7565) * Fix file header overflow in file and blame views (#7562) * Improve SSH key parser to handle newlines in keys (#7522) * Fix empty commits now showing in repo overview (#7521) * Fix repository's pull request count error (#7518) * Fix markdown invoke sequence (#7513) * Remove duplicated webhook trigger (#7511) * Update User.NumRepos atomically in createRepository (#7493) * Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482) * Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478) * cmd/serv: actually exit after fatal errors (#7458) * Fix an issue with some pages throwing 'not defined' js exceptions (#7450) * fix Dropzone.js integration (#7445) * Fix regex for issues in commit messages (#7444) * Diff: Fix indentation on unhighlighted code (#7435) * Only show "New Pull Request" button if repo allows pulls (#7426) * Upgrade macaron/captcha to fix random error problem (#7407) * create class for inline positioned lists (#7393) * Fetch refs for successful testing for tag (#7388) * add missing template variable on organisation settings (#7385) * fix post parameter - on issue list - unset assignee (#7380) * fix/define autochecked checkboxes on issue list in firefox (#7320) * only return head: null if source branch was deleted (#6705) * ENHANCEMENTS * Add nofollow to sign in links (#8509) * vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495) * Update milestone issues numbers when save milestone and other code improvements (#8411) * Add extra user information when migrating release (#8331) * Require overall success if no context is given for status check (#8318) * Transaction-aware retry create issue to cope with duplicate keys (#8307) * Change link on issue milestone (#8246) * Alwaywas return local url for users avatar (#8245) * Move some milestone functions to a standalone package (#8213) * Move create issue comment to comments package (#8212) * Disable max height property of comment textarea (#8203) * Add 'Mentioning you' group to /issues page (#8201) * oauth2 with remote Gitea (#8149) * Reference issues from pull requests and other issues (#8137) * Fix webhooks to use proxy from environment (#8116) * Add merged commit id on pull view when it's merged (#8062) * Add teams to repo on collaboration page. (#8045) * Update swagger to 0.20.1 (#8010) * Make link last commit massages in repository home page and commit tables (#8006) * Add API endpoint for accessing repo topics (#7963) * Include description in repository search (#7942) * Use gitea forked macaron (#7933) * Fix pull creation with empty changes (#7920) * Allow token as authorization for accessing attachments (#7909) * Retry create issue to cope with duplicate keys (#7898) * Move git diff codes from models to services/gitdiff (#7889) * migrate gplus to google oauth2 provider (#7885) * Remove unique filter from repo indexer analyzer. (#7878) * Detect delimiter in CSV rendering (#7869) * Import topics during migration (#7851) * Move CreateReview to modules/pull (#7841) * vendor: update pdf.js to v2.1.266 (#7834) * Support SSH_LISTEN_PORT env var in docker app.ini template (#7829) * Add Ability for User to Customize Email Notification Frequency (#7813) * Move database settings from models to setting (#7806) * Display ui time with customize time location (#7792) * Implement webhook branch filter (#7791) * Restrict repository indexing by glob match (#7767) * Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756) * Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751) * deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749) * Apply emoji on commit graph page (#7743) * Add a lot of extension to language mappings for syntax highlights (#7741) * Add SQL execution on log and indexes on table repository and comment (#7740) * Set DB connection error level to error (#7724) * Check commit message hashes before making links (#7713) * remove unnecessary fmt on generate bindata (#7706) * Fix specific highlighting (CMakeLists.txt ...) (#7686) * Add file status on API (#7671) * Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669) * Provide links in commit summaries in commits table/view list (#7659) * Change length of some repository's columns (#7652) * Move commit repo action from models to repofiles package (#7645) * fix wrong email when use gitea as OAuth2 provider (#7640) * [Branch View] add download button (#7604) * Update to xorm@v0.7.4 (#7596) * use 403 instead of 401 for ErrUserProhibitLogin (#7591) * Removed unnecessary conversions (#7557) * Un-lambda base.FileSize (#7556) * Added missing error checks in tests (#7554) * Move create release from models to a standalone package (#7539) * Make default branch name link to default branch (#7519) * Added total count of contributions to heatmap (#7517) * Move mirror to a standalone package from models (#7486) * Move models.PushUpdate to repofiles.PushUpdate (#7485) * Include thread related headers in issue/coment mail (#7484) * Refuse merge until all required status checks success (#7481) * convert all js var to let/const (#7464) * Only create branches for opened pull requestes when migrating from github (#7463) * jQuery 3 (#7425) * Add notification placeholder (#7409) * Search Commits via Commit Hash (#7400) * Move status table to cron package (#7370) * wiki - page revisions list (#7369) * Display original author and URL information when showing migrated issues/comments (#7352) * Refactor filetype is not allowed errors (#7309) * switch to use gliderlabs/ssh for builtin server (#7250) * Remove settting dependency on modules/session (#7237) * Move all mail related codes from models to services/mailer (#7200) * Support git.PATH entry in app.ini (#6772) * Support setting cookie domain (#6288) * Move migrating repository from frontend to backend (#6200) * Delete releases attachments if release is deleted (#6068) * TRANSLATION * Latvian translation for home page (#8468) * Add home template italian translation (#8352) * fix misprint (#7452) * BUILD * use go 1.13 (#8088) * MISC * add file line count info on UI (#8396) * Make issues page left menu 100% width and add reponame as title attribute (#8359) * [arc-green] white on hover for active menu items (#8344) * Move ref (branch or tag) location on issue list page (#8157) * apply emoji on dashboard issue list labels (#8156) * 1148: Take up the full width when viewing the diff in split view. (#8114) * Display description of 'make this repo private' as help text, not as tooltip (#8097) * Fixes deformed emoji in pull request reviews (#8047) * Add strike to old header on comment (#8046) * Add tooltip for the visibility checkbox in /repo/create (#8025) * Update github.com/lafriks/xormstore and tidy up mod.go (#8020) * keep blame view buttons sequence consistent with normal view when view a file (#8007) * Use "Pull Request" instead of "Merge Request" (#8003) * Move line number to :before attr to hide from search on browser (#8002) * Changed black color to white for (read) number label on issue list page (#8000) * [Branch View] show "New Pull Request" Button only if posible (#7977) * Fix hook problem by only setting the git environment variables if we are passed them (#7854) * Prevent Commit Status and Message From Overflowing On Branch Page (#7800) * Fix global search result CSS, misc CSS tweaks (#7789) * Tweak label border CSS (#7739) * Fix create menu item widths (#7708) * [Branch View] Delete duplicate protection symbol (#7624) * [Branch View] Delete Table Header (#7622) * [Branch View] icons to buttons (#7602) * update js dependencies (#7462) * Add Extra Info to Branches Page (#7461) * Bump lodash from 4.17.11 to 4.17.14 (#7459) * wiki history improvements (#7391) * ui fixes - compare view and archieved repo issues (#7345) * dark theme scrollbars (#7269) * wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243) * Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141) ## [1.9.6](https://github.com/go-gitea/gitea/releases/tag/v1.9.6) - 2019-11-13 * BUGFIXES * Allow to merge if file path contains " or \ (#8629) (#8772) * Fix 500 when edit hook (#8782) (#8790) * Fix issue with user.fullname (#8904) * Update Github Migration Test (#8897) (#8946) * Add Close() method to gogitRepository (#8901) (#8958) ## [1.9.5](https://github.com/go-gitea/gitea/releases/tag/v1.9.5) - 2019-10-30 * BREAKING * Hide some user information via API if user doesn't have enough permission (#8655) (#8658) * BUGFIXES * Fix milestone close timestamp (#8728) (#8731) * Fix deadline on update issue or PR via API (#8699) * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682) * Fix 500 when getting user as unauthenticated user (#8653) (#8662) * Use AppSubUrl for more redirections (#8647) (#8652) * Add SubURL to redirect path (#8632) (#8634) (#8640) * Fix #8582 by handling empty repos (#8587) (#8593) * Fix bug on pull requests when transfer head repository (#8571) * Add missed close in ServeBlobLFS (#8527) (#8543) * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492) * Create .ssh dir as necessary (#8369) (#8486) (#8489) * Restore functionality for early gits (#7775) (#8476) * Add check for empty set when dropping indexes during migration (#8475) * Ensure Request Body Readers are closed in LFS server (#8454) (#8459) * Ensure that LFS files are relative to the LFS content path (#8455) (#8458) * SECURITY * Ignore mentions for users with no access (#8395) (#8484) * TESTING * Update heatmap fixtures to restore tests (#8615) (#8617) ## [1.9.4](https://github.com/go-gitea/gitea/releases/tag/v1.9.4) - 2019-10-08 * BUGFIXES * Highlight issue references (#8101) (#8404) * Fix bug when migrating a private repository #7917 (#8403) * Change general form binding to gogs form (#8334) (#8402) * Fix editor commit to new branch if PR disabled (#8375) (#8401) * Fix milestone num_issues (#8221) (#8400) * Allow users with explicit read access to give approvals (#8398) * Fix commit status in PR #8316 and PR #8321 (#8339) * Fix API for edit and delete release attachment (#8290) * Fix assets on release webhook (#8283) * Fix release API URL generation (#8239) * Allow registration when button is hidden (#8238) * MS Teams webhook misses commit messages (backport v1.9) (#8225) * Fix data race (#8206) * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8194) * Fix the SSH config specification in the authorized_keys template (#8193) * Fix reading git notes from nested trees (#8189) * Fix team user api (#8172) (#8188) * Add reviewers as participants (#8124) * BUILD * Use vendored go-swagger (#8087) (#8165) * Fix version-validation for GO 1.13 (go-macaron/cors) (#8389) * MISC * Make show private icon when repo avatar set (#8144) (#8175) ## [1.9.3](https://github.com/go-gitea/gitea/releases/tag/v1.9.3) - 2019-09-06 * BUGFIXES * Fix go get from a private repository with Go 1.13 (#8100) * Strict name matching for Repository.GetTagID() (#8082) * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070) * Add change title notification for issues (#8064) * Run CORS handler first for /api routes (#7967) (#8053) * Evaluate emojis in commit messages in list view (#8044) * Fix failed to synchronize tags to releases for repository (#7990) (#7994) * Fix adding default Telegram webhook (#7972) (#7992) * Abort synchronization from LDAP source if there is some error (#7965) * Fix deformed emoji in commit message (#8071) * ENHANCEMENTS * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009) ## [1.9.2](https://github.com/go-gitea/gitea/releases/tag/v1.9.2) - 2019-08-22 * BUGFIXES * Fix wrong sender when send slack webhook (#7918) (#7924) * Upload support text/plain; charset=utf8 (#7899) * Lfs/lock: round locked_at timestamp to second (#7872) (#7875) * Fix non existent milestone with 500 error (#7867) (#7873) * SECURITY * Fix No PGP signature on 1.9.1 tag (#7874) * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ * ENHANCEMENTS * Fix pull creation with empty changes (#7920) (#7926) * BUILD * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884) ## [1.9.1](https://github.com/go-gitea/gitea/releases/tag/v1.9.1) - 2019-08-14 * BREAKING * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752) * SECURITY * Be more strict with git arguments (#7715) (#7762) * Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA * BUGFIXES * Fix local runs of ssh-requiring integration tests (#7855) (#7857) * Fix hook problem (#7856) (#7754) * Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846) * Do not fetch all refs (#7797) (#7837) * Fix duplicate call of webhook (#7824) (#7821) * Enable switching to a different source branch when PR already exists (#7823) * Rewrite existing repo units if setting is not included in api body (#7811) * Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808) * API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807) * Fix Slack webhook fork message (1.9 release backport) (#7783) * Fix approvals counting (#7757) (#7777) * Fix rename failed when rewrite public keys (#7761) (#7769) * Fix dropTableColumns sqlite implementation (#7710) (#7765) * Fix repo_index_status lingering when deleting a repository (#7738) * Fix milestone completness calculation when migrating (#7725) (#7732) * Fixes indexed repos keeping outdated indexes when files grow too large (#7731) * Skip non-regular files (e.g. submodules) on repo indexing (#7717) * Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704) * Correct wrong datetime format for git (#7689) (#7690) ## [1.9.0](https://github.com/go-gitea/gitea/releases/tag/v1.9.0) - 2019-07-30 * BREAKING * Better logging (#6038) (#6095) * SECURITY * Shadow the password on cache and session config on admin panel (#7300) * Fix markdown invoke sequence (#7513) (#7560) * Reserve .well-known username (#7638) * Do not leak secrets via timing side channel (#7364) * Ensure that decryption of cookie actually suceeds (#7363) * FEATURES * Content API for Creating, Updating, Deleting Files (#6314) * Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229) * Add command to convert mysql database from utf8 to utf8mb4 (#7144) * Fixes #2738 - Adds the /git/tags API endpoint (#7138) * Compare branches, commits and tags with each other (#6991) * Show Pull Request button or status of latest PR in branch list (#6990) * Repository avatars (#6986) * Show git-notes (#6984) * Add commit statuses reports on pull request view (#6845) * Number of commits ahead/behind in branch overview (#6695) * Add CLI commands to manage LDAP authentication source (#6681) * Add support for MS Teams webhooks (#6632) * OAuth2 Grant UI (#6625) * Add SUBJECT_PREFIX mailer config option (#6605) * Include custom configuration file in dump (#6516) * Add API for manipulating Git hooks (#6436) * Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290) * Add option to blame files (#5721) * Implement Default Webhooks (#4299) * Telegram webhook (#4227) * BUGFIXES * Send webhook after commit when creating issue with assignees (#7681) (#7684) * Upgrade macaron/captcha to fix random error problem (#7407) (#7683) * Move add to hook queue for created repo to outside xorm session. (#7682) (#7675) * Show protection symbol if needed on default branch (#7660) (#7668) * Hide delete/restore button on archived repos (#7660) * Fix bug on migrating milestone from github (#7665) (#7666) * Use flex to fix floating paginate (#7656) (#7662) * Change length of some repository's columns (#7652) (#7655) * Fix wrong email when use gitea as OAuth2 provider (#7640) (#7647) * Fix syntax highlight initialization (#7617) (#7626) * Fix bug create/edit wiki pages when code master branch protected (#7580) (#7623) * Fix panic on push at #7611 (#7615) (#7618) * Handle ErrUserProhibitLogin in http git (#7586, #7591) (#7590) * Fix color of split-diff view in dark theme (#7587) (#7589) * Fix file header overflow in file and blame views (#7562) (#7579) * Malformed URLs in API git/commits response (#7565) (#7567) * Fix empty commits now showing in repo overview (#7521) (#7563) * Fix repository's pull request count error (#7518) (#7524) * Remove duplicated webhook trigger (#7511) (#7516) * Handles all redirects for Web UI File CRUD (#7478) (#7507) * Fix regex for issues in commit messages (#7444) (#7466) * cmd/serv: actually exit after fatal errors (#7458) (#7460) * Fix an issue with some pages throwing 'not defined' js exceptions #7450 (#7453) * Fix Dropzone.js integration (#7445) (#7448) * Create class for inline positioned lists (#7439) (#7393) * Diff: Fix indentation on unhighlighted code (#7435) (#7443) * jQuery 3 (#7442) (#7425) * Only show "New Pull Request" button if repo allows pulls (#7426) (#7432) * Fix vendor references (#7394) (#7396) * Only return head: null if source branch was deleted (#6705) (#7376) * Add missing template variable on organisation settings (#7386) (#7385) * Fix post parameter on issue list which had unset assignee (#7380) (#7383) * Fix migration tests due to issue 7 being resolved (#7375) (#7381) * Correctly adjust mirror url (#6593) * Handle early git version's lack of get-url (#7065) * Fix icon position in issue view (#7354) * Cut timeline length with last element on issue view (#7355) * Fix mirror repository webhooks (#7366) * Fix api route for hooks (#7346) * Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337) * Fix pull view ui merge section (#7335) * Fix 7303 - remove unnessesary buttons on archived repos (#7326) * Fix topic bar to allow prefixes (#7325) * Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324) * Fixes #7238 - Annotated tag commit ID incorrect (#7321) * Dark theme fixes (#7319) * Gitea own dark codemirror theme (#7317) * Fixes #7292 - API File Contents bug (#7301) * Fix API link header (#7298) * Fix extra newlines when copying from diff in Firefox (#7288) * Make diff line-marker non-selectable (#7279) * Fix Submodule dection in subdir (#7275) * Fix error log when loading issues caused by a xorm bug (#7271) * Add .fa icon margin like .octicon (#7258) * Fix hljs unintenionally highlighting commit links (#7244) * Only check and config git on web subcommand but not others (#7236) * Fix migration panic when Head.User is not exist (#7226) * Only warn on errors in deleting LFS orphaned files during repo deletion (#7213) * Fix duplicated file on pull request conflicted files (#7211) * Allow colon between fixing word and issue (#7207) * Fix overflow issues in repo (#7190) * API error cleanup (#7186) * Add error for fork already existing (#7185) * Fixes diff on merged pull requests (#7171) * If milestone id is zero don't get it from database (#7169) * Fix pusher name via ssh push (#7167) * Fix database lock when use random repository fallback image (#7166) * Various fixes for issue mail notifications (#7165) * Allow archived repos to be (un)starred and (un)watched (#7163) * Fix GCArgs load from ini (#7156) * Detect noreply email address as user (#7133) * Avoid arbitrary format strings upon calling fail() function (#7112) * Validate External Tracker URL Format (#7089) * Repository avatar fallback configuration (#7087) * Fix #732: Add LFS objects to base repository on merging (#7082) * Install page - Handle invalid administrator username better (#7060) * Workaround for posting single comments in split diff view (#7052) * Fix possbile mysql invalid connnection error (#7051) * Fix charset was not saved after installation finished (#7048) * Handle insecure and ports in go get (#7041) * Avoid bad database state after failed migration (#7040) * Fix wrong init dependency on markup extensions (#7038) * Fix default for allowing new organization creation for new users (#7017) * Fix content download and /verify LFS handler expecting wrong content-type (#7015) * Fix missing repo description when migrating (#7000) * Fix LFS Locks over SSH (#6999) * Do not attempt to return blob on submodule (#6996) * Fix U2F for Chrome >= 74 (#6980) * Fix index produces problem when issues/pulls deleted (#6973) * Allow collaborators to view repo owned by private org (#6965) * Stop running hooks on pr merge (#6963) * Run hooks on merge/edit and cope with protected branches (#6961) * Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953) * Stop colorizing log files by default (#6949) * Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935) * Fix plain text overflow line wrap (#6915) * Fix input size for dependency select (#6913) * Change drone token name to let users know to use oauth2 (#6912) * Fix syntax highlight in blame view #6895 (#6909) * Use AppURL for Oauth user link (#6894) * Fixes #6881 - API users search fix (#6882) * Fix 404 when send pull request some situation (#6871) * Enforce osusergo build tag for releases (#6862) * Fix 500 when reviewer is deleted with integration tests (#6856) * Fix v85.go (#6851) * Make dropTableColumns drop columns on sqlite and constraints on all (#6849) * Fix double-generation of scratch token (#6832) (#6833) * When mirroring we should set the remote to mirror (#6824) * Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823) * Change verbose flag in dump command to avoid colliding with global version flag (#6822) * Fix #6813: Allow git.GetTree to take both commit and tree names (#6816) * Remove `seen` map from `getLastCommitForPaths` (#6807) * Show scrollbar only when needed (#6802) * Restore IsWindows variable assignment (#6722) (#6790) * Service worker js is a missing comma (#6788) * Fix team edit API panic (#6780) * Set user search base field optional in LDAP (simple auth) edit page (#6779) * Ignore already existing public keys after ldap sync (#6766) * Fix pulls broken when fork repository deleted (#6754) * Fix missing return (#6751) * Fix new team 500 (#6749) * OAuth2 token can be used in basic auth (#6747) * Fix org visibility bug when git cloning (#6743) * Fix bug when sort repos on org home page login with non-admin (#6741) * Stricter domain name pattern in email regex (#6739) * Fix admin template error (#6737) * Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) * UI: Detect and restore encoding and BOM in content (#6727) * Load issue attributes when editing an issue with API (#6723) * Fix team members API (#6714) * Unfortunately MemProvider Init does not actually Init properly (#6692) * Fix partial reversion of #6657 caused by #6314 (#6685) * Prevent creating empty sessions (#6677) * Fixes #6659 - Swagger schemes selection default to page's protocol (#6660) * Update highlight.js to 9.15.6 (#6658) * Properly escape on the redirect from the web editor (#6657) * Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656) * Use ctx.metas for SHA hash links (#6645) * Fix wrong GPG expire date (#6643) * upgrade version of lib/pq to v1.1.0 (#6640) * Fix forking an empty repository (#6637) * Fix issuer of OTP URI should be URI-encoded. (#6634) * Return a UserList from /api/v1/admin/users (#6629) * Add json tags for oauth2 form (#6627) * Remove extra slash from twitter card (#6619) * remove bash requirement in makefile (#6617) * Fix Open Graph og:image link (#6612) * Fix cross-compile builds (#6609) * Change commit summary to full message in API (#6591) * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) * Prevent server 500 on compare branches with no common history (#6555) * Properly escape release attachment URL (#6512) * Delete local branch when repo branch is deleted (#6497) * Fix bug when user login and want to resend register confirmation email (#6482) * Fix upload attachments (#6481) * Avoid multi-clicks in oauth2 login (#6467) * Hacky fix for alignment of the create-organization dialog (#6455) * Change order that PostProcess Processors are run (#6445) * Clean up ref name rules (#6437) * Fix Hook & HookList in Swagger (#6432) * Fixed unitTypeCode not being used in accessLevelUnit (#6419) * Display correct error for invalid mirror interval (#6414) * Don't Unescape redirect_to cookie value (#6399) * Fix dump table name error and add some test for dump database (#6394) * Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387) * Make sure units of a team are returned (#6379) * Fix bug manifest.json will not request with cookie so that session will created every request (#6372) * Disable benchmarking during tag events on DroneIO (#6365) * Comments list performance optimization (#5305) * ENHANCEMENTS * Update Drone docker generation to standard format (#7480) (#7496) (#7504) * Add API Endpoint for Repo Edit (#7006) * Add state param to milestone listing API (#7131) * Make captcha and password optional for external accounts (#6606) * Detect migrating batch size (#7353) * Fix 7255 - wrap long texts on user profile info (#7333) * Use commit graph files for listing pages (#7314) * Add git command line commitgraph support global default true when git version >= 2.18 (#7313) * Add LFS_START_SERVER option to control git-lfs support (#7281) * Dark theme markdown fixes (#7260) * Update go-git to v4.12.0 (#7249) * Show lfs config on admin panel (#7220) * Disable same user check for internal SSH (#7215) * Add LastLogin to the User API (#7196) * Add missing description of label on API (#7159) * Use go method to calculate ssh key fingerprint (#7128) * Enable Rust highlighting (#7125) * Refactor submodule URL parsing (#7100) * Change issue mail title. (#7064) * Use batch insert on migrating repository to make the process faster (#7050) * Improve github downloader on migrations (#7049) * When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047) * Fix Erlang and Elixir highlight mappings (#7044) * API Org Visibility (#7028) * Improve handling of non-square avatars (#7025) * Bugfix: Align comment label and actions to the right (#7024) * Change UpdateRepoIndex api to include watchers (#7012) * Move serv hook functionality & drop GitLogger (#6993) * Add support of utf8mb4 for mysql (#6992) * Make webhook http connections resuable (#6976) * Move xorm logger bridge from log to models so that log module could be a standalone package (#6944) * Refactor models.NewRepoContext to extract git related codes to modules/git (#6941) * Remove macaron dependent on models (#6940) * Add less linter via npx (#6936) * Remove macaron dependent on modules/log (#6933) * Remove macaron dependent on models/mail.go (#6931) * Clean less files (#6921) * Fix code overflow (#6914) * Style orgs list in user profile (#6911) * Improve description of branch protection (fix #6886) (#6906) * Move sdk structs to modules/structs (#6905) * update sdk to latest (#6903) * Escape the commit message on issues update and title in telegram hook (#6901) * SearchRepositoryByName improvements and unification (#6897) * Change the color of issues/pulls list, merged is purple and closed is red (#6874) * Refactor table width to have more info shown in file list (#6867) * Monitor all git commands; move blame to git package and replace git as a variable (#6864) * Fix config ui error about cache ttl (#6861) * Improve localization of git activity stats (#6848) * Generate access token in admin cli (#6847) * Update github.com/urfave/cli to version 1.2.0 (#6838) * Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826) * internal/ssh: ignore env command totally (#6825) * Allow Recaptcha service url to be configured (#6820) * update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815) * Use modules/git for git commands (#6775) * Add GET requests to webhook (#6771) * Move PushUpdate dependency from models to repofiles (#6763) * Tweak tab text and icon colors (#6760) * Ignore non-standard refs in git push (#6758) * Disable web preview for telegram webhook (#6719) * Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710) * Reorder file actions (#6706) * README WordPress the code is overflowing #6679 (#6696) * Improve issue reference on commit (#6694) * Handle redirects for git clone commands (#6688) * Fix one performance/correctness regression in #6478 found on Rails repository. (#6686) * API OTP Context (#6674) * Remove local clones & make hooks run on merge/edit/upload (#6672) * Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663) * Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662) * Fix dropdown icon padding (#6651) * Add more title attributes on shortened names (#6647) * Update UI for topics labels on projects (#6639) * Trace Logging on Permission Denied & ColorFormat (#6618) * Add .gpg url (match github behaviour) (#6610) * Support for custom GITEA_CUSTOM env var in docker(#6608) * Show "delete branch" button on closed pull requests (#6570) (#6601) * Add option to disable refresh token invalidation (#6584) * Fix new repo dropdown alignment (#6583) * Fix mail notification when close/reopen issue (#6581) * Pre-calculate the absolute path of git (#6575) * Minor CSS cleanup for the navbar (#6553) * Render SHA1 links as code blocks (#6546) * Add username flag in create-user command (#6534) * Unifies pagination template usage (#6531) (#6533) * Fixes pagination width on mobile view (#5711) (#6532) * Improve SHA1 link detection (#6526) * Fixes #6446 - Sort team members and team's repositories (#6525) * Use stricter boundaries for auto-link detection (#6522) * Use regular line-height on frontpage entries (#6518) * Fixes #6514 - New Pull Request on files and pulls pages the same (#6515) * Make distinction between DisplayName and Username in email templates (#6495) * Add X-Auto-Response-Suppress header to outgoing messages (#6492) * Cleaned permission checks for API -> site admin can now do anything (#6483) * Support search operators for commits search (#6479) * Improve listing performance by using go-git (#6478) * Fix repo sub_menu font color in arc-green (#6477) * Show last commit status in pull request lists (#6465) * Add signatures to webhooks (#6428) * Optimize all images in public/img (#6427) * Add golangci (#6418) * Make "Ghost" not link to 404 page (#6410) * Include more variables on admin/config page (#6378) * Markdown: enable some more extensions (#6362) * Include repo name in page title tag (#6343) * Show locale string on timestamp (#6324) * Handle CORS requests (#6289) * Improve issue autolinks (#6273) * Migration Tweaks (#6260) * Add title attributes to all items in the repo list viewer (#6258) * Issue indexer queue redis support (#6218) * Add bio field for user (#6113) * Make the version within makefile overwriteable (#6080) * Updates to API 404 responses (#6077) * Use Go1.11 module (#5743) * UX + Security current user password reset (#5042) * Refactor: append, build variable and type switch (#4940) * Git statistics in Activity tab (#4724) * Drop the bits argument when generating an ed25519 key (#6504) * TESTING * Exclude pull_request from fetch-tags step, fixes #7108 (#7120) * Refactor and improve git test (#7086) * Fix TestSearchRepo by waiting till indexing is done (#7004) * Add mssql migration tests (needs #6823) (#6852) * Add tests for Org API (#6731) * Context.ServerError and NotFound should log from their caller (#6550) * TRANSLATION * Add french specific rule for translating plural texts (#6846) * BUILD * Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306) * Alpine 3.10 (#7256) * Use vfsgen instead of go-bindata (#7080) * remove and disable package-lock (#6969) * add make targets for js and css, add js linter (#6952) * Added tags pull step to drone config to show correct version hashes i… (#6836) * Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) * chore: update drone format to 1.0 (#6602) * Fix race in integration testlogger (#6556) * Quieter Integration Tests (#6513) * Drop the docker Makefile from the image (#6507) * Add make version on gitea version (#6485) * Fix #6468 - Uses space match and adds newline for all sed flavors (#6473) * Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364) * Update npm dependencies and various tweaks (#7344) * Fix updated drone file (#7336) * Add 'npm' and 'npm-update' make targets and lockfile (#7246) * DOCS * Add work path CLI option (#6922) * Fix logging documentation (#6904) * Some logging documentation (#6498) * Fix link to Hacking on Gitea on From-Source doc page (#6471) * Fix typos in docs command-line examples (#6466) * Added docker example for backup (#5846) ## [1.8.3](https://github.com/go-gitea/gitea/releases/tag/v1.8.3) - 2019-06-17 * BUGFIXES * Always set userID on LFS authentication (#7224) (Part of #6993) * Fix LFS Locks over SSH (#6999) (#7223) * Fix duplicated file on pull request conflicted files (#7211) (#7214) * Detect noreply email address as user (#7133) (#7195) * Don't get milestone from DB if ID is zero (#7169) (#7174) * Allow archived repos to be (un)starred and (un)watched (#7163) (#7168) * Fix GCArgs load from ini (#7156) (#7157) ## [1.8.2](https://github.com/go-gitea/gitea/releases/tag/v1.8.2) - 2019-05-29 * BUGFIXES * Fix possbile mysql invalid connnection error (#7051) (#7071) * Handle invalid administrator username on install page (#7060) (#7063) * Disable arm7 builds (#7037) (#7042) * Fix default for allowing new organization creation for new users (#7017) (#7034) * SearchRepositoryByName improvements and unification (#6897) (#7002) * Fix u2f registrationlist ToRegistrations() method (#6980) (#6982) * Allow collaborators to view repo owned by private org (#6965) (#6968) * Use AppURL for Oauth user link (#6894) (#6925) * Escape the commit message on issues update (#6901) (#6902) * Fix regression for API users search (#6882) (#6885) * Handle early git version's lack of get-url (#7065) (#7076) * Fix wrong init dependency on markup extensions (#7038) (#7074) ## [1.8.1](https://github.com/go-gitea/gitea/releases/tag/v1.8.1) - 2019-05-08 * BUGFIXES * Fix 404 when sending pull requests in some situations (#6871) (#6873) * Enforce osusergo build tag for releases (#6862) (#6869) * Don't post process commit summary in templates (#6842) (#6868) * Fix 500 when reviewer is deleted (#6856) (#6860) * Fix v78 migration for MSSQL (#6823) (#6854) * Added tags pull step to drone config to show correct version hashes (#6836) (#6839) * Fix double-generation of scratch token (#6833) (#6835) * When mirroring we should set the remote to mirror (#6824) (#6834) * Show scrollbar only when needed (#6802) (#6803) * Service worker js is missing a comma (#6788) (#6795) * Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789) * Fix team edit API panic (#6780) (#6785) * Minor CSS cleanup for the navbar (#6553) (#6781) * Stricter domain name pattern in email regex (#6739) (#6768) * Detect and restore encoding and BOM in content (#6727) (#6765) * Fix org visibility bug when git cloning (#6743) (#6762) * OAuth2 token can be used in basic auth (#6747) (#6761) * Fix missing return (#6751) (#6756) * Fix sorting repos on org home page with non-admin login (#6741) (#6746) * Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744) * Fix team members API (#6714) (#6729) * Load issue attributes when editing an issue with API (#6723) (#6725) * Fix config ui error about cache ttl (#6861) (#6865) ## [1.8.0](https://github.com/go-gitea/gitea/releases/tag/v1.8.0) - 2019-04-20 * SECURITY * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594) * Resolve 2FA bypass on API (#6676) (#6674) * Prevent the creation of empty sessions for non-logged in users (#6690) (#6677) * BREAKING * Add "ghost" and "notifications" to list of reserved user names. (#6208) * Change sqlite DB path default to data directory (#6198) * Adds MustChangePassword to user create/edit API (#6193) * Disable redirect for i18n (#5910) * Releases API paging (#5831) * Allow Macaron to be set to log through to gitea.log (#5667) * Don't close issues via commits on non-default branch (#5622) * FEATURES * Add regenerate secret feature for oauth2 (#6291) * Expose issue stopwatch toggling via API (#5970) * Add other session providers (#5963) * Pull request conflict files detection (#5951) * Integrate OAuth2 Provider (#5378) * Implement "conversation lock" for issue comments (#5073) * Feature: Archive repos (#5009) * Discord Oauth2 support (#4476) * Allow to set organization visibility (public, internal, private) (#1763) * Added URL mapping for Release attachments like on github.com (#1707) * ENHANCEMENTS * Add support for client basic auth for exchanging access tokens (#6293) * Add ability to sort issues by due date (#6206) (#6244) * Style tweaks to issue selection (#6196) * Increase Username and Orgname MaxSize 35 -> 40 (#6178) * Coverage profile with multiple packages (#6167) * Split setting.go to multiple files (#6154) * Allow labels to contain emoji (#6063) * Disable git fsck for mirrored repos by default (#6018) * Add default time out for git operations (#6015) * Split setting.go as multiple files (#6014) * Make dashboard navbar and footer full-width (#6013) * Add lang specific font stacks for CJK (#6007) * Fix header menu misalignment (#6002) * Enhance closed PR and Issue status in the list (#6000) * Make navbar full width (#5998) * Add option to close issues via commit on a non master branch (#5992) * Support n as a line highlight prefix (#5987) * Search for org repos (#3031) (#5986) * Minor UI tweaks (#5980) * Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * Dashboard tweaks (#5974) * Fixes for repo topic editor (#5971) * Display the branch name in the commit view (#5950) * handle milestone events for issues and PR (#5947) * Add label names as filter in issue search api (#5946) * Repo header tweaks (#5945) * Better support for long repo names (#5932) * Fix wrapping long code lines (#5927) * Change GPG Validation colors and remove inline CSS (#5404) (#5896) * Fix "pulls.blocked_by_approvals" text (#5879) * Rename reject to 'request changes' (#5858) * Move input fields to add members to a team and repos to a team (#5853) * Config option to disable automatic repo watching (#5852) * New Issue ?body= query (#5851) * Add API to list tags (#5850) * Pagination for git tree API (#5838) * Add InternalTokenURI to load InternalToken from an external file (#5812) * Allow markdown files to read from the LFS (#5787) * Add the ability to use multiple labels as filters (#5786) * Adjust log settings when a user is not found. (#5771) * Log IP of failed ssh connection (#5766) * Moved defaults in defaults.go to setting.go (#5764) * Make DB connect more robust (#5738) * Add Default Pull Request Title (#5735) * Refactor repo.isBare to repo.isEmpty #5629 (#5714) * Add flag to skip repository dumping (#5695) * Prioritize "readme.md" (#5691) * Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690) * Allow for user specific themes (#5668) * Display branch name in delete branch confirmation modal. (#5654) * New API routes added (#5594) * Refactor notification for indexer (#5111) * Refactor mail notification (#5110) * Show email if the authenticated user owns the profile page being requested for (#4981) * Optimize pulls merging (#4921) * Sort Repositories widget by most recently updated (#3963) (#4599) * Allow markdown table to scroll (#4401) * Automatically clear stopwatch on merging a PR (#4327) * Add the Owner Name to differentiate when merging (#3807) * Add title attributes to all items in the repo list viewer (#6258) (#6650) * BUGFIXES * Fix dropdown icon padding (#6651) (#6654) * Fix wrong GPG expire date (#6643) (#6644) * Fix forking an empty repository (#6637) (#6653) * Remove call to EscapePound .Link as it is already escaped (#6656) (#6666) * Properly escape on the redirect from the web editor (#6657) (#6667) * Allow resend of confirmation email when logged in (#6482) (#6486) * Fix mail notification when close/reopen issue (#6581) (#6588) * Change API commit summary to full message (#6591) (#6592) * Add option to disable refresh token invalidation (#6584) (#6587) * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586) * Fix new repo alignment (#6583) (#6585) * Prevent server 500 on compare branches with no common history (#6555) (#6558) * Properly escape release attachment URL (#6512) (#6523) * Hacky fix for alignment of the create-organization dialog (#6455) (#6462) * Disable benchmarking during tag events on DroneIO (#6365) (#6366) * Make sure units of a team are returned (#6379) (#6381) * Don't Unescape redirect_to cookie value (#6399) (#6401) * Fix dump table name error and add some test for dump database (#6394) (#6402) * Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403) * Display correct error for invalid mirror interval (#6414) (#6429) * Clean up ref name rules (#6437) (#6439) * Fix Hook & HookList in Swagger (#6432) (#6440) * Change order that PostProcess Processors are run (#6445) (#6447) * Clean up various use of escape/unescape functions for URL generation (#6334) * Return 409 when creating repo if it already exists. (#6330) * Add same changes from issues page to milestone->issues page (#6328) * Fix ParsePatch function to work with quoted diff --git strings (#6323) * Fix reported issue in repo description (#6306) * Use url.PathEscape to escape the branchname (#6304) * Add robots.txt as reserved username (#6272) * Replace linkRegex with xurls library (#6261) * Remove visitLinksForShortLinks features (#6257) * Add unit types to repo action URL to correctly show 404 when archived (#6247) * Check organization visibility before everything else (#6234) (#6235) * Prevent double-close of issues (#6233) * Override xorm type mapping for U2F counter (#6232) * Add isAdmin to user API response (#6231) * Update git vendor to fix wrong release commit id and add migrations (#6224) * Fix fork button (#6223) * Fix renames over redirects (#6216) * Fix display dashboard even if require to change password (#6214) * Create a repo redirect when transferring ownership (#6210) (#6211) * Fix issue update race condition (#6194) * Fix bug when migrate repository 500 when repo is existed (#6188) * Fix scrollbar always present on page body (#6177) * Fix bug when set indexer as db and add tests (#6173) * Modify linkRegex to require http|https (#6171) * Fix bug user could change private repository to public when force private enabled. (#6156) * Fix admin list user/org API (#6143) * Make repo creation for API similar to UI (#6142) * Make document body a flexbox (#6139) * Refactor issue indexer, add some testing and fix a bug (#6131) * Load Issue attributes for API call (#6122) * Fix bug when update owner team then visit team's repo return 404 (#6119) * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) * Show private organization for admin, fix #6111 (#6112) * Fix prohibit login check on authorization (#6106) * Move to ldap.v3 to fix #5928 (#6105) * Remove use MakeAssigneeList in webhooks to fix deadlock (#6102) * Allow display of LFS stored Readme.md on directory page (#6073) (#6099) * Make sure labels are actually returned (#6053) * Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041) * After deleting a repo on admin panel, UI should remember the last sort type (#6033) * Default create repository on organisation on its dashboard (#6026) * Swagger: Remove spaces in MergePullRequestOption enum (#6016) * Fix metrics auth token detection (#6006) * Fix repo header issues (#5995) * Fix bug when deleting a linked account will removed all (#5989) * Make organization dropdown scrollable when using mouse wheel (#5988) * Fix empty ssh key importing in ldap (#5984) * Admin config page mailertype setting option update (#5973) * Fix redirect loop during forced password change (#5965) * Show user who created the repository instead of the organisation in action feed (#5948) * Remove all CommitStatus when a repo is deleted (#5940) * Fix ssh deploy and user key constraints (#1357) (#5939) * Fix log output (#5938) * Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935) * Fix compare button (#5929) * Fix bug when read public repo lfs file (#5912) * Only allow local login if password is non-empty (#5906) * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) * Provide better panic handling (#5902) * Respect value of REQUIRE_SIGNIN_VIEW (#5901) * Show a 404 not a 500 if a repo does not exist (#5900) * Ensure repo is loaded in mailer (Completely fix #5891) (#5895) * Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891) * Correct footer height if screen-width is to small (fixes #5878) (#5889) * In gitea serv switch off console logger to fix #5866 (#5887) * Don't allow pull requests to be created on an archived repository (#5883) * Support reviews on a deleted file path (#5880) * Fix compare button on upstream repo leading to 404 (#5877) * Fix null pointer on not logged in attempt to Sudo (#5872) * Fix new release creation API to allow empty target (#5870) * Fix an error while adding a dependency via UI. (#5862) * Fix failing migration v67 (#5849) * Fix delete correct temp directory (#5839) * Make sure .git/info is created before generating .git/info/sparse-che… (#5825) * Fix topics saving internal error and disable for archived repos (#5821) * Fix TLS errors when using acme/autocert for local connections (#5820) * When creating new repository fsck option should be enabled (#5817) * Request for public keys only if LDAP attribute is set (#5816) * Fix serving of raw wiki files other than .md (#5814) * Fix migration 78 error mssql (#5791) * Disallow empty titles (#5785) * Fix the v78 migration script (#5776) * Ensure valid git author names passed in signatures (#5774) * Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769) * Upgrade go-sql-driver/mysql to fix invalid connection error (#5748) * Fixing PostgreSQL dump creation (#5747) * Add proper CORS preflight origin validation (#5740) * Disable auto-migrate in docker container (#5730) * In basic auth check for tokens before call UserSignIn (#5725) * Pooled and buffered gzip implementation (#5722) * Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718) * Keep file permissions during database migration (#5707) * Use correct value for "MSpan Structures Obtained" #4742 (#5706) * Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702) * Update xorm to fix issue #5659 and #5651 (#5680) * Fix public will not be reused as public key after deleting as deploy key (#5671) * When redirecting, clean the path (#5669) * Don't list an issue on its own dependency list UI. (#5658) * Fix commit page showing status for current default branch (#5649) (#5650) * Only count users own actions for heatmap contributions (#5647) * Fix sqlite deadlock when assigning to a PR (#5640) * Refactor issue indexer (#5363) * TESTING * Run benchmark at tag to track performances (#6035) * Add test environment for MySQL8 (#5234) * BUILD * Use go 1.12 for tests and deprecate go 1.9 (#6186) * Makefile changes for Windows and easier development (#6103) * Update bleve dependency to latest master revision (#6100) * Switch to more recent build of xgo (#6070) * Add autoprefixer to css build (#6029) * Update the version of less (#6010) * Make log mailer for testing (#5893) * DOCS * Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144) * update default value of `--must-change-password` cli flag (#6032) * Update and expand information about building Gitea (#6019) * Update U2F Section of app.ini.sample (#5994) * Update swagger for release API pagination (#5841) * Added docs for the tree api (#5834) * MISC * Add single commit API support (#5843) * Add missing GET teams endpoints (#5382) * Migrate database if app.ini found (#5290) ## [1.7.6](https://github.com/go-gitea/gitea/releases/tag/v1.7.6) - 2019-04-12 * SECURITY * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595) * BUGFIXES * Allow resend of confirmation email when logged in (#6482) (#6487) ## [1.7.5](https://github.com/go-gitea/gitea/releases/tag/v1.7.5) - 2019-03-27 * BUGFIXES * Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423) * Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383) * Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332) ## [1.7.4](https://github.com/go-gitea/gitea/releases/tag/v1.7.4) - 2019-03-12 * SECURITY * Fix potential XSS vulnerability in repository description. (#6306) (#6308) * BUGFIXES * Fix wrong release commit id (#6224) (#6300) * Fix panic on empty signed commits (#6292) (#6300) * Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246) * Fix displaying dashboard even if required to change password (#6214) (#6215) ## [1.7.3](https://github.com/go-gitea/gitea/releases/tag/v1.7.3) - 2019-02-27 * BUGFIXES * Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197) * Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185) * Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165) * Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166) * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137) * Fix prohibit login check on authorization (#6106) (#6115) * Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107) * Fix deadlock in webhook PullRequest (#6102) (#6104) * Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101) * Fix compare button regression (#5929) (#6098) * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097) ## [1.7.2](https://github.com/go-gitea/gitea/releases/tag/v1.7.2) - 2019-02-14 * BUGFIXES * Remove all CommitStatus when a repo is deleted (#5940) (#5941) * Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944) * Silence console logger in gitea serv (#5887) (#5943) * Handle milestone webhook events for issues and PR (#5947) (#5955) * Show user who created the repository instead of the organization in action feed (#5948) (#5956) * Fix ssh deploy and user key constraints (#1357) (#5939) (#5966) * Fix bug when deleting a linked account will removed all (#5989) (#5990) * Fix empty ssh key importing in ldap (#5984) (#6009) * Fix metrics auth token detection (#6006) (#6017) * Create repository on organisation by default on its dashboard (#6026) (#6048) * Make sure labels are actually returned in API (#6053) (#6059) * Switch to more recent build of xgo (#6070) (#6072) * In basic auth check for tokens before call UserSignIn (#5725) (#6083) ## [1.7.1](https://github.com/go-gitea/gitea/releases/tag/v1.7.1) - 2019-01-31 * SECURITY * Disable redirect for i18n (#5910) (#5916) * Only allow local login if password is non-empty (#5906) (#5908) * Fix go-get URL generation (#5905) (#5907) * BUGFIXES * Fix TLS errors when using acme/autocert for local connections (#5820) (#5826) * Request for public keys only if LDAP attribute is set (#5816) (#5819) * Fix delete correct temp directory (#5840) (#5839) * Fix an error while adding a dependency via UI (#5862) (#5876) * Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884) * When creating new repository fsck option should be enabled (#5817) (#5885) * Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894) * Fix bug when read public repo lfs file (#5913) (#5912) * Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915) * Fix compare button on upstream repo leading to 404 (#5877) (#5914) * DOCS * Added docs for the tree api (#5835) * MISC * Include Go toolchain to --version (#5832) (#5830) ## [1.7.0](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) - 2019-01-22 * SECURITY * Do not display the raw OpenID error in the UI (#5705) (#5712) * When redirecting clean the path to avoid redirecting to external site (#5669) (#5679) * Prevent DeleteFilePost doing arbitrary deletion (#5631) * BREAKING * Restrict permission check on repositories and fix some problems (#5314) * Show only opened milestones on issues page milestone filter (#5051) * FEATURES * Implement git refs API for listing references (branches, tags and other) (#5354) * Approvals at Branch Protection (#5350) * Add raw blob endpoint to get objects by SHA ID (#5334) * Add api for user to create org (#5268) * Create AuthorizedKeysCommand (#5236) * User action heatmap (#5131) * Refactor heatmap to vue component (#5401) * Webhook for Pull Request approval/rejection (#5027) * Add command for migrating database (#4954) * Search keyword by splitting provided values by , (#4939) * Create Progressive Web App (#4730) * Give user a link to create PR after push (#4716) * Add rebase with merge commit merge style (#3844) (#4052) * BUGFIXES * Disallow empty titles (#5785) (#5794) * Fix sqlite deadlock when assigning to a PR (#5640) (#5642) * Don't close issues via commits on non-default branch. (#5622) (#5643) * Fix commit page showing status for current default branch (#5650) (#5653) * Only count users own actions for heatmap contributions (#5647) (#5655) * Update xorm to fix issue postgresql dumping issues (#5680) (#5692) * Use correct value for "MSpan Structures Obtained" (#5706) (#5716) * Fix bug on modifying sshd username (#5624) * Delete tags in mirror which are removed for original repo. (#5609) * Fix wrong text getting saved on editing second comment on an issue. (#5608) * Fix nil pointer when adding a due date (#5587) * Fix type mismatch of format string (#5574) * Fix bug on upload file name (#5571) * Issue is not overdue when it is on the same date #5566 (#5568) * Fix indexer reindex bug when gitea restart (#5563) * Fix table name typo on SQL (#5562) * Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557) * Fix makefile generate buildstep (#5556) * Fix nil pointer base branch bug (#5555) * Fix permission check on api create org (#5523) * Fix detect force push failure on deletion of protected branches (#5522) * Fix approvals limitation (#5521) * Fix bug when a read perm user to edit his issue (#5516) * Fix adding reaction fail for read permission user (#5515) * Fixing MSSQL timestamp type (#5511) * Fix forgot deletion of notification when delete repository (#5506) * Fix empty wiki (#5504) * Fix clone wiki failed via ssh (#5503) * Fix code review on mssql (#5502) * Fix lfs version check warning log when using ssh protocol (#5501) * Fix topic name length on database (#5493) * Ensure that the `closed_at` is set for closed issues (#5449) * Admin should be able to delete repos via the API even if he is not a member of the organization (#5443) * Word-Break the WebHook url to prevent a ui-break (#5432) * Fix forgot removed records when deleting user (#5429) * Fix repository deletion when there is large number of issues in it (#5426) * Fix heatmap colors for Chrome/Safari (#5421) * Fix password variable shadowing (#5405) * Fix dependent issue searching when gitea is run in subpath (#5392) * Don't force a password change for the admin user when creating an account via cli (#5391) * API: '/orgs/:org/repos': return private repos with read access (#5383) * Don't send assign webhooks when creating issue (#5365) * Removing Labels via EditPullRequest API (#5348) * Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341) * Fix bug when users have serval teams with different units on different repositories (#5307) * Fix U2F if gitea is configured in subpath (#5302) * Fix file edit change preview functionality (#5300) * Update gitignore list (#5258) * Fixed heatmap not working in mssql (#5248) * Fixed wrong api request url for instances running in subfolders (#5247) * Fix compatibility heatmap with mysql 8 (#5232) * Fix data race on migrate repository (#5224) * Fix sqlite and mssql lock (#5214) * Fix sqlite lock (#5210) * Fix: Accept web-command cli flags if web-command is commited (#5200) * Fix: Add secret to all webhook's payload where it has been missing (#5199) * Fix race on updatesize (#5190) * Fix create team, update team missing units (#5188) * Fix sqlite lock (#5184 & #5176) * Fix showing pull request link when delete a branch (#5166) * Fix JSON result of empty array in heatmap data array (#5154) * Update build tags for sqlite_unlock notify (#5144) * This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136) * Fix deadlock when sqlite (#5118) * Add comment replies (#5104) * Fix home page template regression (#5102) * Fix regex to support optional end line of old section in diff hunk (#5096) * LDAP via simple auth separate bind user and search base (#5055) * Fix markdown image with link (#4675) * Fix to 3819 - Filtering issues by tags on main screen issues (#3824) * ENHANCEMENTS * Delete organization endpoint added (#5601) * Update Licenses (#5558) * Support reverse proxy providing email (#5554) * Add git protocol v2 support via SSH on Docker image (#5520) * Add tests for api user orgs (#5494) * Allow link verification for services like Mastodon (#5481) * Improve team members and repositories settings UI (#5457) * Remove the required class from optional ssh port in installation page (#5428) * Explicitly disable Git credential helper (#5367) * Setting Labels via EditPullRequest API (#5347) * Implement pasting image from clipboard for browsers that supports that (#5317) * Milestone issues and pull requests (#5293) * Support envs on external render commands (#5278) * Add option to disable automatic mirror syncing. (#5242) * Remove unused db init on commands serv, update, hooks (#5225) * Serve audio files using HTML5 audio tag (#5221) * Pass link prefixes to external markup parsers (#5201) * Add AutoHead functionality. (#5186) * Fix emojis not showing in commit messages (#5168) * Block registration based on email domain (#5157) * Update vendor/go-sqlite3 (#5133 & #5162) * Update x/net lib (#5169) * Show review summary in pull requests (#5132) * Use type switch (#5122) * Remove duplicated if bodies (#5121) * Remove check for negative length (#5120) * Make switch more clear (#5119) * Use named const instead of a raw string (#5115) * Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094) * Refactor: err != nil check, just return error instead (#5093) * Add notification interface and refactor UI notifications (#5085) * Use APP_NAME on home page (#5048) * Explicitly decide whether to use TLS in mailer's configuration (#5024) * Generate random password (#5023) * UX of link account (Step 1) (#5006) * Make sure argsSet verifies string isn't empty too (#4980) * Improve performance of dashboard (#4977) * Keys API changes (#4960) * Add must-change-password flag to cli for creating a user (#4955) * Use native go method to get current user rather than environment variable (#4930) * Make gitea serv use api/internal (#4886) * Add support for search by uid (#4876) * Allow to add organization members as collaborators on organization owned repositories (#4748) * TESTING * Kill testing processes if the test takes too long (#5174) * Update outdated Go toolchain version for .drone.yml (#5146) * Increase the retry limit to 20 times and the interval to 200ms (#5134) * Retry test-fixtures loading in case of transaction rollback (#5125) * Added test environment for mssql (#4282) * BUILD * Replace lint to revive (#5422) * Update golang version in Dockerfile (#5246) * DOCS * Typo in routers/api/v1/org/org.go fixed. (#5598) * Update the docs for sqlite_unlock_notify (#5145) * CN translation of docs part (#5049) * Kubernetes deployment file (#5046) * MISC * Upgrade alpine to 3.8 (#5423) * Git-Trees API (#5403) * Only chown directories during docker setup if necessary. Fix #4425 (#5064) ## [1.6.4](https://github.com/go-gitea/gitea/releases/tag/v1.6.4) - 2019-01-15 * BUGFIX * Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685) * When redirecting clean the path to avoid redirecting to external site (#5669) (#5703) * Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715) ## [1.6.3](https://github.com/go-gitea/gitea/releases/tag/v1.6.3) - 2019-01-04 * SECURITY * Prevent DeleteFilePost doing arbitrary deletion (#5631) * BUGFIX * Fix wrong text getting saved on editing second comment on an issue (#5608) ## [1.6.2](https://github.com/go-gitea/gitea/releases/tag/v1.6.2) - 2018-12-21 * SECURITY * Sanitize uploaded file names (#5571) (#5573) * HTMLEncode user added text (#5570) (#5575) * BUGFIXES * Fix indexer reindex bug when gitea restart (#5563) (#5564) * Remove a double slash in the HTTPS redirect with Let's Encrypt (#5537) (#5539) * Fix bug when a read perm user to edit his issue (#5516) (#5534) * Detect force push failure on deletion of protected branches (#5522) (#5531) * Let's Encrypt handler listens on correct port for certificate validation (#5525) (#5527) * Fix forgot deletion of notification when delete repository (#5506) (#5514) * Fix undeleted content when deleting user (#5429) (#5509) * Fix empty wiki (#5504) (#5508) ## [1.6.1](https://github.com/go-gitea/gitea/releases/tag/v1.6.1) - 2018-12-08 * BUGFIXES * Fix dependent issue searching when gitea is run in subpath (#5392) (#5400) * API: '/orgs/:org/repos': return private repos with read access (#5393) * Fix repository deletion when there is large number of issues in it (#5426) (#5434) * Word-break the WebHook url to prevent a ui-break (#5445) * Admin should be able to delete repos via the API even if they are not a member of the organization (#5443) (#5447) * Ensure that the `closed_at` is set for closed (#5450) * Fix topic name length on database (#5493) (#5495) ## [1.6.0](https://github.com/go-gitea/gitea/releases/tag/v1.6.0) - 2018-11-22 * BREAKING * Respect email privacy option in user search via API (#4512) * Simply remove tidb and deps (#3993) * Swagger.v1.json template (#3572) * SECURITY * Add CSRF checking to reqToken and add reqToken to admin API routes (#5272) (#5250) * Improve URL validation for external wiki and external issues (#4710) * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) * Don't disclose emails of all users when sending out emails (#4664) * Check that repositories can only be migrated to own user or organizations (#4366) * FEATURES * Add comment replies (#5147) (#5104) * Pull request review/approval and comment on code (#3748) * Added dependencies for issues (#2196) (#2531) * Add the ability to have built in themes in Gitea and provide dark theme arc-green (#4198) * Add sudo functionality to the API (#4809) * Add oauth providers via cli (#4591) * Disable merging a WIP Pull request (#4529) * Force user to change password (#4489) * Add letsencrypt to Gitea (#4189) * Add push webhook support for mirrored repositories (#4127) * Add csv file render support defaultly (#4105) * Add Recaptcha functionality to Gitea (#4044) * ENHANCEMENTS * Fix milestones sorted wrongly (#4987) * Allow api to create tags for releases if they don't exist (#4890) * Fix #4877 to follow the OpenID Connect Audiences spec (#4878) * Enforce token on api routes [fixed critical security issue #4357] (#4840) * Update legacy branch and tag URLs in dashboard to new format (#4812) * Slack webhook channel name cannot be empty or just contain an hashtag (#4786) * Add whitespace handling to PR-comparsion (#4683) * Make reverse proxy auth optional (#4643) * MySQL TLS (#4642) * Make sure to set PR split view when creating/previewing a pull request (#4617) * Log user in after a successful sign up (#4615) * Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578) * Allow admin toggle forcing a password change for newly created users (#4563) * Update jQuery to v1.12.4 (#4551) * Env var GITEA_PUSHER_EMAIL (#4516) * Feat(repo): support search repository by topic name (#4505) * Small improvements to dependency UI (#4503) * Make max commits in graph configurable (#4498) * Add valid for lfs oid (#4461) * Add shortcut to save wiki page (#4452) * Allow administrator to create repository for any organization (#4368) * Fix repository last updated time update when delete a user who watched the repo (#4363) * Switch plaintext scratch tokens to use hash instead (#4331) * Increase default TOTP secret size to 320 bits (#4287) * Keep preseeded database password (#4284) * Implemented hover text showing user FullName (#4261) * Add ability to delete a token (#4235) * Fix typos in i18n variable names. (#4080) * Api: repos/search: add parameters to control the sort order (#3964) * Add missing path in the Docker app.ini template (#2181) * Add file name and branch to page title (#4902) * Offline use of google fonts (#4872) * Add missing History link to directory listings v2 (#4829) * Locale for Edit and Remove due date issue (#4802) * Disable 'May Import Local Repository' when is disabled by setting (Is… (#4780) * API /admin/users/{username} missing parameter (#4775) * Display error when adding a user to a team twice (#4746) * Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722) * Focus title input when clicking helper link (#4696) * Add vendor to user reserved words and format words list according alphabet (#4685) * Add gitea/issues link to 500 page (#4654) * Hide home button when landing page is not set to home (#4651) * Remove link to GitHub issues in 404 template (#4639) * Cmd/serve: pprof cpu and memory profile dumps to disk (#4560) * Add flash message after an account has been successfully activated (#4510) * Prevent html entity escaping on delete branch (#4471) * Locale for button Edit on protected branch (#4442) * Update notification icon (#4343) * Added front-end topics validation (#4316) * Don't display buttons if there are no system notifications (#4280) * Issue due date api (#3890) * BUGFIXES * dont' send assign webhooks when creating issue (#5365) * Fix create team, update team missing units (#5188) * Fix file edit change preview functionality (#5300) * *ix bug when users have serval teams with different units on different repositories (#5307) * Fix U2F if gitea is configured in subpath (#5302) * Fix markdown image with link (#4675) * Remove maxlines option for file logger (#5282) * Fix wrong api request url for instances running in subfolders (#5261) (#5247) * Accept web-command cli flags if web-command is commited (#5245) (#5200) * Reduce join star, repo_topic, topic tables on repo search, to resolve extra columns problem on MSSQL (#5136) (#5229) * Fix data race on migrate repository (#5224) (#5230) * Add secret to all webhook's payload where it has been missing (#5208) (#5199) * Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218) (#5176) (#5179) * Fix race on updatesize (#5190) (#5215) * Fix filtering issues by tags on main screen issues (#5219) (#3824) * Fix SQL quoting (#5137) (#5117) * Fix regex to support optional end line of old section in diff hunk (#5097) (#5096) * Fix release creation via API (#5076) * Remove links from topics in edit mode (#5026) * Fix missing AppSubUrl in few more templates (fixup) (#5021) * Fix missing AppSubUrl in some templates (#5020) * Hide outdated comments in file view (#5017) * Upgrade gopkg.in/testfixtures.v2 (#4999) * Disable debug routes unless PPROF is enabled in configuration (#4995) * Fix user menu item styling (#4985) * Fix layout of the topics editing form (#4971) * Fix null pointer dereference in ParseCommitWithSignature (#4962) * Fix url in discord webhook (#4953) * Detect charset and convert non UTF-8 files for display (#4950) * Make sure to catch the right error so it is displayed on the UI (#4945) * Fix(topics): don't redirect to explore page. (#4938) * Fix bug forget to remove Stopwatch when remove repository (#4928) * Fix bug when repo remained bare if multiple branches pushed in single push (#4923) * Fix: Crippled diff (#4726) (#4900) * Fix trimming of markup section names (#4863) * Issues api allow pulls and fix #4832 (#4852) * Do not autocreate directory for new users/orgs (#4828) (#4849) * Fix redirect with non-ascii branch names (#4764) (#4810) * Fix missing release title in webhook (#4783) (#4796) * User shouldn't be able to approve or reject his/her own PR (#4729) * Make sure to reset commit count in the cache on mirror syncing (#4720) * Fixed bug where team with admin privelege type doesn't get any unit (#4719) * Fix incorrect caption of webhook setting (#4701) (#4717) * Allow WIP marker to contains < or > (#4709) * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680) * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) * Fix custom templates being ignored (#4638) * Fix starring icon after semantic ui update (#4628) * Fix Split-View line adjustment (#4622) * Fix integer constant overflows in tests (#4616) * Push whitelist now doesn't apply to branch deletion (#4601) (#4607) * Fix bugs when too many IN variables (#4594) * Fix failure on creating pull request with assignees (#4419) (#4583) * Fix panic issue on update avatar email (#4580) (#4581) * Fix status code label for a successful webhook (#4540) * An inactive user shouldn't be able to be added as a collaborator (#4535) * Don't fail silently if trying to add a collaborator twice (#4533) * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525) * Fix out-of-transaction query in removeOrgUser (#4521) (#4522) * Fix migration from older releases (#4495) * Accept 'Data:' in commit graph (#4487) * Update xorm to latest version and fix correct `user` table referencing in sql (#4473) * Relative URLs for LibreJS page (#4460) * Redirect to correct page after using scratch token (#4458) * Fix column droping for MSSQL that need new transaction for that (#4440) * Replace src with raw to fix image paths (#4377) * Add default merge options when creating new repository (#4369) * Fix docker build (#4358) * Fixes repo membership check in API (#4341) * Dep upgrade mysql lib (#4161) * Fix some issues with special chars in branch names (#3767) * Responsive design fixes (#4508) * TRANSLATION * Fix punctuation in English translation (#4958) * Fix translation (#4355) ## [1.5.3](https://github.com/go-gitea/gitea/releases/tag/v1.5.3) - 2018-10-31 * SECURITY * Fix remote command execution vulnerability in upstream library (#5177) (#5196) ## [1.5.2](https://github.com/go-gitea/gitea/releases/tag/v1.5.2) - 2018-10-09 * SECURITY * Enforce token on api routes (#4840) (#4905) * BUGFIXES * Remove links from topics in edit mode (#5030) * Detect charset and convert non UTF-8 files for display (#4950) (#4994) * Fix layout of the topics editing form (#4971) (#4993) * Fix null pointer dereference in ParseCommitWithSignature (#4964) * Fix url in discord webhook (#4951) * Fix font-cropping UI bug in diff (#4726) (#4929) * Fix bug forget to remove Stopwatch when remove repository (#4933) * Fix bug when repo remained bare if multiple branches pushed (#4927) * Fix redirect with non-ascii branch names (#4764) (#4887) * Fix issues api allow pulls (#4852) (#4862) * Fix trimming of markup section names (#4864) ## [1.5.1](https://github.com/go-gitea/gitea/releases/tag/v1.5.1) - 2018-09-03 * SECURITY * Don't disclose emails of all users when sending out emails (#4784) * Improve URL validation for external wiki and external issues (#4710) (#4740) * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707) * BUGFIXES * Fix missing release title in webhook (#4783) (#4800) * Make sure to reset commit count in the cache on mirror syncing (#4770) * Fixed bug where team with admin privelege type doesn't get any unit (#4759) * Fix failure on creating pull request with assignees (#4583) (#4727) * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686) * TRANSLATION * Fix incorrect caption of webhook setting (#4701) (#4718) ## [1.5.0](https://github.com/go-gitea/gitea/releases/tag/v1.5.0) - 2018-08-10 * SECURITY * Check that repositories can only be migrated to own user or organizations (#4366) (#4370) * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353) * Do not allow to reuse TOTP passcode (#3878) * BUGFIXES * Fix column droping for MSSQL that need new transaction for that (#4440) (#4484) * Redirect to correct page after using scratch token (#4458) (#4472) * Replace src with raw to fix image paths (#4377) (#4386) * Fixes repo membership check in API (#4341) (#4379) * Add default merge options when adding new repository (#4369) (#4373) * Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371) * Fix html entity escaping in branch deletion message (#4471) (#4485) * Fix out-of-transaction query in removeOrgUser (#4521) (#4524) * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) * Fix panic issue on update avatar email (#4580) (#4590) * Fix bugs when too many IN variables (#4594) (#4597) * Push whitelist now doesn't apply to branch deletion (#4601) (#4640) * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650) * FEATURES * Add cli commands to regen hooks & keys (#3979) * Add support for FIDO U2F (#3971) * Added user language setting (#3875) * LDAP Public SSH Keys synchronization (#1844) * Add topic support (#3711) * Multiple assignees (#3705) * Add protected branch whitelists for merging (#3689) * Global code search support (#3664) * Add label descriptions (#3662) * Add issue search via API (#3612) * Add repository setting to enable/disable health checks (#3607) * Emoji Autocomplete (#3433) * Implements generator cli for secrets (#3531) * ENHANCEMENTS * Add more webhooks support and refactor webhook templates directory (#3929) * Add new option to allow only OAuth2/OpenID user registration (#3910) * Add option to use paged LDAP search when synchronizing users (#3895) * Symlink icons (#1416) * Improve release page UI (#3693) * Add admin dashboard option to run health checks (#3606) * Add branch link in branch list (#3576) * Reduce sql query times in retrieveFeeds (#3547) * Option to enable or disable swagger endpoints (#3502) * Add missing licenses (#3497) * Reduce repo indexer disk usage (#3452) * Enable caching on assets and avatars (#3376) * Add repository search ordered by stars/forks. Forks column in admin repo list (#3969) * Add Environment Variables to Docker template (#4012) * LFS: make HTTP auth period configurable (#4035) * Add config path as an optionial flag when changing pass via CLI (#4184) * Refactor User Settings sections (#3900) * Allow square brackets in external issue patterns (#3408) * Add Attachment API (#3478) * Add EnableTimetracking option to app settings (#3719) * Add config option to enable or disable log executed SQL (#3726) * Shows total tracked time in issue and milestone list (#3341) * TRANSLATION * Improve English grammar and consistency (#3614) * DEPLOYMENT * Allow Gitea to run as different USER in Docker (#3961) * Provide compressed release binaries (#3991) * Sign release binaries (#4188) ## [1.4.3](https://github.com/go-gitea/gitea/releases/tag/v1.4.3) - 2018-06-26 * SECURITY * HTML-escape plain-text READMEs (#4192) (#4214) * Fix open redirect vulnerability on login screen (#4312) (#4312) * BUGFIXES * Fix broken monitoring page when running processes are shown (#4203) (#4208) * Fix delete comment bug (#4216) (#4228) * Delete reactions added to issues and comments when deleting repository (#4232) (#4237) * Fix wiki URL encoding bug (#4091) (#4254) * Fix code tab link when viewing tags (#3908) (#4263) * Fix webhook type conflation (#4285) (#4285) ## [1.4.2](https://github.com/go-gitea/gitea/releases/tag/v1.4.2) - 2018-06-04 * BUGFIXES * Adjust z-index for floating labels (#3939) (#3950) * Add missing token validation on application settings page (#3976) #3978 * Webhook and hook_task clean up (#4006) * Fix webhook bug of response info is not displayed in UI (#4023) * Fix writer cannot read bare repo guide (#4033) (#4039) * Don't force due date to current time (#3830) (#4057) * Fix wiki redirects (#3919) (#4065) * Fix attachment ENABLED (#4064) (#4066) * Added deletion of an empty line at the end of file (#4054) (#4074) * Use ResolveReference instead of path.Join (#4073) * Fix #4081 Check for leading / in base before removing it (#4083) * Respository's home page not updated after first push (#4075) ## [1.4.1](https://github.com/go-gitea/gitea/releases/tag/v1.4.1) - 2018-05-03 * BREAKING * Add "error" as reserved username (#3882) (#3886) * SECURITY * Do not allow inactive users to access repositories using private key (#3887) (#3889) * Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873) * Remove unnecessary allowed safe HTML (#3778) (#3779) * Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743) * BUGFIXES * Fix to use only needed columns from tables to get repository git paths (#3870) (#3883) * Fix GPG expire time display when time is zero (#3584) (#3884) * Fix to update only issue last update time when adding a comment (#3855) (#3860) * Fix repository star count after deleting user (#3781) (#3783) * Use the active branch for the code tab (#3720) (#3776) * Set default branch name on first push (#3715) (#3723) * Show clipboard button if disable HTTP of git protocol (#3773) (#3774) ## [1.4.0](https://github.com/go-gitea/gitea/releases/tag/v1.4.0) - 2018-03-25 * BREAKING * Drop deprecated GOGS\_WORK\_DIR use (#2946) * Fix API status code for hook creation (#2814) * SECURITY * Escape branch name in dropdown menu (#3691) (#3692) * Refactor and simplify to correctly validate redirect to URL (#3674) (#3676) * Fix escaping changed title in comments (#3530) (#3534) * Escape search query (#3486) (#3488) * Sanitize logs for mirror sync (#3057) * FEATURES * Serve .patch and .diff for pull requests (#3305, #3293) * Add repo-sync-releases admin command (#3254) * Support default private when creating or migrating repository (#3239) * Writable deploy keys (closes #671) (#3225) * Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188) * Added progressbar for issues with checkboxes (#1146). (#3171) * Mention completion for issue editor. (#3136) * Add 'mark all read' option to notifications (#3097) * Git LFS lock api (#2938) * Add reactions to issues/PR and comments (#2856) * Add dingtalk webhook (#2777) * Responsive view (#2750) * BUGFIXES * Fix wiki inter-links with spaces (#3560) (#3632) * Fix query protected branch bug (#3563) (#3571) * Fix remove team member issue (#3566) (#3570) * Fix the protected branch panic issue (#3567) (#3569) * If Mirrors repository no content is fetched, updated time should not be changed (#3551) (#3565) * Bug fix for mirrored repository releases sorted (#3522) (#3555) * Add issue closed time column to fix activity closed issues list (#3537) (#3540) * Update markbates/goth library to support OAuth2 with new dropbox API (#3533) (#3539) * Fixes missing avatars in offline mode (#3471) (#3477) * Fix synchronization bug in repo indexer (#3455) (#3461) * Fix rendering of wiki page list if wiki repo contains other files (#3454) (#3463) * Fix webhook X-GitHub-* headers casing for better compatibility (#3429) * Add content type and doctype to requests made with go-get (#3426, #3423) * Fix SQL type error for webhooks (#3424) * Fix PR merge error (#3421) * Recognize more characters in crossreferenced repo name (#3413) * Fix MSSQL bug on org (#3405) * HTML escape all lines of the search result (#3402) * Change local copy origin url after repository rename (#3399) * Force-push to base repo's ref/pull/#/head (#3393) * Fix bug when a user delete but assigned on issue (#3318) * Use issue number/index instead of id for API URL. Fix #3297 (#3298) * Fix repo-transfer-and-team-repo-count bug (#3241) * Fix always-on SSL Mode checkbox in admin page (#3208) * Fix source download link when no code unit allowed (#3166) * Fix org owner cannot be removed if he is not in owner team (#3164) * Fix run web with -p push failed (#3154) * Fix gpg tmpl (#3153) * Fix SSH auth lfs locks (#3152) * Improvements for supporting UI Location (#3146) * Fix new pull request link (#3133) * Fix missing branch in release bug (#3108) * Allow adding collaborators with (fullname) (#3103) * Fix repo links (#3093) * fix lfs url refs + keep path upper/lowercase in db. (#3092) * Fix redis session failed (#3086) * Fix bugs in issue dashboard stats (#3073) * Fix avatar URLs (#3069) * Fix ref parsing in commit messages (#3067) * Fix issue list branch link broken (#3061) * sendmail: correct option to set envelope-sender (#3044) * Fix missing password length check when change password (#3039) * Fix git lfs path (#3016) * Fix API-Endpoint release (#3005) (#3012) * Set OpenID support on by default when installing new instance (#3010) * Various wiki bug fixes (#2996) * Fix go-get, src and raw urls to new scheme (#2978) * Fix error when add user has full name to team (#2973) * Fix memcache support when value is returned as string always (#2924) * ENHANCEMENTS * Use GiteaServer as the user agent for http requests (#3404) * Delete indexer DB entries when (re)creating index (#3385) * Change how merged PR commit info are prepared (#3368) * Asynchronously populate the repo indexer (#3366) * Make the default action for the gitea executable that of running the webserver (#3331) * Templates for extra links in top navbar and repo tool tabs. (#3308) * Fixed asterisk based tasklist items #3295 (#3296) * Add more additional template snippets (#3286) * Open external tracker in blank window, consistently with wiki (#3227) * Fix repo links on user profile (#3197) * Enable emoji for wiki view (#3158) * Small improve on deleting attachements (#3145) * Reduce overhead of upgrades for users with custom stylesheets/JS (#3051) * Default log level to Info without hardcoding it in installer (#3041) * Memory usage improvements (#3013) * Add fingerprint to ssh key endpoints. (#3009) * Improve memory usage when reaching diff limits (#2990) * Expandable commit bodies (#2980) * Update gitgraph.js to fix blurry commit graph on HiDPI screens (#2957) * Fix language names (#2955) * Remove render issue link (#2954) * Page parameter for repo search API (#2915) * Apply LANDING\_PAGE config options for logged in users (#2894) * Enable admin to search by email (#2888) * Hide add key button if SSH is disabled (#2873) * Fix comment API paths (#2813) * Add an option to allow redirect of http port 80 to https. (#1928) * MISC * Fix organization profile on mobile devices (#3332) * Fix guide link for webhooks in repository settings (#3291) (#3292) * Enable Libravatar by default in new installations (#3287) * Improve suppressed diff boxes (#3193) * fix button heights on commits page (#3091) * Minor copy changes (#3074) * Sort repos in issues dashboard sidebar (#3072) * Remove box-shadow from UI, fix dashboard issue (#3065) * Adjust branch button size (#3063) * Fix misalignment issue in repo header (#3062) * Delete a user's public key via admin api (closes #3014) (#3059) * Dashboard: Fix line height problem in issue titles (#3054) * Remove duplicate "Max Diff Lines" from config view (#2987) * Drop unmaintained gogs migration script (#2947) * App restarts to quickly if it fails to start. (#2945) * Add owner to delete repo message (#2886) ## [1.3.1](https://github.com/go-gitea/gitea/releases/tag/v1.3.1) - 2017-12-08 * BUGFIXES * Sanitize logs for mirror sync (#3057, #3082) (#3078) * Fix missing branch in release bug (#3108) (#3117) * Fix repo indexer and submodule bug (#3107) (#3110) * Fix legacy URL redirects (#3100) (#3106) * Fix redis session failed (#3086) (#3089) * Fix issue list branch link broken (#3061) (#3070) * Fix missing password length check when change password (#3039) (#3071) ## [1.3.0](https://github.com/go-gitea/gitea/releases/tag/v1.3.0) - 2017-11-29 * BREAKING * Make URL scheme unambiguous (#2408) * FEATURES * Add branch overiew page (#2108) * Code/repo search (#2582) * Add Activity page to repository (#2674) * Issue Timetracking (#2211) * Add orgmode document type on file view and readme (#2525) * Add external markup render support (#2570) * Implementation of discord webhook (#2402) * Webhooks for repo creation/deletion (#1663) * Complete push webhooks (#2530) * Add possibility to record branch information in an issue (#780) * Create new branch from branch selection dropdown (#2130) * Implementation of all repositories of a user from user->settings (#1740) * Add LFS object verification step after upload (#2868) * Configurable SSH cipher suite (#913) * Disable custom Git Hooks globally via configuration file (#2450) * Sync releases table with tags on push and for mirrors (#2459) * BUGFIXES * Fix label comments for French locale (#3017) * Remove duplicate "Max Diff Lines" from config view (#3001) * Fix over-escaped characters (#2992) * Fix go-get, src and raw urls to new scheme (#2986) * Fix error when add user has full name to team (#2975) * Fix files/commits of merged PRs (#2970) * Update golang x/crypto dependencies - Fix SSH transport fail (#2951) * Fix memcache support when value is returned as string always (#2950) * Fix issue link rendering in commit messages (#2897) * Fix adding a new authentication source after selecting OAuth (#2889) * Fix new branch creation to new url scheme (#2884) * Allow spaces in username for LDAP users (#2880) * Fix LFS not returning correct content length when requesting a range … (#2864) * Fix fork repository cycle to self (#2860) * Fix click create pull request button 404 (#2859) * Fix API raw file content access for default branch (#2849) * Clean repository ROOT directory name with filepath.Clean (#2846) * Fix API raw requests for commits and tags (#2841) * Fix order of comments (#2835) * Issue content should not be updated when closing with comment (#2833) * Fix ordering in app.ini and fix run mode option (#2829) * Fix redirect url of legacy commits route (#2825) * Fix commits page url (#2823) * Fix wrong translations (#2818) * Fix dropdown menu position when explore repos (#2808) * Fix Git LFS object/repo link storage in database and small refactoring (#2803) * Use relative URLs for avatars on the dashboard (#2800) * Add checks for commits with missing author and time (#2771) * Fix emojify image URL (#2769) * Hide unactive on explore users and some refactors (#2741) * Fix IE unsupported javascript construction in branch dropdown (#2736) * Only update mirror last update after successful sync (#2730) * Fix semantic-ui style conflict with v-cloak (#2722) * Fixing wrong translation on sort type oldest/latest (#2720) * Fix PR, milestone and label functionality if issue unit is disabled (#2710) * Fix plain readme didn't render correctly on repo home page (#2705) * Fix organization removal from watch table migration (#2703) * Fix repository search function (#2689) * fix panic on gogs webhook creation (#2675) * Fix orgnization user watch repository (#2670) * GPG key email verification no longer case sensitive (#2661) (#2663) * Fix index column deletion (#2651) * table `pull_request` wasn't updated correctly (#2649) * Fix go get response if only app URL is custom in configuration (#2634) * Fix doubled issue tab introduced in migration v16 (#2611) * Rewrite migrations to not depend on future code changes (#2604) * Fix implementation of repo Home func (#2601) * Fix translation upload to crowdin (#2599) * Reduce usage of allcols on update (#2596) * fix go get subpackage bug (#2584) * Fix broken migration to add can_push field back to table (#2574) * fix readme view bug (#2566) * Fix sending mail with a non-latin display name. #2102 (#2559) * Restricting access to fork functioanlity to users with Code access (#2534) * fix updated update on public key (#2514) * Added bucket name to s3 drone plugin (#2505) * fixes 500 error on dashboard when using MSSQL (#2504) * fix wrong rendering of commit detail page (#2503) * Hotfix: Add time manually adds time in nanoseconds (#2499) * Remove repository mirrors from "collaborative" list (#2497) * fix release failed since the wrong token name (#2496) * Fix slice out of bounds error in mailer (#2479) * Fix #2470 (#2477) * fix orgnization webhooks (#2422) * fix webhook test (#2415) * fix missing orgnization discord webhook (#2414) * Fix route handler order (#2409) * Prevent sending emails and notifications to inactive users (#2384) * Move themes to plugin directory. Fixes #2372 (#2375) * fix duplicated feed (#2370) * Fix missing collabrative repos (#2367) * Only check at least one email gpg key (#2266) * don't check minimum key size when disabled (#1754) * Fix run command race (#1470) * fix .netrc authentication (#2700) * Fix so that user can still fork his own repository to his organizations (#2699) * Fix can_push value to false in protected_branch (#2560) * Fix copy in email templates (#2801) * Fix inconsistencies in user settings UI (#2901) * Fix attachments icon size on zoom in/out (#2853) * Fix ignored errors in API route (#2850) * Fix activity css conflit with semantic ui (#2758) * Fix notifications tabs according to semantic-ui docs (#2733) * Fix typos in app.ini (#2732) * Fix duplicated rel attribute (#2549) * Fix tests code to prevent some runtime errors (#2381) * ENHANCEMENTS * Memory usage improvements and lower minimal git requirement to 1.7.2 (#3013) (#3028) * Set OpenID support on by default when installing new instance (#3010) (#3027) * Use api.TrackedTime in API (#2807) * Configurable SSH key exchange algorithm and MAC suite (#2806) * Add Safari pinned tab icon (#2799) * Improve force push detect when push (#2798) * Add wrapping to long diff lines (#2789) * Link members and repositories count to each page on org home. (#2787) * Show Sendmail settings on admin config page (#2782) * Add commit count caching (#2774) * Use identicon image for default gravatar. (#2767) * Add default ssh ciphers (#2761) * Remove manual of unsupported option (#2757) * Add search mode option to /api/repo/search (#2756) * Move swagger-ui under /api/v1 (#2746) * Add support for extra sendmail arguments (#2731) * Use buffersize to reduce database connection when iterate (#2724) * Render plain text README.txt monospaced (#2721) * Integration test for activity page (#2704) * Merge password and 2fa page on user settings (#2695) * Allow custom SSH user in UI for built-in SSH server (#2617) (#2678) * Refactor duplicated code in repo handlers (#2657) * Replace deprecated Id method with ID (#2655) * Remove redudant functions and code (#2652) * hide navbar when only 1 sign-in method is available (#2444) (#2648) * Change default sort order (#2647) * Change pull description text (#2075) (#2646) * Remove direct user adding to organization members (#2641) * Use session when creating user (#2638) * Use Semantic UI's Search component for user and repo search (#2636) * Use AfterLoad instead of AfterSet on Structs (#2628) * Remove redudant CheckUnit calls in router (#2627) * Remove repo unit index (#2621) * Remove redudant issue LoadAttributes() calls (#2614) * Make indexer code more reusable (#2590) * Use custom type and constants to hold available order by options (#2572) * Use named ActionType constants in template helper (#2545) * Make basic functionality work without JavaScript (#2541) * Ctrl + Enter to submit forms (#2540) * Automatically regenerate indexer for incompatible versions (#2524) * Set default lfs content path to data/lfs (#2521) * Convert spaces to tabs in footer.tmpl (#2520) * Sort repository tree entries in natural way (#2506) * Open external wiki in new window (#2489) * Use created & updated instead BeforeInsert & BeforeUpdate (#2482) * Hide branch on pull request view or create UI (#2454) * improve protected branch to add whitelist support (#2451) * some refactors for issue and comments (#2419) * Restructure markup & markdown to prepare for multiple markup language… (#2411) * Improve issue search (#2387) * Add UseCompatSSHURI setting (#2356) * Use custom search for each filter type in dashboard (#2343) * Failed authentication are now properly logged (#2334) * Add environment variable support for Docker image (#2201) * Set session and indexers' data files rel to AppDataPath (#2192) * Display commit status on landing page of repo (#1784) * TESTING * Add integration test for logging out (#2892) * Integration test for user deleting account (#2891) * Use different directories for session files in integration tests (#2834) * Add deleted_branch table fixture (#2832) * Include HTTP method in test error message (#2815) * Add repository search unit and integration tests (#2575) * Expand fixtures (#2571) * Fix /api/repo/search integration tests (#2550) * Make integration tests more user-friendly (#2536) * Fix unit test race condition (#2516) * Add missing fixture to clean gpg_key table (#2494) * Hotfix for integration testing (#2473) * Make repo private to not interfere with other tests (#2467) * Error message for integration test (#2410) * Fix "index out of range" runtime error in repo_list tests (#2376) * Add git clone test on integration test (#1682) * TRANSLATION * Fix localization texts that contain semicolon (#2900) * Fix activity locale (#2709) * Update translation from crowdin (#2368) * BUILD * change the email and name to GitBot account. (#2848) * Fix removing backslash before quotes in translations (#2831) * add gitea remote in drone. (#2817) * add remote name for git push. (#2816) * Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791) * Download and pushing translations (#2727) * Automatic update of translations (#2585) * Add pre-build step for nodejs stuff (#2581) * Compress css with nodejs (#2580) * Remove go version check for make fmt (#2558) * Fix lint errors (#2547) * Always run fmt check in CI (#2546) * Fix fmt errors (#2544) * add codecov.io service. (#2493) * Fix some tests : make coverage -> test (#2492) * Fix fmt error in mailer (#2490) * Allow changing integration test database connection using env variables (#2484) * Add changelog config file for generate changelog (#2461) * Changes for latest DroneCI (#2362) * Use standard lessc and minify CSS using Node.js (#2337) * DOCS * Update screenshots on README (#2910) * Gogs -> Gitea (#2909) * Update swagger documentation (#2899) * Fix typo (#2810) * Fix Polish language name spelling (#2766) * Fix Various Grammar Issues and Adjust Unnatural Wording (#2737) * Add maintainer label for docker file (#2658) * Link to gitea-specific Vagrant example (#2624) * add release notes of v1.1.4 (#2463) * Wrap most paragraphs to 80 columns (#2396) * Update CONTRIBUTING following #2329 discussion (#2394) * Update hard-coded version to 1.3.0+dev (#2390) * Clarify Translation Process. Also fix branch names (#2378) * Admin grammar fixes and improvements (#2056) * MISC * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) * Dockerfile: Updated alpine image to 3.6. (#2486) * Basic VSCode configuration for building and debugging (#2483) * Added vendor dir for js/css libs; Documented sources (#1484) (#2241) ## [1.2.3](https://github.com/go-gitea/gitea/releases/tag/v1.2.3) - 2017-11-03 * BUGFIXES * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788) * Fix order of comments (#2835) (#2839) ## [1.2.2](https://github.com/go-gitea/gitea/releases/tag/v1.2.2) - 2017-10-26 * BUGFIXES * Add checks for commits with missing author and time (#2771) (#2785) * Fix sending mail with a non-latin display name (#2559) (#2783) * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780) * Update vendor git (#2765) (#2772) * Fix emojify image URL (#2769) (#2773) ## [1.2.1](https://github.com/go-gitea/gitea/releases/tag/v1.2.1) - 2017-10-16 * BUGFIXES * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714) * Fix plain readme didn't render correctly on repo home page (#2705) (#2712) * Fix so that user can still fork his own repository to his organizations (#2699) (#2707) * Fix .netrc authentication (#2700) (#2708) * Fix slice out of bounds error in mailer (#2479) (#2696) ## [1.2.0](https://github.com/go-gitea/gitea/releases/tag/v1.2.0) - 2017-10-10 * SECURITY * Sanitation fix from Gogs (#1461) * BREAKING * Rename /forget_password url to /forgot_password (#1219) * FEATURES * Logo: Add task to generate images from SVG and change to new logo (#2194) * Status-API (#1332) * Show commit status icon in commits table (#1688) * Additional OAuth2 providers (#1010) * GPG commit validation (#1150) * Rework SSH key management UI to add GPG (#1293) * Implement GPG api (#710) * Login via OpenID-2.0 (#618) * Add units to team (#947) * Batch updates for issues (#926) * Add Gitea Webhook (#1755) * API: support '/orgs/:org/repos' (#2047) * Display all organization from user settings (#1739) * LDAP user synchronization (#1478) * Adding #issuecomment to the URL in E-Mail notifications (#1674) * Add download count field and unit testing for attachment. (#1512) * Add repo mirror sync API endpoint (#1508) * Add markup package to prepare for org markup format (#1493) * Support for custom html meta (#1423) * Per issue/PR watch/unwatch (#1410) * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369) * Repo size in admin panel (#1482) * Show user OpenID URIs in their profile (#1314) * Add change-password admin command (#1304) * Only use issue and wiki on repo. (#1297) * Allow push to init a wiki repo (#1279) * ENHANCEMENTS * Make time diff translatable (#2057) * Smaller watch, star, and fork buttons (#2052) * Display config file path on admin panel (#2030) * Only show SSH clone URL if signed in (#2169) (#2170) * Only show "No Description" to repo admins (#2167) * Always return valid go-get meta, even if unauthorized (#2010) * Enable assignee e-mail notification (#2003) * Let not-logged-in users view releases (#1999) * No highlighting for .txt files (#1922) * Make side nav on dashboard stackable (#1778) * Setting to disable authorized_keys backup (#1856) * Hide the create organization button (in dashboard/organization section) (#1705) * LFS: Return 404 for unimplemented endpoints (#1330) * Show a link to password reset from user settings requiring a password (#862) * Reserve the "explore" user/org name (#1222) * Send notifications to partecipants in issue comments (#1217) * Improve style of user OpenID setting page (#1324) * Use font-awesome OpenID icon more (#1320) * Use readonly input form to show the validated OpenID URI (#1308) * Add captcha support to OpenID based signup (#1307) * Minor improvements on commit graph UI (#1380) * Mirror sync interval specified as duration string (#1407) * Make issue in commit graph "clickable" (#1392) * Use whole button (commit graph) as link (#1390) * Autofocus on 2fa passcode fields (#1460) * Sort on repo size in admin panel (#1654) * Improve dashboard repo search (#1652) * Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845) * Adds Parent property to the repo API (#1687) * Add configuration option for default permission to create Organizations (#1686) * Remove sha1 hash display in repository table (#1678) * Download files to their original filename (#1676) * Exposes in API the Repo entity's Size and IsBare property (#1668) * Change two factor code entry box from text to number (#1733) * Directly show error if user hit repository limit (#1767) * Generate small and large logos at 4x resolution (#2233) * Tags listed in releases tab (#2389) (#2424) * BUGFIXES * Fix adding branch as protected to not allow pushing to it (#2556) * Orgs: fix org page title when full name is not defined (#1495) * Fix double borders on edit page (#1152) (#1153) * Search bar fixes for #1187 and #1205 (#1207) * Fix upgrade failed after ever rollback (#1194) * Fix FCGI (over TCP) support (#1368) * Backport of migration fixes (#2604) (#2677) * fix panic on gogs webhook creation (#2675) (#2676) * Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662) * Fix go get response if only app URL is custom in configuration (#2634) (#2640) * Fix deletion of unprotected branches (#2630) * Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622) * v38 migration used an outdated version of RepoUnit model (#2602) * fix go get subpackage bug (#2584) (#2589) * Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554) * Backport: Restricting access to fork functioanlity to users with Code access (#2542) * Fix migration from pre-v15 to 1.2.0 (#2460) (#2465) * Fix migration from pre-v15 to 1.2.0 (#2460) * fix duplicated feed (#2370) (#2413) * Fix releases to be counted from database not tags (#2389) * Fix missing collabrative repos (#2367) (#2382) * Add more test for login links and fix a bug on action retrieve (#2361) * Fix SQL condition bug in GetFeeds(..) (#2360) * fix bug on create repo link on dashboard (#2359) * Fix order of elements in dashboard html (#2344) * Fix repo-search template errors for go1.7 (#2336) * Add missing forks key for dashboard repository component (#2325) * fix template error on explore repos (#2319) * Trigger sync webhooks on UI commit (#2302) * fix 500 error when view an issue which's milestone deleted (#2297) * Only update needed columns when update user (#2296) * Fix rendering of external links (#2292) * Fix and improve dashboard repo UI (#2285) * Make short link pattern greedy (#2259) * Temporarily patch go-ini/ini with fork (#2255) * Convert xorm literal queries to method calls (#2253) * update code.gitea.io/git in vendor to fix delete branch fails (#2250) * Replace calls to xorm UseBool with Where (#2237) * rhel7 has a git version with four digits (1.8.3.1) (#2236) * Fix internal requests when gitea listens to unix socket or only external IP (#2234) * Check for access in /repositories/:id (#2227) * Fixed robots.txt 404 error (#2226) * Fix counts on issues dashboard (#2215) * Fix unclosed session bug (#2214) * Add collaborative repositories to the dashboard (#2205) * Fix issue updated_unix bug (#2204) * Fix Commits nil pointer dereference (#2203) * Fix bare-repo bugs (#2199) * Fix PR nil-dereference bug (#2195) * Allow only single fork per user/organization (#2193) * Fix key usage time update if the key is used in parallel for multiple operations (#2185) * Only allow token authentication with 2FA enabled (#2184) * Fix profile update for non-local users (#2178) * Fix compiling without sqlite and gcc (#2177) * Make compare button URL aware if current repo is a fork (#2162) (#2163) * Remove unit types commits and settings (#2161) * Fix OpenID registration route (#2160) * Fix repository settings collobration list display (#2151) * Ignore invalid issue numbers in commit messages. Fixes #2022 (#2150) * Fix SHA1 hash linking (#2143) * Fix repo API bug (#2133) * Use POSIX complaint ! operator in find (#2132) * Fix GET /users/:username/repos endpoint (#2125) * Fix username rendering bug (#2122) * Fix wiki preview links (#2119) * vendor: update sqlite to fix "database is locked" errors (#2116) * Fix unchecked error bug (#2110) * Fix missing-return bug (#2109) * Fix API for branches with slashes (#2096) * Fix git hooks update to receive required arguments (#2095) * upgrade git source code. (#2094) * Fix SQL bug in models.PullRequests (#2092) * Don't ignore gravatar error (#2083) * Fix release display and correct paging (#2080) * remove unnecessary blank lines and wrong error log (#2079) * Check for valid renamed usernames (#2077) * Update git module (#2074) * Fix org hooks UI (#2072) * Fix #1271: Call location.reload after XHR finishes (#2071) * Fix default ghost assignee bug (#2069) * Fix bug in issue labels API (#2048) * Load label ID in NewLabels (#2045) * Fix: `http: multiple response.WriteHeader calls` (#2038) * Pagination on releases page (#2035) * repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032) * Fix displaying commits and files of PR created from now deleted fork (#2023) * Fix #2001 and fix issue comments hidden (#2016) * Update code.gitea.io/git (#2014) * Keep sort when switching page (#2013) * Important: wrong PR merge commit ID saved (#2007) * Don't show non-comments in comments API (#2001) * Fix "Dashboard shows deleted comments" (#1995) * Make branch deletion URL more like GitHub's, fixes #1397 (#1994) * Fix fast-forward PR bug (#1989) * Fix GPG email checking to be case insensitive (#1988) * fix bug for normal user visit public repo (#1984) * fix collborators lack of units on orgnization repositories (#1968) * Fix diff of renamed and modified file (#1967) * Fix uppercase default branch bug (#1965) * Fix bug in Action.loadRepo() (#1959) * Fix deleted milestone bug (#1942) * Fix engine bug in getIssueByID (#1934) * Switch to keybase go-crypto (for some elliptic curve key) + test (#1925) * Fix setting.AppPath for integration tests (#1923) * Fix search by issue type (#1914) * Fix ghost user bug (#1913) * Require token before checking membership/ownership (#1905) * Bug fixes for org member API (#1904) * A missing / to provide a correct endpoint (#1903) * Fix 500 in public activity page (#1901) * Center-aligned login topbar (#1880) * Migration to fix existing owner team units (#1873) * Fix paginater length (#1866) * Fix bug in removeOrgRepo (#1858) * Display draft releases (#1854) * Fix 404 for external tracking issues (#1852) * Update code.gitea.io/git (#1849) * Fix user profile activity feed (#1848) * Don't ignore error in getMergeCommit (#1843) * Fix locking bug in removeOrgRepo (#1842) * Fix status table race condition (#1835) * Fix PR template error (#1834) * Fix pull request compare link (#1832) * Use ghost users in issues/PRs (#1831) * Commitless repos should be bare (#1829) * Update code.gitea.io/git (#1824) * Fix invalid reference in feeds template (#1820) * fix bug to deny to add orgnization as a member of an orgnization or team (#1815) * xxx_active_code_live setting in printed in hours and minutes instead … (#1814) * Fix deadlock in updateRepository (#1813) * Give all units to owner team (#1812) * Fix 500 for GET /teams/:id endpoints (#1811) * fix bug not to trim space of login username (#1796) * Fix renaming bug (#1786) * Fix activity feed (#1779) * Make navbar scroll on overflow (#1777) * Delete repo redirects on repo deletion (#1776) * Fix unloaded owner bug (#1770) * Admin should always be allowed to create repositories even if hit limit (#1765) * Update HighlightJS and fix YAML files highlighting (#1764) * fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762) * fix admin lost permission caused by #947 (#1753) * More fixes for dashboard search (#1750) * fixes wrong after field in webhook payload (#1746) * fix avatar update bug (#1729) * Fix FOUC on Firefox (#1728) * Fix changes introduce by update of go-swagger. (#1727) * Fix #1719 (#1722) * Correct flash after sending password reset email (#1718) * Fix and test for delete user (#1713) * Fix rendering of issue checkboxes (#1709) * Enforce netgo build tag while cross-compilation (#1690) * fix bug when push a branch name with / & fix an integration test bug (#1689) * fix potential sqlite lock (#1680) * Fix commit sha1 URL rendering in markdown (#1677) * Fix static files permission under public/ (#1675) * fix: tag contain character ) will http 500 on release page (#1670) * Fix CSS for code in wiki markdown (#1660) * fix multiple readme file rendering and fix #1657 (#1658) * Add primary key and index to external login user table (#1656) * fix #1643 and improve integration test (#1645) * Fix version in Makefile (#1636) * Handle display of GPG key without end date (#1628) * fix bug on issue view when not login (#1624) * bug fixed for API to get user's repos (#1622) * fix lost text color on button on set as primary email (#1621) * Add create_at and updated_at in PR json (#1616) * update git and fix #1133 (#1614) * fix bug on status API (#1533) * Do not show empty collaborators segment (#1531) * Fix markdown rendering (#1530) * fix go get sub package and add domain on installation to let go get work defaultly (#1518) * fix #1501 ssh hangs caused by #1461 (#1513) * Fix empty file download (#1506) * Fix broken v27 migration - change mirror interval from int to bigint (#1504) * Do not allow commiting to protected branch from online editor (#1502) * Add internal routes for ssh hook comands (#1471) * Fix races within code.gitea.io/git.(*Command).RunInDirTimeoutPipeline (#1465) * Simple quick fix for #1418 (#1456) * fix gpg API panic when no verification (#1451) * fix migrate failed and org dashboard failed on MSSQL database (#1448) * Optimize and fix autolink function (#1442) (#1444) * Fix and simplify repo branches (settings) UI (#1435) * Fix disabled fields in repo settings UI (#1431) * fixes pull request hanging when it contains normal and LFS files (#1425) * Fix races in the log module by using syncmap (#1421) * Add length check for the return string (#1420) * Fix "Error: No issue number specified" when pushing (#1393) * Corrected Mirror.NextUpdate not set (#1388) * fix: remove `str2html` from org full name (#1360) * Correct broken unaligned load/store in armv5 (#1355) * Remove href on first/last link when on first/last page (#1345) * Fix broken table layout (#1344) * LFS: Fix SSH authentication for trailing arguments (#1328) * Remove empty file (#1326) * Fix delete user failed on sqlite (#1321) * Fix inconsistency in layout (#1316) * Fix gpg wrong column types (#1303) * Fix wiki bugs (#1294) * Fix missing less sources for oauth (#1288) * Make sure both scripts/ can live side by side (#1264) * Fix nil-dereference bug (#1258) * rewrite pre-commit, post-commit and options hooks (fixes #1250) (#1257) * Commit search appearence fixes (#1254) * Fix forget migration for wiki hooks (#1227) * Fix repo settings external tracker failed and check external urls (#1215) * Fix 500 caused by branches settings introduced by #1198 (#1214) * fix #1189, commit messages containing a pipe (#1203) * Bug fixed for delete repo failed (#1193) * Fix migration failed when authorized_keys is not exist (#1180) * Fix ini format incomiptable with crowdin (#1177) * TESTING * Integration tests for issues API (#2059) * Add integration tests for signin (#2363) * Add INTERNAL_TOKEN to integration .ini file (#2346) * Add public links check (#2323) * Fix hooks for integration repo (#2216) * More integration tests for comment API (#2156) * Cache session cookies in tests (#2128) * Less verbose integration tests (#2123) * Fix improper setup for integration tests (#2050) * Improve integration test helper functions (#2049) * Add integration test for issue creating (#2002) * Use testing/benchmark interface (#1993) * Add integration test for repository migration (#1983) * Consolidate boilerplate in integration tests (#1979) * Set console to debug for integration tests (#1976) * Add pull-create integration test (#1972) * Coverage reports for integration tests (#1960) * Add integration test for pull-request merge (#1912) * Add integration test for file editing (#1907) * Add integration test for repository forking (#1896) * Run unused test (#1875) * Don't recreate database in integration tests (#1697) * remove sqlite tag when integration test with mysql/postgres and recreate database when init integration test (#1693) * MySQL, Postgres integration tests in drone (#1638) * improve integration test to resue models/fixtures and store git repos with tests (#1627) * Improve govendor testing (#1623) * Integration test framework (#1290) * Unit tests for issue_list (#1209) * Add integration test for signup (#1135) * TRANSLATION * update translation from crowdin (#2368) (#2380) * Small fixes (#2144) * Missing signed commit display translations (#2134) * Sync latest translations from crowdin (#2104) * Add make command update-translations for update translations from crodwin (#2097) * Fix some mistakes (#1833) * Improve clarity between is_activated and prohibit_login (#1788) * Improve grammar (#1775) * Fix bad grammar and wordiness (#1741) * Make strings translatable (#1188) (#1198) * BUILD * Dockerfile for aarch64 (#1128) (#1130) * backport from v1.2 branch: add secrets for github release (#2588) (#2598) * Add secrets for github release to fix drone failed (#2588) * Backport changes for latest drone (#2586) * Removing .drone.yml.sig (#2579) * Fix drone for tags (#2573) (#2576) * Backport: Remove go version check for make fmt (#2558) (#2561) * Backport: Fix lint, fmt and integration testing errors (#2553) * update latest xorm version to vendor (#2353) * Remove integration test executables on `make clean` (#2340) * refactor(Makefile): allow overriding default go program (#2310) * Revert to upstream ini dependency (#2304) * Use /dev/urandom to create random password (#2298) * update drone sig file. (#2262) * go get github.com/wadey/gocovmerge when needed (#2235) * fix typo (#2145) * Revert "Reduce number of layer" (#2086) * Reduce number of layer (#2078) * Skip sqlite integration in CI (#2058) * fix golint error and rename func for suggestion. (#1997) * fix misspell (#1996) * update drone sig file (#1981) * send notification if status changed (#1973) * switch gitter to discord for drone. (#1971) * Fix missing backslash in Dockerfile.rpi (#1952) * Don't run 'make release' on PRs (#1908) * Update code.gitea.io/git (#1892) * Use production version of vuejs (#1869) * Add a variable for docker tag (#1825) * resign drone and fix #1816 (#1819) * Separate generate swagger + fix sed os specific (#1791) * Only run coverage on merges/pushes to master (#1783) * Remove stale rule from Makefile (#1782) * feat: upgrade drone docker image to support multi-stage build. (#1732) * Realy don't cache apk index (#1694) * Limit clone depth when drone-building (#1644) * Refactor Dockerfile (#1632) * Check if missing/modified/unused deps in vendor and fix errors (#1468) * Add GOFLAGS and EXTRA_GOFLAGS (#1438) * Include formatting check to the `make test` (and thus also `check`) rule (#1366) * DOCS * fix wrong changelog title (#2395) * fix webhook link (#2289) * Improve swagger doc (#2274) * Add link to forum in issue template (#2070) * add missing lfs config on example file (#2039) * Add discourse link (#2027) * Fix wording (#2024) * Fix typo (#1974) * Swagger docs for list/create forks (#1941) * Update links to Discord server (#1940) * [ci skip] update discord badge. (#1930) * Change join chat from gitter to discord (#1929) * Update changelog with v1.1.1 (#1926) * Correct grammar in APIEmpty documentation (#1748) * Add swagger comment for MirrorSync (#1747) * Add "Table of Contents" in CONTRIBUTING.md (#1634) * Fix service description in Debian init file (#1538) * Use MAINTAINERS file in repository in CONTRIBUTING (#1489) * Generate swagger json (#1402) * Changed text when password reset disabled. (#1364) * Removed email copyright year (#1348) * Specify that time interval units are seconds (#1311) * Gitea OpenID-2.0 login has been tested with livejournal.com too (#1306) * Make wording of commit search more clear (#1291) * Add notice that LFS mirroring is not supported (#1251) * Fix typos in models/ and modules/ (#1248) * Refactor and fix incorrect comment (#1247) * Fix migration comment (#1241) * Update locale_en-US.ini (#1235) * Add LibreJS support (#1201) * rename OSX to macOS (#1176) * add mssql to app.ini db config comment (#1172) * Add MSSQL to issues template (#1171) * MISC * Add badge and link to the Matrix room (#2348) * ignore coverage steps. (#2257) * Use sqlite3 database as default for Docker image (#2182) * update drone discord plugin to 0.0.4 version (#1992) * fix typo (#1990) * Move 3rd party js/css into `public/vendor` and document sources (#2383) * Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335) * Fix variable name typo (#2327) * Make use of Vue more universal (#2318) * Remove (almost) server side data rendering from repo-search component (#2317) * Add OpenID configuration in install page (#2276) * More tweaks to repo top panel (#2267) * File path tweaks in UI (#2264) * Make SHOW_USER_EMAIL also apply to profiles (#2258) * EnableUnit() -> UnitEnabled() (#2242) * Prevent selection of diff line numbers (#2240) * Remove unused variable on makefile (#2225) * No error log entries for repo 404 (#2200) * Refactor vue delimeters to use es6 template delimeters (#2171) * Replace tmp with TMPDIR. (#2152) * Remove unused files (#2124) * Improve org error handling (#2117) * Absolute path for setting.CustomConf (#2085) * remove deprecated code for Gogs compitable (#2041) * Refactor session close as xorm already does everything needed internally (#2020) * SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961) * Use monospace font in githook editor (#1958) * Fix import order (#1951) * Gracefully handle bare repositories on API operations. (#1932) * Fix errors caused by force push (#1927) * Display URLs in integration test logs (#1924) * Set TMPDIR enviroment variable for dump command (#1915) * Cache ctx.User in retrieveFeeds (#1902) * Make `LocalCopyPath` a setting instead of a hard-coded path (#1881) * Add check misspelling (#1877) * Fix misspelled variables (#1874) * Gofmt (#1868, #1710, #1662) * Rename misnamed migration (#1867) * Support CRLF when splitting code lines for display (#1862) * Add convert less css file step. (#1861) * Prevent accidential selection of line numbers in code view (#1860) * Delete Public SSH Key tmp file after calculating fingerprint (#1855) * Remove annoying difference in button heights. (#1853) * Only run test coverage on master branch. (#1838) * Error from mktemp command in MacOS. (#1837) * Use writeTmpKeyFile in calcFingerprint (#1828) * ROOT_URL setting use the default as shown in conf/app.ini (#1823) * Rename RepoCreationNum -> MaxCreationLimit (#1766) * Add button to admin ui (#1738) * Correct spelling mistakes (#1703) * Make openid support default false for compitable with v1.1 (#1650) * Send mails as HTML as default. Setting for send as plain text. (#1648) * fix potential lock when sqlite (#1647) * Optimize png images via Google zopflipng [ci skip] (#1639) * Upgrade alpine to v3.5 in Dockerfile (#1633) * remove unused vendor packages (#1620) * markup: microoptimise for many short filenames in directory (#1534) * support health check via / and fix #969 (#1520) * Remove env user salt since no need to use (#1515) * Drop db operations from hook commands (#1514) * Better URL validation (#1507) * Migrate WatchInfo struct to api (#1492) * refactor: show command help message. (#1486) * refactor update ssh key use time (#1466) * Set VERSION from git once, in a variable (#1447) * Remove unused mutex field (#1440) * Simplify settings pages with item list (#1389) * Clean-up PostgreSQL Tests (#1361) * refactor: remove workaround after the golang 1.7 release. (#1349) * Delete the useless code (#1335) * Run "make fmt" with go-1.6 (#1333) * Refactor admin/auth/new.tmpl (#1277) * Refactor repo/issue/view_content.tmpl (#1276) * Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270) * Cleaner UI for explore page (#1253) (#1255) * Synced licenses with github repo (#1246) * Synced gitignores with github repo (#1245) * Simplify RepositoryList.loadAttributes() (#1211) * Move user_follow to separate file (#1210) * Reduce conditionals in signin/signup inner forms (#1138) ## [1.1.4](https://github.com/go-gitea/gitea/releases/tag/v1.1.4) - 2017-09-04 * BUGFIXES * Fix rendering of external links (#2292) (#2315) * Fix deleted milestone bug (#1942) (#2300) * fix 500 error when view an issue which's milestone deleted (#2297) (#2299) * Fix SHA1 hash linking (#2143) (#2293) * back port from #1709 (#2291) ## [1.1.3](https://github.com/go-gitea/gitea/releases/tag/v1.1.3) - 2017-08-03 * BUGFIXES * Fix PR template error (#2008) * Fix markdown rendering (fix #1530) (#2043) * Fix missing less sources for oauth (backport #1288) (#2135) * Don't ignore gravatar error (#2138) * Fix diff of renamed and modified file (#2136) * Fix fast-forward PR bug (#2137) * Fix some security bugs ## [1.1.2](https://github.com/go-gitea/gitea/releases/tag/v1.1.2) - 2017-06-13 * BUGFIXES * Enforce netgo build tag while cross-compilation (Backport of #1690) (#1731) * fix update avatar * fix delete user failed on sqlite (#1321) * fix bug not to trim space of login username (#1806) * Backport bugfixes #1220 and #1393 to v1.1 (#1758) ## [1.1.1](https://github.com/go-gitea/gitea/releases/tag/v1.1.1) - 2017-05-04 * BUGFIXES * Markdown Sanitation Fix [#1646](https://github.com/go-gitea/gitea/pull/1646) * Fix broken hooks [#1376](https://github.com/go-gitea/gitea/pull/1376) * Fix migration issue [#1375](https://github.com/go-gitea/gitea/pull/1375) * Fix Wiki Issues [#1338](https://github.com/go-gitea/gitea/pull/1338) * Forgotten migration for wiki githooks [#1237](https://github.com/go-gitea/gitea/pull/1237) * Commit messages can contain pipes [#1218](https://github.com/go-gitea/gitea/pull/1218) * Verify external tracker URLs [#1236](https://github.com/go-gitea/gitea/pull/1236) * Allow upgrade after downgrade [#1197](https://github.com/go-gitea/gitea/pull/1197) * 500 on delete repo with issue [#1195](https://github.com/go-gitea/gitea/pull/1195) * INI compat with CrowdIn [#1192](https://github.com/go-gitea/gitea/pull/1192) ## [1.1.0](https://github.com/go-gitea/gitea/releases/tag/v1.1.0) - 2017-03-09 * BREAKING * The SSH keys can potentially break, make sure to regenerate the authorized keys * FEATURES * Git LFSv2 support [#122](https://github.com/go-gitea/gitea/pull/122) * API endpoints for repo watching [#191](https://github.com/go-gitea/gitea/pull/191) * Search within private repos [#222](https://github.com/go-gitea/gitea/pull/222) * Hide user email address on explore page [#336](https://github.com/go-gitea/gitea/pull/336) * Protected branch system [#339](https://github.com/go-gitea/gitea/pull/339) * Sendmail for mail delivery [#355](https://github.com/go-gitea/gitea/pull/355) * API endpoints for org webhooks [#372](https://github.com/go-gitea/gitea/pull/372) * Enabled MSSQL support [#383](https://github.com/go-gitea/gitea/pull/383) * API endpoints for org teams [#370](https://github.com/go-gitea/gitea/pull/370) * API endpoints for collaborators [#375](https://github.com/go-gitea/gitea/pull/375) * Graceful server restart [#416](https://github.com/go-gitea/gitea/pull/416) * Commitgraph / timeline on commits page [#428](https://github.com/go-gitea/gitea/pull/428) * API endpoints for repo forks [#509](https://github.com/go-gitea/gitea/pull/509) * API endpoints for releases [#510](https://github.com/go-gitea/gitea/pull/510) * Folder jumping [#511](https://github.com/go-gitea/gitea/pull/511) * Stars tab on profile page [#519](https://github.com/go-gitea/gitea/pull/519) * Notification system [#523](https://github.com/go-gitea/gitea/pull/523) * Push and pull through reverse proxy basic auth [#524](https://github.com/go-gitea/gitea/pull/524) * Search for issues and pull requests [#530](https://github.com/go-gitea/gitea/pull/530) * API endpoint for stargazers [#597](https://github.com/go-gitea/gitea/pull/597) * API endpoints for subscribers [#598](https://github.com/go-gitea/gitea/pull/598) * PID file support [#610](https://github.com/go-gitea/gitea/pull/610) * Two factor authentication (2FA) [#630](https://github.com/go-gitea/gitea/pull/630) * API endpoints for org users [#645](https://github.com/go-gitea/gitea/pull/645) * Release attachments [#673](https://github.com/go-gitea/gitea/pull/673) * OAuth2 consumer [#679](https://github.com/go-gitea/gitea/pull/679) * Add ability to fork your own repos [#761](https://github.com/go-gitea/gitea/pull/761) * Search repository on dashboard [#773](https://github.com/go-gitea/gitea/pull/773) * Search bar on user profile [#787](https://github.com/go-gitea/gitea/pull/787) * Track label changes on issue view [#788](https://github.com/go-gitea/gitea/pull/788) * Allow using custom time format [#798](https://github.com/go-gitea/gitea/pull/798) * Redirects for renamed repos [#807](https://github.com/go-gitea/gitea/pull/807) * Track assignee changes on issue view [#808](https://github.com/go-gitea/gitea/pull/808) * Track title changes on issue view [#841](https://github.com/go-gitea/gitea/pull/841) * Archive cleanup action [#885](https://github.com/go-gitea/gitea/pull/885) * Basic Open Graph support [#901](https://github.com/go-gitea/gitea/pull/901) * Take back control of Git hooks [#1006](https://github.com/go-gitea/gitea/pull/1006) * API endpoints for user repos [#1059](https://github.com/go-gitea/gitea/pull/1059) * BUGFIXES * Fixed counting issues for issue filters [#413](https://github.com/go-gitea/gitea/pull/413) * Added back default settings for SSH [#500](https://github.com/go-gitea/gitea/pull/500) * Fixed repo permissions [#513](https://github.com/go-gitea/gitea/pull/513) * Issues cannot be created with labels [#622](https://github.com/go-gitea/gitea/pull/622) * Add a reserved wiki paths check to the wiki [#720](https://github.com/go-gitea/gitea/pull/720) * Update website binding MaxSize to 255 [#722](https://github.com/go-gitea/gitea/pull/722) * User can see the private activity on public history [#818](https://github.com/go-gitea/gitea/pull/818) * Wrong pages number which includes private repositories [#844](https://github.com/go-gitea/gitea/pull/844) * Trim whitespaces for search keyword [#893](https://github.com/go-gitea/gitea/pull/893) * Don't rewrite non-gitea public keys [#906](https://github.com/go-gitea/gitea/pull/906) * Use fingerprint to check instead content for public key [#911](https://github.com/go-gitea/gitea/pull/911) * Fix random avatars [#1147](https://github.com/go-gitea/gitea/pull/1147) * ENHANCEMENTS * Refactored process manager [#75](https://github.com/go-gitea/gitea/pull/75) * Restrict rights to create new orgs [#193](https://github.com/go-gitea/gitea/pull/193) * Added label and milestone sorting [#199](https://github.com/go-gitea/gitea/pull/199) * Make minimum password length configurable [#223](https://github.com/go-gitea/gitea/pull/223) * Speedup conflict checking on pull requests [#276](https://github.com/go-gitea/gitea/pull/276) * Added button to delete merged pull request branches [#441](https://github.com/go-gitea/gitea/pull/441) * Improved issue references within markdown [#471](https://github.com/go-gitea/gitea/pull/471) * Dutch translation for the landingpage [#487](https://github.com/go-gitea/gitea/pull/487) * Added Gogs migration script [#532](https://github.com/go-gitea/gitea/pull/532) * Support a .gitea folder for issue templates [#582](https://github.com/go-gitea/gitea/pull/582) * Enhanced diff-view coloring [#584](https://github.com/go-gitea/gitea/pull/584) * Added ETag header to avatars [#721](https://github.com/go-gitea/gitea/pull/721) * Added option to config to disable local path imports [#724](https://github.com/go-gitea/gitea/pull/724) * Allow custom public files [#782](https://github.com/go-gitea/gitea/pull/782) * Added pprof endpoint for debugging [#801](https://github.com/go-gitea/gitea/pull/801) * Added `X-GitHub-*` headers [#809](https://github.com/go-gitea/gitea/pull/809) * Fill SSH key title automatically [#863](https://github.com/go-gitea/gitea/pull/863) * Display Git version on admin panel [#921](https://github.com/go-gitea/gitea/pull/921) * Expose URL field on issue API [#982](https://github.com/go-gitea/gitea/pull/982) * Statically compile the binaries [#985](https://github.com/go-gitea/gitea/pull/985) * Embed build tags into version string [#1051](https://github.com/go-gitea/gitea/pull/1051) * Gitignore support for FSharp and Clojure [#1072](https://github.com/go-gitea/gitea/pull/1072) * Custom templates for static builds [#1087](https://github.com/go-gitea/gitea/pull/1087) * Add ProxyFromEnvironment if none set [#1096](https://github.com/go-gitea/gitea/pull/1096) * MISC * Replaced remaining Gogs references * Added more tests on various packages * Use Crowdin for translations again * Resolved some XSS attack vectors * Optimized and reduced number of database queries ## [1.0.2](https://github.com/go-gitea/gitea/releases/tag/v1.0.2) - 2017-02-21 * BUGFIXES * Fixed issue counter [#882](https://github.com/go-gitea/gitea/pull/882) * Fixed XSS vulnerability on wiki page [#955](https://github.com/go-gitea/gitea/pull/955) * Add data dir without session to dump [#587](https://github.com/go-gitea/gitea/pull/587) * Fixed wiki page renaming [#958](https://github.com/go-gitea/gitea/pull/958) * Drop default console logger if not required [#960](https://github.com/go-gitea/gitea/pull/960) * Fixed docker docs link on install page [#972](https://github.com/go-gitea/gitea/pull/972) * Handle SetModel errors [#957](https://github.com/go-gitea/gitea/pull/957) * Fixed XSS vulnerability on milestones [#977](https://github.com/go-gitea/gitea/pull/977) * Fixed XSS vulnerability on alerts [#981](https://github.com/go-gitea/gitea/pull/981) ## [1.0.1](https://github.com/go-gitea/gitea/releases/tag/v1.0.1) - 2017-01-05 * BUGFIXES * Fixed localized `MIN_PASSWORD_LENGTH` [#501](https://github.com/go-gitea/gitea/pull/501) * Fixed 500 error on organization delete [#507](https://github.com/go-gitea/gitea/pull/507) * Ignore empty wiki repo on migrate [#544](https://github.com/go-gitea/gitea/pull/544) * Proper check access for forking [#563](https://github.com/go-gitea/gitea/pull/563) * Fix SSH domain on installer [#506](https://github.com/go-gitea/gitea/pull/506) * Fix missing data rows on admin UI [#580](https://github.com/go-gitea/gitea/pull/580) * Do not delete tags with releases by default [#579](https://github.com/go-gitea/gitea/pull/579) * Fix missing session config data on admin UI [#578](https://github.com/go-gitea/gitea/pull/578) * Properly show the version within footer on the UI [#593](https://github.com/go-gitea/gitea/pull/593) ## [1.0.0](https://github.com/go-gitea/gitea/releases/tag/v1.0.0) - 2016-12-23 * BREAKING * We have various changes on the API, scripting against API must be updated * FEATURES * Show last login for admins [#121](https://github.com/go-gitea/gitea/pull/121) * BUGFIXES * Fixed sender of notifications [#2](https://github.com/go-gitea/gitea/pull/2) * Fixed keyword hijacking vulnerability [#20](https://github.com/go-gitea/gitea/pull/20) * Fixed non-markdown readme rendering [#95](https://github.com/go-gitea/gitea/pull/95) * Allow updating draft releases [#169](https://github.com/go-gitea/gitea/pull/169) * GitHub API compliance [#227](https://github.com/go-gitea/gitea/pull/227) * Added commit SHA to tag webhook [#286](https://github.com/go-gitea/gitea/issues/286) * Secured links via noopener [#315](https://github.com/go-gitea/gitea/issues/315) * Replace tabs with spaces on wiki title [#371](https://github.com/go-gitea/gitea/pull/371) * Fixed vulnerability on labels and releases [#409](https://github.com/go-gitea/gitea/pull/409) * Fixed issue comment API [#449](https://github.com/go-gitea/gitea/pull/449) * ENHANCEMENTS * Use proper import path for libravatar [#3](https://github.com/go-gitea/gitea/pull/3) * Integrated DroneCI for tests and builds [#24](https://github.com/go-gitea/gitea/issues/24) * Integrated dependency manager [#29](https://github.com/go-gitea/gitea/issues/29) * Embedded bindata optionally [#30](https://github.com/go-gitea/gitea/issues/30) * Integrated pagination for releases [#73](https://github.com/go-gitea/gitea/pull/73) * Autogenerate version on every build [#91](https://github.com/go-gitea/gitea/issues/91) * Refactored Docker container [#104](https://github.com/go-gitea/gitea/issues/104) * Added short-hash support for downloads [#211](https://github.com/go-gitea/gitea/issues/211) * Display tooltip for downloads [#221](https://github.com/go-gitea/gitea/issues/221) * Improved HTTP headers for issue attachments [#270](https://github.com/go-gitea/gitea/pull/270) * Integrate public as bindata optionally [#293](https://github.com/go-gitea/gitea/pull/293) * Integrate templates as bindata optionally [#314](https://github.com/go-gitea/gitea/pull/314) * Inject more ENV variables into custom hooks [#316](https://github.com/go-gitea/gitea/issues/316) * Correct LDAP login validation [#342](https://github.com/go-gitea/gitea/pull/342) * Integrate conf as bindata optionally [#354](https://github.com/go-gitea/gitea/pull/354) * Serve video files in browser [#418](https://github.com/go-gitea/gitea/pull/418) * Configurable SSH host binding [#431](https://github.com/go-gitea/gitea/issues/431) * MISC * Forked from Gogs and renamed to Gitea * Catching more errors with logs * Fixed all linting errors * Made the go linter entirely happy * Really integrated vendoring