Changelog

This changelog goes through the changes that have been made in each release without substantial changes to our git log; to see the highlights of what has been added to each release, please refer to the blog.

1.21.11 - 2024-04-07

SECURITY
- Use go1.21.9 to include Golang security fix
- Fix possible renderer security problem (#30136) (#30315)
- Performance optimization for git push and check permissions for push options (#30104) (#30354)
BUGFIXES
- Fix close file in the Upload func (#30262) (#30269)
- Fix inline math blocks can’t be preceeded/followed by alphanumerical characters (#30175) (#30250)
- Fix missing 0 prefix of GPG key id (#30245) (#30247)
- Include encoding in signature payload (#30174) (#30181)
- Move from max( id ) to max( index ) for latest commit statuses (#30076) (#30155)
- Load attachments for code comments (#30124) (#30126)
- Fix gitea doctor will remove repo-avatar files when executing command storage-archives (#30094) (#30120)
- Fix possible data race on tests (#30093) (#30108)
- Fix duplicate migrated milestones (#30102) (#30105)
- Fix panic for fixBrokenRepoUnits16961 (#30068) (#30100)
- Fix incorrect SVGs (#30086) (#30087)
- Fix create commit status (#30225) (#30340)
- Fix misuse of unsupported global variables (#30402)
- Fix to delete the cookie when AppSubURL is non-empty (#30375) (#30468)
- Avoid user does not exist error when detecting schedule actions when the commit author is an external user (#30357) (#30408)
- Change the default maxPerPage for gitbucket (#30392) (#30471)
- Check the token’s owner and repository when registering a runner (#30406) (#30412)
- Avoid losing token when updating mirror settings (#30429) (#30466)
- Fix commit status cache which missed target_url (#30426) (#30445)
- Fix rename branch 500 when the target branch is deleted but exist in database (#30430) (#30437)
- Fix mirror error when mirror repo is empty (#30432) (#30467)
- Use db.ListOptions directly instead of Paginator interface to make it easier to use and fix performance of /pulls and /issues (#29990) (#30447)
- Fix code owners will not be mentioned when a pull request comes from a forked repository (#30476) (#30497)
DOCS
- Update actions variables documents (#30394) (#30405)
MISC
- Update katex to 0.16.10 (#30089)
- Upgrade go-sqlite to v1.14.22 (#30462)

1.21.10 - 2024-03-25

BUGFIXES
- Fix Add/Remove WIP on pull request title failure (#29999) (#30066)
- Fix misuse of TxContext (#30061) (#30062)
- Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org (#30013) (#30035)
- Escape paths for find file correctly (#30026) (#30031)
- Remove duplicate option in admin screen and now-unused translation keys (#28492) (#30024)
- Fix manual merge form and 404 page templates (#30000)

1.21.9 - 2024-03-21

PERFORMANCE
- Only do counting when count_only=true for repo dashboard (#29884) (#29905)
- Add cache for dashboard commit status (#29932)
ENHANCEMENT
- Make runs-on support variable expression (#29468) (#29782)
- Show Actions post step when it’s running (#29926) (#29928)
BUGFIXES
- Fix PR creation via API between branches of the same repo with head field namespaced (#26986) (#29857)
- Fix and rewrite markup anchor processing (#29931) (#29946)
- Notify reviewers added via CODEOWNERS (#29842) (#29902)
- Fix template error when comment review doesn’t exist (#29888) (#29889)
- Fix user id column case (#29863) (#29867)
- Make meilisearch do exact search for issues (#29740 & #29671) (#29846)
- Fix the for attribute not pointing to the ID of the color picker (#29813) (#29815)
- Fix codeowner detected diff base branch to mergebase (#29783) (#29807)
- Fix Safari spinner rendering (#29801) (#29802)
- Fix missing translation on milestones (#29785) (#29789)
- Fix user router possible panic (#29751) (#29786)
- Fix possible NPE in ToPullReviewList (#29759) (#29775)
- Fix the wrong default value of ENABLE_OPENID_SIGNIN on docs (#29925) (#29927)
- Solving the issue of UI disruption when the review is deleted without refreshing (#29951) (#29968)
- Fix loadOneBranch panic (#29938) (#29939)
- Fix invalid link of the commit status when ref is tagged (#29752) (#29908)
- Editor error message misleading due to re-used key. (#29859) (#29876)
- Fix double border and border-radius on empty action steps (#29845) (#29850)
- Use Temporal.PlainDate for absolute dates (#29804) (#29808)
- Fix incorrect package link method calls in templates (#29580) (#29764)
- Fix the bug that the user may log out if GetUserByID returns unknown error (#29962) (#29964)
- Performance improvements for pull request list page (#29900) (#29972)
- Fix bugs in rerunning jobs (#29983) (#29955)

1.21.8 - 2024-03-12

SECURITY
- Only use supported sort orders for “/explore/users” page (#29430) (#29443)
ENHANCEMENTS
- Fix wrong line number in code search result (#29260) (#29623)
BUGFIXES
- Use Get but not Post to get actions artifacts (#29734) (#29737)
- Fix inconsistent rendering of block mathematical expressions (#29677) (#29711)
- Fix rendering internal file links in org (#29669) (#29705)
- Don’t show AbortErrors on logout (#29639) (#29667)
- Fix user-defined markup links targets (#29305) (#29666)
- Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize (#29653) (#29663)
- Fix hidden test’s failure (#29254) (#29662)
- Add empty repo check-in DetectAndHandleSchedules (#29606) (#29659)
- Fix 500 when deleting an account with an incorrect password or unsupported login type (#29579) (#29656)
- Use strict protocol check when redirect (#29642) (#29644)
- Avoid issue info panic (#29625) (#29632)
- Avoid unexpected panic in graceful manager (#29629) (#29630)
- Make “/user/login” page redirect if the current user has signed in (#29583) (#29599)
- Fix workflow trigger event IssueChangeXXX bug (#29559) (#29565)
- Fix incorrect cookie path for AppSubURL (#29534) (#29552)
- Fix queue worker incorrectly stopped when there are still more items in the queue (#29532) (#29546)
- Fix incorrect redirection when creating a PR fails (#29537) (#29543)
- Fix incorrect subpath in links (#29535) (#29541)
- Fix issue link does not support quotes (#29484) (#29487) (#29536)
- Fix issue & comment history bugs (#29525) (#29527)
- Set pre-step status to skipped if the job is skipped (#29489) (#29523)
- Fix/Improve processWindowErrorEvent (#29407) (#29480)
- Fix counter display number incorrectly displayed on the page (#29448) (#29478)
- Fix workflow trigger event bugs (#29467) (#29475)
- Fix URL calculation in the clone input box (#29470) (#29473)
- The job should always run when if is always() (#29464) (#29469)
- Fix template bug (#27581) (#29446)
- Not trigger all jobs anymore when re-running the first job (#29439) (#29441)
- Ignore empty repo for CreateRepository in action notifier (#29416) (#29424)
- Fix incorrect tree path value for patch editor (#29377) (#29421)
- Add missing database transaction for new issues (#29490) (#29607)
- Fix 500 when pushing release to an empty repo (#29554) (#29564)
- Fix incorrect relative/absolute URL usages (#29531) (#29547)
- Fix wrong test usage of AppSubURL (#29459) (#29488)
- Fix missed return (#29450) (#29453)
- Fixing the issue when status checks per rule matches multiple actions (#29631) (#29655)
- Improve contrast on blame timestamp, fix double border (#29482) (#29485)

1.21.7 - 2024-02-26

ENHANCEMENTS
- Users with read permission of pull requests can be assigned too (#27263) (#29372)
BUGFIXES
- Do not double close reader (#29354) (#29370)
- Display friendly error message (#29105) (#29363)
- Fix project counter in organization/individual profile (#28068) (#29361)
- Fix validity of the FROM email address not being checked (#29347) (#29360)
- Fix tarball/zipball download bug (#29342) (#29352)
DOCS
- Docker Tag Information in Docs (#29047) (#29362)
MISC
- Enforce maxlength in frontend (#29389) (#29396)

1.21.6 - 2024-02-22

SECURITY
- Fix XSS vulnerabilities (#29336)
- Use general token signing secret (#29205) (#29325)
ENHANCEMENTS
- Refactor git version functions and check compatibility (#29155) (#29157)
- Improve user experience for outdated comments (#29050) (#29086)
- Hide code links on release page if user cannot read code (#29064) (#29066)
- Wrap contained tags and branches again (#29021) (#29026)
- Fix incorrect button CSS usages (#29015) (#29023)
- Strip trailing newline in markdown code copy (#29019) (#29022)
- Implement some action notifier functions (#29173) (#29308)
- Load outdated comments when (un)resolving conversation on PR timeline (#29203) (#29221)
BUGFIXES
- Refactor issue template parsing and fix API endpoint (#29069) (#29140)
- Fix swift packages not resolving (#29095) (#29102)
- Remove SSH workaround (#27893) (#29332)
- Only log error when tag sync fails (#29295) (#29327)
- Fix SSPI user creation (#28948) (#29323)
- Improve the issue_comment workflow trigger event (#29277) (#29322)
- Discard unread data of git cat-file (#29297) (#29310)
- Fix error display when merging PRs (#29288) (#29309)
- Prevent double use of git cat-file session. (#29298) (#29301)
- Fix missing link on outgoing new release notifications (#29079) (#29300)
- Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
- Always write proc-receive hook for all git versions (#29287) (#29291)
- Do not show delete button when time tracker is disabled (#29257) (#29279)
- Workaround to clean up old reviews on creating a new one (#28554) (#29264)
- Fix bug when the linked account was disactived and list the linked accounts (#29263)
- Do not use lower tag names to find releases/tags (#29261) (#29262)
- Fix missed edit issues event for actions (#29237) (#29251)
- Only delete scheduled workflows when needed (#29091) (#29235)
- Make submit event code work with both jQuery event and native event (#29223) (#29234)
- Fix push to create with capitalize repo name (#29090) (#29206)
- Use ghost user if user was not found (#29161) (#29169)
- Dont load Review if Comment is CommentTypeReviewRequest (#28551) (#29160)
- Refactor parseSignatureFromCommitLine (#29054) (#29108)
- Avoid showing unnecessary JS errors when there are elements with different origin on the page (#29081) (#29089)
- Fix gitea-origin-url with default ports (#29085) (#29088)
- Fix orgmode link resolving (#29024) (#29076)
- Fix Elasticsearh Request Entity Too Large #28117 (#29062) (#29075)
- Do not render empty comments (#29039) (#29049)
- Avoid sending update/delete release notice when it is draft (#29008) (#29025)
- Fix gitea-action user avatar broken on edited menu (#29190) (#29307)
- Disallow merge when required checked are missing (#29143) (#29268)
- Fix incorrect link to swift doc and swift package-registry login command (#29096) (#29103)
- Convert visibility to number (#29226) (#29244)
DOCS
- Remove outdated docs from some languages (#27530) (#29208)
- Fix typos in the documentation (#29048) (#29056)
- Explained where create issue/PR template (#29035)

1.21.5 - 2024-01-31

SECURITY
- Prevent anonymous container access if RequireSignInView is enabled (#28877) (#28882)
- Update go dependencies and fix go-git (#28893) (#28934)
BUGFIXES
- Revert “Speed up loading the dashboard on mysql/mariadb (#28546)” (#29006) (#29007)
- Fix an actions schedule bug (#28942) (#28999)
- Fix update enable_prune even if mirror_interval is not provided (#28905) (#28929)
- Fix uploaded artifacts should be overwritten (#28726) backport v1.21 (#28832)
- Preserve BOM in web editor (#28935) (#28959)
- Strip / from relative links (#28932) (#28952)
- Don’t remove all mirror repository’s releases when mirroring (#28817) (#28939)
- Implement MigrateRepository for the actions notifier (#28920) (#28923)
- Respect branch info for relative links (#28909) (#28922)
- Don’t reload timeline page when (un)resolving or replying conversation (#28654) (#28917)
- Only migrate the first 255 chars of a Github issue title (#28902) (#28912)
- Fix sort bug on repository issues list (#28897) (#28901)
- Fix DeleteCollaboration transaction behaviour (#28886) (#28889)
- Fix schedule not trigger bug because matching full ref name with short ref name (#28874) (#28888)
- Fix migrate storage bug (#28830) (#28867)
- Fix archive creating LFS hooks and breaking pull requests (#28848) (#28851)
- Fix reverting a merge commit failing (#28794) (#28825)
- Upgrade xorm to v1.3.7 to fix a resource leak problem caused by Iterate (#28891) (#28895)
- Fix incorrect PostgreSQL connection string for Unix sockets (#28865) (#28870)
ENHANCEMENTS
- Make loading animation less aggressive (#28955) (#28956)
- Avoid duplicate JS error messages on UI (#28873) (#28881)
- Bump @github/relative-time-element to 4.3.1 (#28819) (#28826)
MISC
- Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it’s explicitly defined (#28783) (#28868)
- Remove duplicated checkinit on git module (#28824) (#28831)

1.21.4 - 2024-01-16

SECURITY
- Update github.com/cloudflare/circl (#28789) (#28790)
- Require token for GET subscription endpoint (#28765) (#28768)
BUGFIXES
- Use refname:strip-2 instead of refname:short when syncing tags (#28797) (#28811)
- Fix links in issue card (#28806) (#28807)
- Fix nil pointer panic when exec some gitea cli command (#28791) (#28795)
- Require token for GET subscription endpoint (#28765) (#28778)
- Fix button size in “attached header right” (#28770) (#28774)
- Fix convert.ToTeams on empty input (#28426) (#28767)
- Hide code related setting options in repository when code unit is disabled (#28631) (#28749)
- Fix incorrect URL for “Reference in New Issue” (#28716) (#28723)
- Fix panic when parsing empty pgsql host (#28708) (#28709)
- Upgrade xorm to new version which supported update join for all supported databases (#28590) (#28668)
- Fix alpine package files are not rebuilt (#28638) (#28665)
- Avoid cycle-redirecting user/login page (#28636) (#28658)
- Fix empty ref for cron workflow runs (#28640) (#28647)
- Remove unnecessary syncbranchToDB with tests (#28624) (#28629)
- Use known issue IID to generate new PR index number when migrating from GitLab (#28616) (#28618)
- Fix flex container width (#28603) (#28605)
- Fix the scroll behavior for emoji/mention list (#28597) (#28601)
- Fix wrong due date rendering in issue list page (#28588) (#28591)
- Fix status_check_contexts matching bug (#28582) (#28589)
- Fix 500 error of searching commits (#28576) (#28579)
- Use information from previous blame parts (#28572) (#28577)
- Update mermaid for 1.21 (#28571)
- Fix 405 method not allowed CORS / OIDC (#28583) (#28586) (#28587) (#28611)
- Fix GetCommitStatuses (#28787) (#28804)
- Forbid removing the last admin user (#28337) (#28793)
- Fix schedule tasks bugs (#28691) (#28780)
- Fix issue dependencies (#27736) (#28776)
- Fix system webhooks API bug (#28531) (#28666)
- Fix when private user following user, private user will not be counted in his own view (#28037) (#28792)
- Render code block in activity tab (#28816) (#28818)
ENHANCEMENTS
- Rework markup link rendering (#26745) (#28803)
- Modernize merge button (#28140) (#28786)
- Speed up loading the dashboard on mysql/mariadb (#28546) (#28784)
- Assign pull request to project during creation (#28227) (#28775)
- Show description as tooltip instead of title for labels (#28754) (#28766)
- Make template DateTime show proper tooltip (#28677) (#28683)
- Switch destination directory for apt signing keys (#28639) (#28642)
- Include heap pprof in diagnosis report to help debugging memory leaks (#28596) (#28599)
DOCS
- Suggest to use Type=simple for systemd service (#28717) (#28722)
- Extend description for ARTIFACT_RETENTION_DAYS (#28626) (#28630)
MISC
- Add -F to commit search to treat keywords as strings (#28744) (#28748)
- Add download attribute to release attachments (#28739) (#28740)
- Concatenate error in checkIfPRContentChanged (#28731) (#28737)
- Improve 1.21 document for Database Preparation (#28643) (#28644)

1.21.3 - 2023-12-21

SECURITY
- Update golang.org/x/crypto (#28519)
API
- chore(api): support ignore password if login source type is LDAP for creating user API (#28491) (#28525)
- Add endpoint for not implemented Docker auth (#28457) (#28462)
ENHANCEMENTS
- Add option to disable ambiguous unicode characters detection (#28454) (#28499)
- Refactor SSH clone URL generation code (#28421) (#28480)
- Polyfill SubmitEvent for PaleMoon (#28441) (#28478)
BUGFIXES
- Fix the issue ref rendering for wiki (#28556) (#28559)
- Fix duplicate ID when deleting repo (#28520) (#28528)
- Only check online runner when detecting matching runners in workflows (#28286) (#28512)
- Initialize stroage for orphaned repository doctor (#28487) (#28490)
- Fix possible nil pointer access (#28428) (#28440)
- Don’t show unnecessary citation JS error on UI (#28433) (#28437)
DOCS
- Update actions document about comparison as Github Actions (#28560) (#28564)
- Fix documents for “custom/public/assets/” (#28465) (#28467)
MISC
- Fix inperformant query on retrifing review from database. (#28552) (#28562)
- Improve the prompt for “ssh-keygen sign” (#28509) (#28510)
- Update docs for DISABLE_QUERY_AUTH_TOKEN (#28485) (#28488)
- Fix Chinese translation of config cheat sheetAPI (#28473)
- Retry SSH key verification with additional CRLF if it failed (#28392) (#28464)

1.21.2 - 2023-12-12

SECURITY
- Rebuild with recently released golang version
- Fix missing check (#28406) (#28411)
- Do some missing checks (#28423) (#28432)
BUGFIXES
- Fix margin in server signed signature verification view (#28379) (#28381)
- Fix object does not exist error when checking citation file (#28314) (#28369)
- Use filepath instead of path to create SQLite3 database file (#28374) (#28378)
- Fix the runs will not be displayed bug when the main branch have no workflows but other branches have (#28359) (#28365)
- Handle repository.size column being NULL in migration v263 (#28336) (#28363)
- Convert git commit summary to valid UTF8. (#28356) (#28358)
- Fix migration panic due to an empty review comment diff (#28334) (#28362)
- Add HEAD support for rpm repo files (#28309) (#28360)
- Fix RPM/Debian signature key creation (#28352) (#28353)
- Keep profile tab when clicking on Language (#28320) (#28331)
- Fix missing issue search index update when changing status (#28325) (#28330)
- Fix wrong link in protect_branch_name_pattern_desc (#28313) (#28315)
- Read previous info from git blame (#28306) (#28310)
- Ignore “non-existing” errors when getDirectorySize calculates the size (#28276) (#28285)
- Use appSubUrl for OAuth2 callback URL tip (#28266) (#28275)
- Meilisearch: require all query terms to be matched (#28293) (#28296)
- Fix required error for token name (#28267) (#28284)
- Fix issue will be detected as pull request when checking First-time contributor (#28237) (#28271)
- Use full width for project boards (#28225) (#28245)
- Increase “version” when update the setting value to a same value as before (#28243) (#28244)
- Also sync DB branches on push if necessary (#28361) (#28403)
- Make gogit Repository.GetBranchNames consistent (#28348) (#28386)
- Recover from panic in cron task (#28409) (#28425)
- Deprecate query string auth tokens (#28390) (#28430)
ENHANCEMENTS
- Improve doctor cli behavior (#28422) (#28424)
- Fix margin in server signed signature verification view (#28379) (#28381)
- Refactor template empty checks (#28351) (#28354)
- Read previous info from git blame (#28306) (#28310)
- Use full width for project boards (#28225) (#28245)
- Enable system users search via the API (#28013) (#28018)

1.21.1 - 2023-11-26

SECURITY
- Fix comment permissions (#28213) (#28216)
BUGFIXES
- Fix delete-orphaned-repos (#28200) (#28202)
- Make CORS work for oauth2 handlers (#28184) (#28185)
- Fix missing buttons (#28179) (#28181)
- Fix no ActionTaskOutput table waring (#28149) (#28152)
- Fix empty action run title (#28113) (#28148)
- Use “is-loading” to avoid duplicate form submit for code comment (#28143) (#28147)
- Fix Matrix and MSTeams nil dereference (#28089) (#28105)
- Fix incorrect pgsql conn builder behavior (#28085) (#28098)
- Fix system config cache expiration timing (#28072) (#28090)
- Restricted users only see repos in orgs which their team was assigned to (#28025) (#28051)
API
- Fix permissions for Token DELETE endpoint to match GET and POST (#27610) (#28099)
ENHANCEMENTS
- Do not display search box when there’s no packages yet (#28146) (#28159)
- Add missing packages.cleanup.success (#28129) (#28132)
DOCS
- Docs: Replace deprecated IS_TLS_ENABLED mailer setting in email setup (#28205) (#28208)
- Fix the description about the default setting for action in quick start document (#28160) (#28168)
- Add guide page to actions when there’s no workflows (#28145) (#28153)
MISC
- Use full width for PR comparison (#28182) (#28186)

1.21.0 - 2023-11-14

BREAKING
- Restrict certificate type for builtin SSH server (#26789)
- Refactor to use urfave/cli/v2 (#25959)
- Move public asset files to the proper directory (#25907)
- Remove commit status running and warning to align GitHub (#25839) (partially reverted: Restore warning commit status (#27504) (#27529))
- Remove “CHARSET” config option for MySQL, always use “utf8mb4” (#25413)
- Set SSH_AUTHORIZED_KEYS_BACKUP to false (#25412)
FEATURES
- User details page (#26713)
- Chore(actions): support cron schedule task (#26655)
- Support rebuilding issue indexer manually (#26546)
- Allow to archive labels (#26478)
- Add disable workflow feature (#26413)
- Support .git-blame-ignore-revs file (#26395)
- Pre-register OAuth2 applications for git credential helpers (#26291)
- Add Retry button when creating a mirror-repo fails (#26228)
- Artifacts retention and auto clean up (#26131)
- Serve pre-defined files in “public”, add “security.txt”, add CORS header for “.well-known” (#25974)
- Implement auto-cancellation of concurrent jobs if the event is push (#25716)
- Newly pushed branches hints on repository home page (#25715)
- Display branch commit status (#25608)
- Add direct serving of package content (#25543)
- Add commits dropdown in PR files view and allow commit by commit review (#25528)
- Allow package cleanup from admin page (#25307)
- Batch delete issue and improve tippy opts (#25253)
- Show branches and tags that contain a commit (#25180)
- Add actor and status dropdowns to run list (#25118)
- Allow Organisations to have a E-Mail (#25082)
- Add codeowners feature (#24910)
- Actions Artifacts support uploading multiple files and directories (#24874)
- Support configuration variables on Gitea Actions (#24724)
- Support downloading raw task logs (#24451)
API
- Unify two factor check (#27915) (#27929)
- Fix package webhook (#27839) (#27855)
- Fix/upload artifact error windows (#27802) (#27840)
- Fix bad method call when deleting user secrets via API (#27829) (#27831)
- Do not force creation of _cargo-index repo on publish (#27266) (#27765)
- Delete repos of org when purge delete user (#27273) (#27728)
- Fix org team endpoint (#27721) (#27727)
- Api: GetPullRequestCommits: return file list (#27483) (#27539)
- Don’t let API add 2 exclusive labels from same scope (#27433) (#27460)
- Redefine the meaning of column is_active to make Actions Registration Token generation easier (#27143) (#27304)
- Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27251)
- Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27163)
- Allow empty Conan files (#27092)
- Fix token endpoints ignore specified account (#27080)
- Reduce usage of db.DefaultContext (#27073) (#27083) (#27089) (#27103) (#27262) (#27265) (#27347) (#26076)
- Make SSPI auth mockable (#27036)
- Extract auth middleware from service (#27028)
- Add RemoteAddress to mirrors (#26952)
- Feat(API): add routes and functions for managing user’s secrets (#26909)
- Feat(API): add secret deletion functionality for repository (#26808)
- Feat(API): add route and implementation for creating/updating repository secret (#26766)
- Add Upload URL to release API (#26663)
- Feat(API): update and delete secret for managing organization secrets (#26660)
- Feat: implement organization secret creation API (#26566)
- Add API route to list org secrets (#26485)
- Set commit id when ref used explicitly (#26447)
- PATCH branch-protection updates check list even when checks are disabled (#26351)
- Add file status for API “Get a single commit from a repository” (#16205) (#25831)
- Add API for changing Avatars (#25369)
BUGFIXES
- Fix viewing wiki commit on empty repo (#28040) (#28044)
- Enable system users for comment.LoadPoster (#28014) (#28032)
- Fixed duplicate attachments on dump on windows (#28019) (#28031)
- Fix wrong xorm Delete usage(backport for 1.21) (#28002)
- Add word-break to repo description in home page (#27924) (#27957)
- Fix rendering assignee changed comments without assignee (#27927) (#27952)
- Add word break to release title (#27942) (#27947)
- Fix JS NPE when viewing specific range of PR commits (#27912) (#27923)
- Show correct commit sha when viewing single commit diff (#27916) (#27921)
- Fix 500 when deleting a dismissed review (#27903) (#27910)
- Fix DownloadFunc when migrating releases (#27887) (#27890)
- Fix http protocol auth (#27875) (#27876)
- Refactor postgres connection string building (#27723) (#27869)
- Close all hashed buffers (#27787) (#27790)
- Fix label render containing invalid HTML (#27752) (#27762)
- Fix duplicate project board when hitting enter key (#27746) (#27751)
- Fix link-action redirect network error (#27734) (#27749)
- Fix sticky diff header background (#27697) (#27712)
- Always delete existing scheduled action tasks (#27662) (#27688)
- Support allowed hosts for webhook to work with proxy (#27655) (#27675)
- Fix poster is not loaded in get default merge message (#27657) (#27666)
- Improve dropdown button alignment and fix hover bug (#27632) (#27637)
- Improve retrying index issues (#27554) (#27634)
- Fix 404 when deleting Docker package with an internal version (#27615) (#27630)
- Backport manually for a tmpl issue in v1.21 (#27612)
- Don’t show Link to TOTP if not set up (#27585) (#27588)
- Fix data-race bug when accessing task.LastRun (#27584) (#27586)
- Fix attachment download bug (#27486) (#27571)
- Respect SSH.KeygenPath option when calculating ssh key fingerprints (#27536) (#27551)
- Improve dropdown’s behavior when there is a search input in menu (#27526) (#27534)
- Fix panic in storageHandler (#27446) (#27479)
- When comparing with an non-exist repository, return 404 but 500 (#27437) (#27442)
- Fix pr template (#27436) (#27440)
- Fix git 2.11 error when checking IsEmpty (#27393) (#27397)
- Allow get release download files and lfs files with oauth2 token format (#26430) (#27379)
- Fix missing ctx for GetRepoLink in dashboard (#27372) (#27375)
- Absolute positioned checkboxes overlay floated elements (#26870) (#27366)
- Introduce fixes and more rigorous tests for ‘Show on a map’ feature (#26803) (#27365)
- Fix repo count in org action settings (#27245) (#27353)
- Add logs for data broken of comment review (#27326) (#27345)
- Fix the approval count of PR when there is no protection branch rule (#27272) (#27343)
- Fix Bug in Issue Config when only contact links are set (#26521) (#27334)
- Improve issue history dialog and make poster can delete their own history (#27323) (#27327)
- Fix orphan check for deleted branch (#27310) (#27321)
- Fix protected branch icon location (#26576) (#27317)
- Fix yaml test (#27297) (#27303)
- Fix some animation bugs (#27287) (#27294)
- Fix incorrect change from #27231 (#27275) (#27282)
- Add missing public user visibility in user details page (#27246) (#27250)
- Fix EOL handling in web editor (#27141) (#27234)
- Fix issues on action runners page (#27226) (#27233)
- Quote table release in sql queries (#27205) (#27218)
- Fix release URL in webhooks (#27182) (#27185)
- Fix review request number and add more tests (#27104) (#27168)
- Fix the variable regexp pattern on web page (#27161) (#27164)
- Fix: treat tab “overview” as “repositories” in user profiles without readme (#27124)
- Fix NPE when editing OAuth2 applications (#27078)
- Fix the incorrect route path in the user edit page. (#27007)
- Fix the secret regexp pattern on web page (#26910)
- Allow users with write permissions for issues to add attachments with API (#26837)
- Make “link-action” backend code respond correct JSON content (#26680)
- Use line-height: normal by default (#26635)
- Fix NPM packages name validation (#26595)
- Rewrite the DiffFileTreeItem and fix misalignment (#26565)
- Return empty when searching issues with no repos (#26545)
- Explain SearchOptions and fix ToSearchOptions (#26542)
- Add missing triggers to update issue indexer (#26539)
- Handle base64 decoding correctly to avoid panic (#26483)
- Avoiding accessing undefined mentionValues (#26461)
- Fix incorrect redirection in new issue using references (#26440)
- Fix the bug when getting files changed for pull_request_target event (#26320)
- Remove IsWarning in tmpl (#26120)
- Fix loading LFS_JWT_SECRET from wrong section (#26109)
- Fixing redirection issue for logged-in users (#26105)
- Improve “gitea doctor” sub-command and fix “help” commands (#26072)
- Fix the truncate and alignment problem for some admin tables (#26042)
- Update minimum password length requirements (#25946)
- Do not “guess” the file encoding/BOM when using API to upload files (#25828)
- Restructure issue list template, styles (#25750)
- Fix ref for workflows triggered by pull_request_target (#25743)
- Fix issues indexer document mapping (#25619)
- Use JSON response for “user/logout” (#25522)
- Fix migrate page layout on mobile (#25507)
- Link to existing PR when trying to open a new PR on the same branches (#25494)
- Do not publish docker release images on -dev tags (#25471)
- Support pull_request_target event (#25229)
- Modify the content format of the Feishu webhook (#25106)
ENHANCEMENTS
- Render email addresses as such if followed by punctuation (#27987) (#27992)
- Show error toast when file size exceeds the limits (#27985) (#27986)
- Fix citation error when the file size is larger than 1024 bytes (#27958) (#27965)
- Remove action runners on user deletion (#27902) (#27908)
- Remove set tabindex on view issue (#27892) (#27896)
- Reduce margin/padding on flex-list items and divider (#27872) (#27874)
- Change katex limits (#27823) (#27868)
- Clean up template locale usage (#27856) (#27857)
- Add dedicated class for empty placeholders (#27788) (#27792)
- Add gap between diff boxes (#27776) (#27781)
- Fix incorrect “tab” parameter for repo search sub-template (#27755) (#27764)
- Enable followCursor for language stats bar (#27713) (#27739)
- Improve diff tree spacing (#27714) (#27719)
- Feed UI Improvements (#27356) (#27717)
- Improve feed icons and feed merge text color (#27498) (#27716)
- [FIX] resolve confusing colors in languages stats by insert a gap (#27704) (#27715)
- Add doctor dbconsistency fix to delete repos with no owner (#27290) (#27693)
- Fix required checkboxes in issue forms (#27592) (#27692)
- Hide archived labels by default from the suggestions when assigning labels for an issue (#27451) (#27661)
- Cleanup repo details icons/labels (#27644) (#27654)
- Keep filter when showing unfiltered results on explore page (#27192) (#27589)
- Show manual cron run’s last time (#27544) (#27577)
- Revert “Fix pr template (#27436)” (#27567)
- Increase queue length (#27555) (#27562)
- Avoid run change title process when the title is same (#27467) (#27558)
- Remove max-width and add hide text overflow (#27359) (#27550)
- Add hover background to wiki list page (#27507) (#27521)
- Fix mermaid flowchart margin issue (#27503) (#27516)
- Refactor system setting (#27000) (#27452)
- Fix missing ctx in new_form.tmpl (#27434) (#27438)
- Add Index to action.user_id (#27403) (#27425)
- Don’t use subselect in DeleteIssuesByRepoID (#27332) (#27408)
- Add support for HEAD ref in /src/branch and /src/commit routes (#27384) (#27407)
- Make Actions tasks/jobs timeouts configurable by the user (#27400) (#27402)
- Hide archived labels when filtering by labels on the issue list (#27115) (#27381)
- Highlight user details link (#26998) (#27376)
- Add protected branch name description (#27257) (#27351)
- Improve tree not found page (#26570) (#27346)
- Add Index to comment.dependent_issue_id (#27325) (#27340)
- Improve branch list UI (#27319) (#27324)
- Fix divider in subscription page (#27298) (#27301)
- Add missed return to actions view fetch (#27289) (#27293)
- Backport ctx locale refactoring manually (#27231) (#27259) (#27260)
- Disable Test Delivery and Replay webhook buttons when webhook is inactive (#27211) (#27253)
- Use mask-based fade-out effect for .new-menu (#27181) (#27243)
- Cleanup locale function usage (#27227) (#27240)
- Fix z-index on markdown completion (#27237) (#27239)
- Fix Fomantic UI dropdown icon bug when there is a search input in menu (#27225) (#27228)
- Allow copying issue comment link on archived repos and when not logged in (#27193) (#27210)
- Fix: text decorator on issue sidebar menu label (#27206) (#27209)
- Fix dropdown icon position (#27175) (#27177)
- Add index to issue_user.issue_id (#27154) (#27158)
- Increase auth provider icon size on login page (#27122)
- Remove a gt-float-right and some unnecessary helpers (#27110)
- Change green buttons to primary color (#27099)
- Use db.WithTx for AddTeamMember to avoid ctx abuse (#27095)
- Use print instead of printf (#27093)
- Remove the useless function GetUserIssueStats and move relevant tests to indexer_test.go (#27067)
- Search branches (#27055)
- Display all user types and org types on admin management UI (#27050)
- Ui correction in mobile view nav bar left aligned items. (#27046)
- Chroma color tweaks (#26978)
- Move some functions to service layer (#26969)
- Improve “language stats” UI (#26968)
- Replace util.SliceXxx with slices.Xxx (#26958)
- Refactor dashboard/feed.tmpl (#26956)
- Move repository deletion to service layer (#26948)
- Fix the missing repo count (#26942)
- Improve hint when uploading a too large avatar (#26935)
- Extract common code to new template (#26933)
- Move createrepository from module to service layer (#26927)
- Move notification interface to services layer (#26915)
- Move feed notification service layer (#26908)
- Move ui notification to service layer (#26907)
- Move indexer notification to service layer (#26906)
- Move mail notification logic to service layer (#26905)
- Extract common code to new template (#26903)
- Show queue’s active worker number (#26896)
- Fix media description render for orgmode (#26895)
- Remove CSS has selector and improve various styles (#26891)
- Relocate the RSS user feed button (#26882)
- Refactor “shortsha” (#26877)
- Refactor og:description to limit the max length (#26876)
- Move web/api context related testing function into a separate package (#26859)
- Redable error on S3 storage connection failure (#26856)
- Improve opengraph previews (#26851)
- Add more descriptive error on forgot password page (#26848)
- Show always repo count in header (#26842)
- Remove “TODO” tasks from CSS file (#26835)
- Render code blocks in repo description (#26830)
- Minor dashboard tweaks, fix flex-list margins (#26829)
- Remove polluted .ui.right (#26825)
- Display archived labels specially when listing labels (#26820)
- Remove polluted “.ui.left” style (#26809)
- Make it posible to customize nav text color via css var (#26807)
- Refactor lfs requests (#26783)
- Improve flex list item padding (#26779)
- Remove fomantic text module (#26777)
- Remove fomantic item module (#26775)
- Remove redundant nil check in WalkGitLog (#26773)
- Reduce some allocations in type conversion (#26772)
- Refactor some CSS styles and simplify code (#26771)
- Unify border-radius behavior (#26770)
- Improve modal dialog UI (#26764)
- Allow “latest” to be used in release vTag when downloading file (#26748)
- Adding hint Archived to archive label. (#26741)
- Move modules/mirror to services (#26737)
- Add “dir=auto” for input/textarea elements by default (#26735)
- Add auth-required to config.json for Cargo http registry (#26729)
- Simplify helper CSS classes and avoid abuse (#26728)
- Make web context initialize correctly for different cases (#26726)
- Focus editor on “Write” tab click (#26714)
- Remove incorrect CSS helper classes (#26712)
- Fix review bar misalignment (#26711)
- Add reverseproxy auth for API back with default disabled (#26703)
- Add default label in branch select list (#26697)
- Improve Image Diff UI (#26696)
- Fixed text overflow in dropdown menu (#26694)
- [Refactor] getIssueStatsChunk to move inner function into own one (#26671)
- Remove fomantic loader module (#26670)
- Add member, collaborator, contributor, and first-time contributor roles and tooltips (#26658)
- Improve some flex layouts (#26649)
- Improve the branch selector tab UI (#26631)
- Improve show role (#26621)
- Remove avatarHTML from template helpers (#26598)
- Allow text selection in actions step header (#26588)
- Improve translation of milestone filters (#26569)
- Add optimistic lock to ActionRun table (#26563)
- Update team invitation email link (#26550)
- Differentiate better between user settings and admin settings (#26538)
- Check disabled workflow when rerun jobs (#26535)
- Improve deadline icon location in milestone list page (#26532)
- Improve repo sub menu (#26531)
- Fix the display of org level badges (#26504)
- Rename Sync2 -> Sync (#26479)
- Fix stderr usages (#26477)
- Remove fomantic transition module (#26469)
- Refactor tests (#26464)
- Refactor project templates (#26448)
- Fall back to esbuild for css minify (#26445)
- Always show usernames in reaction tooltips (#26444)
- Use correct pull request commit link instead of a generic commit link (#26434)
- Refactor “editorconfig” (#26391)
- Make user-content-* consistent with github (#26388)
- Remove unnecessary template helper repoAvatar (#26387)
- Remove unnecessary template helper DisableGravatar (#26386)
- Use template context function for avatar rendering (#26385)
- Rename code_langauge.go to code_language.go (#26377)
- Use more IssueList instead of []*Issue (#26369)
- Do not highlight #number in documents (#26365)
- Fix display problems of members and teams unit (#26363)
- Fix 404 error when remove self from an organization (#26362)
- Improve CLI and messages (#26341)
- Refactor backend SVG package and add tests (#26335)
- Add link to job details and tooltip to commit status in repo list in dashboard (#26326)
- Use yellow if an approved review is stale (#26312)
- Remove commit load branches and tags in wiki repo (#26304)
- Add highlight to selected repos in milestone dashboard (#26300)
- Delete issue_service.CreateComment (#26298)
- Do not show Profile README when repository is private (#26295)
- Tweak actions menu (#26278)
- Start using template context function (#26254)
- Use calendar icon for Joined on... in profiles (#26215)
- Add ‘Show on a map’ button to Location in profile, fix layout (#26214)
- Render plaintext task list items for markdown files (#26186)
- Add tooltip to describe LFS table column and color delete LFS file button red (#26181)
- Release attachments duplicated check (#26176)
- De-emphasize issue sidebar buttons (#26171)
- Fixing the align of commit stats in commit_page template. (#26161)
- Allow editing push mirrors after creation (#26151)
- Move web JSON functions to web context and simplify code (#26132)
- Refactor improve NoBetterThan (#26126)
- Improve clickable area in repo action view page (#26115)
- Add context parameter to some database functions (#26055)
- Docusaurus-ify (#26051)
- Improve text for empty issue/pr description (#26047)
- Categorize admin settings sidebar panel (#26030)
- Remove redundant “RouteMethods” method (#26024)
- Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
- Add a link to OpenID Issuer URL in WebFinger response (#26000)
- Fix UI for release tag page / wiki page / subscription page (#25948)
- Support copy protected branch from template repository (#25889)
- Improve display of Labels/Projects/Assignees sort options (#25886)
- Fix margin on the new/edit project page. (#25885)
- Show image size on view page (#25884)
- Remove ref name in PR commits page (#25876)
- Allow the use of alternative net.Listener implementations by downstreams (#25855)
- Refactor “Content” for file uploading (#25851)
- Add error info if no user can fork the repo (#25820)
- Show edit title button on commits tab of PR, too (#25791)
- Introduce flex-list & flex-item elements for Gitea UI (#25790)
- Don’t stack PR tab menu on small screens (#25789)
- Repository Archived text title center align (#25767)
- Make route middleware/handler mockable (#25766)
- Move issue filters to shared template (#25729)
- Use frontend fetch for branch dropdown component (#25719)
- Add open/closed field support for issue index (#25708)
- Some less naked returns (#25682)
- Fix inconsistent user profile layout across tabs (#25625)
- Get latest commit statuses from database instead of git data on dashboard for repositories (#25605)
- Adding branch-name copy to clipboard branches screen. (#25596)
- Update emoji set to Unicode 15 (#25595)
- Move some files under repo/setting (#25585)
- Add custom ansi colors and CSS variables for them (#25546)
- Add log line anchor for action logs (#25532)
- Use flex instead of float for sort button and search input (#25519)
- Update octicons and use octicon-file-directory-symlink (#25453)
- Add toasts to UI (#25449)
- Fine tune project board label colors and modal content background (#25419)
- Import additional secrets via file uri (#25408)
- Switch to ansi_up for ansi rendering in actions (#25401)
- Store and use seconds for timeline time comments (#25392)
- Support displaying diff stats in PR tab bar (#25387)
- Use fetch form action for lock/unlock/pin/unpin on sidebar (#25380)
- Refactor: TotalTimes return seconds (#25370)
- Navbar styling rework (#25343)
- Introduce shared template for search inputs (#25338)
- Only show ‘Manage Account Links’ when necessary (#25311)
- Improve ‘Privacy’ section in profile settings (#25309)
- Substitute variables in path names of template repos too (#25294)
- Fix tags line no margin see #25255 (#25280)
- Use fetch to send requests to create issues/comments (#25258)
- Change form actions to fetch for submit review box (#25219)
- Improve AJAX link and modal confirm dialog (#25210)
- Reduce unnecessary DB queries for Actions tasks (#25199)
- Disable Create column button while the column name is empty (#25192)
- Refactor indexer (#25174)
- Adjust style for action run list (align icons, adjust padding) (#25170)
- Remove duplicated functions when deleting a branch (#25128)
- Make confusable character warning less jarring (#25069)
- Highlight viewed files differently in the PR filetree (#24956)
- Support changing labels of Actions runner without re-registration (#24806)
- Fix duplicate Reviewed-by trailers (#24796)
- Resolve issue with sort icons on admin/users and admin/runners (#24360)
- Split lfs size from repository size (#22900)
- Sync branches into databases (#22743)
- Disable run user change in installation page (#22499)
- Add merge files files to GetCommitFileStatus (#20515)
- Show OpenID Connect and OAuth on signup page (#20242)
SECURITY
- Dont leak private users via extensions (#28023) (#28029)
- Expanded minimum RSA Keylength to 3072 (#26604)
TESTING
- Add user secrets API integration tests (#27832) (#27852)
- Add tests for db indexer in indexer_test.go (#27087)
- Speed up TestEventSourceManagerRun (#26262)
- Add unit test for user renaming (#26261)
- Add some Wiki unit tests (#26260)
- Improve unit test for caching (#26185)
- Add unit test for HashAvatar (#25662)
TRANSLATION
- Backport translations to v1.21 (#27899)
- Fix issues in translation file (#27699) (#27737)
- Add locale for deleted head branch (#26296)
- Improve multiple strings in en-US locale (#26213)
- Fix broken translations for package documantion (#25742)
- Correct translation wrong format (#25643)
BUILD
- Dockerfile small refactor (#27757) (#27826)
- Fix build errors on BSD (in BSDMakefile) (#27594) (#27608)
- Fully replace drone with actions (#27556) (#27575)
- Enable markdownlint no-duplicate-header (#27500) (#27506)
- Enable production source maps for index.js, fix CSS sourcemaps (#27291) (#27295)
- Update snap package (#27021)
- Bump go to 1.21 (#26608)
- Bump xgo to go-1.21.x and node to 20 in release-version (#26589)
- Add template linting via djlint (#25212)
DOCS
- Change default size of issue/pr attachments and repo file (#27946) (#28017)
- Remove known issue section in Gitea Actions Doc (#27930) (#27938)
- Remove outdated paragraphs when comparing Gitea Actions to GitHub Actions (#27119)
- Update brew installation documentation since gitea moved to brew core package (#27070)
- Actions are no longer experimental, so enable them by default (#27054)
- Add a documentation note for Windows Service (#26938)
- Add sparse url in cargo package guide (#26937)
- Update nginx recommendations (#26924)
- Update backup instructions to align with archive structure (#26902)
- Expanding documentation in queue.go (#26889)
- Update info regarding internet connection for build (#26776)
- Docs: template variables (#26547)
- Update index doc (#26455)
- Update zh-cn documentation (#26406)
- Fix typos and grammar problems for actions documentation (#26328)
- Update documentation for 1.21 actions (#26317)
- Doc update swagger doc for POST /orgs/{org}/teams (#26155)
- Doc sync authentication.md to zh-cn (#26117)
- Doc guide the user to create the appropriate level runner (#26091)
- Make organization redirect warning more clear (#26077)
- Update blog links (#25843)
- Fix default value for LocalURL (#25426)
- Update from-source.zh-cn.md & from-source.en-us.md - Cross Compile Using Zig (#25194)
MISC
- Replace deprecated elliptic.Marshal (#26800)
- Add elapsed time on debug for slow git commands (#25642)

1.20.5 - 2023-10-03

ENHANCEMENTS
- Fix z-index on markdown completion (#27237) (#27242 & #27238)
- Use secure cookie for HTTPS sites (#26999) (#27013)
BUGFIXES
- Fix git 2.11 error when checking IsEmpty (#27393) (#27396)
- Allow get release download files and lfs files with oauth2 token format (#26430) (#27378)
- Fix orphan check for deleted branch (#27310) (#27320)
- Quote table release in sql queries (#27205) (#27219)
- Fix release URL in webhooks (#27182) (#27184)
- Fix successful return value for SyncAndGetUserSpecificDiff (#27152) (#27156)
- fix pagination for followers and following (#27127) (#27138)
- Fix issue templates when blank isses are disabled (#27061) (#27082)
- Fix context cache bug & enable context cache for dashabord commits’ authors(#26991) (#27017)
- Fix INI parsing for value with trailing slash (#26995) (#27001)
- Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27249)
- Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27167 & #27162)
- Fix bug of review request number (#27406) (#27104)
TESTING
- services/wiki: Close() after error handling (#27129) (#27137)
DOCS
- Improve actions docs related to pull_request event (#27126) (#27145)
MISC
- Add logs for data broken of comment review (#27326) (#27344)
- Load reviewer before sending notification (#27063) (#27064)

1.20.4 - 2023-09-08

SECURITY
- Check blocklist for emails when adding them to account (#26812) (#26831)
ENHANCEMENTS
- Add branch_filter to hooks API endpoints (#26599) (#26632)
- Fix incorrect “tabindex” attributes (#26733) (#26734)
- Use line-height: normal by default (#26635) (#26708)
- Fix unable to display individual-level project (#26198) (#26636)
BUGFIXES
- Fix wrong review requested number (#26784) (#26880)
- Avoid double-unescaping of form value (#26853) (#26863)
- Redirect from {repo}/issues/new to {repo}/issues/new/choose when blank issues are disabled (#26813) (#26847)
- Sync tags when adopting repos (#26816) (#26834)
- Fix verifyCommits error when push a new branch (#26664) (#26810)
- Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests (#26759) (#26806)
- Fix some slice append usages (#26778) (#26798)
- Add fix incorrect can_create_org_repo for org owner team (#26683) (#26791)
- Fix bug for ctx usage (#26763)
- Make issue template field template access correct template data (#26698) (#26709)
- Use correct minio error (#26634) (#26639)
- Ignore the trailing slashes when comparing oauth2 redirect_uri (#26597) (#26618)
- Set errwriter for urfave/cli v1 (#26616)
- Fix reopen logic for agit flow pull request (#26399) (#26613)
- Fix context filter has no effect in dashboard (#26695) (#26811)
- Fix being unable to use a repo that prohibits accepting PRs as a PR source. (#26785) (#26790)
- Fix Page Not Found error (#26768)

1.20.3 - 2023-08-20

BREAKING
- Fix the wrong derive path (#26271) (#26318)
SECURITY
- Fix API leaking Usermail if not logged in (#25097) (#26350)
FEATURES
- Add ThreadID parameter for Telegram webhooks (#25996) (#26480)
ENHANCEMENTS
- Add minimum polyfill to support “relative-time-element” in PaleMoon (#26575) (#26578)
- Fix dark theme highlight for “NameNamespace” (#26519) (#26527)
- Detect ogg mime-type as audio or video (#26494) (#26505)
- Use object-fit: contain for oauth2 custom icons (#26493) (#26498)
- Move dropzone progress bar to bottom to show filename when uploading (#26492) (#26497)
- Remove last newline from config file (#26468) (#26471)
- Minio: add missing region on client initialization (#26412) (#26438)
- Add pull request review request webhook event (#26401) (#26407)
- Fix text truncate (#26354) (#26384)
- Fix incorrect color of selected assignees when create issue (#26324) (#26372)
- Display human-readable text instead of cryptic filemodes (#26352) (#26358)
- Hide last indexed SHA when a repo could not be indexed yet (#26340) (#26345)
- Fix the topic validation rule and support dots (#26286) (#26303)
- Fix due date rendering the wrong date in issue (#26268) (#26274)
- Don’t autosize textarea in diff view (#26233) (#26244)
- Fix commit compare style (#26209) (#26226)
- Warn instead of reporting an error when a webhook cannot be found (#26039) (#26211)
BUGFIXES
- Use “input” event instead of “keyup” event for migration form (#26602) (#26605)
- Do not use deprecated log config options by default (#26592) (#26600)
- Fix “issueReposQueryPattern does not match query” (#26556) (#26564)
- Sync repo’s IsEmpty status correctly (#26517) (#26560)
- Fix project filter bugs (#26490) (#26558)
- Use hidden over clip for text truncation (#26520) (#26522)
- Set “type=button” for editor’s toolbar buttons (#26510) (#26518)
- Fix NuGet search endpoints (#25613) (#26499)
- Fix storage path logic especially for relative paths (#26441) (#26481)
- Close stdout correctly for “git blame” (#26470) (#26473)
- Check first if minio bucket exists before trying to create it (#26420) (#26465)
- Avoiding accessing undefined tributeValues #26461 (#26462)
- Call git.InitSimple for runRepoSyncReleases (#26396) (#26450)
- Add transaction when creating pull request created dirty data (#26259) (#26437)
- Fix wrong middleware sequence (#26428) (#26436)
- Fix admin queue page title and fix CI failures (#26409) (#26421)
- Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) (#26405)
- Bypass MariaDB performance bug of the “IN” sub-query, fix incorrect IssueIndex (#26279) (#26368)
- Fix incorrect CLI exit code and duplicate error message (#26346) (#26347)
- Prevent newline errors with Debian packages (#26332) (#26342)
- Fix bug with sqlite load read (#26305) (#26339)
- Make git batch operations use parent context timeout instead of default timeout (#26325) (#26330)
- Support getting changed files when commit ID is EmptySHA (#26290) (#26316)
- Clarify the logger’s MODE config option (#26267) (#26281)
- Use shared template for webhook icons (#26242) (#26246)
- Fix pull request check list is limited (#26179) (#26245)
- Fix attachment clipboard copy on insecure origin (#26224) (#26231)
- Fix access check for org-level project (#26182) (#26223)
MISC
- Improve profile readme rendering (#25988) (#26453)
- [docs] Add missing backtick in quickstart.zh-cn.md (#26349) (#26357)
- Upgrade x/net to 0.13.0 (#26301)

1.20.2 - 2023-07-29

ENHANCEMENTS
- Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
- Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
BUGFIXES
- Fix allowed user types setting problem (#26200) (#26206)
- Fix handling of plenty Nuget package versions (#26075) (#26173)
- Fix UI regression of asciinema player (#26159) (#26162)
- Fix LFS object list style (#26133) (#26147)
- Fix allowed user types setting problem (#26200) (#26206)
- Prevent primary key update on migration (#26192) (#26199)
- Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882) (#26158)
- Fix bugs in LFS meta garbage collection (#26122) (#26157)
- Update xorm version (#26128) (#26150)
- Remove “misc” scope check from public API endpoints (#26134) (#26149)
- Fix CLI allowing creation of access tokens with existing name (#26071) (#26144)
- Fix incorrect router logger (#26137) (#26143)
- Improve commit graph alignment and truncating (#26112) (#26127)
- Avoid writing config file if not installed (#26107) (#26113)
- Fix escape problems in the branch selector (#25875) (#26103)
- Fix handling of Debian files with trailing slash (#26087) (#26098)
- Fix Missing 404 swagger response docs for /admin/users/{username} (#26086) (#26089)
- Use stderr as fallback if the log file can’t be opened (#26074) (#26083)
- Increase table cell horizontal padding (#26140) (#26142)
- Fix wrong workflow status when rerun a job in an already finished workflow (#26119) (#26124)
- Fix duplicated url prefix on issue context menu (#26066) (#26067)

1.20.1 - 2023-07-22

SECURITY
- Disallow dangerous URL schemes (#25960) (#25964)
ENHANCEMENTS
- Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947) (#25972)
- Make pending commit status yellow again (#25935) (#25968)
BUGFIXES
- Fix version in rpm repodata/primary.xml.gz (#26009) (#26048)
- Fix env config parsing for “GITEA____APP_NAME” (#26001) (#26013)
- ParseScope with owner/repo always sets owner to zero (#25987) (#25989)
- Fix SSPI auth panic (#25955) (#25969)
- Avoid creating directories when loading config (#25944) (#25957)
- Make environment-to-ini work with INSTALL_LOCK=true (#25926) (#25937)
- Ignore runs-on with expressions when warning no matched runners (#25917) (#25933)
- Avoid opening/closing PRs which are already merged (#25883) (#25903)
DOCS
- RPM Registry: Show zypper commands for SUSE based distros as well (#25981) (#26020)
- Correctly refer to dev tags as nightly in the docker docs (#26004) (#26019)
- Update path related documents (#25417) (#25982)
MISC
- Adding remaining enum for migration repo model type. (#26021) (#26034)
- Fix the route for pull-request’s authors (#26016) (#26018)
- Fix commit status color on dashboard repolist (#25993) (#25998)
- Avoid hard-coding height in language dropdown menu (#25986) (#25997)
- Add shutting down notice (#25920) (#25922)
- Fix incorrect milestone count when provide a keyword (#25880) (#25904)

1.20.0 - 2023-07-16

BREAKING
- Fix WORK_DIR for docker (root) image (#25738) (#25811)
- Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
- Refactor path & config system (#25330) (#25416)
- Fix all possible setting error related storages and added some tests (#23911) (#25244)
- Use a separate admin page to show global stats, remove actions stat (#25062)
- Remove the service worker (#25010)
- Remove meta tags theme-color and default-theme (#24960)
- Use [git.config] for reflog cleaning up (#24958)
- Allow all URL schemes in Markdown links by default (#24805)
- Redesign Scoped Access Tokens (#24767)
- Fix team members API endpoint pagination (#24754)
- Rewrite logger system (#24726)
- Increase default LFS auth timeout from 20m to 24h (#24628)
- Rewrite queue (#24505)
- Remove unused setting time.FORMAT (#24430)
- Refactor setting.Other and remove unused SHOW_FOOTER_BRANDING (#24270)
- Correct the access log format (#24085)
- Reserve “.png” suffix for user/org names (#23992)
- Prefer native parser for SSH public key parsing (#23798)
- Editor preview support for external renderers (#23333)
- Add Gitea Profile Readmes (#23260)
- Refactor ctx in templates (#23105)
SECURITY
- Test if container blob is accessible before mounting (#22759) (#25784)
- Set type=“password” on all auth_token fields (#22175)
FEATURES
- Add button on diff header to copy file name, misc diff header tweaks (#24986)
- API endpoint for changing/creating/deleting multiple files (#24887)
- Support changing git config through app.ini, use diff.algorithm=histogram by default (#24860)
- Add up and down arrows to selected lookup repositories (#24727)
- Add Go package registry (#24687)
- Add status indicator on main home screen for each repo (#24638)
- Support for status check pattern (#24633)
- Implement Cargo HTTP index (#24452)
- Add Debian package registry (#24426)
- Add the ability to pin Issues (#24406)
- Add follow organization and fix the logic of following page (#24345)
- Allow webp images as avatars (#24248)
- Support upload outputs and use needs context on Actions (#24230)
- Allow adding new files to an empty repo (#24164)
- Make wiki title supports dashes and improve wiki name related features (#24143)
- Add monospace toggle button to textarea (#24034)
- Use auto-updating, natively hoverable, localized time elements (#23988)
- Add ntlm authentication support for mail (#23811)
- Add CLI command to register runner tokens (#23762)
- Add Alpine package registry (#23714)
- Expand/Collapse all changed files (#23639)
- Add unset default project column (#23531)
- Add activity feeds API (#23494)
- Add RPM registry (#23380)
- Add meilisearch support (#23136)
- Add API for License templates (#23009)
- Add admin API email endpoints (#22792)
- Add user rename endpoint to admin api (#22789)
- Add API for gitignore templates (#22783)
- Implement actions artifacts (#22738)
- Add RSS Feeds for branches and files (#22719)
- Display when a repo was archived (#22664)
- Add Swift package registry (#22404)
- Add CRAN package registry (#22331)
- Add user webhooks (#21563)
- Implement systemd-notify protocol (#21151)
- Implement Issue Config (#20956)
- Add API to manage issue dependencies (#17935)
API
- Use correct response code in push mirror creation response in v1_json.tmpl (#25476) (#25571)
- Fix Permission in API returned repository struct (#25388) (#25441)
- Add API for Label templates (#24602)
- Filters for GetAllCommits (#24568)
- Add ability to specify ‘--not’ from GetAllCommits (#24409)
- Support uploading file to empty repo by API (#24357)
- Add absent repounits to create/edit repo API (#23500)
- Add login name and source id for admin user searching API (#23376)
- Create a branch directly from commit on the create branch API (#22956)
ENHANCEMENTS
- Make add line comment buttons focusable (#25894) (#25896)
- Always pass 6-digit hex color to monaco (#25780) (#25782)
- Clarify “text-align” CSS helpers, fix clone button padding (#25763) (#25764)
- Hide add file button for pull mirrors (#25748) (#25751)
- Allow/fix review (approve/reject) of empty PRs (#25690) (#25732)
- Fix tags header and pretty format numbers (#25624) (#25694)
- Actions list enhancements (#25601) (#25678)
- Fix show more for image on diff page (#25672) (#25673)
- Prevent SVG shrinking (#25652) (#25669)
- Fix UI misalignment on user setting page (#25629) (#25656)
- Use css on labels (#25626) (#25636)
- Read-only checkboxes don’t appear and don’t entirely act the way one might expect (#25573) (#25602)
- Redirect to package after version deletion (#25594) (#25599)
- Reduce table padding globally (#25568) (#25577)
- Change Regenerate Secret button display (#25534) (#25541)
- Fix rerun icon on action view component (#25531) (#25536)
- Move some regexp out of functions (#25430) (#25445)
- Diff page enhancements (#25398) (#25437)
- Various UI fixes (#25264) (#25431)
- Fix label list divider (#25312) (#25372)
- Fix UI on mobile view (#25315) (#25340)
- When viewing a file, hide the add button (#25320) (#25339)
- Show if File is Executable (#25287) (#25300)
- Fix edit OAuth application width (#25262) (#25263)
- Use flex to align SVG and text (#25163) (#25260)
- Revert overflow: overlay (revert #21850) (#25231) (#25239)
- Use inline SVG for built-in OAuth providers (#25171) (#25234)
- Change access token UI to select dropdowns (#25109) (#25230)
- Remove hacky patch for “safari emoji glitch fix” (#25208) (#25211)
- Minor arc-green color tweaks (#25175) (#25205)
- Button and color enhancements (#24989) (#25176)
- Fix mobile navbar and misc cleanups (#25134) (#25169)
- Modify OAuth login ui and fix display name, iconurl related logic (#25030) (#25161)
- Improve notification icon and navbar (#25111) (#25124)
- Add details summary for vertical menus in settings to allow toggling (#25098)
- Don’t display select all issues checkbox when no issues are available (#25086)
- Use RepositoryList instead of []*Repository (#25074)
- Add ability to set multiple redirect URIs in OAuth application UI (#25072)
- Use git command instead of the ini package to remove the origin remote (#25066)
- Remove cancel button from branch protection form (#25063)
- Show file tree by default (#25052)
- Add Progressbar to Milestone Page (#25050)
- Minor UI improvements: logo alignment, auth map editor, auth name display (#25043)
- Allow for PKCE flow without client secret + add docs (#25033)
- Refactor INI package (first step) (#25024)
- Various style fixes (#25008)
- Fix delete user account modal (#25004)
- Refactor diffFileInfo / DiffTreeStore (#24998)
- Add user level action runners (#24995)
- Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest (#24988)
- Add step start time to ViewStepLog (#24980)
- Add dark mode to API Docs (#24971)
- Display file mode for new file and file mode changes (#24966)
- Make the 500 page load themes (#24953)
- Show bot label next to username when rendering author link if the user is a bot (#24943)
- Repo list improvements, fix bold helper classes (#24935)
- Improve queue and logger context (#24924)
- Improve RunMode / dev mode (#24886)
- Improve some Forms (#24878)
- Add show timestamp/seconds and fullscreen options to action page (#24876)
- Fix double border and adjust width for user profile page (#24870)
- Improve Actions CSS (#24864)
- Fix @font-face overrides (#24855)
- Remove In your repositories link in milestones dashboard (#24853)
- Fix missing yes/no in delete time log modal (#24851)
- Show new pull request button also on subdirectories and files (#24842)
- Make environment-to-ini support loading key value from file (#24832)
- Support wildcard in email domain allow/block list (#24831)
- Use CommentList instead of []*Comment (#24828)
- Add RTL rendering support to Markdown (#24816)
- Rework notifications list (#24812)
- Mute repo names in dashboard repo list (#24811)
- Fix max width and margin of comment box on conversation page (#24809)
- Some refactors for issues stats (#24793)
- Rework label colors (#24790)
- Fix OAuth login loading state (#24788)
- Remove duplicated issues options and some more refactors (#24787)
- Decouple the different contexts from each other (#24786)
- Remove background on user dashboard filter bar (#24779)
- Improve and fix bugs surrounding reactions (#24760)
- Make the color of zero-contribution-squares in the activity heatmap more subtle (#24758)
- Fix WEBP image copying (#24743)
- Rework OAuth login buttons, swap github logo to monocolor (#24740)
- Consolidate the two review boxes into one (#24738)
- Unification of registration fields order (#24737)
- Refactor Pull Mirror and fix out-of-sync bugs (#24732)
- Improvements for action detail page (#24718)
- Fix flash of unstyled content in action view page (#24712)
- Don’t filter action runs based on state (#24711)
- Optimize actions list by removing an unnecessary git call (#24710)
- Support no label/assignee filter and batch clearing labels/assignees (#24707)
- Add icon support for safari (#24697)
- Use standard HTTP library to serve files (#24693)
- Improve button-ghost, remove tertiary button (#24692)
- Only hide tooltip tippy instances (#24688)
- Support migrating storage for actions log via command line (#24679)
- Remove highlight in repo list (#24675)
- Add markdown preview to Submit Review Textarea (#24672)
- Update pin and add pin-slash (#24669)
- Improve empty notifications display (#24668)
- Support SSH for go get (#24664)
- Improve avatar uploading / resizing / compressing, remove Fomantic card module (#24653)
- Only show one tippy at a time (#24648)
- Notification list enhancements, fix striped tables on dark theme (#24639)
- Improve queue & process & stacktrace (#24636)
- Use the type RefName for all the needed places and fix pull mirror sync bugs (#24634)
- Remove fluid on compare diff page (#24627)
- Add a tooltip to the job rerun button (#24617)
- Attach a tooltip to the action status icon (#24614)
- Make the actions control button look like an actual button (#24611)
- Remove unnecessary code (#24610)
- Make repo migration cancelable and fix various bugs (#24605)
- Improve updating Actions tasks (#24600)
- Attach a tooltip to the action control button (#24595)
- Make repository response support HTTP range request (#24592)
- Improve Gitea’s web context, decouple “issue template” code into service package (#24590)
- Modify luminance calculation and extract related functions into single files (#24586)
- Simplify template helper functions (#24570)
- Split “modules/context.go” to separate files (#24569)
- Add org visibility label to non-organization’s dashboard (#24558)
- Update LDAP filters to include both username and email address (#24547)
- Review fixes and enhancements (#24526)
- Display warning when user try to rename default branch (#24512)
- Fix color for transfer related buttons when having no permission to act (#24510)
- Rework button coloring, add focus and active colors (#24507)
- New webhook trigger for receiving Pull Request review requests (#24481)
- Add goto issue id function (#24479)
- Fix incorrect webhook time and use relative-time to display it (#24477)
- RSS icon fixes (#24476)
- Replace N/A with - everywhere (#24474)
- Pass ‘not’ to commit count (#24473)
- Enhance stylelint rule config, remove dead CSS (#24472)
- Remove font-awesome and fomantic icon module (#24471)
- Improve “new-menu” (#24465)
- Remove fomantic breadcrumb module (#24463)
- Improve template system and panic recovery (#24461)
- Make Issue/PR/projects more compact, misc CSS tweaks (#24459)
- Replace remaining fontawesome dropdown icons with SVG (#24455)
- Remove all direct references to font-awesome (#24448)
- Move links out of translation (#24446)
- Add ui-monospace and SF Mono to --fonts-monospace (#24442)
- Hide ‘Mirror Settings’ when unneeded, improve hints (#24433)
- Add “Updated” column for admin repositories list (#24429)
- Improve issue list filter (#24425)
- Rework header bar on issue, pull requests and milestone (#24420)
- Improve template helper (#24417)
- Make repo size style matches others (commits/branches/tags) (#24408)
- Support markdown editor for issue template (#24400)
- Improve commit date in commit graph (#24399)
- Start cleaning the messy “.ui.left / .ui.right”, improve label list page, fix stackable menu (#24393)
- Merge setting.InitXXX into one function with options (#24389)
- Move Rename branch from repo settings page to the page of branches list (#24380)
- Improve protected branch setting page (#24379)
- Display ‘Unknown’ when runner.version is empty (#24378)
- Display owner of a runner as a tooltip instead of static text (#24377)
- Fix incorrect last online time in runner_edit.tmpl (#24376)
- Fix unclear IsRepositoryExist logic (#24374)
- Add custom helm repo name generated from url (#24363)
- Replace placeholders in licenses (#24354)
- Add rerun workflow button and refactor to use SVG octicons (#24350)
- Fix runner button height (#24338)
- Restore bold on repolist (#24337)
- Improve RSS (#24335)
- Refactor “route” related code, fix Safari cookie bug (#24330)
- Alert error message if open dependencies are included in the issues that try to batch close (#24329)
- Add missed column title in runner management page (#24328)
- Automatically select the org when click create repo from org dashboard (#24325)
- Modify width of ui container, fine tune css for settings pages and org header (#24315)
- Fix config list overflow and layout (#24312)
- Improve some modal action buttons (#24289)
- Move code from module to service (#24287)
- Sort users and orgs on explore by recency by default (#24279)
- Allow using localized absolute date times within phrases with place holders and localize issue due date events (#24275)
- Show workflow config error on file view also (#24267)
- Improve template helper functions: string/slice (#24266)
- Use more specific test methods (#24265)
- Add DumpVar helper function to help debugging templates (#24262)
- Limit avatar upload to valid image files (#24258)
- Improve emoji and mention matching (#24255)
- Change to vertical navbar layout for secondary navbar for repo/user/admin settings (#24246)
- Refactor config provider (#24245)
- Improve test logger (#24235)
- Default show closed actions list if all actions was closed (#24234)
- Add missing badges in user profile for /projects and /packages (#24232)
- Add repository counter badge to repository tab (#24205)
- Move secrets and runners settings to actions settings (#24200)
- Require at least one unit to be enabled (#24189)
- Use same action status svg icons on actions list as on action page (#24178)
- Use secondary pointing menu for tabs on user/organization home page (#24162)
- Improve Wiki TOC (#24137)
- Refactor locale number (#24134)
- Localize activity heatmap (except tooltip) (#24131)
- Fix duplicate modals when clicking on “remove all” repository button (#24129)
- Add runner check in repo action page (#24124)
- Support triggering workflows by wiki related events (#24119)
- Refactor cookie (#24107)
- Remove untranslatable on_date key (#24106)
- Refactor delete_modal_actions template and use it for project column related actions (#24097)
- Improve git log for debugging (#24095)
- Add option to search for users is active join a team (#24093)
- Add PDF rendering via PDFObject (#24086)
- Refactor web route (#24080)
- Make HTML template functions support context (#24056)
- Refactor rename user and rename organization (#24052)
- Localize milestone related time strings (#24051)
- Expand selected file when clicking file tree (#24041)
- Add popup to hashed comments/pull requests/issues in file editing/adding preview tab (#24040)
- Add placeholder and aria attributes to release and wiki edit page (#24031)
- Add new user types reserved, bot, and remote (#24026)
- Allow adding SSH keys even if SSH server is disabled (#24025)
- Use a general approach to access custom/static/builtin assets (#24022)
- Update github.com/google/go-github to v52 (#24004)
- Replace tribute with text-expander-element for textarea (#23985)
- Group template helper functions, remove Printf, improve template error messages (#23982)
- Drop “unrolled/render” package (#23965)
- Add job.duration in web ui (#23963)
- Tweak pull request branch delete ui (#23951)
- Merge template functions “dict/Dict/mergeinto” (#23932)
- Use a general Eval function for expressions in templates. (#23927)
- Clean template/helper.go (#23922)
- Actions: Use default branch as ref when a branch/tag delete occurs (#23910)
- Add tooltips for MD editor buttons and add muted class for buttons (#23896)
- Improve markdown editor: width, height, preferred (#23895)
- Make Release Download URLs predictable (#23891)
- Remove fomantic “.link” selector and styles (#23888)
- Added close/open button to details page of milestone (#23877)
- Introduce GitHub markdown editor, keep EasyMDE as fallback (#23876)
- Introduce GiteaLocaleNumber custom element to handle number localization on pages. (#23861)
- Make first section on home page full width (#23854)
- Use different SVG for pending and running actions (#23836)
- Display image size for multiarch container images (#23821)
- Improve action log display with control chars (#23820)
- Fix dropdown direction behavior (#23806)
- Fix incorrect/Improve error handle in edit user page (#23805)
- Use clippie module to copy to clipboard (#23801)
- Make minio package support legacy MD5 checksum (#23768)
- Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766)
- Refactor docs (#23752)
- Fix markup background, improve wiki rendering (#23750)
- Make label templates have consistent behavior and priority (#23749)
- Improve LoadUnitConfig to handle invalid or duplicate units (#23736)
- Append (comment) when a link points at a comment rather than the whole issue (#23734)
- Clean some legacy files and move some build files (#23699)
- Refactor repo commit list (#23690)
- Refactor internal API for git commands, use meaningful messages instead of “Internal Server Error” (#23687)
- Add aria attributes to interactive time tooltips. (#23661)
- Fix long project name display in issue list and in related dropdown (#23653)
- Use data-tooltip-content for tippy tooltip (#23649)
- Fix new issue/pull request btn margin when it is next to sort (#23647)
- Fine tune more downdrop settings, use SVG for labels, improve Repo Topic Edit form (#23626)
- Allow new file and edit file preview if it has editable extension (#23624)
- Replace a few fontawesome icons with svg (#23602)
- Publish Review buttons should indicate why they are disabled (#23598)
- Convert issue list checkboxes to native (#23596)
- Set opaque background on markup and images (#23578)
- Use a general approach to show tooltip, fix temporary tooltip bug (#23574)
- Improve <SvgIcon> to make it output svg node and optimize performance (#23570)
- Enable color for consistency checks diffs (#23563)
- Fix dropdown icon misalignment when using fomantic icon (#23558)
- Decouple the issue-template code from comment_tab.tmpl (#23556)
- Remove id="comment-form" dead code, fix tag (#23555)
- Diff improvements (#23553)
- Sort Python package descriptors by version to mimic PyPI format (#23550)
- Use a general approch to improve a11y for all checkboxes and dropdowns. (#23542)
- Fix long name ui issues and label ui issue (#23541)
- Return repository in npm package metadata endpoint (#23539)
- Use project.IconName instead of repeated unreadable if-else chains (#23538)
- Remove stars in dashboard repo list (#23530)
- Update mini-css-extract-plugin, remove postcss (#23520)
- Change Close to either Close issue or Close pull request (#23506)
- Fix theme-auto loading (#23504)
- Fix tags sort by creation time (descending) on branch/tag dropdowns (#23491)
- Display the version of runner in the runner list (#23490)
- Replace Less with CSS (#23481)
- Fix .locale.Tr function not found in delete modal (#23468)
- Allow both fullname and username search when DEFAULT_SHOW_FULL_NAME is true (#23463)
- Add project type descriptions in issue badge and improve project icons (#23437)
- Use context for RepositoryList.LoadAttributes (#23435)
- Refactor branch/tag selector to Vue SFC (#23421)
- Keep (add if not existing) xmlns attribute for generated SVG images (#23410)
- Refactor dashboard repo list to Vue SFC (#23405)
- Add workflow error notification in ui (#23404)
- Refactor branch/tag selector dropdown (first step) (#23394)
- Reduce duplicate and useless code in options (#23369)
- Convert <div class="button"> to <button class="button"> (#23337)
- Add path prefix to ObjectStorage.Iterator (#23332)
- Improve cache context (#23330)
- Move pidfile creation from setting to web cmd package (#23285)
- Fix tags view (#23243)
- Add commit info in action page (#23210)
- Support paste treepath when creating a new file or updating the file name (#23209)
- Allow skipping forks and mirrors from being indexed (#23187)
- Use context parameter in services/repository (#23186)
- Hide target selector if tag exists when creating new release (#23171)
- Improve FindProjects (#23085)
- Clean Path in Options (#23006)
- Add margin top to the top of branches (#23002)
- Remove unnecessary and incorrect find('.menu').toggle() (#22987)
- Improve GetBoards and getDefaultBoard (#22981)
- Improve squash merge commit author and co-author with private emails (#22977)
- Add --quiet option to gitea dump (#22969)
- Add pagination for dashboard and user activity feeds (#22937)
- Handle files starting with colons in WalkGitLog (#22935)
- Add “Reviewed by you” filter for pull requests (#22927)
- Parse external request id from request headers, and print it in access log (#22906)
- Replace repo.namedBlob by git.TreeEntry. (#22898)
- Pull Requests: add button to compare force pushed commits (#22857)
- Fix pull request update showing too many commits with multiple branches (#22856)
- Require approval to run actions for fork pull request (#22803)
- Projects: rename Board to Column in interface and improve consistency (#22767)
- Add user visibility in dashboard navbar (#22747)
- Add .livemd as a markdown extension (#22730)
- Clean up WebAuthn javascript code and remove JQuery code (#22697)
- Merge message template support for rebase without merge commit (#22669)
- Show editorconfig warnings when viewing a malformed editorconfig (#21257)
- Npm packages: set repository link based on the url in package.json (#20379)
BUGFIXES
- Add support for different Maven POM encoding (#25873) (#25890)
- Fix incorrect repo url when changed the case of ownername (#25733) (#25881)
- Fix empty project displayed in issue sidebar (#25802) (#25854)
- Show correct SSL Mode on “install page” (#25818) (#25838)
- Fix the error message when the token is incorrect (#25701) (#25836)
- Fix incorrect oldest sort in project list (#25806) (#25835)
- For API attachments, use API URL (#25639) (#25814)
- Avoid amending the Rebase and Fast-forward merge if there is no message template (#25779) (#25809)
- Make “install page” respect environment config (#25648) (#25799)
- Fix activity type match in matchPullRequestEvent (#25746) (#25796)
- Fix notification list bugs (#25781) (#25787)
- Revert package access change from #23879 (#25707) (#25785)
- Check ctx.Written() for GetActionIssue (#25698) (#25711)
- Fix position of org follow button (#25688) (#25692)
- Fix the nil pointer when assigning issues to projects (#25665) (#25677)
- Log the real reason when authentication fails (but don’t show the user) (#25414) (#25660)
- Fix bug when change user name (#25637) (#25646)
- Make “cancel” buttons have proper type in modal forms (#25618) (#25641)
- Use AfterCommitId to get commit for Viewed functionality (#25529) (#25612)
- Fix bug of branches API with tests(#25578) (#25579)
- Fix content holes in Actions task logs file (#25560) (#25566)
- Fix bugs related to notification endpoints (#25548) (#25562)
- Add Adopt repository event and handler (#25497) (#25518)
- Improve wiki sidebar and TOC (#25460) (#25477)
- Make “dismiss” content shown correctly (#25461) (#25465)
- Change default email domain for LDAP users (#25425) (#25434)
- Fix missing commit message body when the message has leading newlines (#25418) (#25422)
- Fix LDAP sync when Username Attribute is empty (#25278) (#25379)
- Fetch all git data for embedding correct version in docker image (#25361) (#25373)
- Fix incorrect actions ref_name (#25358) (#25367)
- Write absolute AppDataPath to app.ini when installing (#25331) (#25347)
- Fix incorrect config argument position for builtin SSH server (#25341)
- Remove EasyMDE focus outline on text (#25328) (#25332)
- Fix displayed RPM repo url (#25310) (#25313)
- Fix index generation parallelly failure (#25235) (#25269)
- Fix panic when migrating a repo from GitHub with issues (#25246) (#25247)
- Fix task list checkbox toggle to work with YAML front matter (#25184) (#25227)
- Fix compatible for webhook ref type (#25195) (#25223)
- Hide limited users if viewed by anonymous ghost (#25214) (#25220)
- Do not overwrite the log mode when installing (#25203) (#25209)
- Fix fullscreen for action (#25200) (#25207)
- Add WithPullRequest for actionsNotifier (#25144) (#25197)
- Fix MilestoneIDs when querying issues (#25125) (#25141)
- Fix incorrect git ignore rule and add missing license files (#25135) (#25138)
- Remove incorrect element ID on “post-install” page (#25104) (#25129)
- Fix 500 error caused by notifications without an issue such as repo transfers (#25101)
- Help to recover from corrupted levelqueue (#24912)
- Fix 500 error when select No assignee filter in issue list page (#24854)
- Add validations.required check to dropdown field (#24849)
- Reenable creating default webhooks. (#24626)
- Fix incorrect user visibility (#24557)
- Fix commits pushed with deploy keys not shown in dashboard (#24521)
- Check length of LogIndexes in case it is outdated (#24516)
- Fix incorrect CurrentUser check for docker rootless (#24441)
- Fix some mistakes when using ignSignIn (#24415)
- Fix incorrect CORS response in Http Git handler (#24303)
- Fix issue attachment handling (#24202)
- Make mention autocomplete case insensitive in new markdown editor (#24190)
- Use 1.18’s aria role for dropdown menus (#24144)
- Fix internal sever error when visiting a PR that bound to the deleted team (#24127)
- Add migration to fix external unit access mode of owner/admin team (#24117)
- Show friendly 500 error page to users and developers (#24110)
- Fix meilisearch not working when searching across multiple repositories (#24109)
- Fix math and mermaid rendering bugs (#24049)
- Remove “inverted” class on creating new label and cancel buttons (#24030)
- Allow repo admins too to delete the repo (#23940)
- Disable editing tags (#23883)
- Fix review conversation reply (#23846)
- Fix incorrect CORS failure detection logic (#23844)
- Remove incorrect HTML self close tag (#23748)
- Fix incorrect toggle buttons (#23676)
- Introduce path Clean/Join helper functions (#23495)
- Fix missed migration in #22235 (#23482)
- Do not store user projects as organization projects (#23353)
- Fix incorrect display for comment context menu (#23343)
- Make Ctrl+Enter submit a pending comment (starting review) instead of submitting a single comment (#23245)
- Fix submit button won’t refresh in New Repository Fork page (#22994)
- Remove stars when repo goes private (#19904)
TESTING
- Add unit test for repository collaboration (#25640) (#25658)
- Add missing test case and fix typo in tests (#24915)
- Kd/fix redis unit test (#24650)
- Add owner team permission check test (#24096)
- Test renderReadmeFile (#23185)
- Add default owner team to privated_org and limited_org in unit test (#23109)
- Speed up HasUserStopwatch & GetActiveStopwatch (#23051)
- Remove all package data after tests (#22984)
TRANSLATION
- Backport locales to v1.20 (#25899)
- Translate untranslated string in issues list (#25759) (#25761)
- Remove broken translations (#25737)
- Show correct naming for 1 comment (#25704) (#25712)
- Add Chinese documentations for Actions (#24902)
- Change valid_until translation to valid_until_date and include placeholder for the date (#24563)
- Change add_on translation to added_on and include placeholder for the date (#24562)
- Change join_on translation to joined_on and include placeholder for the date (#24550)
- Use double quotes consistently in en-US (#24141)
- Clarify Gitea/Crowdin locale behaviors, add tests for LocaleStore, fix some strings with semicolons (#23819)
- Update localization.zh-cn.md (#23448)
- Fix grammar in error message (#23273)
BUILD
- Correct permissions for .ssh and authorized_keys (#25721) (#25730)
- Upgrade snap to node 20 (#24990)
- Use Go 1.20 for next release (#24859)
- Ignore build for docs only (#24761)
- Update cron-translations.yml (#24708)
- Update to Alpine 3.18 (#24700)
- Check latest version on CI (#24556)
- Upgrade to Node 20 on CI, enable actions cancellation (#24524)
- Mark /templates/swagger/v1_json.tmpl as generated file (#24306)
- Enable forbidigo linter (#24278)
- Introduce lint-md and compliance-docs pipeline (#24021)
- Add eslint-plugin-custom-elements (#23991)
- Update eslints for Vue 3 (#23935)
- Improve backport-locales.go (#23807)
- Don’t run unnecessary steps when only docs changed (#23103)
DOCS
- Docs: rootless docker ssh’s default port is 2222 (#25771) (#25772)
- Add documentation about supported workflow trigger events (#25582) (#25589)
- Document creating an API key from the CLI (#25504)
- Use the new download domain replace the old (#25405) (#25409)
- Add Exoscale to installation on cloud provider docs (#25342) (#25346)
- Improve some documents: release version, logging, NFS lock (#25202) (#25204)
- Change branch name from master to main in some documents’ links (#25126) (#25140)
- Introduce how to configure cache when starting a Runner with Docker (#25077)
- Docs: remove an extraneous whitespace (#24949)
- Update Asciidoc markup example with safe defaults (#24920)
- Fix <empty> in administration/config-cheat-sheet.en-us.md (#24905)
- Rename docs packages title from xxx Packages Repository -> xxx Package Registry (#24895)
- Replace drone exec to act_runner exec in test README.md (#24791)
- Update packages overview page (#24730)
- Docs for creating a user to run Gitea on Fedora/RHEL/CentOS (#24725)
- Move actions as usage’s subdirectory and update comparison zh-cn version (#24719)
- Document redis-cluster explicitly in config (#24717)
- Improve reverse-proxy document and fix nginx config bug (#24616)
- Fix broken README link (#24546)
- Update CONTRIBUTING.md (#24492)
- Docs for Gitea Actions (#24405)
- Zh-cn support on doc pages (#24166)
- Fix https setup doc zh-cn (#24015)
- Adjust some documentations titles (#23941)
- More specific and unique feed name for NuGet install command template. (#23889)
- Clarify that Gitea requires JavaScript (#23677)
- Rename develop -> development, contribute -> contributing, administer -> administration (#23662)
- Update PR documentation (#23620)
- Add package registry architecture overview (#23445)
- Add gradle samples in maven doc of packages (#23374)
- Improve the frontend guideline (#23298)
- Add document for webcomponents (#23261)
- Add Gitea Community Code of Conduct (#23188)
- Avoid Hugo from adding quote to actions url (#23097)
- Improve reverse proxies documentation (#23068)
- Docs: HTTPS configuration for zh-cn (#23039)
MISC
- Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) (#25576)
- Align language menu icon and fit the footer area (#25556) (#25563)
- Fix sub-command log level (#25537) (#25553)
- Fix admin-dl-horizontal (#25512) (#25535)
- Fix input line-height cutting off g (#25334) (#25533)
- Clarify the reason why the user can’t add a new email if there is a pending activation (#25509) (#25514)
- Improve loadprojects for issue list (#25468) (#25493)
- Use “utf8mb4” for MySQL by default (#25432)
- Show outdated comments in files changed tab (#24936) (#25428)
- Avoid polluting config file when “save” (#25395) (#25406)
- Fix blank dir message when uploading files from web editor (#25391) (#25400)
- Fix issue filters on mobile view (#25368) (#25371)
- Avoid polluting the config (#25345) (#25354)
- Fix action runner last online state on edit page (#25337)
- Remove fomantic inverted variations (#25286) (#25289)
- Show OAuth2 errors to end users (#25261) (#25271)
- Fix profile render when the README.md size is larger than 1024 bytes (#25270)
- Fix strange UI behavior of cancelling dismiss review modal (#25172)
- Update js dependencies (#25137) (#25151)
- Fix swagger documentation for multiple files API endpoint (#25110)
- Fix link to customizing-gitea (#25056)
- Add Link to Stars and Forks Page to Repo List (#24931)
- Improve confusable character string (#24911)
- Fix install page context, make the install page tests really test (#24858)
- Add gitea manager reload-templates command (#24843)
- Create pull request for base after editing file, if not enabled on fork (#24841)
- Fix video width overflow in markdown, and other changes to match img (#24834)
- Support Copy Link for video attachments (#24833)
- Improve accessibility when (re-)viewing files (#24817)
- Update JS dependencies (#24815)
- Bump vm2 from 3.9.17 to 3.9.18 (#24742)
- Add IsErrRepoFilesAlreadyExist check when fork repo (#24678)
- Fix typo in act-runner file (#24652)
- Do not send “registration success email” for external auth sources (#24632)
- Filter get single commit (#24613)
- Make diff view full width again (#24598)
- Add permission check for moving issue action in project view page (#24589)
- Revert “Prevent a user with a different email from accepting the team invite” (#24531)
- Temporarily disable PATs until next release (#24527)
- Clean up polluted styles and remove dead CSS code (#24497)
- Faster git.GetDivergingCommits (#24482)
- Fix test delivery button in repo webhook settings page (#24478)
- Use globally shared HTMLRender (#24436)
- Changelog 1.19.2 (#24365) (#24403)
- Fix layouts of admin table / adapt repo / email test (#24370)
- Gitea Actions add base_ref, head_ref, api_url, ref_type fields (#24356)
- Fix 404 error when leaving the last private org team (#24322)
- Improve External Wiki in Repo Header (#24304)
- Updated upgrade script that is informing user that Gitea service has to be running in order to upgrade it (#24260)
- Add run status in action view page (#24223)
- Update JS dependencies (#24218)
- Bump vm2 from 3.9.15 to 3.9.16 (#24089)
- Update github.com/google/go-github to v51 (#23946)
- Show visibility status of email in own profile (#23900)
- Refactor authors dropdown (send get request from frontend to avoid long wait time) (#23890)
- Add self to maintainers (#23644)
- Upgrade to npm lockfile v3 and explicitly set it (#23561)
- Improve indices for action table (#23532)
- Update JS dependencies, Require Node.js 16 (#23528)
- Add init file for Ubuntu (#23362)
- Update go.mod dependencies (#23126)
- Use minio/sha256-simd for accelerated SHA256 (#23052)
- More detailed branch delete message (#22696)
- Add tooltips to Hide comment type settings where necessary (#21306)

1.19.4 - 2023-07-04

SECURITY
- Fix open redirect check for more cases (#25143) (#25155)
API
- Return 404 in the API if the requested webhooks were not found (#24823) (#24830)
- Fix organization field being null in GET /api/v1/teams/{id} (#24694) (#24696)
ENHANCEMENTS
- Set --font-weight-bold to 600 (#24840)
- Make mailer SMTP check have timed context (#24751) (#24759)
- Do not select line numbers when selecting text from the action run logs (#24594) (#24596)
BUGFIXES
- Fix bug when change user name (#25637) (#25645)
- Fix task list checkbox toggle to work with YAML front matter (#25184) (#25236)
- Hide limited users if viewed by anonymous ghost (#25214) (#25224)
- Add WithPullRequest for actionsNotifier (#25144) (#25196)
- Fix parallelly generating index failure with Mysql (#24567) (#25081)
- GitLab migration: Sanitize response for reaction list (#25054) (#25059)
- Fix users cannot visit issue attachment bug (#25019) (#25027)
- Fix missing reference prefix of commits when sync mirror repository (#24994)
- Only validate changed columns when update user (#24867) (#24903)
- Make DeleteIssue use correct context (#24885)
- Fix topics deleted via API not being deleted in org page (#24825) (#24829)
- Fix Actions being enabled accidentally (#24802) (#24810)
- Fix missed table name on iterate lfs meta objects (#24768) (#24774)
- Fix safari cookie session bug (#24772)
- Respect original content when creating secrets (#24745) (#24746)
- Fix Pull Mirror out-of-sync bugs (#24732) (#24733)
- Fix run list broken when trigger user deleted (#24706) (#24709)
- Fix issues list page multiple selection update milestones (#24660) (#24663)
- Fix: release page for empty or non-existing target (#24659)
- Fix close org projects (#24588) (#24591)
- Refresh the references of the closed PR when reopening (#24231) (#24587)
- Fix the permission of team’s Actions unit issue (#24536) (#24545)
- Bump go.etcd.io/bbolt and blevesearch deps (#23062) (#24519)
- Fix new wiki page mirror (#24518)
- Match unqualified references when syncing pulls as well (#23070)
DOCS
- Change branch name from master to main in some documents’ links (#25126) (#25139)
- Remove unnecessary content on docs (#24976) (#25001)
- Unify doc links to use paths relative to doc folder (#24979) (#25000)
- Fix docs documenting invalid @every for OLDER_THAN cron settings (#24695) (#24698)
MISC
- Merge different languages for language stats (#24900) (#24921)
- Hiding Secrets options when Actions feature is disabled (#24792)
- Improve decryption failure message (#24573) (#24575)
- Makefile: Use portable !, not GNUish -not, with find(1). (#24565) (#24572)

1.19.3 - 2023-05-03

SECURITY
- Use golang 1.20.4 to fix CVE-2023-24539, CVE-2023-24540, and CVE-2023-29400
ENHANCEMENTS
- Enable whitespace rendering on selection in Monaco (#24444) (#24485)
- Improve milestone filter on issues page (#22423) (#24440)
BUGFIXES
- Fix api error message if fork exists (#24487) (#24493)
- Fix user-cards format (#24428) (#24431)
- Fix incorrect CurrentUser check for docker rootless (#24435)
- Getting the tag list does not require being signed in (#24413) (#24416)

1.19.2 - 2023-04-26

SECURITY
- Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
- Only delete secrets belonging to its owner (#24284) (#24286)
API
- Fix typo in API route (#24310) (#24332)
- Fix access token issue on some public endpoints (#24194) (#24259)
ENHANCEMENTS
- Fix broken clone script on an empty archived repo (#24339) (#24348)
- Fix Monaco IOS keyboard button (#24341) (#24347)
- Don’t set meta theme-color by default (#24340) (#24346)
- Wrap too long push mirror addresses (#21120) (#24334)
- Add --font-weight-bold and set previous bold to 601 (#24307) (#24331)
- Unify nightly naming across binaries and docker images (#24116) (#24308)
- Fix footer display (#24251) (#24269)
- Fix label color, fix divider in dropdown (#24215) (#24244)
- Vertical widths of containers removed (#24184) (#24211)
- Use correct locale key for forks page (#24172) (#24175)
- Sort repo topic labels by name (#24123) (#24153)
- Highlight selected file in the PR file tree (#23947) (#24126)
BUGFIXES
- Fix auth check bug (#24382) (#24387)
- Add tags list for repos whose release setting is disabled (#23465) (#24369)
- Fix wrong error info in RepoRefForAPI (#24344) (#24351)
- Fix no edit/close/delete button in org repo project view page (#24349)
- Respect the REGISTER_MANUAL_CONFIRM setting when registering via OIDC (#24035) (#24333)
- Remove org users who belong to no teams (#24247) (#24313)
- Fix bug when deleting wiki with no code write permission (#24274) (#24295)
- Handle canceled workflow as a warning instead of a fail (#24282) (#24292)
- Load reviewer for comments when dismissing a review (#24281) (#24288)
- Show commit history for closed/merged PRs (#24238) (#24261)
- Fix owner team access mode value in team_unit table (#24224)
- Fix issue attachment handling (#24202) (#24221)
- Fix incorrect CORS default values (#24206) (#24217)
- Fix template error in pull request with deleted head repo (#24192) (#24216)
- Don’t list root repository on compare page if pulls not allowed (#24183) (#24210)
- Fix calReleaseNumCommitsBehind (#24148) (#24197)
- Fix Org edit page bugs: renaming detection, maxlength (#24161) (#24171)
- Update redis library to support redis v7 (#24114) (#24156)
- Use 1.18’s aria role for dropdown menus (#24144) (#24155)
- Fix 2-dot direct compare to use the right base commit (#24133) (#24150)
- Fix incorrect server error content in RunnersList (#24118) (#24121)
- Fix mismatch between hook events and github event types (#24048) (#24091)
BUILD
- Support converting varchar to nvarchar for mssql database (#24105) (#24168)

1.19.1 - 2023-04-12

BREAKING
- Rename actions unit to repo.actions and add docs for it (#23733) (#23881)
ENHANCEMENTS
- Add card type to org/user level project on creation, edit and view (#24043) (#24066)
- Refactor commit status for Actions jobs (#23786) (#24060)
- Show errors for KaTeX and mermaid on the preview tab (#24009) (#24019)
- Show protected branch rule names again (#23907) (#24018)
- Adjust sticky PR header to cover background (#23956) (#23999)
- Discolor pull request tab labels (#23950) (#23987)
- Treat PRs with agit flow as fork PRs when triggering actions. (#23884) (#23967)
- Left-align review comments (#23937)
- Fix image border-radius (#23886) (#23930)
- Scroll collapsed file into view (#23702) (#23929)
- Fix code view (diff) broken layout (#23096) (#23918)
- Org pages style fixes (#23901) (#23914)
- Fix user profile description rendering (#23882) (#23902)
- Fix review box viewport overflow issue (#23800) (#23898)
- Prefill input values in OAuth settings as intended (#23829) (#23871)
- CSS color tweaks (#23828) (#23842)
- Fix incorrect visibility dropdown list in add/edit user page (#23804) (#23833)
- Add CSS rules for basic colored labels (#23774) (#23777)
- Add creation time in tag list page (#23693) (#23773)
- Fix br display for packages curls (#23737) (#23764)
- Fix issue due date edit toggle bug (#23723) (#23758)
- Improve commit graph page UI alignment (#23751) (#23754)
- Use GitHub Actions compatible globbing for branches, tag, path filter (#22804) (#23740)
- Redirect to project again after editing it (#23326) (#23739)
- Remove row clicking from notification table (#22695) (#23706)
- Remove conflicting CSS rules on notifications, improve notifications table (#23565) (#23621)
- Fix diff tree height and adjust target file style (#23616)
BUGFIXES
- Improve error logging for LFS (#24072) (#24082)
- Fix custom mailer template on Windows platform (#24081)
- Update the value of diffEnd when clicking the Show More button in the DiffFileTree (#24069) (#24078)
- Make label templates have consistent behavior and priority (#23749)
- Fix accidental overwriting of LDAP team memberships (#24050) (#24065)
- Fix branch protection priority (#24045) (#24061)
- Use actions job link as commit status URL instead of run link (#24023) (#24032)
- Add actions support to package auth verification (#23729) (#24028)
- Fix protected branch for API (#24013) (#24027)
- Do not escape space between PyPI repository URL and package name… (#23981) (#24008)
- Fix redirect bug when creating issue from a project (#23971) (#23997)
- Set ref to fully-formed of the tag when trigger event is release (#23944) (#23989)
- Use Get/Set instead of Rename when regenerating session ID (#23975) (#23983)
- Ensure RSS icon is present on all repo tabs (#23904) (#23973)
- Remove Repository.getFilesChanged to fix Actions paths and paths-ignore filter (#23920) (#23969)
- Delete deleted release attachments immediately from storage (#23913) (#23958)
- Use ghost user if package creator does not exist (#23822) (#23915)
- User/Org Feed render description as per web (#23887) (#23906)
- Fix cases.Title crash for concurrency (#23885) (#23903)
- Convert .Source.SkipVerify to $cfg.SkipVerify (#23839) (#23899)
- Support “.” char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path … (#23874) (#23878)
- Fix JS error when changing PR’s target branch (#23862) (#23864)
- Fix 500 error if there is a name conflict when editing authentication source (#23832) (#23852)
- Fix closed PR also triggers Webhooks and actions (#23782) (#23834)
- Fix checks for needs in Actions (#23789) (#23831)
- Fix “Updating branch by merge” bug in “update_branch_by_merge.tmpl” (#23790) (#23825)
- Fix cancel button in the page of project edit not work (#23655) (#23813)
- Don’t apply the group filter when listing LDAP group membership if it is empty (#23745) (#23788)
- Fix profile page email display, respect settings (#23747) (#23756)
- Fix project card preview select and template select (#23684) (#23731)
- Check LFS/Packages settings in dump and doctor command (#23631) (#23730)
- Add git dashes separator to some “log” and “diff” commands (#23606) (#23720)
- Create commit status when event is pull_request_sync (#23683) (#23691)
- Fix incorrect HookEventType of pull request review comments (#23650) (#23678)
- Fix incorrect show-modal and show-panel class (#23660) (#23663)
- Improve workflow event triggers (#23613) (#23648)
- Introduce path Clean/Join helper functions, partially backport&refactor (#23495) (#23607)
- Fix pagination on /notifications/watching (#23564) (#23603)
- Fix submodule is nil panic (#23588) (#23601)
- Polyfill the window.customElements (#23592) (#23595)
- Avoid too long names for actions (#23162) (#23190)
TRANSLATION
- Backport locales (with manual fixes) (#23808, #23634, #24083)
BUILD
- Hardcode the path to docker images (#23955) (#23968)
DOCS
- Update documentation to explain which projects allow Gitea to host static pages (#23993) (#24058)
- Merge push to create, open PR from push, and push options docs articles into one (#23744) (#23959)
- Fix code blocks in the cheat sheet (#23664) (#23669)
MISC
- Do not crash when parsing an invalid workflow file (#23972) (#23976)
- Remove assertion debug code for show/hide refactoring (#23576) (#23868)
- Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766) (#23791)
- Make minio package support legacy MD5 checksum (#23768) (#23770)
- Improve template error reporting (#23396) (#23600)

1.19.0 - 2023-03-19

BREAKING
- Add loading yaml label template files (#22976) (#23232)
- Make issue and code search support camel case for Bleve (#22829)
- Repositories: by default disable all units except code and pulls on forks (#22541)
- Support template for merge message description (#22248)
- Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
- Implement actions (#21937)
- Remove deprecated DSA host key from Docker Container (#21522)
- Improve valid user name check (#20136)
SECURITY
- Return 404 instead of 403 if user can not access the repo (#23155) (#23158)
- Support scoped access tokens (#20908)
FEATURES
- Add support for commit cross references (#22645)
- Scoped labels (#22585)
- Add Chef package registry (#22554)
- Support asciicast files as new markup (#22448)
- cgo cross-compile for freebsd (#22397)
- Add cron method to gc LFS MetaObjects (#22385)
- Add new captcha: cloudflare turnstile (#22369)
- Enable @<user>- completion popup on the release description textarea (#22359)
- make /{username}.png redirect to user/org avatar (#22356)
- Add Conda package registry (#22262)
- Support org/user level projects (#22235)
- Add Mermaid copy button (#22225)
- Add user secrets (#22191)
- Secrets storage with SecretKey encrypted (#22142)
- Preview images for Issue cards in Project Board view (#22112)
- Add support for incoming emails (#22056)
- Add Cargo package registry (#21888)
- Add option to prohibit fork if user reached maximum limit of repositories (#21848)
- Add attention blocks within quote blocks for Note and Warning (#21711)
- Add Feed for Releases and Tags (#21696)
- Add package registry cleanup rules (#21658)
- Add “Copy” button to file view of raw text (#21629)
- Allow disable sitemap (#21617)
- Add package registry quota limits (#21584)
- Map OIDC groups to Orgs/Teams (#21441)
- Keep languages defined in .gitattributes (#21403)
- Add Webhook authorization header (#20926)
- Supports wildcard protected branch (#20825)
- Copy citation file content, in APA and BibTex format, on repo home page (#19999)
API
- Match api migration behavior to web behavior (#23552) (#23573)
- Purge API comment (#23451) (#23452)
- User creation API: allow custom “created” timestamps (#22549)
- Add updated_at field to PullReview API object (#21812)
- Add API management for issue/pull and comment attachments (#21783)
- Add API endpoint to get latest release (#21267)
- Support system hook API (#14537)
ENHANCEMENTS
- Add .patch to attachment.ALLOWED_TYPES (#23580) (#23582)
- Fix sticky header in diff view (#23554) (#23568)
- Refactor merge/update git command calls (#23366) (#23544)
- Fix review comment context menu clipped bug (#23523) (#23543)
- Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) (#23513) (#23540)
- Increase horizontal page padding (#23507) (#23537)
- Use octicon-verified for gpg signatures (#23529) (#23536)
- Make time tooltips interactive (#23526) (#23527)
- Replace Less with CSS (#23508)
- Fix ‘View File’ button in code search (#23478) (#23483)
- Convert GitHub event on actions and fix some pull_request events. (#23037) (#23471)
- Support reflogs (#22451) (#23438)
- Fix actions frontend bugs (pagination, long name alignment) and small simplify (#23370) (#23436)
- Scoped label display and documentation tweaks (#23430) (#23433)
- Add missing tabs to org projects page (#22705) (#23412)
- Fix and move “Use this template” button (#23398) (#23408)
- Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397) (#23403)
- Rename canWriteUnit to canWriteProjects (#23386) (#23399)
- Refactor and tidy-up the merge/update branch code (#22568) (#23365)
- Refactor setting.Database.UseXXX to methods (#23354) (#23356)
- Fix incorrect project links and use symlink icon for org-wide projects (#23325) (#23336)
- Fix PR view misalignment caused by long name file (#23321) (#23335)
- Scoped labels: don’t require holding alt key to remove (#23303) (#23331)
- Add context when rendering labels or emojis (#23281) (#23319)
- Change interactiveBorder to fix popup preview (#23169) (#23314)
- Scoped labels: set aria-disabled on muted Exclusive option for a11y (#23306) (#23311)
- update to mermaid v10 (#23178) (#23299)
- Fix code wrap for unbroken lines (#23268) (#23293)
- Use async await to fix empty quote reply at first time (#23168) (#23256)
- Fix switched citation format (#23250) (#23253)
- Allow <video> in MarkDown (#22892) (#23236)
- Order pull request conflict checking by recently updated, for each push (#23220) (#23225)
- Fix Fomantic UI’s touchstart fastclick, always use click for click events (#23065) (#23195)
- Add word-break to sidebar-item-link (#23146) (#23180)
- Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177)
- Fix height for sticky head on large screen on PR page (#23111) (#23123)
- Change style to improve whitespaces trimming inside inline markdown code (#23093) (#23120)
- Avoid warning for system setting when start up (#23054) (#23116)
- Add accessibility to the menu on the navbar (#23059) (#23095)
- Improve accessibility for issue comments (#22612) (#23083)
- Remove delete button for review comment (#23036)
- Remove dashes between organization member avatars on hover (#23034)
- Use gt-relative class instead of the ambiguous gt-pr class (#23008)
- handle deprecated settings (#22992)
- Add scopes to API to create token and display them (#22989)
- Improve PR Review Box UI (#22986)
- Improve issues.LoadProject (#22982)
- Add all units to the units permission list in org team members sidebar (#22971)
- Rename GetUnits to LoadUnits (#22970)
- Rename repo.GetOwner to repo.LoadOwner (#22967)
- Rename “People” to “Members” in organization page and use a better icon (#22960)
- Fix avatar misalignment (#22955)
- Sort issues and pulls by recently updated in user and organization home (#22925)
- Add title to PR file tree items (#22918)
- First step to refactor the .hide to .gt-hidden (#22916)
- Add tooltip to issue reference (#22913)
- Always show the command line instructions button even if there are conflicts (#22909)
- Fix dark-colored description text in arc-green theme (#22908)
- Remove Fomantic-UI’s .hidden CSS class for menu elements (#22895)
- Move helpers to be prefixed with gt- (#22879)
- Move IsReadmeFile* from modules/markup/ to modules/util (#22877)
- Highlight focused diff file (#22870)
- Add some headings to repo views (#22869)
- Fix milestone title font problem (#22863)
- Pull Requests: setting to allow edits by maintainers by default, tweak UI (#22862)
- Introduce customized HTML elements, fix incorrect AppUrl usages in templates (#22861)
- Add /$count endpoints for NuGet v2 (#22855)
- Remove Fomantic-UI’s .hidden CSS class for checkbox elements (#22851)
- Fix notification and stopwatch empty states (#22845)
- Always go full width in PR view (#22844)
- Improve AppUrl/ROOT_URL checking (#22836)
- Fix style of actions rerun button (#22835)
- Fix more HTMLURL in templates (#22831)
- Fix inconsistent Filter Project name in issue list (#22827)
- include build info in Prometheus metrics (#22819)
- Make clone URL use current page’s host (#22808)
- Refactor legacy strange git operations (#22756)
- Improve error report when user passes a private key (#22726)
- set user dashboard org visibility to basic (#22706)
- Fix diff UI for unexpandable items (#22700)
- Remove ‘primary’ class from tab counter labels (#22687)
- Add more events details supports for actions (#22680)
- Refactor git command package to improve security and maintainability (#22678)
- Use relative url in actions view (#22675)
- set user visibility class to basic (#22674)
- Add repository setting to enable/disable releases unit (#22671)
- Remove label color from global issue filters (#22660)
- Fix poor alignment of organization description on organization home page (#22656)
- Small refactor for loading PRs (#22652)
- Allow setting access token scope by CLI (#22648)
- Improve accessibility of navigation bar and footer (#22635)
- Fixes accessibility behavior of Watching, Staring and Fork buttons (#22634)
- Fixes accessibility of empty repository commit status (#22632)
- Pull request yaml template support for including commit body in a field (#22629)
- Show migration validation error (#22619)
- set org visibility class to basic in header (#22605)
- Fix cache-control header clearing comment text when editing issue (#22604)
- Add ARIA support for Fomantic UI checkboxes (#22599)
- Add templates to customize text when creating and migrating repositories (#22597)
- Allow setting redirect_to cookie on OAuth login (#22594)
- Improve checkbox accessibility a bit by adding the title attribute (#22593)
- Allow issue templates to not render title (#22589)
- Webhooks: for issue close/reopen action, add commit ID that caused it (#22583)
- Fix missing title and filter in issue sidebar project menu (#22557)
- Issues: support setting issue template field values with query (#22545)
- Issues: add Project filter to issues list and search (#22544)
- Pull Requests: add color to approved/reject icon in pull requests list (#22543)
- Mute all links in issue timeline (#22533)
- Dropzone: Add “Copy link” button for new uploads (#22517)
- Support importing comment types (#22510)
- Load asciicast css async (#22502)
- Move delete user to service (#22478)
- Change use of Walk to WalkDir to improve disk performance (#22462)
- Add reply hint to mail text (#22459)
- fix wrong theme class when logged out if default theme is changed (#22408)
- Refactor the setting to make unit test easier (#22405)
- Improve utils of slices (#22379)
- Use context parameter in models/git (#22367)
- Always reuse transaction (#22362)
- Fix unstable emoji sort (#22346)
- Add context cache as a request level cache (#22294)
- Reminder for no more logs to console (#22282)
- Support estimated count with multiple schemas (#22276)
- Move convert package to services (#22264)
- Use dynamic package type list (#22263)
- Hide file borders on sticky diff box (#22217)
- Improve notification and stopwatch styles (#22169)
- Fixed Project view .board-column height for tall screens. (#22108)
- Use multi reader instead to concat strings (#22099)
- Use git command instead of exec.Cmd in blame (#22098)
- Fix autofilled text visibility in dark mode (#22088)
- Rename almost all Ctx functions (#22071)
- Rename actions to operations on UI (#22067)
- refactor bind functions based on generics (#22055)
- Support disabling database auto migration (#22053)
- remove duplicated read file code (#22042)
- Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986)
- Skip initing disabled storages (#21985)
- Add doctor command for full GC of LFS (#21978)
- Util type to parse ref name (#21969)
- Replace fmt.Sprintf with hex.EncodeToString (#21960)
- Use random bytes to generate access token (#21959)
- Add index for access_token (#21908)
- Move all remaining colors into CSS variables (#21903)
- Webhook list enhancements (#21893)
- Embed Matrix icon as SVG (#21890)
- Remove useless “Cancel” buttons (#21872)
- fix(web): keep the pages of the navigation in the center (#21867)
- fix(web): reduce page jitter on browsers that support overlay scrollbar (#21850)
- Improvements for Content Copy (#21842)
- Tweak katex options (#21828)
- Show syntax lexer name in file view/blame (#21814)
- Remove href="javascript:;" in “save topics (Done)” button (#21813)
- Render number of commits in repo page in a user friendly way (#21786)
- Adjust clone timeout error to suggest increasing timeout (#21769)
- Update message of reach_limit_of_creation (#21757)
- Allow detect whether it’s in a database transaction for a context.Context (#21756)
- Add configuration for CORS allowed headers (#21747)
- Move svg html render to modules/svg (#21716)
- Release and Tag List tweaks (#21712)
- Remove template previewer (#21701)
- Clean up formatting on install page (#21668)
- Configure update checker on installation page (#21655)
- Merge db.Iterate and IterateObjects (#21641)
- Add option to enable CAPTCHA validation for login (#21638)
- Allow disable RSS/Atom feed (#21622)
- Use CSS color-scheme instead of invert (#21616)
- Localize time units on activity heatmap (#21570)
- Fix UI column width, button overflow Fomantic’s grid (#21559)
- feat: notify doers of a merge when automerging (#21553)
- Split migrations folder (#21549)
- feat: add button to quickly clear merge message (#21548)
- Add context.Context to more methods (#21546)
- Add index for hook_task table (#21545)
- Allow disable code tab (#20805)
BUGFIXES
- Fix template error when reference Project (#23584)
- Fix dropdown icon misalignment when using fomantic icon (#23558) (#23577)
- Fix diff detail buttons wrapping, use tippy for review box (#23271) (#23546)
- Handle missing README in create repos API (#23387) (#23510)
- Disable sending email after push a commit to a closed PR (#23462) (#23492)
- Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem (#23450) (#23486)
- Fix due date being wrong on issue list (#23475) (#23477)
- Remove wrongly added column on migration test fixtures (#23456) (#23470)
- Make branches list page operations remember current page (#23420) (#23460)
- Fix missing commit status in PR which from forked repo (#23351) (#23453)
- Show edit/close/delete button on organization wide repositories (#23388) (#23429)
- Preserve file size when creating attachments (#23406) (#23426)
- Fix broken Chroma CSS styles (#23174) (#23402)
- Fix incorrect NotFound conditions in org/projects.go (#23384) (#23395)
- Set X-Gitea-Debug header once (#23361) (#23381)
- Pass context to avatar for projects view (#23359) (#23378)
- Fix panic when getting notes by ref (#23372) (#23377)
- Do not recognize text files as audio (#23355) (#23368)
- Fix adding of empty class name (#23352) (#23360)
- Fix various ImageDiff/SVG bugs (#23312) (#23358)
- Fix incorrect display for comment context menu (#23343) (#23344)
- Remove unnecessary space on link (#23334) (#23340)
- Fix incorrect redirect link of delete org project (#23327) (#23339)
- Fix cannot reopen after pushing commits to a closed PR (#23189) (#23324)
- Fix broken code editor diff preview (#23307) (#23320)
- Support sanitising the URL by removing extra slashes in the URL (#21333) (#23300)
- Avoid panic caused by broken payload when creating commit status (#23216) (#23294)
- Fill head commit to in payload when notifying push commits for mirroring (#23215) (#23292)
- Fix various bugs for “install” page (#23194) (#23286)
- Fix GetFilesChangedBetween if the file name may be escaped (#23272) (#23279)
- Revert relative links to absolute links in mail templates (#23267) (#23269)
- Fix commit retrieval by tag (#21804) (#23266)
- Use correct README link to render the README (#23152) (#23264)
- Close the temp file when dumping database to make the temp file can be deleted on Windows (#23249) (#23251)
- Use the correct selector to hide the checkmark of selected labels on clear (#23224) (#23228)
- Fix incorrect checkbox behaviors in the dashboard repolist’s filter (#23147) (#23205)
- Properly flush unique queues on startup (#23154) (#23201)
- Pass --global when calling git config --get, for consistency with git config --set (#23157) (#23199)
- Make gitea serv respect git binary home (#23138) (#23197)
- Change button text for commenting and closing an issue at the same time (#23135) (#23182)
- Fix DBConsistency checks on MSSQL (#23132) (#23134)
- Show empty repos in Admin Repository Management page (#23114) (#23130)
- Redirect to the commit page after applying patch (#23056) (#23127)
- Fix nil context in RenderMarkdownToHtml (#23092) (#23108)
- Make issue meta dropdown support Enter, confirm before reloading (#23014) (#23102)
- Fix SyncOnCommit always return false in API of push_mirrors (#23088) (#23100)
- Fix commit name in Apply Patch page (#23086) (#23099)
- Fix some more hidden problems (#23074) (#23075)
- Bump golang.org/x/net from 0.4.0 to 0.7.0 (#22980)
- Get rules by id when editing branch protection rule (#22932)
- Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) (#22921)
- Increase Content field size of gpg_import_key to MEDIUMTEXT (#22897)
- Fix hidden commit status on multiple checks (#22889)
- Fix update by rebase being wrongly disabled by protected base branch (#22825)
- Make issue title edit buttons focusable and fix incorrect ajax requests (#22807)
- Fix rerun button of Actions (#22798)
- remove update language in ProfilePost (#22748)
- Do not overwrite empty DefaultBranch (#22708)
- Fix ref to trigger Actions (#22679)
- Fix time to NotifyPullRequestSynchronized (#22650)
- Show all projects, not just repo projects and open/closed projects (#22640)
- Project links should use parent link methods (#22587)
- Fix group filter for ldap source sync (#22506)
- Check quota limits for container uploads (#22450)
- Fix halfCommitter and WithTx (#22366)
- Attempt to fix TestExportUserGPGKeys (#22159)
- Fix heatmap first color being unused (#22157)
- Fix scroll over mermaid frame (#21925)
- Move migration test fixtures to the correct directories (#21901)
- fix(web): add alt for logo in home page (#21887)
- Fix webhook attachment text is not set in review comment (#21763)
- Alter package_version.metadata_json to LONGTEXT (#21667)
- Ensure that Webhook tasks are not double delivered (#21558)
TESTING
- Make CI use a dummy password hasher for all tests (#22983)
- Disable test for incoming email (#22686)
- Move fuzz tests into tests/fuzz (#22376)
- Test views of LFS files (#22196)
- Specify ID in TestAPITeam (#22192)
- verify nodeinfo response by schema (#22137)
- Skip GitHub migration tests if the API token is undefined (#21824)
- Add a simple test for external renderer (#20033)
TRANSLATION
- Use “Title Case” for text “Reference in new issue” (#22936)
BUILD
- Wrap unless-check in docker manifests (#23079) (#23081)
- Adjust manifest to prevent tagging latest on rcs (#22811)
- update to build with go1.20 (#22732)
- Add Bash and Zsh completion scripts (#22646)
- Add Contributed backport command (#22643)
- Remove deprecated packages & staticcheck fixes (#22012)
- Update to Alpine 3.17 (#21904)
- Fix webpack license warning (#21815)
DOCS
- Update documentation for the new YAML label file format (#23020) (#23341)
- Update hacking-on-gitea-zh_cn documentation (#23315) (#23323)
- Add basic documentation for labels, including scoped labels (#23304) (#23309)
- Re-add accidentally removed hacking-on-gitea.zh-cn.md (#23297) (#23305)
- Fix secrets overview page missing from docs sidebar (#23143) (#23145)
- Add some guidelines for refactoring (#22880)
- Explain that the no-access team unit does not affect public repositories (#22661)
- Fix incorrect Redis URL snippets in the example app.ini (#22573)
- docs: add swagger.json file location to FAQ (#22489)
- Update index.de-de.md (#22363)
- Update Gmail mailer configuration (#22291)
- Add missed reverse proxy authentication documentation (#22250)
- Add plural definitions for German translations (#21802)
- Attempt clarify AppWorkPath etc. (#21656)
- Add some documentation to packages (#21648)
MISC
- Use <nav> instead of <div> in the global navbar (#23125) (#23533)
- Do not create commit graph for temporary repos (#23219) (#23229)
- Update button is shown when a Pull Request is marked WIP - Issue #21740 (#22683)
- Add main landmark to templates and adjust titles (#22670)
- Fix error on account activation with wrong passwd (#22609)
- Update JS dependencies (#22538)
- Display unreferenced packages total size in package admin panel (#22498)
- Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. (#22152)
- Update chroma to v2.4.0 (#22000)
- Hide collapse icon in diff with no lines (#21094)

1.18.5 - 2023-02-21

ENHANCEMENTS
- Hide 2FA status from other members in organization members list (#22999) (#23023)
BUGFIXES
- Add force_merge to merge request and fix checking mergable (#23010) (#23032)
- Use --message=%s for git commit message (#23028) (#23029)
- Render access log template as text instead of HTML (#23013) (#23025)
- Fix the Manually Merged form (#23015) (#23017)
- Use beforeCommit instead of baseCommit (#22949) (#22996)
- Display attachments of review comment when comment content is blank (#23035) (#23046)
- Return empty url for submodule tree entries (#23043) (#23048)

1.18.4 - 2023-02-20

SECURITY
- Provide the ability to set password hash algorithm parameters (#22942) (#22943)
- Add command to bulk set must-change-password (#22823) (#22928)
ENHANCEMENTS
- Use import of OCI structs (#22765) (#22805)
- Fix color of tertiary button on dark theme (#22739) (#22744)
- Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642)
BUGFIXES
- Notify on container image create (#22806) (#22965)
- Fix blame view missing lines (#22826) (#22929)
- Fix incorrect role labels for migrated issues and comments (#22914) (#22923)
- Fix PR file tree folders no longer collapsing (#22864) (#22872)
- Escape filename when assemble URL (#22850) (#22871)
- Fix isAllowed of escapeStreamer (#22814) (#22837)
- Load issue before accessing index in merge message (#22822) (#22830)
- Improve trace logging for pulls and processes (#22633) (#22812)
- Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794)
- Add default user visibility to cli command “admin user create” (#22750) (#22760)
- Escape path for the file list (#22741) (#22757)
- Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721)
- Add missing close bracket in imagediff (#22710) (#22712)
- Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707)
- Fix line spacing for plaintext previews (#22699) (#22701)
- Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698)
- Fix README TOC links (#22577) (#22677)
- Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658)
- Improve checkIfPRContentChanged (#22611) (#22644)
- Prevent duplicate labels when importing more than 99 (#22591) (#22598)
- Don’t return duplicated users who can create org repo (#22560) (#22562)
BUILD
- Upgrade golangcilint to v1.51.0 (#22764)
MISC
- Use proxy for pull mirror (#22771) (#22772)
- Use --index-url in PyPi description (#22620) (#22636)

1.18.3 - 2023-01-23

SECURITY
- Prevent multiple To recipients (#22566) (#22569)
BUGFIXES
- Truncate commit summary on repo files table. (#22551) (#22552)
- Mute all links in issue timeline (#22534)

1.18.2 - 2023-01-19

BUGFIXES
- Fix issue not auto-closing when it includes a reference to a branch (#22514) (#22521)
- Fix invalid issue branch reference if not specified in template (#22513) (#22520)
- Fix 500 error viewing pull request when fork has pull requests disabled (#22512) (#22515)
- Reliable selection of admin user (#22509) (#22511)
- Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479) (#22496)
BUILD
- cgo cross-compile for freebsd (#22397) (#22519)

1.18.1 - 2023-01-17

API
- Add sync_on_commit option for push mirrors api (#22271) (#22292)
BUGFIXES
- Update github.com/zeripath/zapx/v15 (#22485)
- Fix pull request API field closed_at always being null (#22482) (#22483)
- Fix container blob mount (#22226) (#22476)
- Fix error when calculating repository size (#22392) (#22474)
- Fix Operator does not exist bug on explore page with ONLY_SHOW_RELEVANT_REPOS (#22454) (#22472)
- Fix environments for KaTeX and error reporting (#22453) (#22473)
- Remove the netgo tag for Windows build (#22467) (#22468)
- Fix migration from GitBucket (#22477) (#22465)
- Prevent panic on looking at api “git” endpoints for empty repos (#22457) (#22458)
- Fix PR status layout on mobile (#21547) (#22441)
- Fix wechatwork webhook sends empty content in PR review (#21762) (#22440)
- Remove duplicate “Actions” label in mobile view (#21974) (#22439)
- Fix leaving organization bug on user settings -> orgs (#21983) (#22438)
- Fixed colour transparency regex matching in project board sorting (#22092) (#22437)
- Correctly handle select on multiple channels in Queues (#22146) (#22428)
- Prepend refs/heads/ to issue template refs (#20461) (#22427)
- Restore function to “Show more” buttons (#22399) (#22426)
- Continue GCing other repos on error in one repo (#22422) (#22425)
- Allow HOST has no port (#22280) (#22409)
- Fix omit avatar_url in discord payload when empty (#22393) (#22394)
- Don’t display stop watch top bar icon when disabled and hidden when click other place (#22374) (#22387)
- Don’t lookup mail server when using sendmail (#22300) (#22383)
- Fix gravatar disable bug (#22337)
- Fix update settings table on install (#22326) (#22327)
- Fix sitemap (#22272) (#22320)
- Fix code search title translation (#22285) (#22316)
- Fix due date rendering the wrong date in issue (#22302) (#22306)
- Fix get system setting bug when enabled redis cache (#22298)
- Fix bug of DisableGravatar default value (#22297)
- Fix key signature error page (#22229) (#22230)
TESTING
- Remove test session cache to reduce possible concurrent problem (#22199) (#22429)
MISC
- Restore previous official review when an official review is deleted (#22449) (#22460)
- Log STDERR of external renderer when it fails (#22442) (#22444)

1.18.0 - 2022-12-29

SECURITY
- Remove ReverseProxy authentication from the API (#22219) (#22251)
- Support Go Vulnerability Management (#21139)
- Forbid HTML string tooltips (#20935)
BREAKING
- Rework mailer settings (#18982)
- Remove U2F support (#20141)
- Refactor i18n to locale (#20153)
- Enable contenthash in filename for dynamic assets (#20813)
FEATURES
- Add color previews in markdown (#21474)
- Allow package version sorting (#21453)
- Add support for Chocolatey/NuGet v2 API (#21393)
- Add API endpoint to get changed files of a PR (#21177)
- Add filetree on left of diff view (#21012)
- Support Issue forms and PR forms (#20987)
- Add support for Vagrant packages (#20930)
- Add support for npm unpublish (#20688)
- Add badge capabilities to users (#20607)
- Add issue filter for Author (#20578)
- Add KaTeX rendering to Markdown. (#20571)
- Add support for Pub packages (#20560)
- Support localized README (#20508)
- Add support mCaptcha as captcha provider (#20458)
- Add team member invite by email (#20307)
- Added email notification option to receive all own messages (#20179)
- Switch Unicode Escaping to a VSCode-like system (#19990)
- Add user/organization code search (#19977)
- Only show relevant repositories on explore page (#19361)
- User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
- Add sitemap support (#18407)
- Allow creation of OAuth2 applications for orgs (#18084)
- Add system setting table with cache and also add cache supports for user setting (#18058)
- Add pages to view watched repos and subscribed issues/PRs (#17156)
- Support Proxy protocol (#12527)
- Implement sync push mirror on commit (#19411)
API
- Allow empty assignees on pull request edit (#22150) (#22214)
- Make external issue tracker regexp configurable via API (#21338)
- Add name field for org api (#21270)
- Show teams with no members if user is admin (#21204)
- Add latest commit’s SHA to content response (#20398)
- Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079)
- Add new endpoints for push mirrors management (#19841)
ENHANCEMENTS
- Add setting to disable the git apply step in test patch (#22130) (#22170)
- Multiple improvements for comment edit diff (#21990) (#22007)
- Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21928)
- Fix flex layout for repo list icons (#21896) (#21920)
- Fix vertical align of committer avatar rendered by email address (#21884) (#21918)
- Fix setting HTTP headers after write (#21833) (#21877)
- Color and Style enhancements (#21784, #21799) (#21868)
- Ignore line anchor links with leading zeroes (#21728) (#21776)
- Quick fixes monaco-editor error: “vs.editor.nullLanguage” (#21734) (#21738)
- Use CSS color-scheme instead of invert (#21616) (#21623)
- Respect user’s locale when rendering the date range in the repo activity page (#21410)
- Change commits-table column width (#21564)
- Refactor git command arguments and make all arguments to be safe to be used (#21535)
- CSS color enhancements (#21534)
- Add link to user profile in markdown mention only if user exists (#21533, #21554)
- Add option to skip index dirs (#21501)
- Diff file tree tweaks (#21446)
- Localize all timestamps (#21440)
- Add code highlighting in issue titles (#21432)
- Use Name instead of DisplayName in LFS Lock (#21415)
- Consolidate more CSS colors into variables (#21402)
- Redirect to new repository owner (#21398)
- Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396)
- Use weighted algorithm for string matching when finding files in repo (#21370)
- Show private data in feeds (#21369)
- Refactor parseTreeEntries, speed up tree list (#21368)
- Add GET and DELETE endpoints for Docker blob uploads (#21367)
- Add nicer error handling on template compile errors (#21350)
- Add stat to ToCommit function for speed (#21337)
- Support instance-wide OAuth2 applications (#21335)
- Record OAuth client type at registration (#21316)
- Add new CSS variables --color-accent and --color-small-accent (#21305)
- Improve error descriptions for unauthorized_client (#21292)
- Case-insensitive “find files in repo” (#21269)
- Consolidate more CSS rules, fix inline code on arc-green (#21260)
- Log real ip of requests from ssh (#21216)
- Save files in local storage as group readable (#21198)
- Enable fluid page layout on medium size viewports (#21178)
- File header tweaks (#21175)
- Added missing headers on user packages page (#21172)
- Display image digest for container packages (#21170)
- Skip dirty check for team forms (#21154)
- Keep path when creating a new branch (#21153)
- Remove fomantic image module (#21145)
- Make labels clickable in the comments section. (#21137)
- Sort branches and tags by date descending (#21136)
- Better repo API unit checks (#21130)
- Improve commit status icons (#21124)
- Limit length of repo description and repo url input fields (#21119)
- Show .editorconfig errors in frontend (#21088)
- Allow poster to choose reviewers (#21084)
- Remove black labels and CSS cleanup (#21003)
- Make e-mail sanity check more precise (#20991)
- Use native inputs in whitespace dropdown (#20980)
- Enhance package date display (#20928)
- Display total blob size of a package version (#20927)
- Show language name on hover (#20923)
- Show instructions for all generic package files (#20917)
- Refactor AssertExistsAndLoadBean to use generics (#20797)
- Move the official website link at the footer of gitea (#20777)
- Add support for full name in reverse proxy auth (#20776)
- Remove useless JS operation for relative time tooltips (#20756)
- Replace some icons with SVG (#20741)
- Change commit status icons to SVG (#20736)
- Improve single repo action for issue and pull requests (#20730)
- Allow multiple files in generic packages (#20661)
- Add option to create new issue from /issues page (#20650)
- Background color of private list-items updated (#20630)
- Added search input field to issue filter (#20623)
- Increase default item listing size ISSUE_PAGING_NUM to 20 (#20547)
- Modify milestone search keywords to be case insensitive again (#20513)
- Show hint to link package to repo when viewing empty repo package list (#20504)
- Add Tar ZSTD support (#20493)
- Make code review checkboxes clickable (#20481)
- Add “X-Gitea-Object-Type” header for GET /raw/ & /media/ API (#20438)
- Display project in issue list (#20434)
- Prepend commit message to template content when opening a new PR (#20429)
- Replace fomantic popup module with tippy.js (#20428)
- Allow to specify colors for text in markup (#20363)
- Allow access to the Public Organization Member lists with minimal permissions (#20330)
- Use default values when provided values are empty (#20318)
- Vertical align navbar avatar at middle (#20302)
- Delete cancel button in repo creation page (#21381)
- Include login_name in adminCreateUser response (#20283)
- fix: icon margin in user/settings/repos (#20281)
- Remove blue text on migrate page (#20273)
- Modify milestone search keywords to be case insensitive (#20266)
- Move some files into models’ sub packages (#20262)
- Add tooltip to repo icons in explore page (#20241)
- Remove deprecated licenses (#20222)
- Webhook for Wiki changes (#20219)
- Share HTML template renderers and create a watcher framework (#20218)
- Allow enable LDAP source and disable user sync via CLI (#20206)
- Adds a checkbox to select all issues/PRs (#20177)
- Refactor i18n to locale (#20153)
- Disable status checks in template if none found (#20088)
- Allow manager logging to set SQL (#20064)
- Add order by for assignee no sort issue (#20053)
- Take a stab at porting existing components to Vue3 (#20044)
- Add doctor command to write commit-graphs (#20007)
- Add support for authentication based on reverse proxy email (#19949)
- Enable spellcheck for EasyMDE, use contenteditable mode (#19776)
- Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
- Rework mailer settings (#18982)
- Add option to purge users (#18064)
- Add author search input (#21246)
- Make rss/atom identifier globally unique (#21550)
BUGFIXES
- Auth interface return error when verify failure (#22119) (#22259)
- Use complete SHA to create and query commit status (#22244) (#22257)
- Update bleve and zapx to fix unaligned atomic (#22031) (#22218)
- Prevent panic in doctor command when running default checks (#21791) (#21807)
- Load GitRepo in API before deleting issue (#21720) (#21796)
- Ignore line anchor links with leading zeroes (#21728) (#21776)
- Set last login when activating account (#21731) (#21755)
- Fix UI language switching bug (#21597) (#21749)
- Quick fixes monaco-editor error: “vs.editor.nullLanguage” (#21734) (#21738)
- Allow local package identifiers for PyPI packages (#21690) (#21727)
- Deal with markdown template without metadata (#21639) (#21654)
- Fix opaque background on mermaid diagrams (#21642) (#21652)
- Fix repository adoption on Windows (#21646) (#21650)
- Sync git hooks when config file path changed (#21619) (#21626)
- Fix 500 on PR files API (#21602) (#21607)
- Fix Timestamp.IsZero (#21593) (#21603)
- Fix viewing user subscriptions (#21482)
- Fix mermaid-related bugs (#21431)
- Fix branch dropdown shifting on page load (#21428)
- Fix default theme-auto selector when nologin (#21346)
- Fix and improve incorrect error messages (#21342)
- Fix formatted link for PR review notifications to matrix (#21319)
- Center-aligning content of WebAuthN page (#21127)
- Remove follow from commits by file (#20765)
- Fix commit status popup (#20737)
- Fix init mail render logic (#20704)
- Use correct page size for link header pagination (#20546)
- Preserve unix socket file (#20499)
- Use tippy.js for context popup (#20393)
- Add missing parameter for error in log message (#20144)
- Do not allow organisation owners add themselves as collaborator (#20043)
- Rework file highlight rendering and fix yaml copy-paste (#19967)
- Improve code diff highlight, fix incorrect rendered diff result (#19958)
TESTING
- Improve OAuth integration tests (#21390)
- Add playwright tests (#20123)
BUILD
- Switch to building with go1.19 (#20695)
- Update JS dependencies, adjust eslint (#20659)
- Add more linters to improve code readability (#19989)

1.17.4 - 2022-12-21

SECURITY
- Do not allow Ghost access to limited visible user/org (#21849) (#21875)
- Fix package access for admins and inactive users (#21580) (#21592)
ENHANCEMENTS
- Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21927)
- Fix vertical align of committer avatar rendered by email address (#21884) (#21919)
- Fix setting HTTP headers after write (#21833) (#21874)
- Ignore line anchor links with leading zeroes (#21728) (#21777)
- Enable Monaco automaticLayout (#21516)
BUGFIXES
- Do not list active repositories as unadopted (#22034) (#22167)
- Correctly handle moved files in apply patch (#22118) (#22136)
- Fix condition for is_internal (#22095) (#22131)
- Fix permission check on issue/pull lock (#22114)
- Fix sorting admin user list by last login (#22081) (#22106)
- Workaround for container registry push/pull errors (#21862) (#22069)
- Fix issue/PR numbers (#22037) (#22045)
- Handle empty author names (#21902) (#22028)
- Fix ListBranches to handle empty case (#21921) (#22025)
- Fix enabling partial clones on 1.17 (#21809)
- Prevent panic in doctor command when running default checks (#21791) (#21808)
- Upgrade golang.org/x/crypto (#21792) (#21794)
- Init git module before database migration (#21764) (#21766)
- Set last login when activating account (#21731) (#21754)
- Add HEAD fix to gitea doctor (#21352) (#21751)
- Fix UI language switching bug (#21597) (#21748)
- Remove semver compatible flag and change pypi to an array of test cases (#21708) (#21729)
- Allow local package identifiers for PyPI packages (#21690) (#21726)
- Fix repository adoption on Windows (#21646) (#21651)
- Sync git hooks when config file path changed (#21619) (#21625)
- Added check for disabled Packages (#21540) (#21614)
- Fix Timestamp.IsZero (#21593) (#21604)
- Fix issues count bug (#21600)
- Support binary deploy in npm packages (#21589)
- Update milestone counters when issue is deleted (#21459) (#21586)
- SessionUser protection against nil pointer dereference (#21581)
- Case-insensitive NuGet symbol file GUID (#21409) (#21575)
- Suppress ExternalLoginUserNotExist error (#21504) (#21572)
- Prevent Authorization header for presigned LFS urls (#21531) (#21569)
- Update binding to fix bugs (#21560)
- Fix generating compare link (#21519) (#21530)
- Ignore error when retrieving changed PR review files (#21487) (#21524)
- Fix incorrect notification commit url (#21479) (#21483)
- Display total commit count in hook message (#21400) (#21481)
- Enforce grouped NuGet search results (#21442) (#21480)
- Return 404 when user is not found on avatar (#21476) (#21477)
- Normalize NuGet package version on upload (#22186) (#22201)
MISC
- Check for zero time instant in TimeStamp.IsZero() (#22171) (#22173)
- Fix warn in database structs sync (#22111)
- Allow for resolution of NPM registry paths that match upstream (#21568) (#21723)

1.17.3 - 2022-10-15

SECURITY
- Sanitize and Escape refs in git backend (#21464) (#21463)
- Bump golang.org/x/text (#21412) (#21413)
- Update bluemonday (#21281) (#21287)
ENHANCEMENTS
- Fix empty container layer history and UI (#21251) (#21278)
- Use en-US as fallback when using other default language (#21200) (#21256)
- Make the vscode clone link respect transport protocol (#20557) (#21128)
BUGFIXES
- Do DB update after merge in hammer context (#21401) (#21416)
- Add Num{Issues,Pulls} stats checks (#21404) (#21414)
- Stop logging CheckPath returns error: context canceled (#21064) (#21405)
- Parse OAuth Authorization header when request omits client secret (#21351) (#21374)
- Ignore port for loopback redirect URIs (#21293) (#21373)
- Set SemverCompatible to false for Conan packages (#21275) (#21366)
- Tag list should include draft releases with existing tags (#21263) (#21365)
- Fix linked account translation (#21331) (#21334)
- Make NuGet service index publicly accessible (#21242) (#21277)
- Foreign ID conflicts if ID is 0 for each item (#21271) (#21272)
- Use absolute links in feeds (#21229) (#21265)
- Prevent invalid behavior for file reviewing when loading more files (#21230) (#21234)
- Respect REQUIRE_SIGNIN_VIEW for packages (#20873) (#21232)
- Treat git object mode 40755 as directory (#21195) (#21218)
- Allow uppercase ASCII alphabet in PyPI package names (#21095) (#21217)
- Fix limited user cannot view himself’s profile (#21212)
- Fix template bug of admin monitor (#21209)
- Fix reaction of issues (#21185) (#21196)
- Fix CSV diff for added/deleted files (#21189) (#21193)
- Fix pagination limit parameter problem (#21111)
TESTING
- Fix missing m.Run() in TestMain (#21341)
BUILD
- Use Go 1.19 fmt for Gitea 1.17, sync emoji data (#21239)

1.17.2 - 2022-09-06

SECURITY
- Double check CloneURL is acceptable (#20869) (#20892)
- Add more checks in migration code (#21011) (#21050)
ENHANCEMENTS
- Fix hard-coded timeout and error panic in API archive download endpoint (#20925) (#21051)
- Improve arc-green code theme (#21039) (#21042)
- Enable contenthash in filename for dynamic assets (#20813) (#20932)
- Don’t open new page for ext wiki on same repository (#20725) (#20910)
- Disable doctor logging on panic (#20847) (#20898)
- Remove calls to load Mirrors in user.Dashboard (#20855) (#20897)
- Update codemirror to 5.65.8 (#20875)
- Rework repo buttons (#20602, #20718) (#20719)
BUGFIXES
- Ensure delete user deletes all comments (#21067) (#21068)
- Delete unreferenced packages when deleting a package version (#20977) (#21060)
- Redirect if user does not exist on admin pages (#20981) (#21059)
- Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (#20902) (#21058)
- Fix 500 on time in timeline API (#21052) (#21057)
- Fill the specified ref in webhook test payload (#20961) (#21055)
- Add another index for Action table on postgres (#21033) (#21054)
- Fix broken insecureskipverify handling in redis connection uris (#20967) (#21053)
- Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (#21017) (#21044)
- Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037)
- Fix modified due date message (#20388) (#21032)
- Fix missed sort bug (#21006)
- Fix input.value attr for RequiredClaimName/Value (#20946) (#21001)
- Change review buttons to icons to make space for text (#20934) (#20978)
- Fix download archiver of a commit (#20962) (#20971)
- Return 404 NotFound if requested attachment does not exist (#20886) (#20941)
- Set no-tags in git fetch on compare (#20893) (#20936)
- Allow multiple metadata files for Maven packages (#20674) (#20916)
- Increase Content field size of gpg_key and public_key to MEDIUMTEXT (#20896) (#20911)
- Fix mirror address setting not working (#20850) (#20904)
- Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901)
- Fix panic when an invalid oauth2 name is passed (#20820) (#20900)
- In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it (#20837) (#20899)
- Ensure that graceful start-up is informed of unused SSH listener (#20877) (#20888)
- Pad GPG Key ID with preceding zeroes (#20878) (#20885)
- Fix SQL Query for SearchTeam (#20844) (#20872)
- Fix the mode of custom dir to 0700 in docker-rootless (#20861) (#20867)
- Fix UI mis-align for PR commit history (#20845) (#20859)

1.17.1 - 2022-08-17

SECURITY
- Correctly escape within tribute.js (#20831) (#20832)
ENHANCEMENTS
- Add support for NuGet API keys (#20721) (#20734)
- Display project in issue list (#20583)
- Add disable download source configuration (#20548) (#20579)
- Add username check to doctor (#20140) (#20671)
- Enable Wire 2 for Internal SSH Server (#20616) (#20617)
BUGFIXES
- Use the total issue count for UI (#20785) (#20827)
- Add proxy host into allow list (#20798) (#20819)
- Add missing translation for queue flush workers (#20791) (#20792)
- Improve comment header for mobile (#20781) (#20789)
- Fix git.Init for doctor sub-command (#20782) (#20783)
- Check webhooks slice length before calling xorm (#20642) (#20768)
- Remove manual rollback for failed generated repositories (#20639) (#20762)
- Use correct field name in npm template (#20675) (#20760)
- Keep download count on Container tag overwrite (#20728) (#20735)
- Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707)
- Use request timeout for git service rpc (#20689) (#20693)
- Send correct NuGet status codes (#20647) (#20677)
- Use correct context to get package content (#20673) (#20676)
- Fix the JS error “EventSource is not defined” caused by some non-standard browsers (#20584) (#20663)
- Add default commit messages to PR for squash merge (#20618) (#20645)
- Fix package upload for files >32mb (#20622) (#20635)
- Fix the new-line copy-paste for rendered code (#20612)
- Clean up and fix clone button script (#20415 & #20600) (#20599)
- Fix default merge style (#20564) (#20565)
- Add repository condition for issue count (#20454) (#20496)
- Make branch icon stand out more (#20726) (#20774)
- Fix loading button with invalid form (#20754) (#20759)
- Fix SecToTime edge-cases (#20610) (#20611)
- Executable check always returns true for windows (#20637) (#20835)
- Check issue labels slice length before calling xorm Insert (#20655) (#20836)
- Fix owners cannot create organization repos bug (#20841) (#20854)
- Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848)

1.17.0 - 2022-07-30

BREAKING
- Require go1.18 for Gitea 1.17 (#19918)
- Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
- Nuke the incorrect permission report on /api/v1/notifications (#19761)
- Refactor git module, make Gitea use internal git config (#19732)
- Remove RequireHighlightJS field, update plantuml example. (#19615)
- Increase minimal required git version to 2.0 (#19577)
- Add a directory prefix gitea-src-VERSION to release-tar-file (#19396)
- Use “main” as default branch name (#19354)
- Make cron task no notice on success (#19221)
- Add pam account authorization check (#19040)
- Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
- Refactor mirror code & fix StartToMirror (#18904)
- Remove deprecated SSH ciphers from default (#18697)
- Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
- Update reserved usernames list (#18438)
- Support custom ACME provider (#18340)
- Change initial TrustModel to committer (#18335)
- Update HTTP status codes (#18063)
- Upgrade Alpine from 3.13 to 3.15 (#18050)
- Restrict email address validation (#17688)
- Refactor Router Logger (#17308)
SECURITY
- Use git.HOME_PATH for Git HOME directory (#20114) (#20293)
- Add write check for creating Commit Statuses (#20332) (#20333)
- Remove deprecated SSH ciphers from default (#18697)
FEDERATION
- Return statistic information for nodeinfo (#19561)
- Add Webfinger endpoint (#19462)
- Store the foreign ID of issues during migration (#18446)
FEATURES
- Automatically render wiki TOC (#19873)
- Adding button to link accounts from user settings (#19792)
- Allow set default merge style while creating repo (#19751)
- Auto merge pull requests when all checks succeeded (#9307 & #19648)
- Improve reviewing PR UX (#19612)
- Add support for rendering console output with colors (#19497)
- Add Helm Chart registry (#19406)
- Add Goroutine stack inspector to admin/monitor (#19207)
- RSS/Atom support for Orgs & Repos (#17714 & #19055)
- Add button for issue deletion (#19032)
- Allow to mark files in a PR as viewed (#19007)
- Add Index to comment for migrations and mirroring (#18806)
- Add health check endpoint (#18465)
- Add packagist webhook (#18224)
- Add “Allow edits from maintainer” feature (#18002)
- Add apply-patch, basic revert and cherry-pick functionality (#17902)
- Add Package Registry (#16510)
- Add LDAP group sync to Teams (#16299)
- Pause queues (#15928)
- Added auto-save whitespace behavior if it changed manually (#15566)
- Find files in repo (#15028)
- Provide configuration to allow camo-media proxying (#12802)
API
- Add endpoint to serve blob or LFS file content (#19689)
- Add endpoint to check if team has repo access (#19540)
- More commit info (#19252)
- Allow to create file on empty repo (#19224)
- Allow removing issues (#18879)
- Add endpoint to query collaborators permission for a repository (#18761)
- Return primary language and repository language stats API URL (#18396)
- Implement http signatures support for the API (#17565)
ENHANCEMENTS
- Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269)
- Adjust max-widths for the repository file table (#20243) (#20247)
- Display full name (#20171) (#20246)
- Add dbconsistency checks for Stopwatches (#20010)
- Add fetch.writeCommitGraph to gitconfig (#20006)
- Add fgprof pprof profiler (#20005)
- Move agit dependency (#19998)
- Empty log queue on flush and close (#19994)
- Remove tab/TabName usage where it’s not needed (#19973)
- Improve file header on mobile (#19945)
- Move issues related files into models/issues (#19931)
- Add breaking email restrictions checker in doctor (#19903)
- Improve UX on modal for deleting an access token (#19894)
- Add alt text to logo (#19892)
- Move some code into models/git (#19879)
- Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861)
- Make user profile image show full image on mobile (#19840)
- Replace blue button and label classes with primary (#19763)
- Remove fomantic progress module (#19760)
- Allows repo search to match against “owner/repo” pattern strings (#19754)
- Move org functions (#19753)
- Move almost all functions’ parameter db.Engine to context.Context (#19748)
- Show source/target branches on PR’s list (#19747)
- Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739)
- Add doctor orphan check for orphaned pull requests without an existing base repo (#19731)
- Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729)
- Update go-chi/cache to utilize Ping() (#19719)
- Improve commit list/view on mobile (#19712)
- Move some repository related code into sub package (#19711)
- Use a better OlderThan for DeleteInactiveUsers (#19693)
- Introduce eslint-plugin-jquery (#19690)
- Tidy up <head> template (#19678)
- Calculate filename hash only once (#19654)
- Simplify IsVendor (#19626)
- Add “Reference” section to Issue view sidebar (#19609)
- Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581)
- Use for a repo action one database transaction (#19576)
- Simplify loops to copy (#19569)
- Added X-Mailer header to outgoing emails (#19562)
- use middleware to open gitRepo (#19559)
- Mute link in diff header (#19556)
- Improve UI on mobile (#19546)
- Fix Pull Request comment filename word breaks (#19535)
- Permalink files In PR diff (#19534)
- PullService lock via pullID (#19520)
- Make repository file list useable on mobile (#19515)
- more context for models (#19511)
- Refactor readme file renderer (#19502)
- By default force vertical tabs on mobile (#19486)
- Github style following followers (#19482)
- Improve action table indices (#19472)
- Use horizontal tabs for repo header on mobile (#19468)
- pass gitRepo down since its used for main repo and wiki (#19461)
- Admin should not delete himself (#19423)
- Use queue instead of memory queue in webhook send service (#19390)
- Simplify the code to get issue count (#19380)
- Add commit status popup to issuelist (#19375)
- Add RSS Feed buttons to Repo, User and Org pages (#19370)
- Add logic to switch between source/rendered on Markdown (#19356)
- Move some helper files out of models (#19355)
- Move access and repo permission to models/perm/access (#19350)
- Disallow selecting the text of buttons (#19330)
- Allow custom redirect for landing page (#19324)
- Remove dependent on session auth for api/v1 routers (#19321)
- Never use /api/v1 from Gitea UI Pages (#19318)
- Remove legacy unmaintained packages, refactor to support change default locale (#19308)
- Move milestone to models/issues/ (#19278)
- Configure OpenSSH log level via Environment in Docker (#19274)
- Move reaction to models/issues/ (#19264)
- Make git.OpenRepository accept Context (#19260)
- Move some issue methods as functions (#19255)
- Show last cron messages on monitor page (#19223)
- New cron task: delete old system notices (#19219)
- Add Redis Sentinel Authentication Support (#19213)
- Add auto logging of goroutine pid label (#19212)
- Set OpenGraph title to DisplayName in profile pages (#19206)
- Add pprof labels in processes and for lifecycles (#19202)
- Let web and API routes have different auth methods group (#19168)
- Move init repository related functions to modules (#19159)
- Feeds: render markdown to html (#19058)
- Allow users to self-request a PR review (#19030)
- Allow render HTML with css/js external links (#19017)
- Fix script compatible with OpenWrt (#19000)
- Support ignore all santize for external renderer (#18984)
- Add note to GPG key response if user has no keys (#18961)
- Improve Stopwatch behavior (#18930)
- Improve mirror iterator (#18928)
- Uncapitalize errors (#18915)
- Prevent Stats Indexer reporting error if repo dir missing (#18870)
- Refactor SecToTime() function (#18863)
- Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796)
- Move deletebeans into models/db (#18781)
- Fix display time of milestones (#18753)
- Add config option to disable “Update branch by rebase” (#18745)
- Display template path of current page in dev mode (#18717)
- Add number in queue status to monitor page (#18712)
- Change git.cmd to RunWithContext (#18693)
- Refactor i18n, use Locale to provide i18n/translation related functions (#18648)
- Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552)
- Move organization related structs into sub package (#18518)
- Warn at startup if the provided SCRIPT_TYPE is not on the PATH (#18467)
- Use CryptoRandomBytes instead of CryptoRandomString (#18439)
- Use explicit jQuery import, remove unused eslint globals (#18435)
- Allow to filter repositories by language in explore, user and organization repositories lists (#18430)
- Use base32 for 2FA scratch token (#18384)
- Unexport var git.GlobalCommandArgs (#18376)
- Don’t underline commit status icon on hover (#18372)
- Always use git command but not os.Command (#18363)
- Switch to non-deprecation setting (#18358)
- Set the LastModified header for raw files (#18356)
- Refactor jwt.StandardClaims to RegisteredClaims (#18344)
- Enable deprecation error for v1.17.0 (#18341)
- Refactor httplib (#18338)
- Limit max-height of CodeMirror editors for issue comment and wiki (#18271)
- Validate migration files (#18203)
- Format with gofumpt (#18184)
- Allow custom default merge message with .gitea/default_merge_message/_TEMPLATE.md (#18177)
- Prettify number of issues (#17760)
- Add a “admin user generate-access-token” subcommand (#17722)
- Custom regexp external issues (#17624)
- Add smtp password to install page (#17564)
- Add config options to hide issue events (#17414)
- Prevent double click new issue/pull/comment button (#16157)
- Show issue assignee on project board (#15232)
BUGFIXES
- WebAuthn CredentialID field needs to be increased in size (#20530) (#20555)
- Ensure that all unmerged files are merged when conflict checking (#20528) (#20536)
- Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)
- Add labels to two buttons that were missing them (#20419) (#20524)
- Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503)
- Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407)
- Allow RSA 2047 bit keys (#20272) (#20396)
- Add missing return for when topic isn’t found (#20351) (#20395)
- Fix commit status icon when in subdirectory (#20285) (#20385)
- Initialize cron last (#20373) (#20384)
- Set target on create release with existing tag (#20381) (#20382)
- Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372)
- Make sure repo_dir is an empty directory or doesn’t exist before ‘dump-repo’ (#20205) (#20370)
- Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)
- Correctly handle draft releases without a tag (#20314) (#20335)
- Prevent “empty” scrollbars on Firefox (#20294) (#20308)
- Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)
- Bump goldmark to v1.4.13 (#20300) (#20301)
- Do not create empty “.ssh” directory when loading config (#20289) (#20298)
- Fix NPE when using non-numeric (#20277) (#20278)
- Store read access in access for team repositories (#20275) (#20276)
- EscapeFilter the group dn membership (#20200) (#20254)
- Only show Followers that current user can access (#20220) (#20252)
- Update Bluemonday to v1.0.19 (#20199) (#20209)
- Refix indices on actions table (#20158) (#20198)
- Check if project has the same repository id with issue when assign project to issue (#20133) (#20188)
- Fix remove file on initial comment (#20127) (#20128)
- Catch the error before the response is processed by goth (#20000) (#20102)
- Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)
- Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
- Respond with a 401 on git push when password isn’t changed yet (#20026) (#20027)
- Return 404 when tag is broken (#20017) (#20024)
- Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
- Respond with a 401 on git push when password isn’t changed yet (#20026) (#20027)
- Return 404 when tag is broken (#20017) (#20024)
- Write Commit-Graphs in RepositoryDumper (#20004)
- Use DisplayName() instead of FullName in Oauth Provider (#19991)
- Don’t buffer doctor logger (#19982)
- Always try to fetch repo for mirrors (#19975)
- Uppercase first languages letters (#19965)
- Fix cli command restore-repo: “units” should be parsed as StringSlice (#19953)
- Ensure minimum mirror interval is reported on settings page (#19895)
- Exclude Archived repos from Dashboard Milestones (#19882)
- gitconfig: set safe.directory = * (#19870)
- Prevent NPE on update mirror settings (#19864)
- Only return valid stopwatches to the EventSource (#19863)
- Prevent NPE whilst migrating if there is a team request review (#19855)
- Fix inconsistency in doctor output (#19836)
- Fix release tag for webhook (#19830)
- Add title attribute to dependencies in sidebar (#19807)
- Estimate Action Count in Statistics (#19775)
- Do not update user stars numbers unless fix is specified (#19750)
- Improved ref comment link when origin is body/title (#19741)
- Fix nodeinfo caching and prevent NPE if cache non-existent (#19721)
- Fix duplicate entry error when add team member (#19702)
- Fix sending empty notifications (#19589)
- Update image URL for Discord webhook (#19536)
- Don’t let repo clone URL overflow (#19517)
- Allow commit status popup on /pulls page (#19507)
- Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494)
- Fix logging of Transfer API (#19456)
- Fix panic in teams API when requesting members (#19360)
- Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337)
- An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300)
- Move checks for pulls before merge into own function (#19271)
- Fix contrib/upgrade.sh (#19222)
- Set the default branch for repositories generated from templates (#19136)
- Fix EasyMDE error when input Enter (#19004)
- Don’t clean up hardcoded tmp (#18983)
- Delete related notifications on issue deletion too (#18953)
- Fix trace log to show value instead of pointers (#18926)
- Fix behavior or checkbox submission. (#18851)
- Add ContextUser (#18798)
- Fix some mirror bugs (#18649)
- Quote MAKE to prevent path expansion with space error (#18622)
- Preserve users if restoring a repository on the same Gitea instance (#18604)
- Fix non-ASCII search on database (#18437)
- Automatically pause queue if index service is unavailable (#15066)
TESTING
- Allow postgres integration tests to run over unix pipe (#19875)
- Prevent intermittent NPE in queue tests (#19301)
- Add test for importing pull requests in gitea uploader for migrations (#18752)
- Remove redundant comparison in repo dump/restore (#18660)
- More repo dump/restore tests, including pull requests (#18621)
- Add test coverage for original author conversion during migrations (#18506)
TRANSLATION
- Update issue_no_dependencies description (#19112)
- Refactor webhooks i18n (#18380)
BUILD
- Use alpine 3.16 (#19797)
- Require node 14.0 (#19451)
DOCS
- Update documents (git/fomantic/db, etc) (#19868)
- Update the ROOT documentation and error messages (#19832)
- Update document to use FHS /usr/local/bin/gitea instead of /app/... for Docker (#19794)
- Update documentation to disable duration settings with -1 instead of 0 (#19647)
- Add warning to set SENDMAIL_ARGS to -- (#19102)
- Update nginx reverse proxy docs (#18922)
- Add example to render html files (#18736)
- Make SSH passtrough documentation better (#18687)
- Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470)
- Update the SSH passthrough documentation (#18366)
- Add contrib/upgrade.sh (#18286)
MISC
- Fix aria for logo (#19955)
- In code search, get code unit accessible repos in one (main) query (#19764)
- Add tooltip to pending PR comments (#19662)
- Improve sync performance for pull-mirrors (#19125)
- Improve dashboard’s repo list performance (#18963)
- Avoid database lookups for DescriptionHTML (#18924)
- Remove CodeMirror dependencies (#18911)
- Disable unnecessary mirroring elements (#18527)
- Disable unnecessary OpenID/OAuth2 elements (#18491)
- Disable unnecessary GitHooks elements (#18485)
- Change some logging levels (#18421)
- Prevent showing webauthn error for every time visiting /user/settings/security (#18385)
- Use correct translation key for errors (#18342)

1.16.9 - 2022-07-12

SECURITY
- Add write check for creating Commit status (#20332) (#20334)
- Check for permission when fetching user controlled issues (#20133) (#20196)
BUGFIXES
- Hide notify mail setting ui if not enabled (#20138) (#20337)
- Add write check for creating Commit status (#20332) (#20334)
- Only show Followers that current user can access (#20220) (#20253)
- Release page show all tags in compare dropdown (#20070) (#20071)
- Fix permission check for delete tag (#19985) (#20001)
- Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
- Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
- Set Setpgid on child git processes (#19865) (#19881)
- Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
- Ensure responses are context.ResponseWriters (#19843) (#19859)
- Fix incorrect usage of Count function (#19850)
- Fix raw endpoint PDF file headers (#19825) (#19826)
- Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
- Don’t return 500 on NotificationUnreadCount (#19802)
- Prevent NPE when cache service is disabled (#19703) (#19783)
- Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
- Fix doctor pq: syntax error at or near “.” quote user table name (#19765) (#19770)
- Fix bug with assigneees (#19757)

1.16.8 - 2022-05-16

ENHANCEMENTS
- Add doctor check/fix for bogus action rows (#19656) (#19669)
- Make .cs highlighting legible on dark themes. (#19604) (#19605)
BUGFIXES
- Fix oauth setting list bug (#19681)
- Delete user related oauth stuff on user deletion too (#19677) (#19680)
- Fix new release from tags list UI (#19670) (#19673)
- Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
- GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
- Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
- Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
- Fix sending empty notifications (#19589) (#19590)
- Ignore DNS error when doing migration allow/block check (#19566) (#19567)
- Fix issue overview for teams (#19652) (#19653)

1.16.7 - 2022-05-02

SECURITY
- Escape git fetch remote (#19487) (#19490)
BUGFIXES
- Don’t overwrite err with nil (#19572) (#19574)
- On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
- Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
- Don’t error when branch’s commit doesn’t exist (#19547) (#19548)
- Support hostname:port to pass host matcher’s check (#19543) (#19544)
- Prevent intermittent race in attribute reader close (#19537) (#19539)
- Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
- Prevent dangling archiver goroutine (#19516) (#19526)
- Fix migrate release from github (#19510) (#19523)
- When view _Siderbar or _Footer, just display once (#19501) (#19522)
- Fix blame page select range error and some typos (#19503)
- Fix name of doctor fix “authorized-keys” in hints (#19464) (#19484)
- User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
- Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
- RepoAssignment ensure to close before overwrite (#19449) (#19460)
- Set correct PR status on 3way on conflict checking (#19457) (#19458)
- Mark TemplateLoading error as “UnprocessableEntity” (#19445) (#19446)

1.16.6 - 2022-04-20

ENHANCEMENTS
- Only request write when necessary (#18657) (#19422)
- Disable service worker by default (#18914) (#19342)
BUGFIXES
- When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
- Fix DELETE request for non-existent public key (#19443) (#19444)
- Don’t panic on ErrEmailInvalid (#19441) (#19442)
- Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
- Warn on SSH connection for incorrect configuration (#19317) (#19437)
- Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
- When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
- Fix nil error when some pages are rendered outside request context (#19427) (#19428)
- Fix double blob-hunk on diff page (#19404) (#19405)
- Don’t allow merging PR’s which are being conflict checked (#19357) (#19358)
- Fix middleware function’s placements (#19377) (#19378)
- Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
- Restore user autoregistration with email addresses (#19261) (#19312)
- Move checks for pulls before merge into own function (#19271) (#19277)
- Granular webhook events in editHook (#19251) (#19257)
- Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
- Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
- Touch mirrors on even on fail to update (#19217) (#19233)
- Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
- Fix clone url JS error for the empty repo page (#19209)
- Bump goldmark to v1.4.11 (#19201) (#19203)
TESTING
- Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)
BUILD
- Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)
MISC
- Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
- Check go and nodejs version by go.mod and package.json (#19197) (#19254)

1.16.5 - 2022-03-23

BREAKING
- Bump to build with go1.18 (#19120 et al) (#19127)
SECURITY
- Prevent redirect to Host (2) (#19175) (#19186)
- Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
- Clean paths when looking in Storage (#19124) (#19179)
- Do not send notification emails to inactive users (#19131) (#19139)
- Do not send activation email if manual confirm is set (#19119) (#19122)
ENHANCEMENTS
- Use the new/choose link for New Issue on project page (#19172) (#19176)
BUGFIXES
- Fix showing issues in your repositories (#18916) (#19191)
- Fix compare link in active feeds for new branch (#19149) (#19185)
- Redirect .wiki/* ui link to /wiki (#18831) (#19184)
- Ensure deploy keys with write access can push (#19010) (#19182)
- Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
- Cleanup protected branches when deleting users & teams (#19158) (#19174)
- Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
- Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
- Use custom favicon when viewing static files if it exists (#19130) (#19152)
- Fix the editor height in review box (#19003) (#19147)
- Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
- Fix wrong scopes caused by empty scope input (#19029) (#19145)
- Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
- Handle email address not exist (#19089) (#19121)
MISC
- Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
- Update golang.org/x/crypto (#19097) (#19098)

1.16.4 - 2022-03-14

SECURITY
- Restrict email address validation (#17688) (#19085)
- Fix lfs bug (#19072) (#19080)
ENHANCEMENTS
- Improve SyncMirrors logging (#19045) (#19050)
BUGFIXES
- Refactor mirror code & fix StartToMirror (#18904) (#19075)
- Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
- Prevent 500 when there is an error during new auth source post (#19041) (#19059)
- If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
- Fix flag validation (#19046) (#19051)
- Add pam account authorization check (#19040) (#19047)
- Ignore missing comment for user notifications (#18954) (#19043)
- Set rel="nofollow noindex" on new issue links (#19023) (#19042)
- Upgrading binding package (#19034) (#19035)
- Don’t show context cancelled errors in attribute reader (#19006) (#19027)
- Fix update hint bug (#18996) (#19002)
MISC
- Fix potential assignee query for repo (#18994) (#18999)

1.16.3 - 2022-03-02

SECURITY
- Git backend ignore replace objects (#18979) (#18980)
ENHANCEMENTS
- Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)
BUGFIXES
- Set max text height to prevent overflow (#18862) (#18977)
- Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
- Accounts with WebAuthn only (no TOTP) now exist … fix code to handle that case (#18897) (#18964)
- Send 404 on /{org}.gpg (#18959) (#18962)
- Fix admin user list pagination (#18957) (#18960)
- Fix lfs management setting (#18947) (#18946)
- Fix login with email panic when email is not exist (#18942)
- Update go-org to v1.6.1 (#18932) (#18933)
- Fix <strong> html in translation (#18929) (#18931)
- Fix page and missing return on unadopted repos API (#18848) (#18927)
- Allow administrator teams members to see other teams (#18918) (#18919)
- Don’t treat BOM escape sequence as hidden character. (#18909) (#18910)
- Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908)
- Fix redirect when using lowercase repo name (#18775) (#18902)
- Fix migration v210 (#18893) (#18892)
- Fix team management UI (#18887) (18886)
- BeforeSourcePath should point to base commit (#18880) (#18799)
TRANSLATION
- Backport locales from master (#18944)
MISC
- Don’t update email for organisation (#18905) (#18906)

1.16.2 - 2022-02-24

ENHANCEMENTS
- Show fullname on issue edits and gpg/ssh signing info (#18828)
- Immediately Hammer if second kill is sent (#18823) (#18826)
- Allow mermaid render error to wrap (#18791)
BUGFIXES
- Fix ldap user sync missed email in email_address table (#18786) (#18876)
- Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
- Don’t report signal: killed errors in serviceRPC (#18850) (#18865)
- Fix bug where certain LDAP settings were reverted (#18859)
- Update go-org to 1.6.0 (#18824) (#18839)
- Fix login with email for ldap users (#18800) (#18836)
- Fix bug for get user by email (#18834)
- Fix panic in EscapeReader (#18820) (#18821)
- Fix ldap loginname (#18789) (#18804)
- Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
- In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
- Fix template bug of LFS lock (#18784) (#18787)
- Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
- Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
- Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
- Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
- Prevent dangling GetAttribute calls (#18754) (#18755)
- Fix isempty detection of git repository (#18746) (#18750)
- Fix source code line highlighting on external tracker (#18729) (#18740)
- Prevent double encoding of branch names in delete branch (#18714) (#18738)
- Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
- Fix forked repositories missed tags (#18719) (#18735)
- Fix release typo (#18728) (#18731)
- Separate the details links of commit-statuses in headers (#18661) (#18730)
- Update object repo with the migrated repository (#18684) (#18726)
- Fix bug for version update hint (#18701) (#18705)
- Fix issue with docker-rootless shimming script (#18690) (#18699)
- Let MinUnitAccessMode return correct perm (#18675) (#18689)
- Prevent security failure due to bad APP_ID (#18678) (#18682)
- Restart zero worker if there is still work to do (#18658) (#18672)
- If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
TESTING
- Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)
BUILD
- Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)
MISC
- Put buttons back in org dashboard (#18817) (#18825)
- Various Mermaid improvements (#18776) (#18780)
- C preprocessor colors improvement (#18671) (#18696)
- Fix the missing i18n key for update checker (#18646) (#18665)

1.16.1 - 2022-02-06

SECURITY
- Update JS dependencies, fix lint (#18389) (#18540)
ENHANCEMENTS
- Add dropdown icon to label set template dropdown (#18564) (#18571)
BUGFIXES
- comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
- Stop logging an error when notes are not found (#18626) (#18635)
- Ensure that blob-excerpt links work for wiki (#18587) (#18624)
- Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
- Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
- Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
- Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
- Collaborator trust model should trust collaborators (#18539) (#18557)
- Detect conflicts with 3way merge (#18536) (#18537)
- In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
- Add GetUserTeams (#18499) (#18531)
- Fix review excerpt (#18502) (#18530)
- Fix for AvatarURL database type (#18487) (#18529)
- Use ImagedProvider for gplus oauth2 provider (#18504) (#18505)
- Fix OAuth Source Edit Page (#18495) (#18503)
- Use “read” value for General Access (#18496) (#18500)
- Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
BUILD
- Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
DOCS
- Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)

1.16.0 - 2022-01-30

BREAKING
- Remove golang vendored directory (#18277)
- Paginate releases page & set default page size to 10 (#16857)
- Use shadowing script for docker (#17846)
- Only allow webhook to send requests to allowed hosts (#17482)
SECURITY
- Disable content sniffing on PlainTextBytes (#18359) (#18365)
- Only view milestones from current repo (#18414) (#18417)
- Sanitize user-input on file name (#17666)
- Use hostmatcher to replace matchlist to improve blocking of bad hosts in Webhooks (#17605)
FEATURES
- Add/update SMTP auth providers via cli (#18197)
- Support webauthn (#17957)
- Team permission allow different unit has different permission (#17811)
- Implement Well-Known URL for password change (#17777)
- Add support for ssh commit signing (#17743)
- Allow Loading of Diffs that are too large (#17739)
- Add copy button to markdown code blocks (#17638)
- Add .gitattribute assisted language detection to blame, diff and render (#17590)
- Add PULL_LIMIT and PUSH_LIMIT to cron.update_mirror task (#17568)
- Add Reindex buttons to repository settings page (#17494)
- Make SSL cipher suite configurable (#17440)
- Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
- Add simple update checker to Gitea (#17212)
- Migrated Repository will show modifications when possible (#17191)
- Create pub/priv keypair for federation (#17071)
- Make LDAP be able to skip local 2FA (#16954)
- Add nodeinfo endpoint for federation purposes (#16953)
- Save and view issue/comment content history (#16909)
- Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
- Add migrate from Codebase (#16768)
- Add migration from GitBucket (#16767)
- Add OAuth2 introspection endpoint (#16752)
- Add proxy settings and support for migration and webhook (#16704)
- Add microsoft oauth2 providers (#16544)
- Send registration email on user autoregistration (#16523)
- Defer Last Commit Info (#16467)
- Support unprotected file patterns (#16395)
- Add migrate from OneDev (#16356)
- Add option to update pull request by rebase (#16125)
- Add RSS/Atom feed support for user actions (#16002)
- Add support for corporate WeChat webhooks (#15910)
- Add a simple way to rename branch like gh (#15870)
- Add bundle download for repository (#14538)
- Add agit flow support in gitea (#14295)
API
- Add MirrorUpdated field to Repository API type (#18267)
- Adjust Fork API to allow setting a custom repository name (#18066)
- Add API to manage repo tranfers (#17963)
- Add API to get file commit history (#17652)
- Add API to get issue/pull comments and events (timeline) (#17403)
- Add API to get/edit wiki (#17278)
- Add API for get user org permissions (#17232)
- Add HTML urls to notification API (#17178)
- Add API to get commit diff/patch (#17095)
- Respond with updated notifications in API (#17064)
- Add API to fetch git notes (#16649)
- Generalize list header for API (#16551)
- Add API Token Cache (#16547)
- Allow Token API calls be authorized using the reverse-proxy header (#15119)
ENHANCEMENTS
- Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
- Return nicer error if trying to pull from non-existent user (#18288)
- Show pull link for agit pull request also (#18235)
- Enable partial clone by default (#18195)
- Added replay of webhooks (#18191)
- Show OAuth callback error message (#18185)
- Increase Salt randomness (#18179)
- Add MP4 as default allowed attachment type (#18170)
- Include folders into size cost (#18158)
- Remove /email2user endpoint (#18127)
- Handle invalid issues (#18111)
- Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
- Support open compare page directly (#17975)
- Prefer “Hiragino Kaku Gothic ProN” in system-ui-ja (#17954)
- Clean legacy SimpleMDE code (#17926)
- Refactor install page (db type) (#17919)
- Improve interface when comparing a branch which has created a pull request (#17911)
- Allow default branch to be inferred on compare page (#17908)
- Display issue/comment role even if repo archived (#17907)
- Always set a message-id on mails (#17900)
- Change <a> elements to underline on hover (#17898)
- Render issue references in file table (#17897)
- Handle relative unix socket paths (#17836)
- Move accessmode into models/perm (#17828)
- Fix some org style problems (#17807)
- Add List-Unsubscribe header (#17804)
- Create menus for organization pages (#17802)
- Switch archive URL code back to href attributes (#17796)
- Refactor “refs/*” string usage by using constants (#17784)
- Allow forks to org if you can create repos (#17783)
- Improve install code to avoid low-level mistakes. (#17779)
- Improve ellipsis buttons (#17773)
- Add restrict and no-user-rc to authorized_keys (#17772)
- Add copy Commit ID button in commits list (#17759)
- Make bind error more readable (#17750)
- Fix navbar on project view (#17749)
- More pleasantly handle broken or missing git repositories (#17747)
- Use *PushUpdateOptions as receiver (#17724)
- Remove unused user paramater (#17723)
- Better builtin avatar generator (#17707)
- Cleanup and use global style on popups (#17674)
- Move user/org deletion to services (#17673)
- Added comment for changing issue ref (#17672)
- Allow admins to change user avatars (#17661)
- Only set data-path once for each file in diff pages (#17657)
- Add icon to vscode clone link (#17641)
- Add download button for file viewer (#17640)
- Add pagination to fork list (#17639)
- Use a standalone struct name for Organization (#17632)
- Minor readability patch. (#17627)
- Add context support for GetUserByID (#17602)
- Move merge-section to > .content (#17582)
- Remove NewSession method from db.Engine interface (#17577)
- Move unit into models/unit/ (#17576)
- Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
- Refactor commentTags functionality (#17558)
- Make Repo Code Indexer an Unique Queue (#17515)
- Simplify Gothic to use our session store instead of creating a different store (#17507)
- Add settings to allow different SMTP envelope from address (#17479)
- Properly determine CSV delimiter (#17459)
- Hide label comments if labels were added and removed immediately (#17455)
- Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
- Add appearance section in settings (#17433)
- Move key forms before list and add cancel button (#17432)
- When copying executables to the docker chmod them (#17423)
- Remove deprecated extendDefaultPlugins method of svgo (#17399)
- Fix the click behavior for and with data-href
- Refactor update checker to use AppState (#17387)
- Improve async/await usage, and sort init calls in index.js (#17386)
- Use a variable but a function for IsProd because of a slight performance increment (#17368)
- Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
- Hide command line merge instructions when user can’t push (#17339)
- Move session to models/login (#17338)
- Sync gitea app path for git hooks and authorized keys when starting (#17335)
- Make the Mirror Queue a queue (#17326)
- Add “Copy branch name” button to pull request page (#17323)
- Fix repository summary on mobile (#17322)
- Split index.js to separate files (#17315)
- Show direct match on top for user search (#17303)
- Frontend refactor: move Vue related code from index.js to components dir, and remove unused codes. (#17301)
- Upgrade chi to v5 (#17298)
- Disable form autofill (#17291)
- Improve behavior of “Fork” button (#17288)
- Open markdown image links in new window (#17287)
- Add hints for special Wiki pages (#17283)
- Move add deploy key form before the list and add a cancel button (#17228)
- Allow adding multiple issues to a project (#17226)
- Add metrics to get issues by repository (#17225)
- Add specific event type to header (#17222)
- Redirect on project after issue created (#17211)
- Reference in new issue modal: dont pre-populate issue title (#17208)
- Always set a unique Message-ID header (#17206)
- Add projects and project boards in exposed metrics (#17202)
- Add metrics to get issues by label (#17201)
- Add protection to disable Gitea when run as root (#17168)
- Don’t return binary file changes in raw PR diffs by default (#17158)
- Support sorting for project board issuses (#17152)
- Force color-adjust for markdown checkboxes (#17146)
- Add option to copy line permalink (#17145)
- Move twofactor to models/login (#17143)
- Multiple tokens support for migrating from github (#17134)
- Unify issue and PR subtitles (#17133)
- Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
- Fix problem when database id is not increment as expected (#17124)
- Avatar refactor, move avatar code from models to models.avatars, remove duplicated code (#17123)
- Re-allow clipboard copy on non-https sites (#17118)
- DBContext is just a Context (#17100)
- Move login related structs and functions to models/login (#17093)
- Add SkipLocal2FA option to pam and smtp sources (#17078)
- Move db related basic functions to models/db (#17075)
- Fixes username tagging in “Reference in new issue” (#17074)
- Use light/dark theme based on system preference (#17051)
- Always emit the configuration path (#17036)
- Add AbsoluteListOptions (#17028)
- Use common sessioner for API and Web (#17027)
- Fix overflow label in small view (#17020)
- Report the associated filter if there is an error in LDAP (#17014)
- Add “new issue” btn on project (#17001)
- Add doctor dbconsistency check for release and attachment (#16978)
- Disable Fomantic’s CSS tooltips (#16974)
- Add Cache-Control to avatar redirects (#16973)
- Make mirror feature more configurable (#16957)
- Add skip and limit to git.GetTags (#16897)
- Remove ParseQueueConnStr as it is unused (#16878)
- Remove unused Fomantic sidebar module (#16853)
- Allow LDAP Sources to provide Avatars (#16851)
- Remove Dashboard/Home button from the navbar (#16844)
- Use conditions but not repo ids as query condition (#16839)
- Add user settings key/value DB table (#16834)
- Add buttons to allow loading of incomplete diffs (#16829)
- Add information for migrate failure (#16803)
- Add EdDSA JWT signing algorithm (#16786)
- Add user status filter to admin user management page (#16770)
- Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
- Do not use thin scrollbars on Firefox (#16738)
- Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731)
- Compute proper foreground color for labels (#16729)
- Add edit button to wiki sidebar and footer (#16719)
- Fix migration svg color (#16715)
- Add link to vscode to repo header (#16664)
- Add filter by owner and team to issue/pulls search endpoint (#16662)
- Kanban colored boards (#16647)
- Allow setting X-FRAME-OPTIONS (#16643)
- Separate open and closed issue in metrics (#16637)
- Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635)
- Add setting to OAuth handlers to skip local 2FA authentication (#16594)
- Make PR merge options more intuitive (#16582)
- Show correct text when comparing commits on empty pull request (#16569)
- Pre-fill suggested New File ‘name’ and ‘content’ with Query Params (#16556)
- Add an abstract json layout to make it’s easier to change json library (#16528)
- Make Mermaid.js limit configurable (#16519)
- Improve 2FA autofill (#16473)
- Add modals to Organization and Team remove/leave (#16471)
- Show tag name on dashboard items list (#16466)
- Change default cron schedules from @every 24h to @midnight (#16431)
- Prevent double sanitize (#16386)
- Replace list.List with slices (#16311)
- Add configuration option to restrict users by default (#16256)
- Move login out of models (#16199)
- Support pagination of organizations on user settings pages (#16083)
- Switch migration icon to svg (#15954)
- Add left padding for chunk header of split diff view (#13397)
- Allow U2F 2FA without TOTP (#11573)
BUGFIXES
- GitLab reviews may not have the updated_at field set (#18450) (#18461)
- Fix detection of no commits when the default branch is not master (#18422) (#18423)
- Fix broken oauth2 authentication source edit page (#18412) (#18419)
- Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404)
- Fix restore without topic failure (#18387) (#18400)
- Fix commit’s time (#18375) (#18392)
- Fix partial cloning a repo (#18373) (#18377)
- Stop trimming preceding and suffixing spaces from editor filenames (#18334)
- Prevent showing webauthn error for every time visiting /user/settings/security (#18386)
- Fix mime-type detection for HTTP server (#18370) (#18371)
- Stop trimming preceding and suffixing spaces from editor filenames (#18334)
- Restore propagation of ErrDependenciesLeft (#18325)
- Fix PR comments UI (#18323)
- Use indirect comparison when showing pull requests (#18313)
- Replace satori/go.uuid with gofrs/uuid (#18311)
- Fix commit links on compare page (#18310)
- Don’t show double error response in git hook (#18292)
- Handle missing default branch better in owner/repo/branches page (#18290)
- Fix CheckRepoStats and reuse it during migration (#18264)
- Prevent underline hover on cards (#18259)
- Don’t delete branch if other PRs with this branch are open (#18164)
- Require codereview to have content (#18156)
- Allow admin to associate missing LFS objects for repositories (#18143)
- When attempting to subscribe other user to issue report why access denied (#18091)
- Add option to convert CRLF to LF line endings for sendmail (#18075)
- Only create pprof files for gitea serv if explicitly asked for (#18068)
- Abort merge if head has been updated before pressing merge (#18032)
- Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
- Use JSON module instead of stdlib json (#18003)
- Fixed issue merged/closed wording (#17973)
- Return nicer error for ForcePrivate (#17971)
- Fix overflow in commit graph (#17947)
- Prevent services/mailer/mailer_test.go tests from deleting data directory (#17941)
- Use disable_form_autofill on Codebase and Gitbucket (#17936)
- Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)
- Fix markdown URL parsing (#17924)
- Apply CSS Variables to all message elements (#17920)
- Improve checkBranchName (#17901)
- Update chi/middleware to chi/v5/middleware (#17888)
- Fix position of label color picker colors (#17866)
- Fix ListUnadoptedRepositories incorrect total count (#17865)
- Remove whitespace inside rendered code <td> (#17859)
- Make Co-committed-by and co-authored-by trailers optional (#17848)
- Fix value of User.IsRestricted when oauth2 user registration (#17839)
- Use new OneDev /milestones endpoint (#17782)
- Prevent deadlock in TestPersistableChannelQueue (#17717)
- Simplify code for writing SHA to name-rev (#17696)
- Fix database deadlock when update issue labels (#17649)
- Add warning for BIDI characters in page renders and in diffs (#17562)
- Fix ipv6 parsing for builtin ssh server (#17561)
- Multiple Escaping Improvements (#17551)
- Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)
- Show client-side error if wiki page is empty (#17415)
- Fix context popup error (#17398)
- Stop sanitizing full name in API (#17396)
- Fix issue close/comment buttons on mobile (#17317)
- Fix navbar UI (#17235)
- Fix problem when database id is not increment as expected (#17229)
- Open the DingTalk link in browser (#17084)
- Remove heads pointing to missing old refs (#17076)
- Fix commit status index problem (#17061)
- Handle broken references in mirror sync (#17013)
- Fix for create repo page layout (#17012)
- Improve LDAP synchronization efficiency (#16994)
- Add repo_id for attachment (#16958)
- Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705)
- Remove duplicate csv import in modules/csv/csv.go (#16631)
- Improve SMTP authentication and Fix user creation bugs (#16612)
- Fixed emoji alias not parsed in links (#16221)
- Calculate label URL on API (#16186)
TRANSLATION
- Fix misspelling of starred as stared (#17465)
- Re-separate the color translation strings (#17390)
- Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)
BUILD
- Add lockfile-check (#18285)
- Don’t store assets modified time into generated files (#18193)
MISC
- Update JS dependencies (#17611)

Archived releases

CHANGELOG-archived.md

CHANGELOG.md 199KB Czysty Blame Historia