Version 1.23.5

markup: add jupyter notebook markup language

See merge request cloudron/gitea-app!6

CHANGELOG

@@ -6,3 +6,897 @@
 
 [0.1.2]
 * Updated description
+
+[0.1.3]
+* Updated to version 1.1.2
+
+[1.0.0]
+* Update to version 1.1.3
+
+[1.0.1]
+* Update Git to v2.7.4-0ubuntu1.2
+* Fixes critical security issue that allows remote command execution in git
+* https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html
+
+[1.0.2]
+* Preserve SECRET_KEY across updates and restarts
+
+[1.0.3]
+* Update to version 1.1.4
+
+[1.1.0]
+* Update to version 1.2.0
+* New logo!
+* SECURITY: Sanitation fix from Gogs (#1461)
+* Status-API
+* Implement GPG api
+* https://github.com/go-gitea/gitea/releases/tag/v1.2.0
+
+[1.1.1]
+* Update to version 1.2.1
+* Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
+* Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
+* Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
+* Fix .netrc authentication (#2700) (#2708)
+* Fix slice out of bounds error in mailer (#2479) (#2696)
+
+[1.1.2]
+* Update to version 1.2.2
+* Add checks for commits with missing author and time (#2771) (#2785)
+* Fix sending mail with a non-latin display name (#2559) (#2783)
+* Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
+* Update vendor git (#2765) (#2772)
+* Fix emojify image URL (#2769) (#2773)
+
+[1.1.3]
+* Update to version 1.2.3
+* Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
+* Fix order of comments (#2835) (#2839)
+
+[1.2.0]
+* Update to version 1.3.0
+
+[1.3.0]
+* Update to version 1.3.1
+* Add documentationUrl
+* Sanitize logs for mirror sync (#3057, #3082) (#3078)
+* Fix missing branch in release bug (#3108) (#3117)
+* Fix repo indexer and submodule bug (#3107) (#3110)
+* Fix legacy URL redirects (#3100) (#3106)
+* Fix redis session failed (#3086) (#3089)
+* Fix issue list branch link broken (#3061) (#3070)
+* Fix missing password length check when change password (#3039) (#3071)
+
+[1.3.1]
+* Update Gitea to 1.3.2
+* Fix run web with -p push failed (#3154) (#3179)
+* Fix source download link when no code unit allowed (#3166) (#3169)
+* Allow adding collaborators with (fullname) (#3103) (#3168)
+* Fix repo links (#3093) (#3163)
+* Fix Uninitialized variable in ParsePatch (#3156) (#3162)
+* Fix migration order v1.3 (#3157)
+* Fix avatar URLs (#3069) (#3143)
+
+[1.4.0]
+* Fix email sending (use SMTPS)
+
+[1.4.1]
+* Update Gitea to 1.3.3
+* Security fixes
+    * Fix escaping changed title in comments (#3530) (#3535)
+    * Escape search query display (#3486) (#3489)
+* Bug fixes
+    * Fix repo-transfer-and-team-repo-count bug (#3241) (#3244)
+    * Open external tracker in blank window, consistently with wiki (#3227) (#3228)
+    * Change SSL Mode from checkbox to string in admin page (#3208) (#3211)
+
+[1.5.0]
+* Update Gitea to 1.4.0
+
+[1.5.1]
+* Update Gitea to 1.4.1
+* Add “error” as reserved username (#3882) (#3886)
+* Do not allow inactive users to access repositories using private key (#3887) (#3889)
+* Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873)
+* Remove unnecessary allowed safe HTML (#3778) (#3779)
+* Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
+* Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
+* Fix GPG expire time display when time is zero (#3584) (#3884)
+* Fix to update only issue last update time when adding a comment (#3855) (#3860)
+* Fix repository star count after deleting user (#3781) (#3783)
+* Use the active branch for the code tab (#3720) (#3776)
+* Set default branch name on first push (#3715) (#3723)
+* Show clipboard button if disable HTTP of git protocol (#3773) (#3774)
+
+[1.5.2]
+* Update Gitea to 1.4.2
+* Adjust z-index for floating labels (#3939) (#3950)
+* Add missing token validation on application settings page (#3976) #3978
+* Webhook and hook_task clean up (#4006)
+* Fix webhook bug of response info is not displayed in UI (#4023)
+* Fix writer cannot read bare repo guide (#4033) (#4039)
+* Don't force due date to current time (#3830) (#4057)
+* Fix wiki redirects (#3919) (#4065)
+* Fix attachment ENABLED (#4064) (#4066)
+* Added deletion of an empty line at the end of file (#4054) (#4074)
+* Use ResolveReference instead of path.Join (#4073)
+* Fix #4081 Check for leading / in base before removing it (#4083)
+* Respository's home page not updated after first push (#4075)
+
+[1.5.2-1]
+* Rebuild Gitea package because of https://github.com/go-gitea/gitea/issues/4167
+* Adjust z-index for floating labels (#3939) (#3950)
+* Add missing token validation on application settings page (#3976) #3978
+* Webhook and hook_task clean up (#4006)
+* Fix webhook bug of response info is not displayed in UI (#4023)
+* Fix writer cannot read bare repo guide (#4033) (#4039)
+* Don't force due date to current time (#3830) (#4057)
+* Fix wiki redirects (#3919) (#4065)
+* Fix attachment ENABLED (#4064) (#4066)
+* Added deletion of an empty line at the end of file (#4054) (#4074)
+* Use ResolveReference instead of path.Join (#4073)
+* Fix #4081 Check for leading / in base before removing it (#4083)
+* Respository's home page not updated after first push (#4075)
+
+[1.5.3]
+* Update Gitea to 1.4.3
+* SECURITY
+  * HTML-escape plain-text READMEs (#4192) (#4214)
+  * Fix open redirect vulnerability on login screen (#4312) (#4312)
+* BUGFIXES
+  * Fix broken monitoring page when running processes are shown (#4203) (#4208)
+  * Fix delete comment bug (#4216) (#4228)
+  * Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
+  * Fix wiki URL encoding bug (#4091) (#4254)
+  * Fix code tab link when viewing tags (#3908) (#4263)
+  * Fix webhook type conflation (#4285) (#4285)
+
+[1.5.4]
+* Allow customization using gitea's custom data directory
+
+[1.6.0]
+* Update Gitea to 1.5.0
+* Security
+  * Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
+  * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
+  * Do not allow to reuse TOTP passcode (#3878)
+* Features
+  * Add cli commands to regen hooks & keys (#3979)
+  * Add support for FIDO U2F (#3971)
+  * Added user language setting (#3875)
+  * Add topic support (#3711)
+  * Multiple assignees (#3705)
+  * Add protected branch whitelists for merging (#3689)
+  * Global code search support (#3664)
+  * Add label descriptions (#3662)
+  * Add issue search via API (#3612)
+  * Add repository setting to enable/disable health checks (#3607)
+  * Emoji Autocomplete (#3433)
+  * Implements generator cli for secrets (#3531)
+
+[1.6.1]
+* Update Gitea to 1.5.1
+* Security
+  * Don't disclose emails of all users when sending out emails (#4784)
+  * Improve URL validation for external wiki and external issues (#4710) (#4740)
+  * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
+* Bugfixes
+  * Fix missing release title in webhook (#4783) (#4800)
+  * Make sure to reset commit count in the cache on mirror syncing (#4770)
+  * Fixed bug where team with admin privelege type doesn't get any unit (#4759)
+  * Fix failure on creating pull request with assignees (#4583) (#4727)
+  * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
+
+[1.7.0]
+* Update base image
+
+[1.7.1]
+* Update Gitea to 1.5.2
+
+[1.7.2]
+* Update Gitea to 1.5.3
+* Security
+  * Fix remote command execution vulnerability in upstream library (#5177) (#5196)
+
+[1.8.0]
+* Update Gitea to 1.6.0
+
+[1.8.1]
+* Update Gitea to 1.6.1
+
+[1.8.2]
+* Update Gitea to 1.6.2
+* SECURITY
+  * Sanitize uploaded file names (#5571) (#5573)
+  * HTMLEncode user added text (#5570) (#5575)
+* BUGFIXES
+  * Fix indexer reindex bug when gitea restart (#5563) (#5564)
+  * Fix bug when a read perm user to edit his issue (#5516) (#5534)
+  * Detect force push failure on deletion of protected branches (#5522) (#5531)
+  * Fix forgot deletion of notification when delete repository (#5506) (#5514)
+  * Fix undeleted content when deleting user (#5429) (#5509)
+  * Fix empty wiki (#5504) (#5508)
+
+[1.8.3]
+* Update Gitea to 1.6.3
+* SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608)
+
+[1.8.4]
+* Update Gitea to 1.6.4
+* Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
+* When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
+* Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
+
+[1.9.0]
+* Update Gitea to 1.7.0
+
+[1.9.1]
+* Update Gitea to 1.7.1
+* [Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.7.1)
+* Disable redirect for i18n (#5910) (#5916)
+* Only allow local login if password is non-empty (#5906) (#5908)
+* Fix go-get URL generation (#5905) (#5907)
+* Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
+* Request for public keys only if LDAP attribute is set (#5816) (#5819)
+* Fix delete correct temp directory (#5840) (#5839)
+* Fix an error while adding a dependency via UI (#5862) (#5876)
+* Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
+* When creating new repository fsck option should be enabled (#5817) (#5885)
+* Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
+* Fix bug when read public repo lfs file (#5913) (#5912)
+* Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
+* Fix compare button on upstream repo leading to 404 (#5877) (#5914)
+
+[1.9.2]
+* Update Gitea to 1.7.2
+* Remove all CommitStatus when a repo is deleted (#5940) (#5941)
+* Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
+* Silence console logger in gitea serv (#5887) (#5943)
+* Handle milestone webhook events for issues and PR (#5947) (#5955)
+* Show user who created the repository instead of the organization in action feed (#5948) (#5956)
+* Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
+* Fix bug when deleting a linked account will removed all (#5989) (#5990)
+* Fix empty ssh key importing in ldap (#5984) (#6009)
+* Fix metrics auth token detection (#6006) (#6017)
+* Create repository on organisation by default on its dashboard (#6026) (#6048)
+* Make sure labels are actually returned in API (#6053) (#6059)
+* Switch to more recent build of xgo (#6070) (#6072)
+* In basic auth check for tokens before call UserSignIn (#5725) (#6083)
+
+[1.9.3]
+* Update Gitea to 1.7.3
+* Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
+* Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
+* Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
+* Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
+* Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
+* Fix prohibit login check on authorization (#6106) (#6115)
+* Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
+* Fix deadlock in webhook PullRequest (#6102) (#6104)
+* Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
+* Fix compare button regression (#5929) (#6098)
+* Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)
+
+[1.9.4]
+* Update Gitea to 1.7.4
+* Fix potential XSS vulnerability in repository description. (#6306) (#6308)
+* Fix wrong release commit id (#6224) (#6300)
+* Fix panic on empty signed commits (#6292) (#6300)
+* Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
+* Fix displaying dashboard even if required to change password (#6214) (#6215)
+
+[1.9.5]
+* Update Gitea to 1.7.5
+* unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
+* ParsePatch function to work with quoted diff --git strings (#6323) (#6332)
+
+[1.9.6]
+* Update Gitea to 1.7.6
+* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
+* Allow resend of confirmation email when logged in (#6482) (#6487)
+
+[1.10.0]
+* Update Gitea to 1.8.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.8.0)
+* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
+* Resolve 2FA bypass on API (#6676) (#6674)
+* Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
+* Expose issue stopwatch toggling via API (#5970)
+* Pull request conflict files detection (#5951)
+* Implement "conversation lock" for issue comments (#5073)
+* Feature: Archive repos (#5009)
+* Allow to set organization visibility (public, internal, private) (#1763)
+* Added URL mapping for Release attachments like on github.com (#1707)
+
+[1.10.1]
+* Update Gitea to 1.8.1
+
+[1.10.2]
+* Update Gitea to 1.8.2
+
+[1.11.0]
+* better custom app.ini integration
+* optional sso support
+
+[1.12.0]
+* Update Gitea to 1.8.3
+* Update manifest to v2
+
+[1.13.0]
+* Update Gitea to 1.9.0
+
+[1.13.1]
+* Update Gitea to 1.9.1
+
+[1.13.2]
+* Make sessions persist restarts
+
+[1.13.3]
+* Update Gitea to 1.9.2
+* Fix wrong sender when send slack webhook (#7918) (#7924)
+* Upload support text/plain; charset=utf8 (#7899)
+* Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
+* Fix non existent milestone with 500 error (#7867) (#7873)
+* SECURITY
+  * Fix No PGP signature on 1.9.1 tag (#7874)
+  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
+* ENHANCEMENT
+  * Fix pull creation with empty changes (#7920) (#7926)
+* BUILD
+  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)
+
+[1.13.4]
+* Update Gitea to 1.9.3
+* Fix go get from a private repository with Go 1.13 (#8100)
+* Strict name matching for Repository.GetTagID() (#8082)
+* Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
+* Add change title notification for issues (#8064)
+* Run CORS handler first for /api routes (#7967) (#8053)
+* Evaluate emojis in commit messages in list view (#8044)
+* Fix failed to synchronize tags to releases for repository (#7990) (#7994)
+* Fix adding default Telegram webhook (#7972) (#7992)
+* Abort synchronization from LDAP source if there is some error (#7965)
+* Fix deformed emoji in commit message (#8071)
+* Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)
+
+[1.13.5]
+* Update Gitea to 1.9.4
+* Highlight issue references (#8101) (#8404)
+* Fix bug when migrating a private repository #7917 (#8403)
+* Change general form binding to gogs form (#8334) (#8402)
+* Fix editor commit to new branch if PR disabled (#8375) (#8401)
+* Fix milestone num_issues (#8221) (#8400)
+* Allow users with explicit read access to give approvals (#8398)
+* Fix commit status in PR #8316 and PR #8321 (#8339)
+* Fix API for edit and delete release attachment (#8290)
+* Fix assets on release webhook (#8283)
+* Fix release API URL generation (#8239)
+* Allow registration when button is hidden (#8238)
+* MS Teams webhook misses commit messages (backport v1.9) (#8225)
+
+[1.13.6]
+* Update Gitea to 1.9.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.9.5)
+* Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
+* Fix milestone close timestamp (#8728) (#8731)
+* Fix deadline on update issue or PR via API (#8699)
+* Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
+* Fix 500 when getting user as unauthenticated user (#8653) (#8662)
+* Use AppSubUrl for more redirections (#8647) (#8652)
+* Add SubURL to redirect path (#8632) (#8634) (#8640)
+* Fix #8582 by handling empty repos (#8587) (#8593)
+* Fix bug on pull requests when transfer head repository (#8571)
+* Add missed close in ServeBlobLFS (#8527) (#8543)
+* Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
+* Create .ssh dir as necessary (#8369) (#8486) (#8489)
+* Restore functionality for early gits (#7775) (#8476)
+* Add check for empty set when dropping indexes during migration (#8475)
+* Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
+* Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
+* Ignore mentions for users with no access (#8395) (#8484)
+
+[1.14.0]
+* Update Gitea to 1.10.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.10.0)
+
+[1.14.1]
+* Update Gitea to 1.10.1
+* Fix max length check and limit in multiple repo forms (#9148) (#9204)
+* Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
+* Upgrade levelqueue to 0.1.0 (#9192) (#9199)
+* Fix panic when diff (#9187) (#9193)
+* Smtp logger configuration sendTos should be an array (#9154) (#9157)
+* Always Show Password Field on Link Account Sign-in Page (#9150)
+* Create PR on Current Repository by Default (#8670) (#9141)
+* Fix race on indexer (#9136) (#9139)
+* Fix reCAPTCHA URL (#9119)
+* Hide migrated credentials (#9098)
+* Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
+* Fix password checks on admin create/edit user (#9076) (#9081)
+* Fix add search as a reserved username (#9063) (#9065)
+* Fix permission checks for close/reopen from commit (#8875) (#9033)
+* Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
+* Fix broken link to branch from issue list (#9003) (#9021)
+* Fix wrong system notice when repository is empty (#9020)
+* Shadow password correctly for session config (#8984) (#9002)
+
+[1.14.2]
+* Update Gitea to 1.10.2
+* Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
+* Add ErrReactionAlreadyExist error (#9550) (#9564)
+* Fix bug when migrate from API (#8631) (#9563)
+* Use default avatar for ghost user (#9536) (#9537)
+* Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
+* Fix deleted branch not removed when push the branch again (#9516) (#9524)
+* Fix missing repository status when migrating repository via API (#9511)
+* Trigger webhook when deleting a branch after merging a PR (#9510)
+* Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
+* Fix NewCommitStatus (#9434) (#9435)
+* Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
+* Fix Slack webhook payload title generation to work with Mattermost (#9404)
+* DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
+* Fix issue indexer not triggered when migrating a repository (#9333)
+* Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
+* Fix migration releases (#9319) (#9326) (#9328)
+* Fix File Edit: Author/Committer interchanged (#9297) (#9300)
+
+[1.14.3]
+* Update Gitea to 1.10.3
+* Hide credentials when submitting migration (#9102) (#9704)
+* Never allow an empty password to validate (#9682) (#9684)
+* Prevent redirect to Host (#9678) (#9680)
+* Hide public repos owned by private orgs (#9609) (#9616)
+* Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
+* Fix download file wrong content-type (#9825) (#9835)
+* Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
+* Fix dump non-exist log directory (#9818) (#9820)
+* Fix compare (#9808) (#9815)
+* Fix missing msteam webhook on organization (#9781) (#9795)
+* Fix add team on collaborator page when same name as organization (#9783)
+* Fix cache problem on dashboard (#9358) (#9703)
+* Send tag create and push webhook when release created on UI (#8671) (#9702)
+* Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)
+
+[1.15.0]
+* Update Gitea to 1.11.0
+
+[1.15.1]
+* Update Gitea to 1.11.1
+* Repo name added to automatically generated commit message when merging (#9997) (#10285)
+* Fix Workerpool deadlock (#10283) (#10284)
+* Divide GetIssueStats query in smaller chunks (#10176) (#10282)
+* Fix reply on code review (#10257)
+* Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
+* Fix filter label emoji width (#10241) (#10244)
+* Fix issue sidebar menus having an infinite height (#10239) (#10240)
+* Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
+* Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
+* Blacklist manifest.json & milestones user (#10292) (#10293)
+
+[1.15.2]
+* Update Gitea to 1.11.2
+
+[1.15.3]
+* Update Gitea to 1.11.3
+
+[1.15.4]
+* Update Gitea to 1.11.4
+
+[1.16.0]
+* Update Gitea to [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5)
+* Update base image to 2.0.0
+
+[1.16.1]
+* Update Gitea to 1.11.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.11.6)
+* Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
+* Use session for retrieving org teams (#11438) (#11439)
+* Return json on 500 error from API (#11574) (#11660)
+* Fix wrong milestone in webhook message (#11596) (#11612)
+* Prevent (caught) panic on login (#11590) (#11598)
+* Fix commit page js error (#11527)
+
+[1.17.0]
+* Update Gitea to 1.12.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.0)
+
+[1.18.0]
+* Add forumUrl and update tags and screenshots
+
+[1.18.1]
+* Update Gitea to 1.12.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.2)
+
+[1.18.2]
+* Update Gitea to 1.12.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.3)
+* Don't change creation date when updating Release (#12343) (#12351)
+* Show 404 page when release not found (#12328) (#12332)
+* Fix emoji detection in certain cases (#12320) (#12327)
+* Reduce emoji size (#12317) (#12327)
+* Fix double-indirection bug in logging IDs (#12294) (#12308)
+* Link to pull list page on sidebar when view pr (#12256) (#12263)
+* Extend Notifications API and return pinned notifications by default (#12164) (#12232)
+
+[1.18.3]
+* Update Gitea to 1.12.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.4)
+* Escape provider name in oauth2 provider redirect (#12648) (#12650)
+* Escape Email on password reset page (#12610) (#12612)
+* When reading expired sessions - expire them (#12686) (#12690)
+* StaticRootPath configurable at compile time (#12371) (#12652)
+* Fix to show an issue that is related to a deleted issue (#12651) (#12692)
+* Expire time acknowledged for cache (#12605) (#12611)
+* Fix diff path unquoting (#12554) (#12575)
+* Improve HTML escaping helper (#12562)
+* models: break out of loop (#12386) (#12561)
+* Default empty merger list to those with write permissions (#12535) (#12560)
+* Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
+* Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
+* Remove hardcoded ES indexername (#12521) (#12526)
+* Fix bug preventing transfer to private organization (#12497) (#12501)
+* Keys should not verify revoked email addresses (#12486) (#12495)
+* Do not add prefix on http/https submodule links (#12477) (#12479)
+* Fix ignored login on compare (#12476) (#12478)
+* Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
+* Upgrade google/go-github to v32.1.0 (#12361) (#12390)
+* Render emoji's of Commit message on feed-page (#12373)
+* Fix handling of diff on unrelated branches when Git 2.28 used (#12370)
+
+[1.18.4]
+* Update Gitea to 1.12.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.5)
+* Allow U2F with default settings for gitea in subpath (#12990) (#13001)
+* Prevent empty div when editing comment (#12404) (#12991)
+* On mirror update also update address in DB (#12964) (#12967)
+* Allow extended config on cron settings (#12939) (#12943)
+* Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
+* Fix internal server error from ListUserOrgs API (#12910) (#12915)
+* Update only the repository columns that need updating (#12900) (#12912)
+* Fix panic when adding long comment (#12892) (#12894)
+* Add size limit for content of comment on action ui (#12881) (#12890)
+* Convert User expose ID each time (#12855) (#12883)
+* Support slashes in release tags (#12864) (#12882)
+* Add missing information to CreateRepo API endpoint (#12848) (#12867)
+* On Migration respect old DefaultBranch (#12843) (#12858)
+* Fix notifications page links (#12838) (#12853)
+* Stop cloning unnecessarily on PR update (#12839) (#12852)
+* Escape more things that are passed through str2html (#12622) (#12850)
+* Remove double escape on labels addition in comments (#12809) (#12810)
+* Fix "only mail on mention" bug (#12775) (#12789)
+* Fix yet another bug with diff file names (#12771) (#12776)
+* RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
+* Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
+
+[1.18.5]
+* Update Gitea to 1.12.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.6)
+* Prevent git operations for inactive users (#13527) (#13537)
+* Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
+* API should only return Json (#13511) (#13564)
+* Fix before and since query arguments at API (#13559) (#13560)
+* Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
+* Fix link detection in repository description with tailing '_' (#13407) (#13408)
+* Remove obsolete change of email on profile page (#13341) (#13348)
+* Fix permission check on get Reactions API endpoints (#13344) (#13346)
+* Add migrated pulls to pull request task queue (#13331) (#13335)
+* API deny wrong pull creation options (#13308) (#13327)
+* Fix initial commit page & binary munching problem (#13249) (#13259)
+* Fix diff parsing (#13157) (#13136) (#13139)
+* Return error 404 not 500 from API if team does not exist (#13118) (#13119)
+* Prohibit automatic downgrades (#13108) (#13111)
+* Fix GitLab Migration Option AuthToken (#13101)
+* GitLab Label Color Normalizer (#12793) (#13100)
+* Log the underlying panic in runMigrateTask (#13096) (#13098)
+* Fix attachments list in edit comment (#13036) (#13097)
+* Fix deadlock when deleting team user (#13093)
+* Fix error create comment on outdated file (#13041) (#13042)
+* Fix repository create/delete event webhooks (#13008) (#13027)
+* Fix internal server error on README in submodule (#13006) (#13016)
+
+[1.19.0]
+* Update Gitea to 1.13.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.0)
+
+[1.19.1]
+* Update Gitea to 1.13.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.1)
+* Security: Hide private participation in Orgs (#13994) (#14031)
+* Security: Fix escaping issue in diff (#14153) (#14154)
+
+[1.19.2]
+* Update Gitea to 1.13.2
+* Prevent panic on fuzzer provided string (#14405) (#14409)
+* Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
+* If release publisher is deleted use ghost user (#14375)
+* Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
+* Set the name Mapper in migrations (#14526) (#14529)
+* Fix wiki preview (#14515)
+* Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
+* ChangeUserName: rename user files back on DB issue (#14447)
+* Fix lfs preview bug (#14428) (#14433)
+* Ensure timeout error is shown on u2f timeout (#14417) (#14431)
+* Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
+* Use path not filepath in routers/editor (#14390) (#14396)
+* Check if label template exist first (#14384) (#14389)
+* Fix migration v141 (#14387) (#14388)
+* Use Request.URL.RequestURI() for fcgi (#14347)
+* Use ServerError provided by Context (#14333) (#14345)
+* Fix edit-label form init (#14337)
+* Fix mailIssueCommentBatch for pull request (#14252) (#14296)
+* Render links for commit hashes followed by comma (#14224) (#14227)
+* Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
+* Fix avatar bugs (#14217) (#14220)
+* Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
+* Fix dashboard issues labels filter bug (#14210) (#14214)
+* When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
+* Fix branch selector on new issue page (#14194) (#14207)
+* Check for notExist on profile repository page (#14197) (#14203)
+
+[1.20.0]
+* Use base image v3
+
+[1.20.1]
+* Update Gitea to 1.13.3
+* Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
+* Fix paging of file commit logs (#14831) (#14879)
+* Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
+* Fix display since time round (#14226) (#14873)
+* When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
+* Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
+* Fix a couple of CommentAsPatch issues. (#14804) (#14820)
+* Disable broken OAuth2 providers at startup (#14802) (#14811)
+* Repo Transfer permission checks (#14792) (#14794)
+* Fix double alert in oauth2 application edit view (#14764) (#14768)
+* Fix broken spans in diffs (#14678) (#14683)
+* Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
+* HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
+* Do not assume all 40 char strings are SHA1s (#14624) (#14648)
+* Allow org labels to be set with issue templates (#14593) (#14647)
+* Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
+* Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
+* Fix GPG key deletion during account deletion (#14561) (#14569)
+
+[1.20.2]
+* Update Gitea to 1.13.4
+* Fix issue popups (#14898) (#14899)
+* Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
+* Fix a couple of issues with a feeds (#14897) (#14903)
+* When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
+* Fix race in local storage (#14888) (#14901)
+* Fix 500 on pull view page if user is not loged in (#14885) (#14886)
+
+[1.20.3]
+* Update Gitea to 1.13.5
+* Update to goldmark 1.3.3 (#15059) (#15061)
+* Another clusterfuzz spotted issue (#15032) (#15034)
+* Fix set milestone on PR creation (#14981) (#15001)
+* Prevent panic when editing forked repos by API (#14960) (#14963)
+* Fix bug when upload on web (#15042) (#15055)
+* Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
+* Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
+* Fix several render issues (#14986) (#15013)
+* Make sure sibling images get a link too (#14979) (#14995)
+* Fix Anchor jumping with escaped query components (#14969) (#14977)
+* Fix release mail html template (#14976)
+* Fix excluding more than two labels on issues list (#14962) (#14973)
+* Don't mark each comment poster as OP (#14971) (#14972)
+* Add "captcha" to list of reserved usernames (#14930)
+* Re-enable import local paths after reversion from #13610 (#14925) (#14927)
+
+[1.20.4]
+* Update Gitea to 1.13.6
+* Fix bug on avatar middleware (#15124) (#15125)
+* Fix another clusterfuzz identified issue (#15096) (#15114)
+* Fix nil exeption for get pull reviews API #15104 (#15106)
+* Fix markdown rendering in milestone content (#15056) (#15092)
+
+[1.20.5]
+* Update Gitea to 1.13.7
+* Update to bluemonday-1.0.6 (#15294) (#15298)
+* Clusterfuzz found another way (#15160) (#15169)
+* Fix wrong user returned in API (#15139) (#15150)
+* Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
+* Speed up enry.IsVendor (#15213) (#15246)
+* Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
+* Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
+* Add size to Save function (#15264) (#15271)
+
+[1.21.0]
+* Update Gitea to 1.14.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.0)
+
+[1.21.1]
+* Update Gitea to 1.14.1
+* Fix bug clone wiki (#15499) (#15502)
+* Github Migration ignore rate limit, if not enabled (#15490) (#15495)
+* Use subdir for URL (#15446) (#15493)
+* Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
+* Ensure review dismissal only dismisses the correct review (#15477) (#15489)
+* Use index of the supported tags to choose user lang (#15452) (#15488)
+* Fix wrong file link in code search page (#15466) (#15486)
+* Quick template fix for built-in SSH server in admin config (#15464) (#15481)
+* Prevent superfluous response.WriteHeader (#15456) (#15476)
+* Fix ambiguous argument error on tags (#15432) (#15474)
+* Add created_unix instead of expiry to migration (#15458) (#15463)
+* Fix repository search (#15428) (#15442)
+* Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
+* Fix wiki clone urls (#15430) (#15431)
+* Fix dingtalk icon url at webhook (#15417) (#15426)
+* Standardise icon on projects PR page (#15387) (#15408)
+* Add option to skip LFS/attachment files for dump (#15407) (#15492)
+* Clone panel fixes (#15436)
+* Use semantic dropdown for code search query type (#15276) (#15364)
+
+[1.21.2]
+* Update Gitea to 1.14.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.2)
+* Display conflict-free merge messages for pull requests (#15773) (#15796)
+* Exponential Backoff for ByteFIFO (#15724) (#15793)
+* Issue list alignment tweaks (#15483) (#15766)
+* Implement delete release attachments and update release attachments' name (#14130) (#15666)
+* Add placeholder text to deploy key textarea (#15575) (#15576)
+* Project board improvements (#15429) (#15560)
+* Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
+
+[1.21.3]
+* Update Gitea to 1.14.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.3)
+* Encrypt migration credentials at rest (#15895) (#16187)
+* Only check access tokens if they are likely to be tokens (#16164) (#16171)
+* Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
+* Fix setting of SameSite on cookies (#15989) (#15991)
+
+[1.21.4]
+* Update Gitea to 1.14.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.4)
+* Fix relative links in postprocessed images (#16334) (#16340)
+* Fix list_options GetStartEnd (#16303) (#16305)
+* Fix API to use author for commits instead of committer (#16276) (#16277)
+* Handle misencoding of login_source cfg in mssql (#16268) (#16275)
+* Fixed issues not updated by commits (#16254) (#16261)
+* Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
+* Use html.Parse rather than html.ParseFragment (#16223) (#16225)
+* Fix milestone counters on new issue (#16183) (#16224)
+* reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
+
+[1.21.5]
+* Update Gitea to 1.14.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.5)
+* Hide mirror passwords on repo settings page (#16022) (#16355)
+* Update bluemonday to v1.0.15 (#16379) (#16380)
+* Retry rename on lock induced failures (#16435) (#16439)
+* Validate issue index before querying DB (#16406) (#16410)
+* Fix crash following ldap authentication update (#16447) (#16449)
+* Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
+
+[1.21.6]
+* Update Gitea to 1.14.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.6)
+* SECURITY
+  * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
+  * Switch to maintained JWT lib (#16532) (#16535)
+  * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
+
+[1.22.0]
+* Update Gitea to 1.15.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.0)
+
+[1.22.1]
+* Update Gitea to 1.15.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.1)
+
+[1.22.2]
+* Update Gitea to 1.15.2
+* Add unique constraint back into issue_index (#16938)
+* Close storage objects before cleaning (#16934) (#16942)
+
+[1.22.3]
+* Update Gitea to 1.15.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.3)
+* Add fluid to ui container class to remove margin (#16396) (#16976)
+* Add caller to cat-file batch calls (#17082) (#17089)
+* Many bug fixes
+
+[1.22.4]
+* Update Gitea to 1.15.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.4)
+* Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
+* Don't allow merged PRs to be reopened (#17192) (#17271)
+* Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
+* Fix unwanted team review request deletion (#17257) (#17264)
+* Fix broken Activities link in team dashboard (#17255) (#17258)
+* API pull's head/base have correct permission(#17214) (#17245)
+* Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
+* Upgrade xorm to v1.2.5 (#17177) (#17188)
+* Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
+* Fix bug of get context user (#17169) (#17172)
+* Nicely handle missing user in collaborations (#17049) (#17166)
+* Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
+* Fix wrong i18n keys (#17150) (#17153)
+* Fix Archive Creation: correct transaction ending (#17151)
+* Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
+* Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
+
+[1.22.5]
+* Update Gitea to 1.15.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.5)
+* Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
+* Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
+* Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
+* Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
+* Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
+* Ensure popup text is aligned left (backport for 1.15) (#17343)
+* Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
+* Disable core.protectNTFS (#17300) (#17302)
+* Use pointer for wrappedConn methods (#17295) (#17296)
+* AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
+* Handle duplicate keys on GPG key ring (#17242) (#17284)
+* Fix SVG side by side comparison link (#17375) (#17391)
+
+[1.22.6]
+* Update Gitea to 1.15.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.6)
+* Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
+* Fix CSV render error (#17406) (#17431)
+* Read expected buffer size (#17409) (#17430)
+* Ensure that restricted users can access repos for which they are members (#17460) (#17464)
+* Make commit-statuses popup show correctly (#17447) (#17466)
+
+[1.23.0]
+* Update Gitea to 1.15.7
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.7)
+* Enable rendering of jupyter notebooks, rst, asciidoc by default
+* Only allow webhook to send requests to allowed hosts (#17482) (#17510)
+* Fix login redirection links (#17451) (#17473)
+
+[1.23.1]
+* Update Gitea to 1.15.8
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.8)
+* Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
+* Fix delete u2f keys bug (#18040) (#18042)
+* Reset Session ID on login (#18018) (#18041)
+* Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
+* Stop printing 03d after escaped characters in logs (#18030) (#18034)
+
+[1.23.2]
+* Update Gitea to 1.15.9
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.9)
+* Fix wrong redirect on org labels (#18128) (#18134)
+* Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
+* Revert "Fix delete u2f keys bug (#18042)" (#18107)
+* Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
+* Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
+* Reset locale on login (#17734) (#18100)
+* Correctly handle failed migrations (#17575) (#18099)
+* Instead of using routerCtx just escape the url before routing (#18086) (#18098)
+* Quote references to the user table in consistency checks (#18072) (#18073)
+* Add NotFound handler (#18062) (#18067)
+* Ensure that git repository is closed before transfer (#18049) (#18057)
+* Use common sessioner for API and web routes (#18114)
+
+[1.23.3]
+* Update Gitea to 1.15.10
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.10)
+* Fix inconsistent PR comment counts (#18260) (#18261)
+* Fix release link broken (#18252) (#18253)
+* Fix update user from site administration page bug (#18250) (#18251)
+* Set HeadCommit when creating tags (#18116) (#18173)
+* Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
+* Fix purple color in suggested label colors (#18241) (#18242)
+* Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
+
+[1.23.4]
+* Update Gitea to 1.16.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.0)
+
+[1.23.5]
+* Update Gitea to 1.16.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.1)
+* Update JS dependencies, fix lint (#18389) (#18540)
+* Add dropdown icon to label set template dropdown (#18564) (#18571)
+* Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
+* Stop logging an error when notes are not found (#18626) (#18635)
+* Ensure that blob-excerpt links work for wiki (#18587) (#18624)
+* Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)

CloudronManifest.json

@@ -4,9 +4,10 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "0.1.2",
-  "healthCheckPath": "/healthcheck",
+  "version": "1.23.5",
+  "healthCheckPath": "/explore",
   "httpPort": 3000,
+  "memoryLimit": 536870912,
   "addons": {
     "mysql": { },
     "sendmail": { },
@@ -20,18 +21,22 @@
       "defaultValue": 29418
     }
   },
-  "manifestVersion": 1,
+  "manifestVersion": 2,
   "website": "https://gitea.io",
   "contactEmail": "apps@cloudron.io",
   "icon": "file://logo.png",
+  "optionalSso": true,
   "mediaLinks": [
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/1.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/2.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/3.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/4.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/5.png"
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/1.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/2.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/3.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/4.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/5.png"
   ],
-  "tags": [ "version control", "git", "code hosting", "development" ],
+  "tags": [ "version control", "git", "code hosting", "development", "github", "bitbucket", "gitlab" ],
   "changelog": "file://CHANGELOG",
-  "postInstallMessage": "file://POSTINSTALL.md"
+  "postInstallMessage": "file://POSTINSTALL.md",
+  "minBoxVersion": "5.3.0",
+  "forumUrl": "https://forum.cloudron.io/category/19/gitea",
+  "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
 }

DESCRIPTION.md

@@ -1,6 +1,6 @@
-Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab. The initial development have been done on Gogs but we have forked it and named it Gitea. If you want to read more about the reasons why we have done that please read [this](https://blog.gitea.io/2016/12/welcome-to-gitea/) blog post.
+This app packages Gitea <upstream>1.16.1</upstream>
 
-This app packages Gitea <upstream>1.1.1</upstream>
+Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 
 ### Purpose
 

Dockerfile

@@ -1,11 +1,10 @@
-FROM cloudron/base:0.10.0
-
-ENV VERSION 1.1.1
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
 
 RUN apt-get update && \
-    apt-get install -y openssh-server && \
+    apt-get install -y openssh-server git asciidoctor pandoc && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
+RUN pip3 install jupyter
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
@@ -15,7 +14,10 @@ RUN adduser --disabled-login --gecos 'Gitea' git
 RUN passwd -d git
 
 RUN mkdir -p /home/git/gitea
-## TODO: use redis as well
+WORKDIR /home/git
+
+ARG VERSION=1.16.1
+
 RUN curl -L https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 
@@ -31,9 +33,7 @@ RUN ln -s /app/data/gitconfig /home/git/.gitconfig
 
 ADD start.sh /home/git/start.sh
 
-# disable pam authentication for sshd
-RUN sed -e 's/UsePAM yes/UsePAM no/' -e 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config
-RUN echo "UseDNS no" >> /etc/ssh/sshd_config
+COPY sshd_config /etc/ssh/sshd_config
 
 CMD [ "/home/git/start.sh" ]
 

POSTINSTALL.md

@@ -1,12 +1,8 @@
-This app integrates with the Cloudron SSO. Admins on Cloudron automatically
-become admins on Gitea.
+This app is pre-setup with an admin account (use the `Local` authentication source for logging in as admin).
+The initial credentials are:
 
-If you want to disable Cloudron SSO, do the following:
+**Username**: root<br/>
+**Password**: changeme<br/>
 
-* Admin Panel -> Authentication -> 'cloudron' -> Uncheck 'This authentication is activated'
-* Admin Panel -> Users -> Change Authentication Source to 'Local' and also give a password
-
-You can create a `/app/data/app.ini` with any custom configuration. See the 
-[configuration cheat sheet](https://docs.gitea.io/en-us/config-cheat-sheet)
-for more information.
+Please change the admin password immediately.
 

app.ini.template

@@ -2,7 +2,9 @@ APP_NAME = Gitea
 RUN_USER = git
 RUN_MODE = prod
 
+
 [database]
+; those settings are protected and can't be modified
 DB_TYPE = mysql
 HOST = ##MYSQL_HOST:##MYSQL_PORT
 NAME = ##MYSQL_DATABASE
@@ -11,7 +13,9 @@ PASSWD = ##MYSQL_PASSWORD
 SSL_MODE = disable
 PATH =
 
+
 [server]
+; those settings are protected and can't be modified
 PROTOCOL = http
 DOMAIN = ##DOMAIN
 ROOT_URL = https://%(DOMAIN)s/
@@ -20,55 +24,103 @@ HTTP_PORT = 3000
 DISABLE_SSH = ##DISABLE_SSH
 SSH_PORT = ##SSH_PORT
 APP_DATA_PATH = /app/data/appdata
+
 ; Landing page for non-logged users, can be "home" or "explore"
 LANDING_PAGE = explore
 
+
 [repository]
+; this setting is protected and can't be modified
 ROOT = /app/data/repository
+
 SCRIPT_TYPE = bash
 
+
 [repository.upload]
 ENABLED = true
+
+; this setting is protected and can't be modified
 TEMP_PATH = /run/gitea/tmp/uploads
 
+
 [release.attachment]
 ENABLED = true
 ; APP_DATA_PATH/attachments
 PATH =
 
+
 [mailer]
 ENABLED = true
+
+; those settings are protected and can't be modified
 HOST = ##MAIL_SERVER:##MAIL_PORT
 USER = ##MAIL_SMTP_USERNAME
 PASSWD = ##MAIL_SMTP_PASSWORD
 FROM = ##MAIL_FROM
 SKIP_VERIFY = true
 
+
 [security]
+; those settings are protected and can't be modified
 INSTALL_LOCK = true
 SECRET_KEY = ##SECRET_KEY
 
+
 [service]
 DISABLE_REGISTRATION = false
 SHOW_REGISTRATION_BUTTON = false
 ENABLE_NOTIFY_MAIL = true
 
+
 [log]
-; Either "console", "file", "conn", "smtp" or "database", default is "console"
+; those settings are protected and can't be modified
 MODE = console
 ; used for xorm.log
 ROOT_PATH = /run/gitea
 
+
 [picture]
 ; APP_DATA_PATH/avatars
 AVATAR_UPLOAD_PATH =
 GRAVATAR_SOURCE = gravatar
 DISABLE_GRAVATAR = false
 
+
 [attachment]
 ENABLE = true
 ; APP_DATA_PATH/attachments
 PATH =
 
+
 [indexer]
+; this setting is protected and can't be modified
 ISSUE_INDEXER_PATH = /app/data/appdata/indexers/issues.bleve
+
+[session]
+PROVIDER = file
+PROVIDER_CONFIG = /run/gitea/sessions
+COOKIE_SECURE = true
+COOKIE_NAME = cloudron_gitea
+GC_INTERVAL_TIME = 2592000
+
+[markup.asciidoc]
+ENABLED = true
+FILE_EXTENSIONS = .adoc,.asciidoc
+RENDER_COMMAND = "asciidoctor -s -a showtitle --out-file=- -"
+; Input is not a standard input but a file
+IS_INPUT_FILE = false
+
+[markup.restructuredtext]
+ENABLED = true
+FILE_EXTENSIONS = .rst
+RENDER_COMMAND = "timeout 30s pandoc +RTS -M512M -RTS -f rst"
+IS_INPUT_FILE = false
+
+[markup.jupyter]
+ENABLED = true
+FILE_EXTENSIONS = .ipynb
+RENDER_COMMAND = "jupyter nbconvert --stdin --stdout --to html --template basic"
+IS_INPUT_FILE = false
+
+[markup.sanitizer.jupyter.img]
+ALLOW_DATA_URI_IMAGES = true

sshd_config

@@ -0,0 +1,79 @@
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 29418
+# Use these options to restrict which interfaces/protocols sshd will bind to
+ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /app/data/sshd/ssh_host_rsa_key
+HostKey /app/data/sshd/ssh_host_dsa_key
+HostKey /app/data/sshd/ssh_host_ecdsa_key
+HostKey /app/data/sshd/ssh_host_ed25519_key
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin prohibit-password
+StrictModes yes
+
+PubkeyAuthentication yes
+#AuthorizedKeysFile	%h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+#PasswordAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM no
+UseDNS no

start.sh

@@ -2,32 +2,63 @@
 
 set -eu -o pipefail
 
-mkdir -p /run/gitea/tmp/uploads
+mkdir -p /run/gitea/tmp/uploads /run/sshd /run/gitea/sessions
 
 setup_ldap_source() {
     set -eu
 
-    # Wait for gitea to finish db setup, before we insert ldap source in db
-    while ! curl --fail http://localhost:3000/healthcheck; do
-        echo "Waiting for gitea to come up"
-        sleep 1
-    done
+    echo "==> Setup LDAP source"
+
+    # Get the existing LDAP source status. This allows the user to disable LDAP
+    # Note that this method is deprecated since this app now supports optionalSso
+    ldap_status=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "select is_active from login_source WHERE name='cloudron';")
+    [[ -z "${ldap_status}" ]] && ldap_status="1"
 
     now=$(date +%s)
 
-    # Get the existing LDAP source status. This allows the user to disable LDAP
-    ldap_status=$(mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" -N -B -e "select is_actived from login_source WHERE name='cloudron';")
-    [[ -z "${ldap_status}" ]] && ldap_status="1"
-
-    if mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" \
-        -e "REPLACE INTO login_source (id, type, name, is_actived, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${LDAP_SERVER}\",\"Port\":${LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${LDAP_BIND_DN}\",\"BindPassword\":\"${LDAP_BIND_PASSWORD}\",\"UserBase\":\"${LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\",\"AdminFilter\":\"(memberof=cn=admins,${LDAP_GROUPS_BASE_DN})\"}','${now}','${now}');"; then
-        echo "LDAP Authentication was setup with status ${ldap_status}"
+    if mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" \
+        -e "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${CLOUDRON_LDAP_SERVER}\",\"Port\":${CLOUDRON_LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${CLOUDRON_LDAP_BIND_DN}\",\"BindPassword\":\"${CLOUDRON_LDAP_BIND_PASSWORD}\",\"UserBase\":\"${CLOUDRON_LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\"}','${now}','${now}');"; then
+        echo "==> LDAP Authentication was setup with activation status ${ldap_status}"
     else
-        echo "Failed to setup LDAP authentication"
+        echo "==> Failed to setup LDAP authentication"
         exit 1
     fi
 }
 
+setup_root_user() {
+    set -eu
+
+    if sudo -H -u git /home/git/gitea/gitea admin user create --username root --password changeme --email test@cloudron.io --admin -c /run/gitea/app.ini; then
+        echo "==> root user added"
+    else
+        echo "==> Failed to add root user"
+        exit 1
+    fi
+}
+
+setup_auth() {
+    set -eu
+
+    # Wait for gitea to finish db setup, before we do any db operations
+    while ! curl --fail http://localhost:3000/explore; do
+        echo "==> Waiting for gitea to come up"
+        sleep 1
+    done
+
+    echo "==> Gitea is up, setting up auth"
+
+    if [[ -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
+        setup_ldap_source
+    fi
+
+    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user;")
+    # be careful, not to create root user for existing LDAP based installs
+    if [[ "${user_count}" == "0" ]]; then
+        echo "==> Setting up root user for first run"
+        setup_root_user
+    fi
+}
+
 # SSH_PORT can be unset to disable SSH
 disable_ssh="false"
 if [[ -z "${SSH_PORT:-}" ]]; then
@@ -50,35 +81,52 @@ fi
 chmod 0600 /app/data/sshd/*_key
 chmod 0644 /app/data/sshd/*.pub
 
-sed -e "s/^Port .*/Port ${SSH_PORT}/" \
-    -e "s/^#ListenAddress .*/ListenAddress 0.0.0.0/" \
-    -e "s,^HostKey /etc/ssh/,HostKey /app/data/sshd/," \
-    /etc/ssh/sshd_config > /run/gitea/sshd_config
+sed -e "s/^Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config > /run/gitea/sshd_config
 
-sed -e "s/##DOMAIN/${APP_DOMAIN}/g" \
-    -e "s/##SSH_PORT/${SSH_PORT}/g" \
-    -e "s/##DISABLE_SSH/${disable_ssh}/g" \
-    -e "s/##MYSQL_HOST/${MYSQL_HOST}/g" \
-    -e "s/##MYSQL_PORT/${MYSQL_PORT}/g" \
-    -e "s/##MYSQL_USERNAME/${MYSQL_USERNAME}/g" \
-    -e "s/##MYSQL_PASSWORD/${MYSQL_PASSWORD}/g" \
-    -e "s/##MYSQL_DATABASE/${MYSQL_DATABASE}/g" \
-    -e "s/##MAIL_SERVER/${MAIL_SMTP_SERVER}/g" \
-    -e "s/##MAIL_PORT/${MAIL_SMTP_PORT}/g" \
-    -e "s/##MAIL_FROM/${MAIL_FROM}/g" \
-    -e "s/##MAIL_SMTP_USERNAME/${MAIL_SMTP_USERNAME}/g" \
-    -e "s/##MAIL_SMTP_PASSWORD/${MAIL_SMTP_PASSWORD}/g" \
-    -e "s/##SECRET_KEY/$(pwgen -1 -s)/g" \
-    /home/git/app.ini.template > "/run/gitea/app.ini"
+if [[ ! -f /app/data/app.ini ]]; then
+    echo -e "; Add customizations here - https://docs.gitea.io/en-us/config-cheat-sheet/" > /app/data/app.ini
 
-# merge any user config file
-[[ -f /app/data/app.ini ]] && cat "/app/data/app.ini" >> "/run/gitea/app.ini"
+    echo "==> Generating new SECRET_KEY"
+    crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
+fi
 
-mkdir -p /app/data/repository /app/data/ssh
+# merge user config file
+cp /home/git/app.ini.template "/run/gitea/app.ini"
+crudini --merge "/run/gitea/app.ini" < "/app/data/app.ini"
 
+# override important values
+crudini --set "/run/gitea/app.ini" database DB_TYPE mysql
+crudini --set "/run/gitea/app.ini" database HOST "${CLOUDRON_MYSQL_HOST}:${CLOUDRON_MYSQL_PORT}"
+crudini --set "/run/gitea/app.ini" database NAME "${CLOUDRON_MYSQL_DATABASE}"
+crudini --set "/run/gitea/app.ini" database USER "${CLOUDRON_MYSQL_USERNAME}"
+crudini --set "/run/gitea/app.ini" database PASSWD "${CLOUDRON_MYSQL_PASSWORD}"
+crudini --set "/run/gitea/app.ini" database SSL_MODE "disable"
+crudini --set "/run/gitea/app.ini" server PROTOCOL "http"
+crudini --set "/run/gitea/app.ini" server DOMAIN "${CLOUDRON_APP_DOMAIN}"
+crudini --set "/run/gitea/app.ini" server ROOT_URL "https://%(DOMAIN)s/"
+crudini --set "/run/gitea/app.ini" server HTTP_ADDR ""
+crudini --set "/run/gitea/app.ini" server HTTP_PORT "3000"
+crudini --set "/run/gitea/app.ini" server DISABLE_SSH "${disable_ssh}"
+crudini --set "/run/gitea/app.ini" server SSH_PORT "${SSH_PORT}"
+crudini --set "/run/gitea/app.ini" server APP_DATA_PATH "/app/data/appdata"
+crudini --set "/run/gitea/app.ini" repository ROOT "/app/data/repository"
+crudini --set "/run/gitea/app.ini" repository.upload TEMP_PATH "/run/gitea/tmp/uploads"
+crudini --set "/run/gitea/app.ini" mailer HOST "${CLOUDRON_MAIL_SMTP_SERVER}:${CLOUDRON_MAIL_SMTPS_PORT}"
+crudini --set "/run/gitea/app.ini" mailer USER "${CLOUDRON_MAIL_SMTP_USERNAME}"
+crudini --set "/run/gitea/app.ini" mailer PASSWD "${CLOUDRON_MAIL_SMTP_PASSWORD}"
+crudini --set "/run/gitea/app.ini" mailer FROM "${CLOUDRON_MAIL_FROM}"
+crudini --set "/run/gitea/app.ini" mailer SKIP_VERIFY "true"
+crudini --set "/run/gitea/app.ini" security INSTALL_LOCK "true"
+crudini --set "/run/gitea/app.ini" log MODE "console"
+crudini --set "/run/gitea/app.ini" log ROOT_PATH "/run/gitea"
+crudini --set "/run/gitea/app.ini" indexer ISSUE_INDEXER_PATH "/app/data/appdata/indexers/issues.bleve"
+
+echo "==> Creating dirs and changing permissions"
+mkdir -p /app/data/repository /app/data/ssh /app/data/custom
 chown -R git:git /app/data /run/gitea
 
-( setup_ldap_source ) &
+# this expects app.ini to be available
+( setup_auth ) &
 
 exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gitea
 

supervisor/gitea.conf

@@ -9,4 +9,4 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-environment=HOME="/home/git",USER="git"
+environment=HOME="/home/git",USER="git",GITEA_CUSTOM="/app/data/custom"

test/package.json

@@ -8,17 +8,12 @@
   },
   "author": "",
   "license": "ISC",
-  "devDependencies": {
-    "ejs": "^2.3.4",
-    "expect.js": "^0.3.1",
-    "mkdirp": "^0.5.1",
-    "mocha": "^2.3.4",
-    "rimraf": "^2.4.4",
-    "superagent": "^1.4.0"
-  },
   "dependencies": {
-    "selenium-server-standalone-jar": "^3.3.1",
-    "selenium-webdriver": "^3.3.0",
-    "superagent": "^1.8.5"
+    "chromedriver": "^97.0.4",
+    "expect.js": "^0.3.1",
+    "mocha": "^9.2.0",
+    "rimraf": "^3.0.2",
+    "selenium-webdriver": "^4.1.1",
+    "superagent": "^7.1.1"
   }
 }

test/test.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 
-/* jslint node:true */
+/* jshint esversion: 8 */
 /* global it:false */
 /* global xit:false */
 /* global describe:false */
@@ -9,214 +9,200 @@
 
 'use strict';
 
+require('chromedriver');
+
 var execSync = require('child_process').execSync,
-    ejs = require('ejs'),
     expect = require('expect.js'),
     fs = require('fs'),
-    mkdirp = require('mkdirp'),
     path = require('path'),
     rimraf = require('rimraf'),
     superagent = require('superagent'),
-    webdriver = require('selenium-webdriver');
+    { Builder, By, until } = require('selenium-webdriver'),
+    { Options } = require('selenium-webdriver/chrome');
 
-var by = require('selenium-webdriver').By,
-    until = require('selenium-webdriver').until,
-    Builder = require('selenium-webdriver').Builder;
-
-process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
+if (!process.env.USERNAME || !process.env.PASSWORD || !process.env.EMAIL) {
+    console.log('USERNAME, PASSWORD and EMAIL env vars need to be set');
+    process.exit(1);
+}
 
 describe('Application life cycle test', function () {
     this.timeout(0);
-    var server, browser = new Builder().forBrowser('chrome').build();
+
+    var TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
+    var EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
     var LOCATION = 'test';
+    var SSH_PORT = 29420;
+
+    var app;
+    var browser;
+
     var repodir = '/tmp/testrepo';
-    var app, reponame = 'testrepo';
+    var reponame = 'testrepo';
+
     var username = process.env.USERNAME;
     var password = process.env.PASSWORD;
-    var TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
-    var email, token;
+    var email = process.env.EMAIL;
 
-    before(function (done) {
-        if (!process.env.USERNAME) return done(new Error('USERNAME env var not set'));
-        if (!process.env.PASSWORD) return done(new Error('PASSWORD env var not set'));
-
-        var seleniumJar= require('selenium-server-standalone-jar');
-        var SeleniumServer = require('selenium-webdriver/remote').SeleniumServer;
-        server = new SeleniumServer(seleniumJar.path, { port: 4444 });
-        server.start();
-
-        done();
+    before(function () {
+        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
     });
 
-    after(function (done) {
+    after(function () {
         browser.quit();
-        server.stop();
         rimraf.sync(repodir);
-        done();
     });
 
-    function waitForUrl(url, done) {
-        browser.wait(function () {
-            return browser.getCurrentUrl().then(function (currentUrl) {
-                return currentUrl === url;
-            });
-        }, TIMEOUT).then(function () { done(); });
+    function getAppInfo() {
+        var inspect = JSON.parse(execSync('cloudron inspect'));
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
+        expect(app).to.be.an('object');
     }
 
-    function setAvatar(done) {
-        browser.get('https://' + app.fqdn + '/user/settings/avatar').then(function () {
-            return browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Update Avatar Setting")]')).click();
-        }).then(function () {
-            browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"updated successfully")]')), TIMEOUT).then(function () { done(); });
-        });
+    function sleep(millis) {
+        return new Promise(resolve => setTimeout(resolve, millis));
     }
 
-    function checkAvatar(done) {
-        superagent.get('https://' + app.fqdn + '/avatars/a3e6f3316fc1738e29d621e6a26e93d3').end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.statusCode).to.be(200);
-            done();
-        });
+    async function setAvatar() {
+        await browser.get('https://' + app.fqdn + '/user/settings');
+
+        var button = await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
+        await browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
+        await browser.findElement(By.xpath('//button[contains(text(), "Update Avatar")]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
     }
 
-    function editFile(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame + '/_edit/master/newfile').then(function () {
-            var cm = browser.findElement(by.xpath('//div[contains(@class,"CodeMirror")]'));
-            var text = 'yo';
-            return browser.executeScript('arguments[0].CodeMirror.setValue("' + text + '");', cm);
-        }).then(function () {
-            return browser.findElement(by.xpath('//input[@name="commit_summary"]')).sendKeys('Dummy edit');
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Commit Changes")]')).click();
-        }).then(function () {
-            waitForUrl('https://' + app.fqdn + '/' + username + '/' + reponame + '/src/master/newfile', done);
-        });
+    async function checkAvatar() {
+        await browser.get(`https://${app.fqdn}/${username}`);
+
+        var avatarSrc = await browser.findElement(By.xpath('//a[@id="profile-avatar"]/img')).getAttribute('src');
+
+        var avatar = await superagent.get(avatarSrc);
+        expect(avatar.statusCode).to.equal(200);
     }
 
-    function login(done) {
-        browser.get('https://' + app.fqdn + '/user/login').then(function () {
-            return browser.findElement(by.id('user_name')).sendKeys(username);
-        }).then(function () {
-            return browser.findElement(by.id('password')).sendKeys(password);
-        }).then(function () {
-            return browser.findElement(by.tagName('form')).submit();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function login(username, password) {
+        await browser.get('https://' + app.fqdn + '/user/login');
+
+        await browser.findElement(By.id('user_name')).sendKeys(username);
+        await browser.findElement(By.id('password')).sendKeys(password);
+        await browser.findElement(By.xpath('//form[@action="/user/login"]//button')).click();
+        await browser.wait(until.elementLocated(By.xpath('//img[contains(@class, "avatar")]')), TIMEOUT);
     }
 
-    function addPublicKey(done) {
+    async function adminLogin() {
+        await login('root', 'changeme');
+    }
+
+    async function logout() {
+        await browser.get('https://' + app.fqdn);
+
+        await browser.findElement(By.xpath('//img[contains(@class, "avatar")]')).click();
+        await sleep(2000);
+        await browser.findElement(By.xpath('//a[@data-url="/user/logout"]')).click();
+        await sleep(2000);
+    }
+
+    async function addPublicKey() {
         var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
 
-        browser.get('https://' + app.fqdn + '/user/settings/ssh').then(function () {
-            return browser.findElement(by.xpath('//div[text()="Add Key"]')).click();
-        }).then(function () {
-            return browser.findElement(by.id('ssh-key-title')).sendKeys('testkey');
-        }).then(function () {
-            return browser.findElement(by.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Add Key")]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "added successfully!")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+        const sshPage = 'https://' + app.fqdn + '/user/settings/keys';
+
+        await browser.get(sshPage);
+
+        await browser.wait(until.elementLocated(By.id('add-ssh-button')), TIMEOUT);
+        await browser.findElement(By.id('add-ssh-button')).click();
+        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
+        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//button[contains(text(), "Add Key")]')).click();
+
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
     }
 
-    function createRepo(done) {
-        browser.get('https://' + app.fqdn).then(function () {
-            return browser.findElement(by.linkText('New Repository')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//*[contains(text(), "New Repository")]')), TIMEOUT);
-        }).then(function () {
-            return browser.findElement(by.id('repo_name')).sendKeys(reponame);
-        }).then(function () {
-            return browser.findElement(by.id('auto-init')).click();
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]')).click();
-        }).then(function () {
-            browser.wait(function () {
-                return browser.getCurrentUrl().then(function (url) {
-                    return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
-                });
-            }, TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function addPublicKeyOld() {
+        var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
+
+        const sshPage = 'https://' + app.fqdn + '/user/settings/keys';
+
+        await browser.get(sshPage);
+
+        await browser.wait(until.elementLocated(By.xpath('//div[@data-panel="#add-ssh-key-panel"]')), TIMEOUT);
+        await browser.findElement(By.xpath('//div[@data-panel="#add-ssh-key-panel"]')).click();
+        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
+        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//button[contains(text(), "Add Key")]')).click();
+
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
     }
 
-    function checkCloneUrl(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame).then(function () {
-            return browser.findElement(by.id('repo-clone-ssh')).click();
-        }).then(function () {
-            return browser.findElement(by.id('repo-clone-url')).getAttribute('value');
-        }).then(function (cloneUrl) {
-            expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
-            done();
-        });
+    async function createRepo() {
+        var getRepoPage = await browser.get('https://' + app.fqdn + '/repo/create');
+
+        await browser.findElement(By.id('repo_name')).sendKeys(reponame);
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.id('auto-init')).click();
+        await browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]')).click();
+
+        await browser.wait(function () {
+            return browser.getCurrentUrl().then(function (url) {
+                return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
+            });
+        }, TIMEOUT);
     }
 
-    function checkGitClone(done) {
+    async function checkCloneUrl() {
+        await browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
+        await browser.findElement(By.id('repo-clone-ssh')).click();
+
+        var cloneUrl = await browser.findElement(By.id('repo-clone-url')).getAttribute('value');
+        expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
+    }
+
+    function cloneRepo() {
         rimraf.sync(repodir);
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
-        done();
+        execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
     }
 
-    xit('build app', function () {
-        execSync('cloudron build', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    function pushFile() {
+        var env = Object.create(process.env);
+        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
+        execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} master`,
+                 { env: env, cwd: repodir });
+        rimraf.sync('/tmp/testrepo');
+    }
 
-    it('can login', function (done) {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
+    function fileExists() {
+        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
+    }
 
-        superagent.post('https://' + inspect.apiEndpoint + '/api/v1/developer/login').send({
-            username: username,
-            password: password
-        }).end(function (error, result) {
-            if (error) return done(error);
-            if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
+    async function sendMail() {
+        await browser.get(`https://${app.fqdn}/admin/config`);
 
-            token = result.body.token;
+        var button = await browser.findElement(By.xpath('//button[@id="test-mail-btn"]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
+        await browser.findElement(By.xpath('//button[@id="test-mail-btn"]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
+    }
 
-            superagent.get('https://' + inspect.apiEndpoint + '/api/v1/profile')
-                .query({ access_token: token }).end(function (error, result) {
-                if (error) return done(error);
-                if (result.statusCode !== 200) return done(new Error('Get profile failed with status ' + result.statusCode));
+    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
+    it('install app', function () { execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
-                email = result.body.email;
-                done();
-            });
-        });
-    });
+    it('can get app information', getAppInfo);
 
-    it('install app', function () {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('can admin login', adminLogin);
+    it('can send mail', sendMail);
+    it('can logout', logout);
 
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
-
-    it('can get the main page', function (done) {
-        superagent.get('https://' + app.fqdn).end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.status).to.eql(200);
-
-            done();
-        });
-    });
-
-    it('can login', login);
+    it('can login', login.bind(null, username, password));
     it('can set avatar', setAvatar);
     it('can get avatar', checkAvatar);
 
@@ -226,70 +212,96 @@ describe('Application life cycle test', function () {
 
     it('displays correct clone url', checkCloneUrl);
 
-    it('can clone the url', checkGitClone);
+    it('can clone the url', cloneRepo);
 
-    it('can add and push a file', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('touch newfile && git add newfile && git commit -a -mx && git push ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + ' master',
-                 { env: env, cwd: repodir });
-        rimraf.sync('/tmp/testrepo');
-        done();
-    });
+    it('can add and push a file', pushFile);
 
-    it('can edit file', editFile);
+    it('can restart app', function () { execSync('cloudron restart  --app ' + app.id); });
 
-    it('can restart app', function (done) {
-        execSync('cloudron restart --wait');
-        done();
-    });
+    xit('can login', login.bind(null, username, password)); // no need to relogin since session persists
+    it('displays correct clone url', checkCloneUrl);
+    it('can clone the url', cloneRepo);
+    it('file exists in repo', fileExists);
 
-    it('can clone the url', checkCloneUrl);
-    it('can clone the url', checkGitClone);
-    it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
-
-    it('backup app', function () {
-        execSync('cloudron backup create --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-
-    it('restore app', function () {
-        execSync('cloudron restore --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
+    it('restore app', function () { execSync('cloudron restore --app ' + app.id, EXEC_ARGS); });
 
+    it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
-    it('can clone the url', checkGitClone);
+    it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('move to different location', function () {
-        browser.manage().deleteAllCookies();
-        execSync('cloudron configure --location ' + LOCATION + '2', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-        expect(app).to.be.an('object');
-    });
+    it('move to different location', async function () {
+        //browser.manage().deleteAllCookies(); // commented because of error "'Network.deleteCookie' wasn't found"
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
 
-    it('can login', login);
+        execSync('cloudron configure --location ' + LOCATION + '2 --app ' + app.id, EXEC_ARGS);
+    });
+    it('can get app information', getAppInfo);
+
+    it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
     it('displays correct clone url', checkCloneUrl);
-    it('can clone the url', checkGitClone);
+    it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 
     // check if the _first_ login via email succeeds
-    it('can login via email', function (done) {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
+    it('can login via email', async function () { execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        expect(app).to.be.an('object');
+    it('can get app information', getAppInfo);
+    it('can login', login.bind(null, email, password));
 
-        login(function (error) {
-            if (error) return done(error);
-            execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-            done();
-        });
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+    });
+
+    // No SSO
+    it('install app (no sso)', function () { execSync(`cloudron install --no-sso --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+    it('can admin login (no sso)', adminLogin);
+    it('can logout', logout);
+
+    it('uninstall app (no sso)', async function () {
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+    });
+
+    // test update
+    it('can install app', function () { execSync(`cloudron install --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+    it('can login', login.bind(null, username, password));
+    it('can set avatar', setAvatar);
+    it('can get avatar', checkAvatar);
+    it('can add public key', addPublicKeyOld);
+    it('can create repo', createRepo);
+    it('can clone the url', cloneRepo);
+    it('can add and push a file', pushFile);
+
+    it('can update', function () { execSync('cloudron update --app ' + app.id, EXEC_ARGS); });
+
+    xit('can admin login', adminLogin);
+    xit('can send mail', sendMail);
+    xit('can logout', logout);
+
+    it('can login', login.bind(null, username, password));
+    it('can get avatar', checkAvatar);
+    it('can clone the url', cloneRepo);
+    it('file exists in cloned repo', fileExists);
+
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 });