Bump version for 1.13.7

CHANGELOG

@@ -501,3 +501,204 @@
 * Update Gitea to 1.12.1
 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.0)
 
+[1.18.0]
+* Add forumUrl and update tags and screenshots
+
+[1.18.1]
+* Update Gitea to 1.12.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.2)
+
+[1.18.2]
+* Update Gitea to 1.12.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.3)
+* Don't change creation date when updating Release (#12343) (#12351)
+* Show 404 page when release not found (#12328) (#12332)
+* Fix emoji detection in certain cases (#12320) (#12327)
+* Reduce emoji size (#12317) (#12327)
+* Fix double-indirection bug in logging IDs (#12294) (#12308)
+* Link to pull list page on sidebar when view pr (#12256) (#12263)
+* Extend Notifications API and return pinned notifications by default (#12164) (#12232)
+
+[1.18.3]
+* Update Gitea to 1.12.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.4)
+* Escape provider name in oauth2 provider redirect (#12648) (#12650)
+* Escape Email on password reset page (#12610) (#12612)
+* When reading expired sessions - expire them (#12686) (#12690)
+* StaticRootPath configurable at compile time (#12371) (#12652)
+* Fix to show an issue that is related to a deleted issue (#12651) (#12692)
+* Expire time acknowledged for cache (#12605) (#12611)
+* Fix diff path unquoting (#12554) (#12575)
+* Improve HTML escaping helper (#12562)
+* models: break out of loop (#12386) (#12561)
+* Default empty merger list to those with write permissions (#12535) (#12560)
+* Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
+* Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
+* Remove hardcoded ES indexername (#12521) (#12526)
+* Fix bug preventing transfer to private organization (#12497) (#12501)
+* Keys should not verify revoked email addresses (#12486) (#12495)
+* Do not add prefix on http/https submodule links (#12477) (#12479)
+* Fix ignored login on compare (#12476) (#12478)
+* Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
+* Upgrade google/go-github to v32.1.0 (#12361) (#12390)
+* Render emoji's of Commit message on feed-page (#12373)
+* Fix handling of diff on unrelated branches when Git 2.28 used (#12370)
+
+[1.18.4]
+* Update Gitea to 1.12.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.5)
+* Allow U2F with default settings for gitea in subpath (#12990) (#13001)
+* Prevent empty div when editing comment (#12404) (#12991)
+* On mirror update also update address in DB (#12964) (#12967)
+* Allow extended config on cron settings (#12939) (#12943)
+* Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
+* Fix internal server error from ListUserOrgs API (#12910) (#12915)
+* Update only the repository columns that need updating (#12900) (#12912)
+* Fix panic when adding long comment (#12892) (#12894)
+* Add size limit for content of comment on action ui (#12881) (#12890)
+* Convert User expose ID each time (#12855) (#12883)
+* Support slashes in release tags (#12864) (#12882)
+* Add missing information to CreateRepo API endpoint (#12848) (#12867)
+* On Migration respect old DefaultBranch (#12843) (#12858)
+* Fix notifications page links (#12838) (#12853)
+* Stop cloning unnecessarily on PR update (#12839) (#12852)
+* Escape more things that are passed through str2html (#12622) (#12850)
+* Remove double escape on labels addition in comments (#12809) (#12810)
+* Fix "only mail on mention" bug (#12775) (#12789)
+* Fix yet another bug with diff file names (#12771) (#12776)
+* RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
+* Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
+
+[1.18.5]
+* Update Gitea to 1.12.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.6)
+* Prevent git operations for inactive users (#13527) (#13537)
+* Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
+* API should only return Json (#13511) (#13564)
+* Fix before and since query arguments at API (#13559) (#13560)
+* Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
+* Fix link detection in repository description with tailing '_' (#13407) (#13408)
+* Remove obsolete change of email on profile page (#13341) (#13348)
+* Fix permission check on get Reactions API endpoints (#13344) (#13346)
+* Add migrated pulls to pull request task queue (#13331) (#13335)
+* API deny wrong pull creation options (#13308) (#13327)
+* Fix initial commit page & binary munching problem (#13249) (#13259)
+* Fix diff parsing (#13157) (#13136) (#13139)
+* Return error 404 not 500 from API if team does not exist (#13118) (#13119)
+* Prohibit automatic downgrades (#13108) (#13111)
+* Fix GitLab Migration Option AuthToken (#13101)
+* GitLab Label Color Normalizer (#12793) (#13100)
+* Log the underlying panic in runMigrateTask (#13096) (#13098)
+* Fix attachments list in edit comment (#13036) (#13097)
+* Fix deadlock when deleting team user (#13093)
+* Fix error create comment on outdated file (#13041) (#13042)
+* Fix repository create/delete event webhooks (#13008) (#13027)
+* Fix internal server error on README in submodule (#13006) (#13016)
+
+[1.19.0]
+* Update Gitea to 1.13.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.0)
+
+[1.19.1]
+* Update Gitea to 1.13.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.1)
+* Security: Hide private participation in Orgs (#13994) (#14031)
+* Security: Fix escaping issue in diff (#14153) (#14154)
+
+[1.19.2]
+* Update Gitea to 1.13.2
+* Prevent panic on fuzzer provided string (#14405) (#14409)
+* Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
+* If release publisher is deleted use ghost user (#14375)
+* Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
+* Set the name Mapper in migrations (#14526) (#14529)
+* Fix wiki preview (#14515)
+* Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
+* ChangeUserName: rename user files back on DB issue (#14447)
+* Fix lfs preview bug (#14428) (#14433)
+* Ensure timeout error is shown on u2f timeout (#14417) (#14431)
+* Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
+* Use path not filepath in routers/editor (#14390) (#14396)
+* Check if label template exist first (#14384) (#14389)
+* Fix migration v141 (#14387) (#14388)
+* Use Request.URL.RequestURI() for fcgi (#14347)
+* Use ServerError provided by Context (#14333) (#14345)
+* Fix edit-label form init (#14337)
+* Fix mailIssueCommentBatch for pull request (#14252) (#14296)
+* Render links for commit hashes followed by comma (#14224) (#14227)
+* Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
+* Fix avatar bugs (#14217) (#14220)
+* Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
+* Fix dashboard issues labels filter bug (#14210) (#14214)
+* When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
+* Fix branch selector on new issue page (#14194) (#14207)
+* Check for notExist on profile repository page (#14197) (#14203)
+
+[1.20.0]
+* Use base image v3
+
+[1.20.1]
+* Update Gitea to 1.13.3
+* Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
+* Fix paging of file commit logs (#14831) (#14879)
+* Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
+* Fix display since time round (#14226) (#14873)
+* When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
+* Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
+* Fix a couple of CommentAsPatch issues. (#14804) (#14820)
+* Disable broken OAuth2 providers at startup (#14802) (#14811)
+* Repo Transfer permission checks (#14792) (#14794)
+* Fix double alert in oauth2 application edit view (#14764) (#14768)
+* Fix broken spans in diffs (#14678) (#14683)
+* Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
+* HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
+* Do not assume all 40 char strings are SHA1s (#14624) (#14648)
+* Allow org labels to be set with issue templates (#14593) (#14647)
+* Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
+* Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
+* Fix GPG key deletion during account deletion (#14561) (#14569)
+
+[1.20.2]
+* Update Gitea to 1.13.4
+* Fix issue popups (#14898) (#14899)
+* Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
+* Fix a couple of issues with a feeds (#14897) (#14903)
+* When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
+* Fix race in local storage (#14888) (#14901)
+* Fix 500 on pull view page if user is not loged in (#14885) (#14886)
+
+[1.20.3]
+* Update Gitea to 1.13.5
+* Update to goldmark 1.3.3 (#15059) (#15061)
+* Another clusterfuzz spotted issue (#15032) (#15034)
+* Fix set milestone on PR creation (#14981) (#15001)
+* Prevent panic when editing forked repos by API (#14960) (#14963)
+* Fix bug when upload on web (#15042) (#15055)
+* Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
+* Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
+* Fix several render issues (#14986) (#15013)
+* Make sure sibling images get a link too (#14979) (#14995)
+* Fix Anchor jumping with escaped query components (#14969) (#14977)
+* Fix release mail html template (#14976)
+* Fix excluding more than two labels on issues list (#14962) (#14973)
+* Don't mark each comment poster as OP (#14971) (#14972)
+* Add "captcha" to list of reserved usernames (#14930)
+* Re-enable import local paths after reversion from #13610 (#14925) (#14927)
+
+[1.20.4]
+* Update Gitea to 1.13.6
+* Fix bug on avatar middleware (#15124) (#15125)
+* Fix another clusterfuzz identified issue (#15096) (#15114)
+* Fix nil exeption for get pull reviews API #15104 (#15106)
+* Fix markdown rendering in milestone content (#15056) (#15092)
+
+[1.20.5]
+* Update Gitea to 1.13.7
+* Update to bluemonday-1.0.6 (#15294) (#15298)
+* Clusterfuzz found another way (#15160) (#15169)
+* Fix wrong user returned in API (#15139) (#15150)
+* Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
+* Speed up enry.IsVendor (#15213) (#15246)
+* Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
+* Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
+* Add size to Save function (#15264) (#15271)

CloudronManifest.json

@@ -4,7 +4,7 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.17.0",
+  "version": "1.20.5",
   "healthCheckPath": "/healthcheck",
   "httpPort": 3000,
   "memoryLimit": 536870912,
@@ -27,15 +27,16 @@
   "icon": "file://logo.png",
   "optionalSso": true,
   "mediaLinks": [
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/1.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/2.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/3.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/4.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/5.png"
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/1.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/2.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/3.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/4.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/5.png"
   ],
-  "tags": [ "version control", "git", "code hosting", "development" ],
+  "tags": [ "version control", "git", "code hosting", "development", "github", "bitbucket", "gitlab" ],
   "changelog": "file://CHANGELOG",
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "4.1.4",
-  "documentationUrl": "https://cloudron.io/documentation/apps/gitea/"
+  "minBoxVersion": "5.3.0",
+  "forumUrl": "https://forum.cloudron.io/category/19/gitea",
+  "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
 }

DESCRIPTION.md

@@ -1,4 +1,4 @@
-This app packages Gitea <upstream>1.12.1</upstream>
+This app packages Gitea <upstream>1.13.7</upstream>
 
 Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 

Dockerfile

@@ -1,6 +1,4 @@
-FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7f8833edf0eb5a4f4
-
-ARG VERSION=1.12.1
+FROM cloudron/base:3.0.0@sha256:455c70428723e3a823198c57472785437eb6eab082e79b3ff04ea584faf46e92
 
 RUN apt-get update && \
     apt-get install -y openssh-server git && \
@@ -16,6 +14,9 @@ RUN passwd -d git
 
 RUN mkdir -p /home/git/gitea
 WORKDIR /home/git
+
+ARG VERSION=1.13.7
+
 RUN curl -L https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 

POSTINSTALL.md

@@ -1,14 +1,8 @@
-A default admin user has been setup with the following credentials (use the `Local` authentication source when logging in):
+This app is pre-setup with an admin account (use the `Local` authentication source for logging in as admin).
+The initial credentials are:
 
-```
-username: root
-password: changeme
-```
+**Username**: root<br/>
+**Password**: changeme<br/>
 
-**Note:** Please change the password and email immediately after installation.
-
-<sso>
-This app integrates with the Cloudron SSO. Cloudron users can login and use Gitea
-using the `Cloudron` authentication source.
-</sso>
+Please change the admin password immediately.
 

test/package.json

@@ -9,12 +9,11 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^83.0.0",
+    "chromedriver": "^89.0.0",
     "expect.js": "^0.3.1",
-    "mocha": "^8.0.1",
+    "mocha": "^8.3.2",
     "rimraf": "^3.0.2",
-    "selenium-server-standalone-jar": "^3.141.59",
     "selenium-webdriver": "^3.6.0",
-    "superagent": "^5.2.2"
+    "superagent": "^6.1.0"
   }
 }

test/test.js

@@ -34,9 +34,8 @@ describe('Application life cycle test', function () {
     var SSH_PORT = 29420;
 
     var app;
-    var token;
+    var browser;
 
-    var server, browser = new Builder().forBrowser('chrome').build();
     var repodir = '/tmp/testrepo';
     var reponame = 'testrepo';
 
@@ -45,26 +44,14 @@ describe('Application life cycle test', function () {
     var email = process.env.EMAIL;
 
     before(function () {
-        var seleniumJar= require('selenium-server-standalone-jar');
-        var SeleniumServer = require('selenium-webdriver/remote').SeleniumServer;
-        server = new SeleniumServer(seleniumJar.path, { port: 4444 });
-        server.start();
+        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
     });
 
-    after(function (done) {
+    after(function () {
         browser.quit();
         rimraf.sync(repodir);
-        done();
     });
 
-    function waitForUrl(url) {
-        return browser.wait(function () {
-            return browser.getCurrentUrl().then(function (currentUrl) {
-                return currentUrl === url;
-            });
-        }, TIMEOUT);
-    }
-
     function getAppInfo() {
         var inspect = JSON.parse(execSync('cloudron inspect'));