Version 1.9.5

CHANGELOG

@@ -190,3 +190,104 @@
 [1.7.0]
 * Update base image
 
+[1.7.1]
+* Update Gitea to 1.5.2
+
+[1.7.2]
+* Update Gitea to 1.5.3
+* Security
+  * Fix remote command execution vulnerability in upstream library (#5177) (#5196)
+
+[1.8.0]
+* Update Gitea to 1.6.0
+
+[1.8.1]
+* Update Gitea to 1.6.1
+
+[1.8.2]
+* Update Gitea to 1.6.2
+* SECURITY
+  * Sanitize uploaded file names (#5571) (#5573)
+  * HTMLEncode user added text (#5570) (#5575)
+* BUGFIXES
+  * Fix indexer reindex bug when gitea restart (#5563) (#5564)
+  * Fix bug when a read perm user to edit his issue (#5516) (#5534)
+  * Detect force push failure on deletion of protected branches (#5522) (#5531)
+  * Fix forgot deletion of notification when delete repository (#5506) (#5514)
+  * Fix undeleted content when deleting user (#5429) (#5509)
+  * Fix empty wiki (#5504) (#5508)
+
+[1.8.3]
+* Update Gitea to 1.6.3
+* SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608)
+
+[1.8.4]
+* Update Gitea to 1.6.4
+* Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
+* When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
+* Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
+
+[1.9.0]
+* Update Gitea to 1.7.0
+
+[1.9.1]
+* Update Gitea to 1.7.1
+* [Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.7.1)
+* Disable redirect for i18n (#5910) (#5916)
+* Only allow local login if password is non-empty (#5906) (#5908)
+* Fix go-get URL generation (#5905) (#5907)
+* Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
+* Request for public keys only if LDAP attribute is set (#5816) (#5819)
+* Fix delete correct temp directory (#5840) (#5839)
+* Fix an error while adding a dependency via UI (#5862) (#5876)
+* Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
+* When creating new repository fsck option should be enabled (#5817) (#5885)
+* Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
+* Fix bug when read public repo lfs file (#5913) (#5912)
+* Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
+* Fix compare button on upstream repo leading to 404 (#5877) (#5914)
+
+[1.9.2]
+* Update Gitea to 1.7.2
+* Remove all CommitStatus when a repo is deleted (#5940) (#5941)
+* Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
+* Silence console logger in gitea serv (#5887) (#5943)
+* Handle milestone webhook events for issues and PR (#5947) (#5955)
+* Show user who created the repository instead of the organization in action feed (#5948) (#5956)
+* Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
+* Fix bug when deleting a linked account will removed all (#5989) (#5990)
+* Fix empty ssh key importing in ldap (#5984) (#6009)
+* Fix metrics auth token detection (#6006) (#6017)
+* Create repository on organisation by default on its dashboard (#6026) (#6048)
+* Make sure labels are actually returned in API (#6053) (#6059)
+* Switch to more recent build of xgo (#6070) (#6072)
+* In basic auth check for tokens before call UserSignIn (#5725) (#6083)
+
+[1.9.3]
+* Update Gitea to 1.7.3
+* Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
+* Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
+* Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
+* Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
+* Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
+* Fix prohibit login check on authorization (#6106) (#6115)
+* Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
+* Fix deadlock in webhook PullRequest (#6102) (#6104)
+* Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
+* Fix compare button regression (#5929) (#6098)
+* Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)
+
+[1.9.4]
+* Update Gitea to 1.7.4
+* Fix potential XSS vulnerability in repository description. (#6306) (#6308)
+* Fix wrong release commit id (#6224) (#6300)
+* Fix panic on empty signed commits (#6292) (#6300)
+* Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
+* Fix displaying dashboard even if required to change password (#6214) (#6215)
+
+[1.9.5]
+* Update Gitea to 1.7.5
+* unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
+* ParsePatch function to work with quoted diff --git strings (#6323) (#6332)
+

CloudronManifest.json

@@ -4,7 +4,7 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.7.0",
+  "version": "1.9.5",
   "healthCheckPath": "/healthcheck",
   "httpPort": 3000,
   "addons": {

DESCRIPTION.md

@@ -1,4 +1,4 @@
-This app packages Gitea <upstream>1.5.1</upstream>
+This app packages Gitea <upstream>1.7.5</upstream>
 
 Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 

Dockerfile

@@ -13,8 +13,7 @@ RUN adduser --disabled-login --gecos 'Gitea' git
 RUN passwd -d git
 
 RUN mkdir -p /home/git/gitea
-## TODO: use redis as well
-RUN curl -L https://dl.gitea.io/gitea/1.5.1/gitea-1.5.1-linux-amd64 -o /home/git/gitea/gitea \
+RUN curl -L https://dl.gitea.io/gitea/1.7.5/gitea-1.7.5-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 
 # setup config paths

test/test.js

@@ -31,6 +31,7 @@ describe('Application life cycle test', function () {
     this.timeout(0);
     var server, browser = new Builder().forBrowser('chrome').build();
     var LOCATION = 'test';
+    var SSH_PORT = 29420;
     var repodir = '/tmp/testrepo';
     var app, reponame = 'testrepo';
     var username = process.env.USERNAME;
@@ -210,7 +211,7 @@ return done();
         }).then(function () {
             return browser.findElement(by.id('repo-clone-url')).getAttribute('value');
         }).then(function (cloneUrl) {
-            expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
+            expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
             done();
         });
     }
@@ -219,14 +220,14 @@ return done();
         rimraf.sync(repodir);
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
+        execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
         done();
     }
 
     function pushFile(done) {
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('touch newfile && git add newfile && git commit -a -mx && git push ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + ' master',
+        execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} master`,
                  { env: env, cwd: repodir });
         rimraf.sync('/tmp/testrepo');
         done();
@@ -254,7 +255,7 @@ return done();
     }
 
     function sendMail(done) {
-        browser.get('https://' + app.fqdn + '/admin/config').then(function () {
+        browser.get(`https://${app.fqdn}/admin/config`).then(function () {
             var button = browser.findElement(by.xpath('//button[@id="test-mail-btn"]'));
             return browser.executeScript('arguments[0].scrollIntoView(true)', button);
         }).then(function () {
@@ -275,7 +276,7 @@ return done();
     it('can login', function (done) {
         var inspect = JSON.parse(execSync('cloudron inspect'));
 
-        superagent.post('https://' + inspect.apiEndpoint + '/api/v1/developer/login').send({
+        superagent.post(`https://${inspect.apiEndpoint}/api/v1/developer/login`).send({
             username: username,
             password: password
         }).end(function (error, result) {
@@ -284,7 +285,7 @@ return done();
 
             token = result.body.accessToken;
 
-            superagent.get('https://' + inspect.apiEndpoint + '/api/v1/profile')
+            superagent.get(`https://${inspect.apiEndpoint}/api/v1/profile`)
                 .query({ access_token: token }).end(function (error, result) {
                 if (error) return done(error);
                 if (result.statusCode !== 200) return done(new Error('Get profile failed with status ' + result.statusCode));
@@ -296,7 +297,7 @@ return done();
     });
 
     it('install app', function () {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
     });
 
     it('can get app information', getAppInfo);
@@ -380,7 +381,7 @@ return done();
 
     // check if the _first_ login via email succeeds
     it('can login via email', function (done) {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
         var inspect = JSON.parse(execSync('cloudron inspect'));
 
         app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
@@ -399,7 +400,7 @@ return done();
 
     // test update
     it('can install app', function () {
-        execSync('cloudron install --new --wait --appstore-id ' + app.manifest.id + ' --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        execSync(`cloudron install --new --wait --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
     });
 
     it('can get app information', getAppInfo);