[0.1.0] * Initial package (forked from Gogs app) [0.1.1] * Removed reference to Gogs [0.1.2] * Updated description [0.1.3] * Updated to version 1.1.2 [1.0.0] * Update to version 1.1.3 [1.0.1] * Update Git to v2.7.4-0ubuntu1.2 * Fixes critical security issue that allows remote command execution in git * https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html [1.0.2] * Preserve SECRET_KEY across updates and restarts [1.0.3] * Update to version 1.1.4 [1.1.0] * Update to version 1.2.0 * New logo! * SECURITY: Sanitation fix from Gogs (#1461) * Status-API * Implement GPG api * https://github.com/go-gitea/gitea/releases/tag/v1.2.0 [1.1.1] * Update to version 1.2.1 * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714) * Fix plain readme didn't render correctly on repo home page (#2705) (#2712) * Fix so that user can still fork his own repository to his organizations (#2699) (#2707) * Fix .netrc authentication (#2700) (#2708) * Fix slice out of bounds error in mailer (#2479) (#2696) [1.1.2] * Update to version 1.2.2 * Add checks for commits with missing author and time (#2771) (#2785) * Fix sending mail with a non-latin display name (#2559) (#2783) * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780) * Update vendor git (#2765) (#2772) * Fix emojify image URL (#2769) (#2773) [1.1.3] * Update to version 1.2.3 * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788) * Fix order of comments (#2835) (#2839) [1.2.0] * Update to version 1.3.0 [1.3.0] * Update to version 1.3.1 * Add documentationUrl * Sanitize logs for mirror sync (#3057, #3082) (#3078) * Fix missing branch in release bug (#3108) (#3117) * Fix repo indexer and submodule bug (#3107) (#3110) * Fix legacy URL redirects (#3100) (#3106) * Fix redis session failed (#3086) (#3089) * Fix issue list branch link broken (#3061) (#3070) * Fix missing password length check when change password (#3039) (#3071) [1.3.1] * Update Gitea to 1.3.2 * Fix run web with -p push failed (#3154) (#3179) * Fix source download link when no code unit allowed (#3166) (#3169) * Allow adding collaborators with (fullname) (#3103) (#3168) * Fix repo links (#3093) (#3163) * Fix Uninitialized variable in ParsePatch (#3156) (#3162) * Fix migration order v1.3 (#3157) * Fix avatar URLs (#3069) (#3143) [1.4.0] * Fix email sending (use SMTPS) [1.4.1] * Update Gitea to 1.3.3 * Security fixes * Fix escaping changed title in comments (#3530) (#3535) * Escape search query display (#3486) (#3489) * Bug fixes * Fix repo-transfer-and-team-repo-count bug (#3241) (#3244) * Open external tracker in blank window, consistently with wiki (#3227) (#3228) * Change SSL Mode from checkbox to string in admin page (#3208) (#3211) [1.5.0] * Update Gitea to 1.4.0 [1.5.1] * Update Gitea to 1.4.1 * Add “error” as reserved username (#3882) (#3886) * Do not allow inactive users to access repositories using private key (#3887) (#3889) * Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873) * Remove unnecessary allowed safe HTML (#3778) (#3779) * Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743) * Fix to use only needed columns from tables to get repository git paths (#3870) (#3883) * Fix GPG expire time display when time is zero (#3584) (#3884) * Fix to update only issue last update time when adding a comment (#3855) (#3860) * Fix repository star count after deleting user (#3781) (#3783) * Use the active branch for the code tab (#3720) (#3776) * Set default branch name on first push (#3715) (#3723) * Show clipboard button if disable HTTP of git protocol (#3773) (#3774) [1.5.2] * Update Gitea to 1.4.2 * Adjust z-index for floating labels (#3939) (#3950) * Add missing token validation on application settings page (#3976) #3978 * Webhook and hook_task clean up (#4006) * Fix webhook bug of response info is not displayed in UI (#4023) * Fix writer cannot read bare repo guide (#4033) (#4039) * Don't force due date to current time (#3830) (#4057) * Fix wiki redirects (#3919) (#4065) * Fix attachment ENABLED (#4064) (#4066) * Added deletion of an empty line at the end of file (#4054) (#4074) * Use ResolveReference instead of path.Join (#4073) * Fix #4081 Check for leading / in base before removing it (#4083) * Respository's home page not updated after first push (#4075) [1.5.2-1] * Rebuild Gitea package because of https://github.com/go-gitea/gitea/issues/4167 * Adjust z-index for floating labels (#3939) (#3950) * Add missing token validation on application settings page (#3976) #3978 * Webhook and hook_task clean up (#4006) * Fix webhook bug of response info is not displayed in UI (#4023) * Fix writer cannot read bare repo guide (#4033) (#4039) * Don't force due date to current time (#3830) (#4057) * Fix wiki redirects (#3919) (#4065) * Fix attachment ENABLED (#4064) (#4066) * Added deletion of an empty line at the end of file (#4054) (#4074) * Use ResolveReference instead of path.Join (#4073) * Fix #4081 Check for leading / in base before removing it (#4083) * Respository's home page not updated after first push (#4075) [1.5.3] * Update Gitea to 1.4.3 * SECURITY * HTML-escape plain-text READMEs (#4192) (#4214) * Fix open redirect vulnerability on login screen (#4312) (#4312) * BUGFIXES * Fix broken monitoring page when running processes are shown (#4203) (#4208) * Fix delete comment bug (#4216) (#4228) * Delete reactions added to issues and comments when deleting repository (#4232) (#4237) * Fix wiki URL encoding bug (#4091) (#4254) * Fix code tab link when viewing tags (#3908) (#4263) * Fix webhook type conflation (#4285) (#4285) [1.5.4] * Allow customization using gitea's custom data directory [1.6.0] * Update Gitea to 1.5.0 * Security * Check that repositories can only be migrated to own user or organizations (#4366) (#4370) * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353) * Do not allow to reuse TOTP passcode (#3878) * Features * Add cli commands to regen hooks & keys (#3979) * Add support for FIDO U2F (#3971) * Added user language setting (#3875) * Add topic support (#3711) * Multiple assignees (#3705) * Add protected branch whitelists for merging (#3689) * Global code search support (#3664) * Add label descriptions (#3662) * Add issue search via API (#3612) * Add repository setting to enable/disable health checks (#3607) * Emoji Autocomplete (#3433) * Implements generator cli for secrets (#3531) [1.6.1] * Update Gitea to 1.5.1 * Security * Don't disclose emails of all users when sending out emails (#4784) * Improve URL validation for external wiki and external issues (#4710) (#4740) * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707) * Bugfixes * Fix missing release title in webhook (#4783) (#4800) * Make sure to reset commit count in the cache on mirror syncing (#4770) * Fixed bug where team with admin privelege type doesn't get any unit (#4759) * Fix failure on creating pull request with assignees (#4583) (#4727) * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686) [1.7.0] * Update base image [1.7.1] * Update Gitea to 1.5.2 [1.7.2] * Update Gitea to 1.5.3 * Security * Fix remote command execution vulnerability in upstream library (#5177) (#5196) [1.8.0] * Update Gitea to 1.6.0 [1.8.1] * Update Gitea to 1.6.1 [1.8.2] * Update Gitea to 1.6.2 * SECURITY * Sanitize uploaded file names (#5571) (#5573) * HTMLEncode user added text (#5570) (#5575) * BUGFIXES * Fix indexer reindex bug when gitea restart (#5563) (#5564) * Fix bug when a read perm user to edit his issue (#5516) (#5534) * Detect force push failure on deletion of protected branches (#5522) (#5531) * Fix forgot deletion of notification when delete repository (#5506) (#5514) * Fix undeleted content when deleting user (#5429) (#5509) * Fix empty wiki (#5504) (#5508) [1.8.3] * Update Gitea to 1.6.3 * SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631) * BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608) [1.8.4] * Update Gitea to 1.6.4 * Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685) * When redirecting clean the path to avoid redirecting to external site (#5669) (#5703) * Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715) [1.9.0] * Update Gitea to 1.7.0 [1.9.1] * Update Gitea to 1.7.1 * [Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.7.1) * Disable redirect for i18n (#5910) (#5916) * Only allow local login if password is non-empty (#5906) (#5908) * Fix go-get URL generation (#5905) (#5907) * Fix TLS errors when using acme/autocert for local connections (#5820) (#5826) * Request for public keys only if LDAP attribute is set (#5816) (#5819) * Fix delete correct temp directory (#5840) (#5839) * Fix an error while adding a dependency via UI (#5862) (#5876) * Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884) * When creating new repository fsck option should be enabled (#5817) (#5885) * Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894) * Fix bug when read public repo lfs file (#5913) (#5912) * Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915) * Fix compare button on upstream repo leading to 404 (#5877) (#5914) [1.9.2] * Update Gitea to 1.7.2 * Remove all CommitStatus when a repo is deleted (#5940) (#5941) * Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944) * Silence console logger in gitea serv (#5887) (#5943) * Handle milestone webhook events for issues and PR (#5947) (#5955) * Show user who created the repository instead of the organization in action feed (#5948) (#5956) * Fix ssh deploy and user key constraints (#1357) (#5939) (#5966) * Fix bug when deleting a linked account will removed all (#5989) (#5990) * Fix empty ssh key importing in ldap (#5984) (#6009) * Fix metrics auth token detection (#6006) (#6017) * Create repository on organisation by default on its dashboard (#6026) (#6048) * Make sure labels are actually returned in API (#6053) (#6059) * Switch to more recent build of xgo (#6070) (#6072) * In basic auth check for tokens before call UserSignIn (#5725) (#6083) [1.9.3] * Update Gitea to 1.7.3 * Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197) * Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185) * Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165) * Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166) * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137) * Fix prohibit login check on authorization (#6106) (#6115) * Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107) * Fix deadlock in webhook PullRequest (#6102) (#6104) * Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101) * Fix compare button regression (#5929) (#6098) * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097) [1.9.4] * Update Gitea to 1.7.4 * Fix potential XSS vulnerability in repository description. (#6306) (#6308) * Fix wrong release commit id (#6224) (#6300) * Fix panic on empty signed commits (#6292) (#6300) * Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246) * Fix displaying dashboard even if required to change password (#6214) (#6215) [1.9.5] * Update Gitea to 1.7.5 * unitTypeCode not being used in accessLevelUnit (#6419) (#6423) * ParsePatch function to work with quoted diff --git strings (#6323) (#6332) [1.9.6] * Update Gitea to 1.7.6 * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595) * Allow resend of confirmation email when logged in (#6482) (#6487) [1.10.0] * Update Gitea to 1.8.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.8.0) * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594) * Resolve 2FA bypass on API (#6676) (#6674) * Prevent the creation of empty sessions for non-logged in users (#6690) (#6677) * Expose issue stopwatch toggling via API (#5970) * Pull request conflict files detection (#5951) * Implement "conversation lock" for issue comments (#5073) * Feature: Archive repos (#5009) * Allow to set organization visibility (public, internal, private) (#1763) * Added URL mapping for Release attachments like on github.com (#1707) [1.10.1] * Update Gitea to 1.8.1 [1.10.2] * Update Gitea to 1.8.2 [1.11.0] * better custom app.ini integration * optional sso support [1.12.0] * Update Gitea to 1.8.3 * Update manifest to v2 [1.13.0] * Update Gitea to 1.9.0 [1.13.1] * Update Gitea to 1.9.1 [1.13.2] * Make sessions persist restarts [1.13.3] * Update Gitea to 1.9.2 * Fix wrong sender when send slack webhook (#7918) (#7924) * Upload support text/plain; charset=utf8 (#7899) * Lfs/lock: round locked_at timestamp to second (#7872) (#7875) * Fix non existent milestone with 500 error (#7867) (#7873) * SECURITY * Fix No PGP signature on 1.9.1 tag (#7874) * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ * ENHANCEMENT * Fix pull creation with empty changes (#7920) (#7926) * BUILD * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884) [1.13.4] * Update Gitea to 1.9.3 * Fix go get from a private repository with Go 1.13 (#8100) * Strict name matching for Repository.GetTagID() (#8082) * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070) * Add change title notification for issues (#8064) * Run CORS handler first for /api routes (#7967) (#8053) * Evaluate emojis in commit messages in list view (#8044) * Fix failed to synchronize tags to releases for repository (#7990) (#7994) * Fix adding default Telegram webhook (#7972) (#7992) * Abort synchronization from LDAP source if there is some error (#7965) * Fix deformed emoji in commit message (#8071) * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009) [1.13.5] * Update Gitea to 1.9.4 * Highlight issue references (#8101) (#8404) * Fix bug when migrating a private repository #7917 (#8403) * Change general form binding to gogs form (#8334) (#8402) * Fix editor commit to new branch if PR disabled (#8375) (#8401) * Fix milestone num_issues (#8221) (#8400) * Allow users with explicit read access to give approvals (#8398) * Fix commit status in PR #8316 and PR #8321 (#8339) * Fix API for edit and delete release attachment (#8290) * Fix assets on release webhook (#8283) * Fix release API URL generation (#8239) * Allow registration when button is hidden (#8238) * MS Teams webhook misses commit messages (backport v1.9) (#8225) [1.13.6] * Update Gitea to 1.9.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.9.5) * Hide some user information via API if user doesn't have enough permission (#8655) (#8658) * Fix milestone close timestamp (#8728) (#8731) * Fix deadline on update issue or PR via API (#8699) * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682) * Fix 500 when getting user as unauthenticated user (#8653) (#8662) * Use AppSubUrl for more redirections (#8647) (#8652) * Add SubURL to redirect path (#8632) (#8634) (#8640) * Fix #8582 by handling empty repos (#8587) (#8593) * Fix bug on pull requests when transfer head repository (#8571) * Add missed close in ServeBlobLFS (#8527) (#8543) * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492) * Create .ssh dir as necessary (#8369) (#8486) (#8489) * Restore functionality for early gits (#7775) (#8476) * Add check for empty set when dropping indexes during migration (#8475) * Ensure Request Body Readers are closed in LFS server (#8454) (#8459) * Ensure that LFS files are relative to the LFS content path (#8455) (#8458) * Ignore mentions for users with no access (#8395) (#8484) [1.14.0] * Update Gitea to 1.10.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.10.0) [1.14.1] * Update Gitea to 1.10.1 * Fix max length check and limit in multiple repo forms (#9148) (#9204) * Properly fix displaying virtual session provider in admin panel (#9137) (#9203) * Upgrade levelqueue to 0.1.0 (#9192) (#9199) * Fix panic when diff (#9187) (#9193) * Smtp logger configuration sendTos should be an array (#9154) (#9157) * Always Show Password Field on Link Account Sign-in Page (#9150) * Create PR on Current Repository by Default (#8670) (#9141) * Fix race on indexer (#9136) (#9139) * Fix reCAPTCHA URL (#9119) * Hide migrated credentials (#9098) * Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085) * Fix password checks on admin create/edit user (#9076) (#9081) * Fix add search as a reserved username (#9063) (#9065) * Fix permission checks for close/reopen from commit (#8875) (#9033) * Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025) * Fix broken link to branch from issue list (#9003) (#9021) * Fix wrong system notice when repository is empty (#9020) * Shadow password correctly for session config (#8984) (#9002) [1.14.2] * Update Gitea to 1.10.2 * Allow only specific Columns to be updated on Issue via API (#9539) (#9580) * Add ErrReactionAlreadyExist error (#9550) (#9564) * Fix bug when migrate from API (#8631) (#9563) * Use default avatar for ghost user (#9536) (#9537) * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528) * Fix deleted branch not removed when push the branch again (#9516) (#9524) * Fix missing repository status when migrating repository via API (#9511) * Trigger webhook when deleting a branch after merging a PR (#9510) * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482) * Fix NewCommitStatus (#9434) (#9435) * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420) * Fix Slack webhook payload title generation to work with Mattermost (#9404) * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359) * Fix issue indexer not triggered when migrating a repository (#9333) * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329) * Fix migration releases (#9319) (#9326) (#9328) * Fix File Edit: Author/Committer interchanged (#9297) (#9300) [1.14.3] * Update Gitea to 1.10.3 * Hide credentials when submitting migration (#9102) (#9704) * Never allow an empty password to validate (#9682) (#9684) * Prevent redirect to Host (#9678) (#9680) * Hide public repos owned by private orgs (#9609) (#9616) * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838) * Fix download file wrong content-type (#9825) (#9835) * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831) * Fix dump non-exist log directory (#9818) (#9820) * Fix compare (#9808) (#9815) * Fix missing msteam webhook on organization (#9781) (#9795) * Fix add team on collaborator page when same name as organization (#9783) * Fix cache problem on dashboard (#9358) (#9703) * Send tag create and push webhook when release created on UI (#8671) (#9702) * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639) [1.15.0] * Update Gitea to 1.11.0 [1.15.1] * Update Gitea to 1.11.1 * Repo name added to automatically generated commit message when merging (#9997) (#10285) * Fix Workerpool deadlock (#10283) (#10284) * Divide GetIssueStats query in smaller chunks (#10176) (#10282) * Fix reply on code review (#10257) * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249) * Fix filter label emoji width (#10241) (#10244) * Fix issue sidebar menus having an infinite height (#10239) (#10240) * Fix commit between two commits calculation if there is only last commit (#10225) (#10226) * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206) * Blacklist manifest.json & milestones user (#10292) (#10293) [1.15.2] * Update Gitea to 1.11.2 [1.15.3] * Update Gitea to 1.11.3 [1.15.4] * Update Gitea to 1.11.4 [1.16.0] * Update Gitea to [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) * Update base image to 2.0.0 [1.16.1] * Update Gitea to 1.11.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683) * Use session for retrieving org teams (#11438) (#11439) * Return json on 500 error from API (#11574) (#11660) * Fix wrong milestone in webhook message (#11596) (#11612) * Prevent (caught) panic on login (#11590) (#11598) * Fix commit page js error (#11527) [1.17.0] * Update Gitea to 1.12.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) [1.18.0] * Add forumUrl and update tags and screenshots [1.18.1] * Update Gitea to 1.12.2 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) [1.18.2] * Update Gitea to 1.12.3 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) * Don't change creation date when updating Release (#12343) (#12351) * Show 404 page when release not found (#12328) (#12332) * Fix emoji detection in certain cases (#12320) (#12327) * Reduce emoji size (#12317) (#12327) * Fix double-indirection bug in logging IDs (#12294) (#12308) * Link to pull list page on sidebar when view pr (#12256) (#12263) * Extend Notifications API and return pinned notifications by default (#12164) (#12232) [1.18.3] * Update Gitea to 1.12.4 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) * Escape provider name in oauth2 provider redirect (#12648) (#12650) * Escape Email on password reset page (#12610) (#12612) * When reading expired sessions - expire them (#12686) (#12690) * StaticRootPath configurable at compile time (#12371) (#12652) * Fix to show an issue that is related to a deleted issue (#12651) (#12692) * Expire time acknowledged for cache (#12605) (#12611) * Fix diff path unquoting (#12554) (#12575) * Improve HTML escaping helper (#12562) * models: break out of loop (#12386) (#12561) * Default empty merger list to those with write permissions (#12535) (#12560) * Skip SSPI authentication attempts for /api/internal (#12556) (#12559) * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550) * Remove hardcoded ES indexername (#12521) (#12526) * Fix bug preventing transfer to private organization (#12497) (#12501) * Keys should not verify revoked email addresses (#12486) (#12495) * Do not add prefix on http/https submodule links (#12477) (#12479) * Fix ignored login on compare (#12476) (#12478) * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422) * Upgrade google/go-github to v32.1.0 (#12361) (#12390) * Render emoji's of Commit message on feed-page (#12373) * Fix handling of diff on unrelated branches when Git 2.28 used (#12370) [1.18.4] * Update Gitea to 1.12.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) * Allow U2F with default settings for gitea in subpath (#12990) (#13001) * Prevent empty div when editing comment (#12404) (#12991) * On mirror update also update address in DB (#12964) (#12967) * Allow extended config on cron settings (#12939) (#12943) * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940) * Fix internal server error from ListUserOrgs API (#12910) (#12915) * Update only the repository columns that need updating (#12900) (#12912) * Fix panic when adding long comment (#12892) (#12894) * Add size limit for content of comment on action ui (#12881) (#12890) * Convert User expose ID each time (#12855) (#12883) * Support slashes in release tags (#12864) (#12882) * Add missing information to CreateRepo API endpoint (#12848) (#12867) * On Migration respect old DefaultBranch (#12843) (#12858) * Fix notifications page links (#12838) (#12853) * Stop cloning unnecessarily on PR update (#12839) (#12852) * Escape more things that are passed through str2html (#12622) (#12850) * Remove double escape on labels addition in comments (#12809) (#12810) * Fix "only mail on mention" bug (#12775) (#12789) * Fix yet another bug with diff file names (#12771) (#12776) * RepoInit Respect AlternateDefaultBranch (#12746) (#12751) * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750) [1.18.5] * Update Gitea to 1.12.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) * Prevent git operations for inactive users (#13527) (#13537) * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525) * API should only return Json (#13511) (#13564) * Fix before and since query arguments at API (#13559) (#13560) * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492) * Fix link detection in repository description with tailing '_' (#13407) (#13408) * Remove obsolete change of email on profile page (#13341) (#13348) * Fix permission check on get Reactions API endpoints (#13344) (#13346) * Add migrated pulls to pull request task queue (#13331) (#13335) * API deny wrong pull creation options (#13308) (#13327) * Fix initial commit page & binary munching problem (#13249) (#13259) * Fix diff parsing (#13157) (#13136) (#13139) * Return error 404 not 500 from API if team does not exist (#13118) (#13119) * Prohibit automatic downgrades (#13108) (#13111) * Fix GitLab Migration Option AuthToken (#13101) * GitLab Label Color Normalizer (#12793) (#13100) * Log the underlying panic in runMigrateTask (#13096) (#13098) * Fix attachments list in edit comment (#13036) (#13097) * Fix deadlock when deleting team user (#13093) * Fix error create comment on outdated file (#13041) (#13042) * Fix repository create/delete event webhooks (#13008) (#13027) * Fix internal server error on README in submodule (#13006) (#13016) [1.19.0] * Update Gitea to 1.13.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.0) [1.19.1] * Update Gitea to 1.13.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.1) * Security: Hide private participation in Orgs (#13994) (#14031) * Security: Fix escaping issue in diff (#14153) (#14154) [1.19.2] * Update Gitea to 1.13.2 * Prevent panic on fuzzer provided string (#14405) (#14409) * Add secure/httpOnly attributes to the lang cookie (#14279) (#14280) * If release publisher is deleted use ghost user (#14375) * Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530) * Set the name Mapper in migrations (#14526) (#14529) * Fix wiki preview (#14515) * Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497) * ChangeUserName: rename user files back on DB issue (#14447) * Fix lfs preview bug (#14428) (#14433) * Ensure timeout error is shown on u2f timeout (#14417) (#14431) * Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425) * Use path not filepath in routers/editor (#14390) (#14396) * Check if label template exist first (#14384) (#14389) * Fix migration v141 (#14387) (#14388) * Use Request.URL.RequestURI() for fcgi (#14347) * Use ServerError provided by Context (#14333) (#14345) * Fix edit-label form init (#14337) * Fix mailIssueCommentBatch for pull request (#14252) (#14296) * Render links for commit hashes followed by comma (#14224) (#14227) * Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221) * Fix avatar bugs (#14217) (#14220) * Ensure that schema search path is set with every connection on postgres (#14131) (#14216) * Fix dashboard issues labels filter bug (#14210) (#14214) * When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213) * Fix branch selector on new issue page (#14194) (#14207) * Check for notExist on profile repository page (#14197) (#14203) [1.20.0] * Use base image v3 [1.20.1] * Update Gitea to 1.13.3 * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675) * Fix paging of file commit logs (#14831) (#14879) * Print useful error if SQLite is used in settings but not supported (#14476) (#14874) * Fix display since time round (#14226) (#14873) * When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842) * Set HCaptchaSiteKey on Link Account pages (#14834) (#14839) * Fix a couple of CommentAsPatch issues. (#14804) (#14820) * Disable broken OAuth2 providers at startup (#14802) (#14811) * Repo Transfer permission checks (#14792) (#14794) * Fix double alert in oauth2 application edit view (#14764) (#14768) * Fix broken spans in diffs (#14678) (#14683) * Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676) * HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649) * Do not assume all 40 char strings are SHA1s (#14624) (#14648) * Allow org labels to be set with issue templates (#14593) (#14647) * Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607) * Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573) * Fix GPG key deletion during account deletion (#14561) (#14569) [1.20.2] * Update Gitea to 1.13.4 * Fix issue popups (#14898) (#14899) * Fix race in LFS ContentStore.Put(...) (#14895) (#14913) * Fix a couple of issues with a feeds (#14897) (#14903) * When transfering repository and database transaction failed, rollback the renames (#14864) (#14902) * Fix race in local storage (#14888) (#14901) * Fix 500 on pull view page if user is not loged in (#14885) (#14886) [1.20.3] * Update Gitea to 1.13.5 * Update to goldmark 1.3.3 (#15059) (#15061) * Another clusterfuzz spotted issue (#15032) (#15034) * Fix set milestone on PR creation (#14981) (#15001) * Prevent panic when editing forked repos by API (#14960) (#14963) * Fix bug when upload on web (#15042) (#15055) * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051) * Fix postgres ID sequences broken by recreate-table (#15015) (#15029) * Fix several render issues (#14986) (#15013) * Make sure sibling images get a link too (#14979) (#14995) * Fix Anchor jumping with escaped query components (#14969) (#14977) * Fix release mail html template (#14976) * Fix excluding more than two labels on issues list (#14962) (#14973) * Don't mark each comment poster as OP (#14971) (#14972) * Add "captcha" to list of reserved usernames (#14930) * Re-enable import local paths after reversion from #13610 (#14925) (#14927) [1.20.4] * Update Gitea to 1.13.6 * Fix bug on avatar middleware (#15124) (#15125) * Fix another clusterfuzz identified issue (#15096) (#15114) * Fix nil exeption for get pull reviews API #15104 (#15106) * Fix markdown rendering in milestone content (#15056) (#15092) [1.20.5] * Update Gitea to 1.13.7 * Update to bluemonday-1.0.6 (#15294) (#15298) * Clusterfuzz found another way (#15160) (#15169) * Fix wrong user returned in API (#15139) (#15150) * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317) * Speed up enry.IsVendor (#15213) (#15246) * Response 404 for diff/patch of a commit that not exist (#15221) (#15238) * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201) * Add size to Save function (#15264) (#15271) [1.21.0] * Update Gitea to 1.14.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.0) [1.21.1] * Update Gitea to 1.14.1 * Fix bug clone wiki (#15499) (#15502) * Github Migration ignore rate limit, if not enabled (#15490) (#15495) * Use subdir for URL (#15446) (#15493) * Query the DB for the hash before inserting in to email_hash (#15457) (#15491) * Ensure review dismissal only dismisses the correct review (#15477) (#15489) * Use index of the supported tags to choose user lang (#15452) (#15488) * Fix wrong file link in code search page (#15466) (#15486) * Quick template fix for built-in SSH server in admin config (#15464) (#15481) * Prevent superfluous response.WriteHeader (#15456) (#15476) * Fix ambiguous argument error on tags (#15432) (#15474) * Add created_unix instead of expiry to migration (#15458) (#15463) * Fix repository search (#15428) (#15442) * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439) * Fix wiki clone urls (#15430) (#15431) * Fix dingtalk icon url at webhook (#15417) (#15426) * Standardise icon on projects PR page (#15387) (#15408) * Add option to skip LFS/attachment files for dump (#15407) (#15492) * Clone panel fixes (#15436) * Use semantic dropdown for code search query type (#15276) (#15364) [1.21.2] * Update Gitea to 1.14.2 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.2) * Display conflict-free merge messages for pull requests (#15773) (#15796) * Exponential Backoff for ByteFIFO (#15724) (#15793) * Issue list alignment tweaks (#15483) (#15766) * Implement delete release attachments and update release attachments' name (#14130) (#15666) * Add placeholder text to deploy key textarea (#15575) (#15576) * Project board improvements (#15429) (#15560) * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365) [1.21.3] * Update Gitea to 1.14.3 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.3) * Encrypt migration credentials at rest (#15895) (#16187) * Only check access tokens if they are likely to be tokens (#16164) (#16171) * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039) * Fix setting of SameSite on cookies (#15989) (#15991) [1.21.4] * Update Gitea to 1.14.4 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.4) * Fix relative links in postprocessed images (#16334) (#16340) * Fix list_options GetStartEnd (#16303) (#16305) * Fix API to use author for commits instead of committer (#16276) (#16277) * Handle misencoding of login_source cfg in mssql (#16268) (#16275) * Fixed issues not updated by commits (#16254) (#16261) * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255) * Use html.Parse rather than html.ParseFragment (#16223) (#16225) * Fix milestone counters on new issue (#16183) (#16224) * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219) [1.21.5] * Update Gitea to 1.14.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.5) * Hide mirror passwords on repo settings page (#16022) (#16355) * Update bluemonday to v1.0.15 (#16379) (#16380) * Retry rename on lock induced failures (#16435) (#16439) * Validate issue index before querying DB (#16406) (#16410) * Fix crash following ldap authentication update (#16447) (#16449) * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378) [1.21.6] * Update Gitea to 1.14.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.6) * SECURITY * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540) * Switch to maintained JWT lib (#16532) (#16535) * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607) [1.22.0] * Update Gitea to 1.15.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.0) [1.22.1] * Update Gitea to 1.15.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.1) [1.22.2] * Update Gitea to 1.15.2 * Add unique constraint back into issue_index (#16938) * Close storage objects before cleaning (#16934) (#16942) [1.22.3] * Update Gitea to 1.15.3 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.3) * Add fluid to ui container class to remove margin (#16396) (#16976) * Add caller to cat-file batch calls (#17082) (#17089) * Many bug fixes [1.22.4] * Update Gitea to 1.15.4 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.4) * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272) * Don't allow merged PRs to be reopened (#17192) (#17271) * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266) * Fix unwanted team review request deletion (#17257) (#17264) * Fix broken Activities link in team dashboard (#17255) (#17258) * API pull's head/base have correct permission(#17214) (#17245) * Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227) * Upgrade xorm to v1.2.5 (#17177) (#17188) * Fix missing repo link in issue/pull assigned emails (#17183) (#17184) * Fix bug of get context user (#17169) (#17172) * Nicely handle missing user in collaborations (#17049) (#17166) * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164) * Fix wrong i18n keys (#17150) (#17153) * Fix Archive Creation: correct transaction ending (#17151) * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141) * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) [1.22.5] * Update Gitea to 1.15.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.5) * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) * Ensure popup text is aligned left (backport for 1.15) (#17343) * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) * Disable core.protectNTFS (#17300) (#17302) * Use pointer for wrappedConn methods (#17295) (#17296) * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) * Handle duplicate keys on GPG key ring (#17242) (#17284) * Fix SVG side by side comparison link (#17375) (#17391) [1.22.6] * Update Gitea to 1.15.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.6) * Prevent panic in serv.go with Deploy Keys (#17434) (#17435) * Fix CSV render error (#17406) (#17431) * Read expected buffer size (#17409) (#17430) * Ensure that restricted users can access repos for which they are members (#17460) (#17464) * Make commit-statuses popup show correctly (#17447) (#17466) [1.23.0] * Update Gitea to 1.15.7 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.7) * Enable rendering of jupyter notebooks, rst, asciidoc by default * Only allow webhook to send requests to allowed hosts (#17482) (#17510) * Fix login redirection links (#17451) (#17473) [1.23.1] * Update Gitea to 1.15.8 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.8) * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046) * Fix delete u2f keys bug (#18040) (#18042) * Reset Session ID on login (#18018) (#18041) * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035) * Stop printing 03d after escaped characters in logs (#18030) (#18034) [1.23.2] * Update Gitea to 1.15.9 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.9) * Fix wrong redirect on org labels (#18128) (#18134) * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095) * Revert "Fix delete u2f keys bug (#18042)" (#18107) * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104) * Prevent NPE if gitea uploader fails to open url (#18080) (#18101) * Reset locale on login (#17734) (#18100) * Correctly handle failed migrations (#17575) (#18099) * Instead of using routerCtx just escape the url before routing (#18086) (#18098) * Quote references to the user table in consistency checks (#18072) (#18073) * Add NotFound handler (#18062) (#18067) * Ensure that git repository is closed before transfer (#18049) (#18057) * Use common sessioner for API and web routes (#18114) [1.23.3] * Update Gitea to 1.15.10 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) * Fix inconsistent PR comment counts (#18260) (#18261) * Fix release link broken (#18252) (#18253) * Fix update user from site administration page bug (#18250) (#18251) * Set HeadCommit when creating tags (#18116) (#18173) * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152) * Fix purple color in suggested label colors (#18241) (#18242) * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206) [1.23.4] * Update Gitea to 1.16.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.0) [1.23.5] * Update Gitea to 1.16.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.1) * Update JS dependencies, fix lint (#18389) (#18540) * Add dropdown icon to label set template dropdown (#18564) (#18571) * Comments on migrated issues/prs must link to the comment ID (#18630) (#18637) * Stop logging an error when notes are not found (#18626) (#18635) * Ensure that blob-excerpt links work for wiki (#18587) (#18624) * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620) [1.23.6] * Update Gitea to 1.16.2 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.2) * Show fullname on issue edits and gpg/ssh signing info (#18828) * Immediately Hammer if second kill is sent (#18823) (#18826) * Allow mermaid render error to wrap (#18791) [1.23.7] * Update Gitea to 1.16.3 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.3) [1.23.8] * Update Gitea to 1.16.4 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.4) * Restrict email address validation (#17688) (#19085) * Fix lfs bug (#19072) (#19080) [1.23.9] * Update Gitea to 1.16.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.5) * Prevent redirect to Host (2) (#19175) (#19186) * Try to prevent autolinking of displaynames by email readers (#19169) (#19183) * Clean paths when looking in Storage (#19124) (#19179) * Do not send notification emails to inactive users (#19131) (#19139) * Do not send activation email if manual confirm is set (#19119) (#19122) [1.23.10] * Update Gitea to 1.16.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.6) [1.23.11] * Update Gitea to 1.16.7 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.7) * Escape git fetch remote (#19487) (#19490) * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568) * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560) * Don't error when branch's commit doesn't exist (#19547) (#19548) * Support hostname:port to pass host matcher's check (#19543) (#19544) * Prevent dangling archiver goroutine (#19516) (#19526) * Fix migrate release from github (#19510) (#19523) * When view _Siderbar or _Footer, just display once (#19501) (#19522) * Fix blame page select range error and some typos (#19503) * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484) * User specific repoID or xorm builder conditions for issue search (#19475) (#19476) * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466) * RepoAssignment ensure to close before overwrite (#19449) (#19460) * Set correct PR status on 3way on conflict checking (#19457) (#19458) * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446) [1.23.12] * Update Gitea to 1.16.8 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.8) * Add doctor check/fix for bogus action rows (#19656) (#19669) * Make .cs highlighting legible on dark themes (#19604) (#19605) * Delete user related oauth stuff on user deletion too (#19677) (#19680) * Fix new release from tags list UI (#19670) (#19673) * Prevent NPE when checking repo units if the user is nil (#19625) (#19630) [1.24.0] * Update Gitea to 1.17.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.17.0) * Automatically render wiki TOC (#19873) * Adding button to link accounts from user settings (#19792) * Allow set default merge style while creating repo (#19751) * Auto merge pull requests when all checks succeeded (#9307 & #19648) * Improve reviewing PR UX (#19612) * Add support for rendering console output with colors (#19497)