gitea/CHANGELOG.md

99 KiB

Changelog

This changelog goes through all the changes that have been made in each release without substantial changes to our git log; to see the highlights of what has been added to each release, please refer to the blog.

1.8.0-rc3 - 2019-04-12

  • SECURITY
    • Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
  • BUGFIXES
    • Allow resend of confirmation email when logged in (#6482) (#6486)
    • Fix mail notification when close/reopen issue (#6581) (#6588)
    • Change API commit summary to full message (#6591) (#6592)
    • Add option to disable refresh token invalidation (#6584) (#6587)
    • Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
    • Fix new repo alignment (#6583) (#6585)
    • Prevent server 500 on compare branches with no common history (#6555) (#6558)
    • Properly escape release attachment URL (#6512) (#6523)
    • Hacky fix for alignment of the create-organization dialog (#6455) (#6462)

1.8.0-rc2 - 2019-03-27

  • BUGFIXES
    • Disable benchmarking during tag events on DroneIO (#6365) (#6366)
    • Make sure units of a team are returned (#6379) (#6381)
    • Don't Unescape redirect_to cookie value (#6399) (#6401)
    • Fix dump table name error and add some test for dump database (#6394) (#6402)
    • Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
    • Display correct error for invalid mirror interval (#6414) (#6429)
    • Clean up ref name rules (#6437) (#6439)
    • Fix Hook & HookList in Swagger (#6432) (#6440)
    • Change order that PostProcess Processors are run (#6445) (#6447)

1.8.0-rc1 - 2019-03-18

  • BREAKING
    • Add "ghost" and "notifications" to list of reserved user names. (#6208)
    • Change sqlite DB path default to data directory (#6198)
    • Adds MustChangePassword to user create/edit API (#6193)
    • Disable redirect for i18n (#5910)
    • Releases API paging (#5831)
    • Allow Macaron to be set to log through to gitea.log (#5667)
    • Don't close issues via commits on non-default branch (#5622)
  • FEATURE
    • Add regenerate secret feature for oauth2 (#6291)
    • Expose issue stopwatch toggling via API (#5970)
    • Add other session providers (#5963)
    • Pull request conflict files detection (#5951)
    • Integrate OAuth2 Provider (#5378)
    • Implement "conversation lock" for issue comments (#5073)
    • Feature: Archive repos (#5009)
    • Discord Oauth2 support (#4476)
    • Allow to set organization visibility (public, internal, private) (#1763)
    • Added URL mapping for Release attachments like on github.com (#1707)
  • ENHANCEMENT
    • Add support for client basic auth for exchanging access tokens (#6293)
    • Add ability to sort issues by due date (#6206) (#6244)
    • Style tweaks to issue selection (#6196)
    • Increase Username and Orgname MaxSize 35 -> 40 (#6178)
    • Coverage profile with multiple packages (#6167)
    • Split setting.go to multiple files (#6154)
    • Allow labels to contain emoji (#6063)
    • Disable git fsck for mirrored repos by default (#6018)
    • Add default time out for git operations (#6015)
    • Split setting.go as multiple files (#6014)
    • Make dashboard navbar and footer full-width (#6013)
    • Add lang specific font stacks for CJK (#6007)
    • Fix header menu misalignment (#6002)
    • Enhance closed PR and Issue status in the list (#6000)
    • Make navbar full width (#5998)
    • Add option to close issues via commit on a non master branch (#5992)
    • Support n as a line highlight prefix (#5987)
    • Search for org repos (#3031) (#5986)
    • Minor UI tweaks (#5980)
    • Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
    • Dashboard tweaks (#5974)
    • Fixes for repo topic editor (#5971)
    • Display the branch name in the commit view (#5950)
    • handle milestone events for issues and PR (#5947)
    • Add label names as filter in issue search api (#5946)
    • Repo header tweaks (#5945)
    • Better support for long repo names (#5932)
    • Fix wrapping long code lines (#5927)
    • Change GPG Validation colors and remove inline CSS (#5404) (#5896)
    • Fix "pulls.blocked_by_approvals" text (#5879)
    • Rename reject to 'request changes' (#5858)
    • Move input fields to add members to a team and repos to a team (#5853)
    • Config option to disable automatic repo watching (#5852)
    • New Issue ?body= query (#5851)
    • Add API to list tags (#5850)
    • Pagination for git tree API (#5838)
    • Add InternalTokenURI to load InternalToken from an external file (#5812)
    • Allow markdown files to read from the LFS (#5787)
    • Add the ability to use multiple labels as filters (#5786)
    • Adjust log settings when a user is not found. (#5771)
    • Log IP of failed ssh connection (#5766)
    • Moved defaults in defaults.go to setting.go (#5764)
    • Make DB connect more robust (#5738)
    • Add Default Pull Request Title (#5735)
    • Refactor repo.isBare to repo.isEmpty #5629 (#5714)
    • Add flag to skip repository dumping (#5695)
    • Prioritize "readme.md" (#5691)
    • Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
    • Allow for user specific themes (#5668)
    • Display branch name in delete branch confirmation modal. (#5654)
    • New API routes added (#5594)
    • Refactor notification for indexer (#5111)
    • Refactor mail notification (#5110)
    • Show email if the authenticated user owns the profile page being requested for (#4981)
    • Optimize pulls merging (#4921)
    • Sort Repositories widget by most recently updated (#3963) (#4599)
    • Allow markdown table to scroll (#4401)
    • Automatically clear stopwatch on merging a PR (#4327)
    • Add the Owner Name to differentiate when merging (#3807)
  • BUGFIXES
    • Clean up various use of escape/unescape functions for URL generation (#6334)
    • Return 409 when creating repo if it already exists. (#6330)
    • Add same changes from issues page to milestone->issues page (#6328)
    • Fix ParsePatch function to work with quoted diff --git strings (#6323)
    • Fix reported issue in repo description (#6306)
    • Use url.PathEscape to escape the branchname (#6304)
    • Add robots.txt as reserved username (#6272)
    • Replace linkRegex with xurls library (#6261)
    • Remove visitLinksForShortLinks features (#6257)
    • Add unit types to repo action URL to correctly show 404 when archived (#6247)
    • Check organization visibility before everything else (#6234) (#6235)
    • Prevent double-close of issues (#6233)
    • Override xorm type mapping for U2F counter (#6232)
    • Add isAdmin to user API response (#6231)
    • Update git vendor to fix wrong release commit id and add migrations (#6224)
    • Fix fork button (#6223)
    • Fix renames over redirects (#6216)
    • Fix display dashboard even if require to change password (#6214)
    • Create a repo redirect when transferring ownership (#6210) (#6211)
    • Fix issue update race condition (#6194)
    • Fix bug when migrate repository 500 when repo is existed (#6188)
    • Fix scrollbar always present on page body (#6177)
    • Fix bug when set indexer as db and add tests (#6173)
    • Modify linkRegex to require http|https (#6171)
    • Fix bug user could change private repository to public when force private enabled. (#6156)
    • Fix admin list user/org API (#6143)
    • Make repo creation for API similar to UI (#6142)
    • Make document body a flexbox (#6139)
    • Refactor issue indexer, add some testing and fix a bug (#6131)
    • Load Issue attributes for API call (#6122)
    • Fix bug when update owner team then visit team's repo return 404 (#6119)
    • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
    • Show private organization for admin, fix #6111 (#6112)
    • Fix prohibit login check on authorization (#6106)
    • Move to ldap.v3 to fix #5928 (#6105)
    • Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
    • Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
    • Make sure labels are actually returned (#6053)
    • Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
    • After deleting a repo on admin panel, UI should remember the last sort type (#6033)
    • Default create repository on organisation on its dashboard (#6026)
    • Swagger: Remove spaces in MergePullRequestOption enum (#6016)
    • Fix metrics auth token detection (#6006)
    • Fix repo header issues (#5995)
    • Fix bug when deleting a linked account will removed all (#5989)
    • Make organization dropdown scrollable when using mouse wheel (#5988)
    • Fix empty ssh key importing in ldap (#5984)
    • Admin config page mailertype setting option update (#5973)
    • Fix redirect loop during forced password change (#5965)
    • Show user who created the repository instead of the organisation in action feed (#5948)
    • Remove all CommitStatus when a repo is deleted (#5940)
    • Fix ssh deploy and user key constraints (#1357) (#5939)
    • Fix log output (#5938)
    • Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
    • Fix compare button (#5929)
    • Fix bug when read public repo lfs file (#5912)
    • Only allow local login if password is non-empty (#5906)
    • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
    • Provide better panic handling (#5902)
    • Respect value of REQUIRE_SIGNIN_VIEW (#5901)
    • Show a 404 not a 500 if a repo does not exist (#5900)
    • Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
    • Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
    • Correct footer height if screen-width is to small (fixes #5878) (#5889)
    • In gitea serv switch off console logger to fix #5866 (#5887)
    • Don't allow pull requests to be created on an archived repository (#5883)
    • Support reviews on a deleted file path (#5880)
    • Fix compare button on upstream repo leading to 404 (#5877)
    • Fix null pointer on not logged in attempt to Sudo (#5872)
    • Fix new release creation API to allow empty target (#5870)
    • Fix an error while adding a dependency via UI. (#5862)
    • Fix failing migration v67 (#5849)
    • Fix delete correct temp directory (#5839)
    • Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
    • Fix topics saving internal error and disable for archived repos (#5821)
    • Fix TLS errors when using acme/autocert for local connections (#5820)
    • When creating new repository fsck option should be enabled (#5817)
    • Request for public keys only if LDAP attribute is set (#5816)
    • Fix serving of raw wiki files other than .md (#5814)
    • Fix migration 78 error mssql (#5791)
    • Disallow empty titles (#5785)
    • Fix the v78 migration script (#5776)
    • Ensure valid git author names passed in signatures (#5774)
    • Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
    • Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
    • Fixing PostgreSQL dump creation (#5747)
    • Add proper CORS preflight origin validation (#5740)
    • Disable auto-migrate in docker container (#5730)
    • In basic auth check for tokens before call UserSignIn (#5725)
    • Pooled and buffered gzip implementation (#5722)
    • Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
    • Keep file permissions during database migration (#5707)
    • Use correct value for "MSpan Structures Obtained" #4742 (#5706)
    • Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
    • Update xorm to fix issue #5659 and #5651 (#5680)
    • Fix public will not be reused as public key after deleting as deploy key (#5671)
    • When redirecting, clean the path (#5669)
    • Don't list an issue on its own dependency list UI. (#5658)
    • Fix commit page showing status for current default branch (#5649) (#5650)
    • Only count users own actions for heatmap contributions (#5647)
    • Fix sqlite deadlock when assigning to a PR (#5640)
    • Refactor issue indexer (#5363)
  • TESTING
    • Run benchmark at tag to track performances (#6035)
    • Add test environment for MySQL8 (#5234)
  • BUILD
    • Use go 1.12 for tests and deprecate go 1.9 (#6186)
    • Makefile changes for Windows and easier development (#6103)
    • Update bleve dependency to latest master revision (#6100)
    • Switch to more recent build of xgo (#6070)
    • Add autoprefixer to css build (#6029)
    • Update the version of less (#6010)
    • Make log mailer for testing (#5893)
  • DOCS
    • Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
    • update default value of --must-change-password cli flag (#6032)
    • Update and expand information about building Gitea (#6019)
    • Update U2F Section of app.ini.sample (#5994)
    • Update swagger for release API pagination (#5841)
    • Added docs for the tree api (#5834)
  • MISC
    • Add single commit API support (#5843)
    • Add missing GET teams endpoints (#5382)
    • Migrate database if app.ini found (#5290)

1.7.6 - 2019-04-12

  • SECURITY
    • Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
  • BUGFIXES
    • Allow resend of confirmation email when logged in (#6482) (#6487)

1.7.5 - 2019-03-27

  • BUGFIXES
    • Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
    • Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)
    • Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)

1.7.4 - 2019-03-12

  • SECURITY
    • Fix potential XSS vulnerability in repository description. (#6306) (#6308)
  • BUGFIXES
    • Fix wrong release commit id (#6224) (#6300)
    • Fix panic on empty signed commits (#6292) (#6300)
    • Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
    • Fix displaying dashboard even if required to change password (#6214) (#6215)

1.7.3 - 2019-02-27

  • BUGFIXES
    • Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
    • Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
    • Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
    • Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
    • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
    • Fix prohibit login check on authorization (#6106) (#6115)
    • Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
    • Fix deadlock in webhook PullRequest (#6102) (#6104)
    • Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
    • Fix compare button regression (#5929) (#6098)
    • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)

1.7.2 - 2019-02-14

  • BUGFIXES
    • Remove all CommitStatus when a repo is deleted (#5940) (#5941)
    • Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
    • Silence console logger in gitea serv (#5887) (#5943)
    • Handle milestone webhook events for issues and PR (#5947) (#5955)
    • Show user who created the repository instead of the organization in action feed (#5948) (#5956)
    • Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
    • Fix bug when deleting a linked account will removed all (#5989) (#5990)
    • Fix empty ssh key importing in ldap (#5984) (#6009)
    • Fix metrics auth token detection (#6006) (#6017)
    • Create repository on organisation by default on its dashboard (#6026) (#6048)
    • Make sure labels are actually returned in API (#6053) (#6059)
    • Switch to more recent build of xgo (#6070) (#6072)
    • In basic auth check for tokens before call UserSignIn (#5725) (#6083)

1.7.1 - 2019-01-31

  • SECURITY
    • Disable redirect for i18n (#5910) (#5916)
    • Only allow local login if password is non-empty (#5906) (#5908)
    • Fix go-get URL generation (#5905) (#5907)
  • BUGFIXES
    • Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
    • Request for public keys only if LDAP attribute is set (#5816) (#5819)
    • Fix delete correct temp directory (#5840) (#5839)
    • Fix an error while adding a dependency via UI (#5862) (#5876)
    • Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
    • When creating new repository fsck option should be enabled (#5817) (#5885)
    • Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
    • Fix bug when read public repo lfs file (#5913) (#5912)
    • Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
    • Fix compare button on upstream repo leading to 404 (#5877) (#5914)
  • DOCS
    • Added docs for the tree api (#5835)
  • MISC
    • Include Go toolchain to --version (#5832) (#5830)

1.7.0 - 2019-01-22

  • SECURITY
    • Do not display the raw OpenID error in the UI (#5705) (#5712)
    • When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
    • Prevent DeleteFilePost doing arbitrary deletion (#5631)
  • BREAKING
    • Restrict permission check on repositories and fix some problems (#5314)
    • Show only opened milestones on issues page milestone filter (#5051)
  • FEATURE
    • Implement git refs API for listing references (branches, tags and other) (#5354)
    • Approvals at Branch Protection (#5350)
    • Add raw blob endpoint to get objects by SHA ID (#5334)
    • Add api for user to create org (#5268)
    • Create AuthorizedKeysCommand (#5236)
    • User action heatmap (#5131)
    • Refactor heatmap to vue component (#5401)
    • Webhook for Pull Request approval/rejection (#5027)
    • Add command for migrating database (#4954)
    • Search keyword by splitting provided values by , (#4939)
    • Create Progressive Web App (#4730)
    • Give user a link to create PR after push (#4716)
    • Add rebase with merge commit merge style (#3844) (#4052)
  • BUGFIXES
    • Disallow empty titles (#5785) (#5794)
    • Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
    • Don't close issues via commits on non-default branch. (#5622) (#5643)
    • Fix commit page showing status for current default branch (#5650) (#5653)
    • Only count users own actions for heatmap contributions (#5647) (#5655)
    • Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
    • Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
    • Fix bug on modifying sshd username (#5624)
    • Delete tags in mirror which are removed for original repo. (#5609)
    • Fix wrong text getting saved on editing second comment on an issue. (#5608)
    • Fix nil pointer when adding a due date (#5587)
    • Fix type mismatch of format string (#5574)
    • Fix bug on upload file name (#5571)
    • Issue is not overdue when it is on the same date #5566 (#5568)
    • Fix indexer reindex bug when gitea restart (#5563)
    • Fix table name typo on SQL (#5562)
    • Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
    • Fix makefile generate buildstep (#5556)
    • Fix nil pointer base branch bug (#5555)
    • Fix permission check on api create org (#5523)
    • Fix detect force push failure on deletion of protected branches (#5522)
    • Fix approvals limitation (#5521)
    • Fix bug when a read perm user to edit his issue (#5516)
    • Fix adding reaction fail for read permission user (#5515)
    • Fixing MSSQL timestamp type (#5511)
    • Fix forgot deletion of notification when delete repository (#5506)
    • Fix empty wiki (#5504)
    • Fix clone wiki failed via ssh (#5503)
    • Fix code review on mssql (#5502)
    • Fix lfs version check warning log when using ssh protocol (#5501)
    • Fix topic name length on database (#5493)
    • Ensure that the closed_at is set for closed issues (#5449)
    • Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
    • Word-Break the WebHook url to prevent a ui-break (#5432)
    • Fix forgot removed records when deleting user (#5429)
    • Fix repository deletion when there is large number of issues in it (#5426)
    • Fix heatmap colors for Chrome/Safari (#5421)
    • Fix password variable shadowing (#5405)
    • Fix dependent issue searching when gitea is run in subpath (#5392)
    • Don't force a password change for the admin user when creating an account via cli (#5391)
    • API: '/orgs/:org/repos': return private repos with read access (#5383)
    • Don't send assign webhooks when creating issue (#5365)
    • Removing Labels via EditPullRequest API (#5348)
    • Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
    • Fix bug when users have serval teams with different units on different repositories (#5307)
    • Fix U2F if gitea is configured in subpath (#5302)
    • Fix file edit change preview functionality (#5300)
    • Update gitignore list (#5258)
    • Fixed heatmap not working in mssql (#5248)
    • Fixed wrong api request url for instances running in subfolders (#5247)
    • Fix compatibility heatmap with mysql 8 (#5232)
    • Fix data race on migrate repository (#5224)
    • Fix sqlite and mssql lock (#5214)
    • Fix sqlite lock (#5210)
    • Fix: Accept web-command cli flags if web-command is commited (#5200)
    • Fix: Add secret to all webhook's payload where it has been missing (#5199)
    • Fix race on updatesize (#5190)
    • Fix create team, update team missing units (#5188)
    • Fix sqlite lock (#5184 & #5176)
    • Fix showing pull request link when delete a branch (#5166)
    • Fix JSON result of empty array in heatmap data array (#5154)
    • Update build tags for sqlite_unlock notify (#5144)
    • This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
    • Fix deadlock when sqlite (#5118)
    • Add comment replies (#5104)
    • Fix home page template regression (#5102)
    • Fix regex to support optional end line of old section in diff hunk (#5096)
    • LDAP via simple auth separate bind user and search base (#5055)
    • Fix markdown image with link (#4675)
    • Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
  • ENHANCEMENT
    • Delete organization endpoint added (#5601)
    • Update Licenses (#5558)
    • Support reverse proxy providing email (#5554)
    • Add git protocol v2 support via SSH on Docker image (#5520)
    • Add tests for api user orgs (#5494)
    • Allow link verification for services like Mastodon (#5481)
    • Improve team members and repositories settings UI (#5457)
    • Remove the required class from optional ssh port in installation page (#5428)
    • Explicitly disable Git credential helper (#5367)
    • Setting Labels via EditPullRequest API (#5347)
    • Implement pasting image from clipboard for browsers that supports that (#5317)
    • Milestone issues and pull requests (#5293)
    • Support envs on external render commands (#5278)
    • Add option to disable automatic mirror syncing. (#5242)
    • Remove unused db init on commands serv, update, hooks (#5225)
    • Serve audio files using HTML5 audio tag (#5221)
    • Pass link prefixes to external markup parsers (#5201)
    • Add AutoHead functionality. (#5186)
    • Fix emojis not showing in commit messages (#5168)
    • Block registration based on email domain (#5157)
    • Update vendor/go-sqlite3 (#5133 & #5162)
    • Update x/net lib (#5169)
    • Show review summary in pull requests (#5132)
    • Use type switch (#5122)
    • Remove duplicated if bodies (#5121)
    • Remove check for negative length (#5120)
    • Make switch more clear (#5119)
    • Use named const instead of a raw string (#5115)
    • Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
    • Refactor: err != nil check, just return error instead (#5093)
    • Add notification interface and refactor UI notifications (#5085)
    • Use APP_NAME on home page (#5048)
    • Explicitly decide whether to use TLS in mailer's configuration (#5024)
    • Generate random password (#5023)
    • UX of link account (Step 1) (#5006)
    • Make sure argsSet verifies string isn't empty too (#4980)
    • Improve performance of dashboard (#4977)
    • Keys API changes (#4960)
    • Add must-change-password flag to cli for creating a user (#4955)
    • Use native go method to get current user rather than environment variable (#4930)
    • Make gitea serv use api/internal (#4886)
    • Add support for search by uid (#4876)
    • Allow to add organization members as collaborators on organization owned repositories (#4748)
  • TESTING
    • Kill testing processes if the test takes too long (#5174)
    • Update outdated Go toolchain version for .drone.yml (#5146)
    • Increase the retry limit to 20 times and the interval to 200ms (#5134)
    • Retry test-fixtures loading in case of transaction rollback (#5125)
    • Added test environment for mssql (#4282)
  • BUILD
    • Replace lint to revive (#5422)
    • Update golang version in Dockerfile (#5246)
  • DOCS
    • Typo in routers/api/v1/org/org.go fixed. (#5598)
    • Update the docs for sqlite_unlock_notify (#5145)
    • CN translation of docs part (#5049)
    • Kubernetes deployment file (#5046)
  • MISC
    • Upgrade alpine to 3.8 (#5423)
    • Git-Trees API (#5403)
    • Only chown directories during docker setup if necessary. Fix #4425 (#5064)

1.6.4 - 2019-01-15

  • BUGFIX
    • Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
    • When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
    • Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)

1.6.3 - 2019-01-04

  • SECURITY
    • Prevent DeleteFilePost doing arbitrary deletion (#5631)
  • BUGFIX
    • Fix wrong text getting saved on editing second comment on an issue (#5608)

1.6.2 - 2018-12-21

  • SECURITY
    • Sanitize uploaded file names (#5571) (#5573)
    • HTMLEncode user added text (#5570) (#5575)
  • BUGFIXES
    • Fix indexer reindex bug when gitea restart (#5563) (#5564)
    • Remove a double slash in the HTTPS redirect with Let's Encrypt (#5537) (#5539)
    • Fix bug when a read perm user to edit his issue (#5516) (#5534)
    • Detect force push failure on deletion of protected branches (#5522) (#5531)
    • Let's Encrypt handler listens on correct port for certificate validation (#5525) (#5527)
    • Fix forgot deletion of notification when delete repository (#5506) (#5514)
    • Fix undeleted content when deleting user (#5429) (#5509)
    • Fix empty wiki (#5504) (#5508)

1.6.1 - 2018-12-08

  • BUGFIXES
    • Fix dependent issue searching when gitea is run in subpath (#5392) (#5400)
    • API: '/orgs/:org/repos': return private repos with read access (#5393)
    • Fix repository deletion when there is large number of issues in it (#5426) (#5434)
    • Word-break the WebHook url to prevent a ui-break (#5445)
    • Admin should be able to delete repos via the API even if they are not a member of the organization (#5443) (#5447)
    • Ensure that the closed_at is set for closed (#5450)
    • Fix topic name length on database (#5493) (#5495)

1.6.0 - 2018-11-22

  • BREAKING
    • Respect email privacy option in user search via API (#4512)
    • Simply remove tidb and deps (#3993)
    • Swagger.v1.json template (#3572)
  • SECURITY
    • Add CSRF checking to reqToken and add reqToken to admin API routes (#5272) (#5250)
    • Improve URL validation for external wiki and external issues (#4710)
    • Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)
    • Don't disclose emails of all users when sending out emails (#4664)
    • Check that repositories can only be migrated to own user or organizations (#4366)
  • FEATURE
    • Add comment replies (#5147) (#5104)
    • Pull request review/approval and comment on code (#3748)
    • Added dependencies for issues (#2196) (#2531)
    • Add the ability to have built in themes in Gitea and provide dark theme arc-green (#4198)
    • Add sudo functionality to the API (#4809)
    • Add oauth providers via cli (#4591)
    • Disable merging a WIP Pull request (#4529)
    • Force user to change password (#4489)
    • Add letsencrypt to Gitea (#4189)
    • Add push webhook support for mirrored repositories (#4127)
    • Add csv file render support defaultly (#4105)
    • Add Recaptcha functionality to Gitea (#4044)
  • ENHANCEMENT
    • Fix milestones sorted wrongly (#4987)
    • Allow api to create tags for releases if they don't exist (#4890)
    • Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
    • Enforce token on api routes [fixed critical security issue #4357] (#4840)
    • Update legacy branch and tag URLs in dashboard to new format (#4812)
    • Slack webhook channel name cannot be empty or just contain an hashtag (#4786)
    • Add whitespace handling to PR-comparsion (#4683)
    • Make reverse proxy auth optional (#4643)
    • MySQL TLS (#4642)
    • Make sure to set PR split view when creating/previewing a pull request (#4617)
    • Log user in after a successful sign up (#4615)
    • Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578)
    • Allow admin toggle forcing a password change for newly created users (#4563)
    • Update jQuery to v1.12.4 (#4551)
    • Env var GITEA_PUSHER_EMAIL (#4516)
    • Feat(repo): support search repository by topic name (#4505)
    • Small improvements to dependency UI (#4503)
    • Make max commits in graph configurable (#4498)
    • Add valid for lfs oid (#4461)
    • Add shortcut to save wiki page (#4452)
    • Allow administrator to create repository for any organization (#4368)
    • Fix repository last updated time update when delete a user who watched the repo (#4363)
    • Switch plaintext scratch tokens to use hash instead (#4331)
    • Increase default TOTP secret size to 320 bits (#4287)
    • Keep preseeded database password (#4284)
    • Implemented hover text showing user FullName (#4261)
    • Add ability to delete a token (#4235)
    • Fix typos in i18n variable names. (#4080)
    • Api: repos/search: add parameters to control the sort order (#3964)
    • Add missing path in the Docker app.ini template (#2181)
    • Add file name and branch to page title (#4902)
    • Offline use of google fonts (#4872)
    • Add missing History link to directory listings v2 (#4829)
    • Locale for Edit and Remove due date issue (#4802)
    • Disable 'May Import Local Repository' when is disabled by setting (Is… (#4780)
    • API /admin/users/{username} missing parameter (#4775)
    • Display error when adding a user to a team twice (#4746)
    • Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722)
    • Focus title input when clicking helper link (#4696)
    • Add vendor to user reserved words and format words list according alphabet (#4685)
    • Add gitea/issues link to 500 page (#4654)
    • Hide home button when landing page is not set to home (#4651)
    • Remove link to GitHub issues in 404 template (#4639)
    • Cmd/serve: pprof cpu and memory profile dumps to disk (#4560)
    • Add flash message after an account has been successfully activated (#4510)
    • Prevent html entity escaping on delete branch (#4471)
    • Locale for button Edit on protected branch (#4442)
    • Update notification icon (#4343)
    • Added front-end topics validation (#4316)
    • Don't display buttons if there are no system notifications (#4280)
    • Issue due date api (#3890)
  • BUGFIXES
    • dont' send assign webhooks when creating issue (#5365)
    • Fix create team, update team missing units (#5188)
    • Fix file edit change preview functionality (#5300)
    • *ix bug when users have serval teams with different units on different repositories (#5307)
    • Fix U2F if gitea is configured in subpath (#5302)
    • Fix markdown image with link (#4675)
    • Remove maxlines option for file logger (#5282)
    • Fix wrong api request url for instances running in subfolders (#5261) (#5247)
    • Accept web-command cli flags if web-command is commited (#5245) (#5200)
    • Reduce join star, repo_topic, topic tables on repo search, to resolve extra columns problem on MSSQL (#5136) (#5229)
    • Fix data race on migrate repository (#5224) (#5230)
    • Add secret to all webhook's payload where it has been missing (#5208) (#5199)
    • Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218) (#5176) (#5179)
    • Fix race on updatesize (#5190) (#5215)
    • Fix filtering issues by tags on main screen issues (#5219) (#3824)
    • Fix SQL quoting (#5137) (#5117)
    • Fix regex to support optional end line of old section in diff hunk (#5097) (#5096)
    • Fix release creation via API (#5076)
    • Remove links from topics in edit mode (#5026)
    • Fix missing AppSubUrl in few more templates (fixup) (#5021)
    • Fix missing AppSubUrl in some templates (#5020)
    • Hide outdated comments in file view (#5017)
    • Upgrade gopkg.in/testfixtures.v2 (#4999)
    • Disable debug routes unless PPROF is enabled in configuration (#4995)
    • Fix user menu item styling (#4985)
    • Fix layout of the topics editing form (#4971)
    • Fix null pointer dereference in ParseCommitWithSignature (#4962)
    • Fix url in discord webhook (#4953)
    • Detect charset and convert non UTF-8 files for display (#4950)
    • Make sure to catch the right error so it is displayed on the UI (#4945)
    • Fix(topics): don't redirect to explore page. (#4938)
    • Fix bug forget to remove Stopwatch when remove repository (#4928)
    • Fix bug when repo remained bare if multiple branches pushed in single push (#4923)
    • Fix: Crippled diff (#4726) (#4900)
    • Fix trimming of markup section names (#4863)
    • Issues api allow pulls and fix #4832 (#4852)
    • Do not autocreate directory for new users/orgs (#4828) (#4849)
    • Fix redirect with non-ascii branch names (#4764) (#4810)
    • Fix missing release title in webhook (#4783) (#4796)
    • User shouldn't be able to approve or reject his/her own PR (#4729)
    • Make sure to reset commit count in the cache on mirror syncing (#4720)
    • Fixed bug where team with admin privelege type doesn't get any unit (#4719)
    • Fix incorrect caption of webhook setting (#4701) (#4717)
    • Allow WIP marker to contains < or > (#4709)
    • Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680)
    • Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645)
    • Fix custom templates being ignored (#4638)
    • Fix starring icon after semantic ui update (#4628)
    • Fix Split-View line adjustment (#4622)
    • Fix integer constant overflows in tests (#4616)
    • Push whitelist now doesn't apply to branch deletion (#4601) (#4607)
    • Fix bugs when too many IN variables (#4594)
    • Fix failure on creating pull request with assignees (#4419) (#4583)
    • Fix panic issue on update avatar email (#4580) (#4581)
    • Fix status code label for a successful webhook (#4540)
    • An inactive user shouldn't be able to be added as a collaborator (#4535)
    • Don't fail silently if trying to add a collaborator twice (#4533)
    • Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525)
    • Fix out-of-transaction query in removeOrgUser (#4521) (#4522)
    • Fix migration from older releases (#4495)
    • Accept 'Data:' in commit graph (#4487)
    • Update xorm to latest version and fix correct user table referencing in sql (#4473)
    • Relative URLs for LibreJS page (#4460)
    • Redirect to correct page after using scratch token (#4458)
    • Fix column droping for MSSQL that need new transaction for that (#4440)
    • Replace src with raw to fix image paths (#4377)
    • Add default merge options when creating new repository (#4369)
    • Fix docker build (#4358)
    • Fixes repo membership check in API (#4341)
    • Dep upgrade mysql lib (#4161)
    • Fix some issues with special chars in branch names (#3767)
    • Responsive design fixes (#4508)
  • TRANSLATION
    • Fix punctuation in English translation (#4958)
    • Fix translation (#4355)

1.5.3 - 2018-10-31

  • SECURITY
    • Fix remote command execution vulnerability in upstream library (#5177) (#5196)

1.5.2 - 2018-10-09

  • SECURITY
    • Enforce token on api routes (#4840) (#4905)
  • BUGFIXES
    • Remove links from topics in edit mode (#5030)
    • Detect charset and convert non UTF-8 files for display (#4950) (#4994)
    • Fix layout of the topics editing form (#4971) (#4993)
    • Fix null pointer dereference in ParseCommitWithSignature (#4964)
    • Fix url in discord webhook (#4951)
    • Fix font-cropping UI bug in diff (#4726) (#4929)
    • Fix bug forget to remove Stopwatch when remove repository (#4933)
    • Fix bug when repo remained bare if multiple branches pushed (#4927)
    • Fix redirect with non-ascii branch names (#4764) (#4887)
    • Fix issues api allow pulls (#4852) (#4862)
    • Fix trimming of markup section names (#4864)

1.5.1 - 2018-09-03

  • SECURITY
    • Don't disclose emails of all users when sending out emails (#4784)
    • Improve URL validation for external wiki and external issues (#4710) (#4740)
    • Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
  • BUGFIXES
    • Fix missing release title in webhook (#4783) (#4800)
    • Make sure to reset commit count in the cache on mirror syncing (#4770)
    • Fixed bug where team with admin privelege type doesn't get any unit (#4759)
    • Fix failure on creating pull request with assignees (#4583) (#4727)
    • Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
  • TRANSLATION
    • Fix incorrect caption of webhook setting (#4701) (#4718)

1.5.0 - 2018-08-10

  • SECURITY
    • Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
    • Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
    • Do not allow to reuse TOTP passcode (#3878)
  • BUGFIXES
    • Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
    • Redirect to correct page after using scratch token (#4458) (#4472)
    • Replace src with raw to fix image paths (#4377) (#4386)
    • Fixes repo membership check in API (#4341) (#4379)
    • Add default merge options when adding new repository (#4369) (#4373)
    • Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
    • Fix html entity escaping in branch deletion message (#4471) (#4485)
    • Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
    • Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519)
    • Fix panic issue on update avatar email (#4580) (#4590)
    • Fix bugs when too many IN variables (#4594) (#4597)
    • Push whitelist now doesn't apply to branch deletion (#4601) (#4640)
    • Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650)
  • FEATURE
    • Add cli commands to regen hooks & keys (#3979)
    • Add support for FIDO U2F (#3971)
    • Added user language setting (#3875)
    • LDAP Public SSH Keys synchronization (#1844)
    • Add topic support (#3711)
    • Multiple assignees (#3705)
    • Add protected branch whitelists for merging (#3689)
    • Global code search support (#3664)
    • Add label descriptions (#3662)
    • Add issue search via API (#3612)
    • Add repository setting to enable/disable health checks (#3607)
    • Emoji Autocomplete (#3433)
    • Implements generator cli for secrets (#3531)
  • ENHANCEMENT
    • Add more webhooks support and refactor webhook templates directory (#3929)
    • Add new option to allow only OAuth2/OpenID user registration (#3910)
    • Add option to use paged LDAP search when synchronizing users (#3895)
    • Symlink icons (#1416)
    • Improve release page UI (#3693)
    • Add admin dashboard option to run health checks (#3606)
    • Add branch link in branch list (#3576)
    • Reduce sql query times in retrieveFeeds (#3547)
    • Option to enable or disable swagger endpoints (#3502)
    • Add missing licenses (#3497)
    • Reduce repo indexer disk usage (#3452)
    • Enable caching on assets and avatars (#3376)
    • Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
    • Add Environment Variables to Docker template (#4012)
    • LFS: make HTTP auth period configurable (#4035)
    • Add config path as an optionial flag when changing pass via CLI (#4184)
    • Refactor User Settings sections (#3900)
    • Allow square brackets in external issue patterns (#3408)
    • Add Attachment API (#3478)
    • Add EnableTimetracking option to app settings (#3719)
    • Add config option to enable or disable log executed SQL (#3726)
    • Shows total tracked time in issue and milestone list (#3341)
  • TRANSLATION
    • Improve English grammar and consistency (#3614)
  • DEPLOYMENT
    • Allow Gitea to run as different USER in Docker (#3961)
    • Provide compressed release binaries (#3991)
    • Sign release binaries (#4188)

1.4.3 - 2018-06-26

  • SECURITY
    • HTML-escape plain-text READMEs (#4192) (#4214)
    • Fix open redirect vulnerability on login screen (#4312) (#4312)
  • BUGFIXES
    • Fix broken monitoring page when running processes are shown (#4203) (#4208)
    • Fix delete comment bug (#4216) (#4228)
    • Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
    • Fix wiki URL encoding bug (#4091) (#4254)
    • Fix code tab link when viewing tags (#3908) (#4263)
    • Fix webhook type conflation (#4285) (#4285)

1.4.2 - 2018-06-04

  • BUGFIXES
    • Adjust z-index for floating labels (#3939) (#3950)
    • Add missing token validation on application settings page (#3976) #3978
    • Webhook and hook_task clean up (#4006)
    • Fix webhook bug of response info is not displayed in UI (#4023)
    • Fix writer cannot read bare repo guide (#4033) (#4039)
    • Don't force due date to current time (#3830) (#4057)
    • Fix wiki redirects (#3919) (#4065)
    • Fix attachment ENABLED (#4064) (#4066)
    • Added deletion of an empty line at the end of file (#4054) (#4074)
    • Use ResolveReference instead of path.Join (#4073)
    • Fix #4081 Check for leading / in base before removing it (#4083)
    • Respository's home page not updated after first push (#4075)

1.4.1 - 2018-05-03

  • BREAKING
    • Add "error" as reserved username (#3882) (#3886)
  • SECURITY
    • Do not allow inactive users to access repositories using private key (#3887) (#3889)
    • Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873)
    • Remove unnecessary allowed safe HTML (#3778) (#3779)
    • Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
  • BUGFIXES
    • Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
    • Fix GPG expire time display when time is zero (#3584) (#3884)
    • Fix to update only issue last update time when adding a comment (#3855) (#3860)
    • Fix repository star count after deleting user (#3781) (#3783)
    • Use the active branch for the code tab (#3720) (#3776)
    • Set default branch name on first push (#3715) (#3723)
    • Show clipboard button if disable HTTP of git protocol (#3773) (#3774)

1.4.0 - 2018-03-25

  • BREAKING
    • Drop deprecated GOGS_WORK_DIR use (#2946)
    • Fix API status code for hook creation (#2814)
  • SECURITY
    • Escape branch name in dropdown menu (#3691) (#3692)
    • Refactor and simplify to correctly validate redirect to URL (#3674) (#3676)
    • Fix escaping changed title in comments (#3530) (#3534)  * Escape search query (#3486) (#3488)
    • Sanitize logs for mirror sync (#3057)
  • FEATURE
    • Serve .patch and .diff for pull requests (#3305, #3293)
    • Add repo-sync-releases admin command (#3254)
    • Support default private when creating or migrating repository (#3239)
    • Writable deploy keys (closes #671) (#3225)
    • Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
    • Added progressbar for issues with checkboxes (#1146). (#3171)
    • Mention completion for issue editor. (#3136)
    • Add 'mark all read' option to notifications (#3097)
    • Git LFS lock api (#2938)
    • Add reactions to issues/PR and comments (#2856)
    • Add dingtalk webhook (#2777)
    • Responsive view (#2750)
  • BUGFIXES
    • Fix wiki inter-links with spaces (#3560) (#3632)
    • Fix query protected branch bug (#3563) (#3571)
    • Fix remove team member issue (#3566) (#3570)
    • Fix the protected branch panic issue (#3567) (#3569)
    • If Mirrors repository no content is fetched, updated time should not be changed (#3551) (#3565)
    • Bug fix for mirrored repository releases sorted (#3522) (#3555)
    • Add issue closed time column to fix activity closed issues list (#3537) (#3540)  * Update markbates/goth library to support OAuth2 with new dropbox API (#3533) (#3539)  * Fixes missing avatars in offline mode (#3471) (#3477)  * Fix synchronization bug in repo indexer (#3455) (#3461)  * Fix rendering of wiki page list if wiki repo contains other files (#3454) (#3463)
    • Fix webhook X-GitHub-* headers casing for better compatibility (#3429)
    • Add content type and doctype to requests made with go-get (#3426, #3423)
    • Fix SQL type error for webhooks (#3424)
    • Fix PR merge error (#3421)
    • Recognize more characters in crossreferenced repo name (#3413)
    • Fix MSSQL bug on org (#3405)
    • HTML escape all lines of the search result (#3402)
    • Change local copy origin url after repository rename (#3399)
    • Force-push to base repo's ref/pull/#/head (#3393)
    • Fix bug when a user delete but assigned on issue (#3318)
    • Use issue number/index instead of id for API URL. Fix #3297 (#3298)
    • Fix repo-transfer-and-team-repo-count bug (#3241)
    • Fix always-on SSL Mode checkbox in admin page (#3208)
    • Fix source download link when no code unit allowed (#3166)
    • Fix org owner cannot be removed if he is not in owner team (#3164)
    • Fix run web with -p push failed (#3154)
    • Fix gpg tmpl (#3153)
    • Fix SSH auth lfs locks (#3152)
    • Improvements for supporting UI Location (#3146)
    • Fix new pull request link (#3133)
    • Fix missing branch in release bug (#3108)
    • Allow adding collaborators with (fullname) (#3103)
    • Fix repo links (#3093)
    • fix lfs url refs + keep path upper/lowercase in db. (#3092)
    • Fix redis session failed (#3086)
    • Fix bugs in issue dashboard stats (#3073)
    • Fix avatar URLs (#3069)
    • Fix ref parsing in commit messages (#3067)
    • Fix issue list branch link broken (#3061)
    • sendmail: correct option to set envelope-sender (#3044)
    • Fix missing password length check when change password (#3039)
    • Fix git lfs path (#3016)
    • Fix API-Endpoint release (#3005) (#3012)
    • Set OpenID support on by default when installing new instance (#3010)
    • Various wiki bug fixes (#2996)
    • Fix go-get, src and raw urls to new scheme (#2978)
    • Fix error when add user has full name to team (#2973)
    • Fix memcache support when value is returned as string always (#2924)
  • ENHANCEMENT
    • Use GiteaServer as the user agent for http requests (#3404)
    • Delete indexer DB entries when (re)creating index (#3385)
    • Change how merged PR commit info are prepared (#3368)
    • Asynchronously populate the repo indexer (#3366)
    • Make the default action for the gitea executable that of running the webserver (#3331)
    • Templates for extra links in top navbar and repo tool tabs. (#3308)
    • Fixed asterisk based tasklist items #3295 (#3296)
    • Add more additional template snippets (#3286)
    • Open external tracker in blank window, consistently with wiki (#3227)
    • Fix repo links on user profile (#3197)
    • Enable emoji for wiki view (#3158)
    • Small improve on deleting attachements (#3145)
    • Reduce overhead of upgrades for users with custom stylesheets/JS (#3051)
    • Default log level to Info without hardcoding it in installer (#3041)
    • Memory usage improvements (#3013)
    • Add fingerprint to ssh key endpoints. (#3009)
    • Improve memory usage when reaching diff limits (#2990)
    • Expandable commit bodies (#2980)
    • Update gitgraph.js to fix blurry commit graph on HiDPI screens (#2957)
    • Fix language names (#2955)
    • Remove render issue link (#2954)
    • Page parameter for repo search API (#2915)
    • Apply LANDING_PAGE config options for logged in users (#2894)
    • Enable admin to search by email (#2888)
    • Hide add key button if SSH is disabled (#2873)
    • Fix comment API paths (#2813)
    • Add an option to allow redirect of http port 80 to https. (#1928)
  • MISC
    • Fix organization profile on mobile devices (#3332)
    • Fix guide link for webhooks in repository settings (#3291) (#3292)
    • Enable Libravatar by default in new installations (#3287)
    • Improve suppressed diff boxes (#3193)
    • fix button heights on commits page (#3091)
    • Minor copy changes (#3074)
    • Sort repos in issues dashboard sidebar (#3072)
    • Remove box-shadow from UI, fix dashboard issue (#3065)
    • Adjust branch button size (#3063)
    • Fix misalignment issue in repo header (#3062)
    • Delete a user's public key via admin api (closes #3014) (#3059)
    • Dashboard: Fix line height problem in issue titles (#3054)
    • Remove duplicate "Max Diff Lines" from config view (#2987)
    • Drop unmaintained gogs migration script (#2947)
    • App restarts to quickly if it fails to start. (#2945)
    • Add owner to delete repo message (#2886)

1.3.1 - 2017-12-08

  • BUGFIXES
    • Sanitize logs for mirror sync (#3057, #3082) (#3078)
    • Fix missing branch in release bug (#3108) (#3117)
    • Fix repo indexer and submodule bug (#3107) (#3110)
    • Fix legacy URL redirects (#3100) (#3106)
    • Fix redis session failed (#3086) (#3089)
    • Fix issue list branch link broken (#3061) (#3070)
    • Fix missing password length check when change password (#3039) (#3071)

1.3.0 - 2017-11-29

  • BREAKING
    • Make URL scheme unambiguous (#2408)
  • FEATURE
    • Add branch overiew page (#2108)
    • Code/repo search (#2582)
    • Add Activity page to repository (#2674)
    • Issue Timetracking (#2211)
    • Add orgmode document type on file view and readme (#2525)
    • Add external markup render support (#2570)
    • Implementation of discord webhook (#2402)
    • Webhooks for repo creation/deletion (#1663)
    • Complete push webhooks (#2530)
    • Add possibility to record branch information in an issue (#780)
    • Create new branch from branch selection dropdown (#2130)
    • Implementation of all repositories of a user from user->settings (#1740)
    • Add LFS object verification step after upload (#2868)
    • Configurable SSH cipher suite (#913)
    • Disable custom Git Hooks globally via configuration file (#2450)
    • Sync releases table with tags on push and for mirrors (#2459)
  • BUGFIXES
    • Fix label comments for French locale (#3017)
    • Remove duplicate "Max Diff Lines" from config view (#3001)
    • Fix over-escaped characters (#2992)
    • Fix go-get, src and raw urls to new scheme (#2986)
    • Fix error when add user has full name to team (#2975)
    • Fix files/commits of merged PRs (#2970)
    • Update golang x/crypto dependencies - Fix SSH transport fail (#2951)
    • Fix memcache support when value is returned as string always (#2950)
    • Fix issue link rendering in commit messages (#2897)
    • Fix adding a new authentication source after selecting OAuth (#2889)
    • Fix new branch creation to new url scheme (#2884)
    • Allow spaces in username for LDAP users (#2880)
    • Fix LFS not returning correct content length when requesting a range … (#2864)
    • Fix fork repository cycle to self (#2860)
    • Fix click create pull request button 404 (#2859)
    • Fix API raw file content access for default branch (#2849)
    • Clean repository ROOT directory name with filepath.Clean (#2846)
    • Fix API raw requests for commits and tags (#2841)
    • Fix order of comments (#2835)
    • Issue content should not be updated when closing with comment (#2833)
    • Fix ordering in app.ini and fix run mode option (#2829)
    • Fix redirect url of legacy commits route (#2825)
    • Fix commits page url (#2823)
    • Fix wrong translations (#2818)
    • Fix dropdown menu position when explore repos (#2808)
    • Fix Git LFS object/repo link storage in database and small refactoring (#2803)
    • Use relative URLs for avatars on the dashboard (#2800)
    • Add checks for commits with missing author and time (#2771)
    • Fix emojify image URL (#2769)
    • Hide unactive on explore users and some refactors (#2741)
    • Fix IE unsupported javascript construction in branch dropdown (#2736)
    • Only update mirror last update after successful sync (#2730)
    • Fix semantic-ui style conflict with v-cloak (#2722)
    • Fixing wrong translation on sort type oldest/latest (#2720)
    • Fix PR, milestone and label functionality if issue unit is disabled (#2710)
    • Fix plain readme didn't render correctly on repo home page (#2705)
    • Fix organization removal from watch table migration (#2703)
    • Fix repository search function (#2689)
    • fix panic on gogs webhook creation (#2675)
    • Fix orgnization user watch repository (#2670)
    • GPG key email verification no longer case sensitive (#2661) (#2663)
    • Fix index column deletion (#2651)
    • table pull_request wasn't updated correctly (#2649)
    • Fix go get response if only app URL is custom in configuration (#2634)
    • Fix doubled issue tab introduced in migration v16 (#2611)
    • Rewrite migrations to not depend on future code changes (#2604)
    • Fix implementation of repo Home func (#2601)
    • Fix translation upload to crowdin (#2599)
    • Reduce usage of allcols on update (#2596)
    • fix go get subpackage bug (#2584)
    • Fix broken migration to add can_push field back to table (#2574)
    • fix readme view bug (#2566)
    • Fix sending mail with a non-latin display name. #2102 (#2559)
    • Restricting access to fork functioanlity to users with Code access (#2534)
    • fix updated update on public key (#2514)
    • Added bucket name to s3 drone plugin (#2505)
    • fixes 500 error on dashboard when using MSSQL (#2504)
    • fix wrong rendering of commit detail page (#2503)
    • Hotfix: Add time manually adds time in nanoseconds (#2499)
    • Remove repository mirrors from "collaborative" list (#2497)
    • fix release failed since the wrong token name (#2496)
    • Fix slice out of bounds error in mailer (#2479)
    • Fix #2470 (#2477)
    • fix orgnization webhooks (#2422)
    • fix webhook test (#2415)
    • fix missing orgnization discord webhook (#2414)
    • Fix route handler order (#2409)
    • Prevent sending emails and notifications to inactive users (#2384)
    • Move themes to plugin directory. Fixes #2372 (#2375)
    • fix duplicated feed (#2370)
    • Fix missing collabrative repos (#2367)
    • Only check at least one email gpg key (#2266)
    • don't check minimum key size when disabled (#1754)
    • Fix run command race (#1470)
    • fix .netrc authentication (#2700)
    • Fix so that user can still fork his own repository to his organizations (#2699)
    • Fix can_push value to false in protected_branch (#2560)
    • Fix copy in email templates (#2801)
    • Fix inconsistencies in user settings UI (#2901)
    • Fix attachments icon size on zoom in/out (#2853)
    • Fix ignored errors in API route (#2850)
    • Fix activity css conflit with semantic ui (#2758)
    • Fix notifications tabs according to semantic-ui docs (#2733)
    • Fix typos in app.ini (#2732)
    • Fix duplicated rel attribute (#2549)
    • Fix tests code to prevent some runtime errors (#2381)
  • ENHANCEMENT
    • Memory usage improvements and lower minimal git requirement to 1.7.2 (#3013) (#3028)
    • Set OpenID support on by default when installing new instance (#3010) (#3027)
    • Use api.TrackedTime in API (#2807)
    • Configurable SSH key exchange algorithm and MAC suite (#2806)
    • Add Safari pinned tab icon (#2799)
    • Improve force push detect when push (#2798)
    • Add wrapping to long diff lines (#2789)
    • Link members and repositories count to each page on org home. (#2787)
    • Show Sendmail settings on admin config page (#2782)
    • Add commit count caching (#2774)
    • Use identicon image for default gravatar. (#2767)
    • Add default ssh ciphers (#2761)
    • Remove manual of unsupported option (#2757)
    • Add search mode option to /api/repo/search (#2756)
    • Move swagger-ui under /api/v1 (#2746)
    • Add support for extra sendmail arguments (#2731)
    • Use buffersize to reduce database connection when iterate (#2724)
    • Render plain text README.txt monospaced (#2721)
    • Integration test for activity page (#2704)
    • Merge password and 2fa page on user settings (#2695)
    • Allow custom SSH user in UI for built-in SSH server (#2617) (#2678)
    • Refactor duplicated code in repo handlers (#2657)
    • Replace deprecated Id method with ID (#2655)
    • Remove redudant functions and code (#2652)
    • hide navbar when only 1 sign-in method is available (#2444) (#2648)
    • Change default sort order (#2647)
    • Change pull description text (#2075) (#2646)
    • Remove direct user adding to organization members (#2641)
    • Use session when creating user (#2638)
    • Use Semantic UI's Search component for user and repo search (#2636)
    • Use AfterLoad instead of AfterSet on Structs (#2628)
    • Remove redudant CheckUnit calls in router (#2627)
    • Remove repo unit index (#2621)
    • Remove redudant issue LoadAttributes() calls (#2614)
    • Make indexer code more reusable (#2590)
    • Use custom type and constants to hold available order by options (#2572)
    • Use named ActionType constants in template helper (#2545)
    • Make basic functionality work without JavaScript (#2541)
    • Ctrl + Enter to submit forms (#2540)
    • Automatically regenerate indexer for incompatible versions (#2524)
    • Set default lfs content path to data/lfs (#2521)
    • Convert spaces to tabs in footer.tmpl (#2520)
    • Sort repository tree entries in natural way (#2506)
    • Open external wiki in new window (#2489)
    • Use created & updated instead BeforeInsert & BeforeUpdate (#2482)
    • Hide branch on pull request view or create UI (#2454)
    • improve protected branch to add whitelist support (#2451)
    • some refactors for issue and comments (#2419)
    • Restructure markup & markdown to prepare for multiple markup language… (#2411)
    • Improve issue search (#2387)
    • Add UseCompatSSHURI setting (#2356)
    • Use custom search for each filter type in dashboard (#2343)
    • Failed authentication are now properly logged (#2334)
    • Add environment variable support for Docker image (#2201)
    • Set session and indexers' data files rel to AppDataPath (#2192)
    • Display commit status on landing page of repo (#1784)
  • TESTING
    • Add integration test for logging out (#2892)
    • Integration test for user deleting account (#2891)
    • Use different directories for session files in integration tests (#2834)
    • Add deleted_branch table fixture (#2832)
    • Include HTTP method in test error message (#2815)
    • Add repository search unit and integration tests (#2575)
    • Expand fixtures (#2571)
    • Fix /api/repo/search integration tests (#2550)
    • Make integration tests more user-friendly (#2536)
    • Fix unit test race condition (#2516)
    • Add missing fixture to clean gpg_key table (#2494)
    • Hotfix for integration testing (#2473)
    • Make repo private to not interfere with other tests (#2467)
    • Error message for integration test (#2410)
    • Fix "index out of range" runtime error in repo_list tests (#2376)
    • Add git clone test on integration test (#1682)
  • TRANSLATION
    • Fix localization texts that contain semicolon (#2900)
    • Fix activity locale (#2709)
    • Update translation from crowdin (#2368)
  • BUILD
    • change the email and name to GitBot account. (#2848)
    • Fix removing backslash before quotes in translations (#2831)
    • add gitea remote in drone. (#2817)
    • add remote name for git push. (#2816)
    • Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791)
    • Download and pushing translations (#2727)
    • Automatic update of translations (#2585)
    • Add pre-build step for nodejs stuff (#2581)
    • Compress css with nodejs (#2580)
    • Remove go version check for make fmt (#2558)
    • Fix lint errors (#2547)
    • Always run fmt check in CI (#2546)
    • Fix fmt errors (#2544)
    • add codecov.io service. (#2493)
    • Fix some tests : make coverage -> test (#2492)
    • Fix fmt error in mailer (#2490)
    • Allow changing integration test database connection using env variables (#2484)
    • Add changelog config file for generate changelog (#2461)
    • Changes for latest DroneCI (#2362)
    • Use standard lessc and minify CSS using Node.js (#2337)
  • DOCS
    • Update screenshots on README (#2910)
    • Gogs -> Gitea (#2909)
    • Update swagger documentation (#2899)
    • Fix typo (#2810)
    • Fix Polish language name spelling (#2766)
    • Fix Various Grammar Issues and Adjust Unnatural Wording (#2737)
    • Add maintainer label for docker file (#2658)
    • Link to gitea-specific Vagrant example (#2624)
    • add release notes of v1.1.4 (#2463)
    • Wrap most paragraphs to 80 columns (#2396)
    • Update CONTRIBUTING following #2329 discussion (#2394)
    • Update hard-coded version to 1.3.0+dev (#2390)
    • Clarify Translation Process. Also fix branch names (#2378)
    • Admin grammar fixes and improvements (#2056)
  • MISC
    • Sync MaxGitDiffLineCharacters with conf/app.ini (#2779)
    • Dockerfile: Updated alpine image to 3.6. (#2486)
    • Basic VSCode configuration for building and debugging (#2483)
    • Added vendor dir for js/css libs; Documented sources (#1484) (#2241)

1.2.3 - 2017-11-03

  • BUGFIXES
    • Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
    • Fix order of comments (#2835) (#2839)

1.2.2 - 2017-10-26

  • BUGFIXES
    • Add checks for commits with missing author and time (#2771) (#2785)
    • Fix sending mail with a non-latin display name (#2559) (#2783)
    • Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
    • Update vendor git (#2765) (#2772)
    • Fix emojify image URL (#2769) (#2773)

1.2.1 - 2017-10-16

  • BUGFIXES
    • Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
    • Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
    • Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
    • Fix .netrc authentication (#2700) (#2708)
    • Fix slice out of bounds error in mailer (#2479) (#2696)

1.2.0 - 2017-10-10

  • SECURITY
    • Sanitation fix from Gogs (#1461)
  • BREAKING
    • Rename /forget_password url to /forgot_password (#1219)
  • FEATURE
    • Logo: Add task to generate images from SVG and change to new logo (#2194)
    • Status-API (#1332)
    • Show commit status icon in commits table (#1688)
    • Additional OAuth2 providers (#1010)
    • GPG commit validation (#1150)
    • Rework SSH key management UI to add GPG (#1293)
    • Implement GPG api (#710)
    • Login via OpenID-2.0 (#618)
    • Add units to team (#947)
    • Batch updates for issues (#926)
    • Add Gitea Webhook (#1755)
    • API: support '/orgs/:org/repos' (#2047)
    • Display all organization from user settings (#1739)
    • LDAP user synchronization (#1478)
    • Adding #issuecomment to the URL in E-Mail notifications (#1674)
    • Add download count field and unit testing for attachment. (#1512)
    • Add repo mirror sync API endpoint (#1508)
    • Add markup package to prepare for org markup format (#1493)
    • Support for custom html meta (#1423)
    • Per issue/PR watch/unwatch (#1410)
    • Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
    • Repo size in admin panel (#1482)
    • Show user OpenID URIs in their profile (#1314)
    • Add change-password admin command (#1304)
    • Only use issue and wiki on repo. (#1297)
    • Allow push to init a wiki repo (#1279)
  • ENHANCEMENT
    • Make time diff translatable (#2057)
    • Smaller watch, star, and fork buttons (#2052)
    • Display config file path on admin panel (#2030)
    • Only show SSH clone URL if signed in (#2169) (#2170)
    • Only show "No Description" to repo admins (#2167)
    • Always return valid go-get meta, even if unauthorized (#2010)
    • Enable assignee e-mail notification (#2003)
    • Let not-logged-in users view releases (#1999)
    • No highlighting for .txt files (#1922)
    • Make side nav on dashboard stackable (#1778)
    • Setting to disable authorized_keys backup (#1856)
    • Hide the create organization button (in dashboard/organization section) (#1705)
    • LFS: Return 404 for unimplemented endpoints (#1330)
    • Show a link to password reset from user settings requiring a password (#862)
    • Reserve the "explore" user/org name (#1222)
    • Send notifications to partecipants in issue comments (#1217)
    • Improve style of user OpenID setting page (#1324)
    • Use font-awesome OpenID icon more (#1320)
    • Use readonly input form to show the validated OpenID URI (#1308)
    • Add captcha support to OpenID based signup (#1307)
    • Minor improvements on commit graph UI (#1380)
    • Mirror sync interval specified as duration string (#1407)
    • Make issue in commit graph "clickable" (#1392)
    • Use whole button (commit graph) as link (#1390)
    • Autofocus on 2fa passcode fields (#1460)
    • Sort on repo size in admin panel (#1654)
    • Improve dashboard repo search (#1652)
    • Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
    • Adds Parent property to the repo API (#1687)
    • Add configuration option for default permission to create Organizations (#1686)
    • Remove sha1 hash display in repository table (#1678)
    • Download files to their original filename (#1676)
    • Exposes in API the Repo entity's Size and IsBare property (#1668)
    • Change two factor code entry box from text to number (#1733)
    • Directly show error if user hit repository limit (#1767)
    • Generate small and large logos at 4x resolution (#2233)
    • Tags listed in releases tab (#2389) (#2424)
  • BUGFIXES
    • Fix adding branch as protected to not allow pushing to it (#2556)
    • Orgs: fix org page title when full name is not defined (#1495)
    • Fix double borders on edit page (#1152) (#1153)
    • Search bar fixes for #1187 and #1205 (#1207)
    • Fix upgrade failed after ever rollback (#1194)
    • Fix FCGI (over TCP) support (#1368)
    • Backport of migration fixes (#2604) (#2677)
    • fix panic on gogs webhook creation (#2675) (#2676)
    • Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662)
    • Fix go get response if only app URL is custom in configuration (#2634) (#2640)
    • Fix deletion of unprotected branches (#2630)
    • Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622)
    • v38 migration used an outdated version of RepoUnit model (#2602)
    • fix go get subpackage bug (#2584) (#2589)
    • Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554)
    • Backport: Restricting access to fork functioanlity to users with Code access (#2542)
    • Fix migration from pre-v15 to 1.2.0 (#2460) (#2465)
    • Fix migration from pre-v15 to 1.2.0 (#2460)
    • fix duplicated feed (#2370) (#2413)
    • Fix releases to be counted from database not tags (#2389)
    • Fix missing collabrative repos (#2367) (#2382)
    • Add more test for login links and fix a bug on action retrieve (#2361)
    • Fix SQL condition bug in GetFeeds(..) (#2360)
    • fix bug on create repo link on dashboard (#2359)
    • Fix order of elements in dashboard html (#2344)
    • Fix repo-search template errors for go1.7 (#2336)
    • Add missing forks key for dashboard repository component (#2325)
    • fix template error on explore repos (#2319)
    • Trigger sync webhooks on UI commit (#2302)
    • fix 500 error when view an issue which's milestone deleted (#2297)
    • Only update needed columns when update user (#2296)
    • Fix rendering of external links (#2292)
    • Fix and improve dashboard repo UI (#2285)
    • Make short link pattern greedy (#2259)
    • Temporarily patch go-ini/ini with fork (#2255)
    • Convert xorm literal queries to method calls (#2253)
    • update code.gitea.io/git in vendor to fix delete branch fails (#2250)
    • Replace calls to xorm UseBool with Where (#2237)
    • rhel7 has a git version with four digits (1.8.3.1) (#2236)
    • Fix internal requests when gitea listens to unix socket or only external IP (#2234)
    • Check for access in /repositories/:id (#2227)
    • Fixed robots.txt 404 error (#2226)
    • Fix counts on issues dashboard (#2215)
    • Fix unclosed session bug (#2214)
    • Add collaborative repositories to the dashboard (#2205)
    • Fix issue updated_unix bug (#2204)
    • Fix Commits nil pointer dereference (#2203)
    • Fix bare-repo bugs (#2199)
    • Fix PR nil-dereference bug (#2195)
    • Allow only single fork per user/organization (#2193)
    • Fix key usage time update if the key is used in parallel for multiple operations (#2185)
    • Only allow token authentication with 2FA enabled (#2184)
    • Fix profile update for non-local users (#2178)
    • Fix compiling without sqlite and gcc (#2177)
    • Make compare button URL aware if current repo is a fork (#2162) (#2163)
    • Remove unit types commits and settings (#2161)
    • Fix OpenID registration route (#2160)
    • Fix repository settings collobration list display (#2151)
    • Ignore invalid issue numbers in commit messages. Fixes #2022 (#2150)
    • Fix SHA1 hash linking (#2143)
    • Fix repo API bug (#2133)
    • Use POSIX complaint ! operator in find (#2132)
    • Fix GET /users/:username/repos endpoint (#2125)
    • Fix username rendering bug (#2122)
    • Fix wiki preview links (#2119)
    • vendor: update sqlite to fix "database is locked" errors (#2116)
    • Fix unchecked error bug (#2110)
    • Fix missing-return bug (#2109)
    • Fix API for branches with slashes (#2096)
    • Fix git hooks update to receive required arguments (#2095)
    • upgrade git source code. (#2094)
    • Fix SQL bug in models.PullRequests (#2092)
    • Don't ignore gravatar error (#2083)
    • Fix release display and correct paging (#2080)
    • remove unnecessary blank lines and wrong error log (#2079)
    • Check for valid renamed usernames (#2077)
    • Update git module (#2074)
    • Fix org hooks UI (#2072)
    • Fix #1271: Call location.reload after XHR finishes (#2071)
    • Fix default ghost assignee bug (#2069)
    • Fix bug in issue labels API (#2048)
    • Load label ID in NewLabels (#2045)
    • Fix: http: multiple response.WriteHeader calls (#2038)
    • Pagination on releases page (#2035)
    • repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032)
    • Fix displaying commits and files of PR created from now deleted fork (#2023)
    • Fix #2001 and fix issue comments hidden (#2016)
    • Update code.gitea.io/git (#2014)
    • Keep sort when switching page (#2013)
    • Important: wrong PR merge commit ID saved (#2007)
    • Don't show non-comments in comments API (#2001)
    • Fix "Dashboard shows deleted comments" (#1995)
    • Make branch deletion URL more like GitHub's, fixes #1397 (#1994)
    • Fix fast-forward PR bug (#1989)
    • Fix GPG email checking to be case insensitive (#1988)
    • fix bug for normal user visit public repo (#1984)
    • fix collborators lack of units on orgnization repositories (#1968)
    • Fix diff of renamed and modified file (#1967)
    • Fix uppercase default branch bug (#1965)
    • Fix bug in Action.loadRepo() (#1959)
    • Fix deleted milestone bug (#1942)
    • Fix engine bug in getIssueByID (#1934)
    • Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)
    • Fix setting.AppPath for integration tests (#1923)
    • Fix search by issue type (#1914)
    • Fix ghost user bug (#1913)
    • Require token before checking membership/ownership (#1905)
    • Bug fixes for org member API (#1904)
    • A missing / to provide a correct endpoint (#1903)
    • Fix 500 in public activity page (#1901)
    • Center-aligned login topbar (#1880)
    • Migration to fix existing owner team units (#1873)
    • Fix paginater length (#1866)
    • Fix bug in removeOrgRepo (#1858)
    • Display draft releases (#1854)
    • Fix 404 for external tracking issues (#1852)
    • Update code.gitea.io/git (#1849)
    • Fix user profile activity feed (#1848)
    • Don't ignore error in getMergeCommit (#1843)
    • Fix locking bug in removeOrgRepo (#1842)
    • Fix status table race condition (#1835)
    • Fix PR template error (#1834)
    • Fix pull request compare link (#1832)
    • Use ghost users in issues/PRs (#1831)
    • Commitless repos should be bare (#1829)
    • Update code.gitea.io/git (#1824)
    • Fix invalid reference in feeds template (#1820)
    • fix bug to deny to add orgnization as a member of an orgnization or team (#1815)
    • xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
    • Fix deadlock in updateRepository (#1813)
    • Give all units to owner team (#1812)
    • Fix 500 for GET /teams/:id endpoints (#1811)
    • fix bug not to trim space of login username (#1796)
    • Fix renaming bug (#1786)
    • Fix activity feed (#1779)
    • Make navbar scroll on overflow (#1777)
    • Delete repo redirects on repo deletion (#1776)
    • Fix unloaded owner bug (#1770)
    • Admin should always be allowed to create repositories even if hit limit (#1765)
    • Update HighlightJS and fix YAML files highlighting (#1764)
    • fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762)
    • fix admin lost permission caused by #947 (#1753)
    • More fixes for dashboard search (#1750)
    • fixes wrong after field in webhook payload (#1746)
    • fix avatar update bug (#1729)
    • Fix FOUC on Firefox (#1728)
    • Fix changes introduce by update of go-swagger. (#1727)
    • Fix #1719 (#1722)
    • Correct flash after sending password reset email (#1718)
    • Fix and test for delete user (#1713)
    • Fix rendering of issue checkboxes (#1709)
    • Enforce netgo build tag while cross-compilation (#1690)
    • fix bug when push a branch name with / & fix an integration test bug (#1689)
    • fix potential sqlite lock (#1680)
    • Fix commit sha1 URL rendering in markdown (#1677)
    • Fix static files permission under public/ (#1675)
    • fix: tag contain character ) will http 500 on release page (#1670)
    • Fix CSS for code in wiki markdown (#1660)
    • fix multiple readme file rendering and fix #1657 (#1658)
    • Add primary key and index to external login user table (#1656)
    • fix #1643 and improve integration test (#1645)
    • Fix version in Makefile (#1636)
    • Handle display of GPG key without end date (#1628)
    • fix bug on issue view when not login (#1624)
    • bug fixed for API to get user's repos (#1622)
    • fix lost text color on button on set as primary email (#1621)
    • Add create_at and updated_at in PR json (#1616)
    • update git and fix #1133 (#1614)
    • fix bug on status API (#1533)
    • Do not show empty collaborators segment (#1531)
    • Fix markdown rendering (#1530)
    • fix go get sub package and add domain on installation to let go get work defaultly (#1518)
    • fix #1501 ssh hangs caused by #1461 (#1513)
    • Fix empty file download (#1506)
    • Fix broken v27 migration - change mirror interval from int to bigint (#1504)
    • Do not allow commiting to protected branch from online editor (#1502)
    • Add internal routes for ssh hook comands (#1471)
    • Fix races within code.gitea.io/git.(*Command).RunInDirTimeoutPipeline (#1465)
    • Simple quick fix for #1418 (#1456)
    • fix gpg API panic when no verification (#1451)
    • fix migrate failed and org dashboard failed on MSSQL database (#1448)
    • Optimize and fix autolink function (#1442) (#1444)
    • Fix and simplify repo branches (settings) UI (#1435)
    • Fix disabled fields in repo settings UI (#1431)
    • fixes pull request hanging when it contains normal and LFS files (#1425)
    • Fix races in the log module by using syncmap (#1421)
    • Add length check for the return string (#1420)
    • Fix "Error: No issue number specified" when pushing (#1393)
    • Corrected Mirror.NextUpdate not set (#1388)
    • fix: remove str2html from org full name (#1360)
    • Correct broken unaligned load/store in armv5 (#1355)
    • Remove href on first/last link when on first/last page (#1345)
    • Fix broken table layout (#1344)
    • LFS: Fix SSH authentication for trailing arguments (#1328)
    • Remove empty file (#1326)
    • Fix delete user failed on sqlite (#1321)
    • Fix inconsistency in layout (#1316)
    • Fix gpg wrong column types (#1303)
    • Fix wiki bugs (#1294)
    • Fix missing less sources for oauth (#1288)
    • Make sure both scripts/ can live side by side (#1264)
    • Fix nil-dereference bug (#1258)
    • rewrite pre-commit, post-commit and options hooks (fixes #1250) (#1257)
    • Commit search appearence fixes (#1254)
    • Fix forget migration for wiki hooks (#1227)
    • Fix repo settings external tracker failed and check external urls (#1215)
    • Fix 500 caused by branches settings introduced by #1198 (#1214)
    • fix #1189, commit messages containing a pipe (#1203)
    • Bug fixed for delete repo failed (#1193)
    • Fix migration failed when authorized_keys is not exist (#1180)
    • Fix ini format incomiptable with crowdin (#1177)
  • TESTING
    • Integration tests for issues API (#2059)
    • Add integration tests for signin (#2363)
    • Add INTERNAL_TOKEN to integration .ini file (#2346)
    • Add public links check (#2323)
    • Fix hooks for integration repo (#2216)
    • More integration tests for comment API (#2156)
    • Cache session cookies in tests (#2128)
    • Less verbose integration tests (#2123)
    • Fix improper setup for integration tests (#2050)
    • Improve integration test helper functions (#2049)
    • Add integration test for issue creating (#2002)
    • Use testing/benchmark interface (#1993)
    • Add integration test for repository migration (#1983)
    • Consolidate boilerplate in integration tests (#1979)
    • Set console to debug for integration tests (#1976)
    • Add pull-create integration test (#1972)
    • Coverage reports for integration tests (#1960)
    • Add integration test for pull-request merge (#1912)
    • Add integration test for file editing (#1907)
    • Add integration test for repository forking (#1896)
    • Run unused test (#1875)
    • Don't recreate database in integration tests (#1697)
    • remove sqlite tag when integration test with mysql/postgres and recreate database when init integration test (#1693)
    • MySQL, Postgres integration tests in drone (#1638)
    • improve integration test to resue models/fixtures and store git repos with tests (#1627)
    • Improve govendor testing (#1623)
    • Integration test framework (#1290)
    • Unit tests for issue_list (#1209)
    • Add integration test for signup (#1135)
  • TRANSLATION
    • update translation from crowdin (#2368) (#2380)
    • Small fixes (#2144)
    • Missing signed commit display translations (#2134)
    • Sync latest translations from crowdin (#2104)
    • Add make command update-translations for update translations from crodwin (#2097)
    • Fix some mistakes (#1833)
    • Improve clarity between is_activated and prohibit_login (#1788)
    • Improve grammar (#1775)
    • Fix bad grammar and wordiness (#1741)
    • Make strings translatable (#1188) (#1198)
  • BUILD
    • Dockerfile for aarch64 (#1128) (#1130)
    • backport from v1.2 branch: add secrets for github release (#2588) (#2598)
    • Add secrets for github release to fix drone failed (#2588)
    • Backport changes for latest drone (#2586)
    • Removing .drone.yml.sig (#2579)
    • Fix drone for tags (#2573) (#2576)
    • Backport: Remove go version check for make fmt (#2558) (#2561)
    • Backport: Fix lint, fmt and integration testing errors (#2553)
    • update latest xorm version to vendor (#2353)
    • Remove integration test executables on make clean (#2340)
    • refactor(Makefile): allow overriding default go program (#2310)
    • Revert to upstream ini dependency (#2304)
    • Use /dev/urandom to create random password (#2298)
    • update drone sig file. (#2262)
    • go get github.com/wadey/gocovmerge when needed (#2235)
    • fix typo (#2145)
    • Revert "Reduce number of layer" (#2086)
    • Reduce number of layer (#2078)
    • Skip sqlite integration in CI (#2058)
    • fix golint error and rename func for suggestion. (#1997)
    • fix misspell (#1996)
    • update drone sig file (#1981)
    • send notification if status changed (#1973)
    • switch gitter to discord for drone. (#1971)
    • Fix missing backslash in Dockerfile.rpi (#1952)
    • Don't run 'make release' on PRs (#1908)
    • Update code.gitea.io/git (#1892)
    • Use production version of vuejs (#1869)
    • Add a variable for docker tag (#1825)
    • resign drone and fix #1816 (#1819)
    • Separate generate swagger + fix sed os specific (#1791)
    • Only run coverage on merges/pushes to master (#1783)
    • Remove stale rule from Makefile (#1782)
    • feat: upgrade drone docker image to support multi-stage build. (#1732)
    • Realy don't cache apk index (#1694)
    • Limit clone depth when drone-building (#1644)
    • Refactor Dockerfile (#1632)
    • Check if missing/modified/unused deps in vendor and fix errors (#1468)
    • Add GOFLAGS and EXTRA_GOFLAGS (#1438)
    • Include formatting check to the make test (and thus also check) rule (#1366)
  • DOCS
    • fix wrong changelog title (#2395)
    • fix webhook link (#2289)
    • Improve swagger doc (#2274)
    • Add link to forum in issue template (#2070)
    • add missing lfs config on example file (#2039)
    • Add discourse link (#2027)
    • Fix wording (#2024)
    • Fix typo (#1974)
    • Swagger docs for list/create forks (#1941)
    • Update links to Discord server (#1940)
    • [ci skip] update discord badge. (#1930)
    • Change join chat from gitter to discord (#1929)
    • Update changelog with v1.1.1 (#1926)
    • Correct grammar in APIEmpty documentation (#1748)
    • Add swagger comment for MirrorSync (#1747)
    • Add "Table of Contents" in CONTRIBUTING.md (#1634)
    • Fix service description in Debian init file (#1538)
    • Use MAINTAINERS file in repository in CONTRIBUTING (#1489)
    • Generate swagger json (#1402)
    • Changed text when password reset disabled. (#1364)
    • Removed email copyright year (#1348)
    • Specify that time interval units are seconds (#1311)
    • Gitea OpenID-2.0 login has been tested with livejournal.com too (#1306)
    • Make wording of commit search more clear (#1291)
    • Add notice that LFS mirroring is not supported (#1251)
    • Fix typos in models/ and modules/ (#1248)
    • Refactor and fix incorrect comment (#1247)
    • Fix migration comment (#1241)
    • Update locale_en-US.ini (#1235)
    • Add LibreJS support (#1201)
    • rename OSX to macOS (#1176)
    • add mssql to app.ini db config comment (#1172)
    • Add MSSQL to issues template (#1171)
  • MISC
    • Add badge and link to the Matrix room (#2348)
    • ignore coverage steps. (#2257)
    • Use sqlite3 database as default for Docker image (#2182)
    • update drone discord plugin to 0.0.4 version (#1992)
    • fix typo (#1990)
    • Move 3rd party js/css into public/vendor and document sources (#2383)
    • Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
    • Fix variable name typo (#2327)
    • Make use of Vue more universal (#2318)
    • Remove (almost) server side data rendering from repo-search component (#2317)
    • Add OpenID configuration in install page (#2276)
    • More tweaks to repo top panel (#2267)
    • File path tweaks in UI (#2264)
    • Make SHOW_USER_EMAIL also apply to profiles (#2258)
    • EnableUnit() -> UnitEnabled() (#2242)
    • Prevent selection of diff line numbers (#2240)
    • Remove unused variable on makefile (#2225)
    • No error log entries for repo 404 (#2200)
    • Refactor vue delimeters to use es6 template delimeters (#2171)
    • Replace tmp with TMPDIR. (#2152)
    • Remove unused files (#2124)
    • Improve org error handling (#2117)
    • Absolute path for setting.CustomConf (#2085)
    • remove deprecated code for Gogs compitable (#2041)
    • Refactor session close as xorm already does everything needed internally (#2020)
    • SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
    • Use monospace font in githook editor (#1958)
    • Fix import order (#1951)
    • Gracefully handle bare repositories on API operations. (#1932)
    • Fix errors caused by force push (#1927)
    • Display URLs in integration test logs (#1924)
    • Set TMPDIR enviroment variable for dump command (#1915)
    • Cache ctx.User in retrieveFeeds (#1902)
    • Make LocalCopyPath a setting instead of a hard-coded path (#1881)
    • Add check misspelling (#1877)
    • Fix misspelled variables (#1874)
    • Gofmt (#1868, #1710, #1662)
    • Rename misnamed migration (#1867)
    • Support CRLF when splitting code lines for display (#1862)
    • Add convert less css file step. (#1861)
    • Prevent accidential selection of line numbers in code view (#1860)
    • Delete Public SSH Key tmp file after calculating fingerprint (#1855)
    • Remove annoying difference in button heights. (#1853)
    • Only run test coverage on master branch. (#1838)
    • Error from mktemp command in MacOS. (#1837)
    • Use writeTmpKeyFile in calcFingerprint (#1828)
    • ROOT_URL setting use the default as shown in conf/app.ini (#1823)
    • Rename RepoCreationNum -> MaxCreationLimit (#1766)
    • Add button to admin ui (#1738)
    • Correct spelling mistakes (#1703)
    • Make openid support default false for compitable with v1.1 (#1650)
    • Send mails as HTML as default. Setting for send as plain text. (#1648)
    • fix potential lock when sqlite (#1647)
    • Optimize png images via Google zopflipng [ci skip] (#1639)
    • Upgrade alpine to v3.5 in Dockerfile (#1633)
    • remove unused vendor packages (#1620)
    • markup: microoptimise for many short filenames in directory (#1534)
    • support health check via / and fix #969 (#1520)
    • Remove env user salt since no need to use (#1515)
    • Drop db operations from hook commands (#1514)
    • Better URL validation (#1507)
    • Migrate WatchInfo struct to api (#1492)
    • refactor: show command help message. (#1486)
    • refactor update ssh key use time (#1466)
    • Set VERSION from git once, in a variable (#1447)
    • Remove unused mutex field (#1440)
    • Simplify settings pages with item list (#1389)
    • Clean-up PostgreSQL Tests (#1361)
    • refactor: remove workaround after the golang 1.7 release. (#1349)
    • Delete the useless code (#1335)
    • Run "make fmt" with go-1.6 (#1333)
    • Refactor admin/auth/new.tmpl (#1277)
    • Refactor repo/issue/view_content.tmpl (#1276)
    • Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
    • Cleaner UI for explore page (#1253) (#1255)
    • Synced licenses with github repo (#1246)
    • Synced gitignores with github repo (#1245)
    • Simplify RepositoryList.loadAttributes() (#1211)
    • Move user_follow to separate file (#1210)
    • Reduce conditionals in signin/signup inner forms (#1138)

1.1.4 - 2017-09-04

  • BUGFIXES
    • Fix rendering of external links (#2292) (#2315)
    • Fix deleted milestone bug (#1942) (#2300)
    • fix 500 error when view an issue which's milestone deleted (#2297) (#2299)
    • Fix SHA1 hash linking (#2143) (#2293)
    • back port from #1709 (#2291)

1.1.3 - 2017-08-03

  • BUGFIXES
    • Fix PR template error (#2008)
    • Fix markdown rendering (fix #1530) (#2043)
    • Fix missing less sources for oauth (backport #1288) (#2135)
    • Don't ignore gravatar error (#2138)
    • Fix diff of renamed and modified file (#2136)
    • Fix fast-forward PR bug (#2137)
    • Fix some security bugs

1.1.2 - 2017-06-13

  • BUGFIXES
    • Enforce netgo build tag while cross-compilation (Backport of #1690) (#1731)
    • fix update avatar
    • fix delete user failed on sqlite (#1321)
    • fix bug not to trim space of login username (#1806)
    • Backport bugfixes #1220 and #1393 to v1.1 (#1758)

1.1.1 - 2017-05-04

  • BUGFIXES
    • Markdown Sanitation Fix #1646
    • Fix broken hooks #1376
    • Fix migration issue #1375
    • Fix Wiki Issues #1338
    • Forgotten migration for wiki githooks #1237
    • Commit messages can contain pipes #1218
    • Verify external tracker URLs #1236
    • Allow upgrade after downgrade #1197
    • 500 on delete repo with issue #1195
    • INI compat with CrowdIn #1192

1.1.0 - 2017-03-09

  • BREAKING
    • The SSH keys can potentially break, make sure to regenerate the authorized keys
  • FEATURE
    • Git LFSv2 support #122
    • API endpoints for repo watching #191
    • Search within private repos #222
    • Hide user email address on explore page #336
    • Protected branch system #339
    • Sendmail for mail delivery #355
    • API endpoints for org webhooks #372
    • Enabled MSSQL support #383
    • API endpoints for org teams #370
    • API endpoints for collaborators #375
    • Graceful server restart #416
    • Commitgraph / timeline on commits page #428
    • API endpoints for repo forks #509
    • API endpoints for releases #510
    • Folder jumping #511
    • Stars tab on profile page #519
    • Notification system #523
    • Push and pull through reverse proxy basic auth #524
    • Search for issues and pull requests #530
    • API endpoint for stargazers #597
    • API endpoints for subscribers #598
    • PID file support #610
    • Two factor authentication (2FA) #630
    • API endpoints for org users #645
    • Release attachments #673
    • OAuth2 consumer #679
    • Add ability to fork your own repos #761
    • Search repository on dashboard #773
    • Search bar on user profile #787
    • Track label changes on issue view #788
    • Allow using custom time format #798
    • Redirects for renamed repos #807
    • Track assignee changes on issue view #808
    • Track title changes on issue view #841
    • Archive cleanup action #885
    • Basic Open Graph support #901
    • Take back control of Git hooks #1006
    • API endpoints for user repos #1059
  • BUGFIXES
    • Fixed counting issues for issue filters #413
    • Added back default settings for SSH #500
    • Fixed repo permissions #513
    • Issues cannot be created with labels #622
    • Add a reserved wiki paths check to the wiki #720
    • Update website binding MaxSize to 255 #722
    • User can see the private activity on public history #818
    • Wrong pages number which includes private repositories #844
    • Trim whitespaces for search keyword #893
    • Don't rewrite non-gitea public keys #906
    • Use fingerprint to check instead content for public key #911
    • Fix random avatars #1147
  • ENHANCEMENT
    • Refactored process manager #75
    • Restrict rights to create new orgs #193
    • Added label and milestone sorting #199
    • Make minimum password length configurable #223
    • Speedup conflict checking on pull requests #276
    • Added button to delete merged pull request branches #441
    • Improved issue references within markdown #471
    • Dutch translation for the landingpage #487
    • Added Gogs migration script #532
    • Support a .gitea folder for issue templates #582
    • Enhanced diff-view coloring #584
    • Added ETag header to avatars #721
    • Added option to config to disable local path imports #724
    • Allow custom public files #782
    • Added pprof endpoint for debugging #801
    • Added X-GitHub-* headers #809
    • Fill SSH key title automatically #863
    • Display Git version on admin panel #921
    • Expose URL field on issue API #982
    • Statically compile the binaries #985
    • Embed build tags into version string #1051
    • Gitignore support for FSharp and Clojure #1072
    • Custom templates for static builds #1087
    • Add ProxyFromEnvironment if none set #1096
  • MISC
    • Replaced remaining Gogs references
    • Added more tests on various packages
    • Use Crowdin for translations again
    • Resolved some XSS attack vectors
    • Optimized and reduced number of database queries

1.0.2 - 2017-02-21

  • BUGFIXES
    • Fixed issue counter #882
    • Fixed XSS vulnerability on wiki page #955
    • Add data dir without session to dump #587
    • Fixed wiki page renaming #958
    • Drop default console logger if not required #960
    • Fixed docker docs link on install page #972
    • Handle SetModel errors #957
    • Fixed XSS vulnerability on milestones #977
    • Fixed XSS vulnerability on alerts #981

1.0.1 - 2017-01-05

  • BUGFIXES
    • Fixed localized MIN_PASSWORD_LENGTH #501
    • Fixed 500 error on organization delete #507
    • Ignore empty wiki repo on migrate #544
    • Proper check access for forking #563
    • Fix SSH domain on installer #506
    • Fix missing data rows on admin UI #580
    • Do not delete tags with releases by default #579
    • Fix missing session config data on admin UI #578
    • Properly show the version within footer on the UI #593

1.0.0 - 2016-12-23

  • BREAKING
    • We have various changes on the API, scripting against API must be updated
  • FEATURE
    • Show last login for admins #121
  • BUGFIXES
    • Fixed sender of notifications #2
    • Fixed keyword hijacking vulnerability #20
    • Fixed non-markdown readme rendering #95
    • Allow updating draft releases #169
    • GitHub API compliance #227
    • Added commit SHA to tag webhook #286
    • Secured links via noopener #315
    • Replace tabs with spaces on wiki title #371
    • Fixed vulnerability on labels and releases #409
    • Fixed issue comment API #449
  • ENHANCEMENT
    • Use proper import path for libravatar #3
    • Integrated DroneCI for tests and builds #24
    • Integrated dependency manager #29
    • Embedded bindata optionally #30
    • Integrated pagination for releases #73
    • Autogenerate version on every build #91
    • Refactored Docker container #104
    • Added short-hash support for downloads #211
    • Display tooltip for downloads #221
    • Improved HTTP headers for issue attachments #270
    • Integrate public as bindata optionally #293
    • Integrate templates as bindata optionally #314
    • Inject more ENV variables into custom hooks #316
    • Correct LDAP login validation #342
    • Integrate conf as bindata optionally #354
    • Serve video files in browser #418
    • Configurable SSH host binding #431
  • MISC
    • Forked from Gogs and renamed to Gitea
    • Catching more errors with logs
    • Fixed all linting errors
    • Made the go linter entirely happy
    • Really integrated vendoring