summaryrefslogtreecommitdiff
path: root/www/gitea
AgeCommit message (Collapse)AuthorFilesLines
2022-06-02Revbump all Go packages after go118 updatebsiegert1-1/+2
2022-05-18gitea: update to 1.16.8khorben3-804/+3515
This is a security update: * CVE-2022-30781 * CVE-2022-27313 * and more security issues fixed but without CVEs - see below XXX pull-up to pkgsrc-2022Q1 Tested on NetBSD/amd64. Changes in 1.16.8: ENHANCEMENTS * Add doctor check/fix for bogus action rows (#19656) (#19669) * Make .cs highlighting legible on dark themes (#19604) (#19605) BUGFIXES * Fix oauth setting list bug (#19681) * Delete user related oauth stuff on user deletion too (#19677) (#19680) * Fix new release from tags list UI (#19670) (#19673) * Prevent NPE when checking repo units if the user is nil (#19625) (#19630) * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629) * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607) * Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591) * Fix sending empty notifications (#19589) (#19590) * Ignore DNS error when doing migration allow/block check (#19566) (#19567) * Fix issue overview for teams (#19652) (#19653) Changes in 1.16.7: SECURITY * Escape git fetch remote (#19487) (#19490) CVE-2022-30781 BUGFIXES * Don't overwrite err with nil (#19572) (#19574) * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568) * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560) * Don't error when branch's commit doesn't exist (#19547) (#19548) * Support hostname:port to pass host matcher's check (#19543) (#19544) * Prevent intermittent race in attribute reader close (#19537) (#19539) * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532) * Prevent dangling archiver goroutine (#19516) (#19526) * Fix migrate release from github (#19510) (#19523) * When view _Siderbar or _Footer, just display once (#19501) (#19522) * Fix blame page select range error and some typos (#19503) * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484) * User specific repoID or xorm builder conditions for issue search (#19475) (#19476) * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466) * RepoAssignment ensure to close before overwrite (#19449) (#19460) * Set correct PR status on 3way on conflict checking (#19457) (#19458) * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446) Changes in 1.16.6: ENHANCEMENTS * Only request write when necessary (#18657) (#19422) * Disable service worker by default (#18914) (#19342) BUGFIXES * When dumping trim the standard suffices instead of a random suffix (#19440) (#19447) * Fix DELETE request for non-existent public key (#19443) (#19444) * Don't panic on ErrEmailInvalid (#19441) (#19442) * Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438) * Warn on SSH connection for incorrect configuration (#19317) (#19437) * Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436) * When updating mirror repo intervals by API reschedule next update too (#19429) (#19433) * Fix nil error when some pages are rendered outside request context (#19427) (#19428) * Fix double blob-hunk on diff page (#19404) (#19405) * Don't allow merging PR's which are being conflict checked (#19357) (#19358) * Fix middleware function's placements (#19377) (#19378) * Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338) * Restore user autoregistration with email addresses (#19261) (#19312) * Move checks for pulls before merge into own function (#19271) (#19277) * Granular webhook events in editHook (#19251) (#19257) * Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248) * Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236) * Touch mirrors on even on fail to update (#19217) (#19233) * Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231) * Fix clone url JS error for the empty repo page (#19209) * Bump goldmark to v1.4.11 (#19201) (#19203) TESTING * Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228) BUILD * Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319) MISC * Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289) * Check go and nodejs version by go.mod and package.json (#19197) (#19254) Changes in 1.16.5: BREAKING * Bump to build with go1.18 (#19120 et al) (#19127) SECURITY * Prevent redirect to Host (2) (#19175) (#19186) * Try to prevent autolinking of displaynames by email readers (#19169) (#19183) * Clean paths when looking in Storage (#19124) (#19179) * Do not send notification emails to inactive users (#19131) (#19139) * Do not send activation email if manual confirm is set (#19119) (#19122) ENHANCEMENTS * Use the new/choose link for New Issue on project page (#19172) (#19176) BUGFIXES * Fix showing issues in your repositories (#18916) (#19191) * Fix compare link in active feeds for new branch (#19149) (#19185) * Redirect .wiki/* ui link to /wiki (#18831) (#19184) * Ensure deploy keys with write access can push (#19010) (#19182) * Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177) * Cleanup protected branches when deleting users & teams (#19158) (#19174) * Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160) * Fix NPE /repos/issues/search when not signed in (#19154) (#19155) * Use custom favicon when viewing static files if it exists (#19130) (#19152) * Fix the editor height in review box (#19003) (#19147) * Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146) * Fix wrong scopes caused by empty scope input (#19029) (#19145) * Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141) * Handle email address not exist (#19089) (#19121) MISC * Update json-iterator to allow compilation with go1.18 (#18644) (#19100) * Update golang.org/x/crypto (#19097) (#19098) Changes in 1.16.4: SECURITY * Restrict email address validation (#17688) (#19085) * Fix lfs bug (#19072) (#19080) ENHANCEMENTS * Improve SyncMirrors logging (#19045) (#19050) BUGFIXES * Refactor mirror code & fix StartToMirror (#18904) (#19075) * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060) * Prevent 500 when there is an error during new auth source post (#19041) (#19059) * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056) * Fix flag validation (#19046) (#19051) * Add pam account authorization check (#19040) (#19047) * Ignore missing comment for user notifications (#18954) (#19043) * Set rel="nofollow noindex" on new issue links (#19023) (#19042) * Upgrading binding package (#19034) (#19035) * Don't show context cancelled errors in attribute reader (#19006) (#19027) * Fix update hint bug (#18996) (#19002) MISC * Fix potential assignee query for repo (#18994) (#18999) Changes in 1.16.3: SECURITY * Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313 ENHANCEMENTS * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938) BUGFIXES * Set max text height to prevent overflow (#18862) (#18977) * Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974) * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964) * Send 404 on /{org}.gpg (#18959) (#18962) * Fix admin user list pagination (#18957) (#18960) * Fix lfs management setting (#18947) (#18946) * Fix login with email panic when email is not exist (#18942) * Update go-org to v1.6.1 (#18932) (#18933) * Fix <strong> html in translation (#18929) (#18931) * Fix page and missing return on unadopted repos API (#18848) (#18927) * Allow adminstrator teams members to see other teams (#18918) (#18919) * Don't treat BOM escape sequence as hidden character. (#18909) (#18910) * Correctly link URLs to users/repos with dashes, dots or underscores (
 (#18908) * Fix redirect when using lowercase repo name (#18775) (#18902) * Fix migration v210 (#18893) (#18892) * Fix team management UI (#18887) (18886) * BeforeSourcePath should point to base commit (#18880) (#18799) TRANSLATION * Backport locales from master (#18944) MISC * Don't update email for organisation (#18905) (#18906) Changes in 1.16.2: ENHANCEMENTS * Show fullname on issue edits and gpg/ssh signing info (#18828) * Immediately Hammer if second kill is sent (#18823) (#18826) * Allow mermaid render error to wrap (#18791) BUGFIXES * Fix ldap user sync missed email in email_address table (#18786) (#18876) * Update assignees check to include any writing team and change org sidebar (#18680) (#18873) * Don't report signal: killed errors in serviceRPC (#18850) (#18865) * Fix bug where certain LDAP settings were reverted (#18859) * Update go-org to 1.6.0 (#18824) (#18839) * Fix login with email for ldap users (#18800) (#18836) * Fix bug for get user by email (#18834) * Fix panic in EscapeReader (#18820) (#18821) * Fix ldap loginname (#18789) (#18804) * Remove redundant call to UpdateRepoStats during migration (#18591) (#18794) * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788) * Fix template bug of LFS lock (#18784) (#18787) * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771) * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765) * Fix a broken link in commits_list_small.tmpl (#18763) (#18764) * Increase the size of the webauthn_credential credential_id field (#18739) (#18756) * Prevent dangling GetAttribute calls (#18754) (#18755) * Fix isempty detection of git repository (#18746) (#18750) * Fix source code line highlighting on external tracker (#18729) (#18740) * Prevent double encoding of branch names in delete branch (#18714) (#18738) * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737) * Fix forked repositories missed tags (#18719) (#18735) * Fix release typo (#18728) (#18731) * Separate the details links of commit-statuses in headers (#18661) (#18730) * Update object repo with the migrated repository (#18684) (#18726) * Fix bug for version update hint (#18701) (#18705) * Fix issue with docker-rootless shimming script (#18690) (#18699) * Let MinUnitAccessMode return correct perm (#18675) (#18689) * Prevent security failure due to bad APP_ID (#18678) (#18682) * Restart zero worker if there is still work to do (#18658) (#18672) * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645) TESTING * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767) BUILD * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741) MISC * Put buttons back in org dashboard (#18817) (#18825) * Various Mermaid improvements (#18776) (#18780) * C preprocessor colors improvement (#18671) (#18696) * Fix the missing i18n key for update checker (#18646) (#18665)
2022-05-11Revbump all Go packages after go118 updatebsiegert1-2/+2
2022-04-18revbump for textproc/icu updateadam1-2/+2
2022-04-13Revbump all Go packages after go117 updatebsiegert1-2/+2
2022-03-28gitea: don't download distfiles during build phase (convert to go-module.mk)tnn3-6/+8022
2022-03-23gitea: minor fix to the RC scriptkhorben2-3/+5
This sets the working directory to / before issuing commands to Gitea. Fix from the pgsql script; it addresses the following issue when managing Gitea: # /etc/rc.d/gitea restart Stopping gitea. sh: Cannot determine current working directory Starting gitea. sh: Cannot determine current working directory (and then Gitea not starting again) Bumps PKGREVISION. During freeze, but leaf package AFAICT. Tested on NetBSD/amd64.
2022-03-07Revbump all Go packages after go117 updatebsiegert1-1/+2
2022-02-16gitea: updated to 1.16.1tm4-109/+262
Changing the the maintainership and providing latest version including frontend. Changes since 1.13.4: * SECURITY * Update JS dependencies, fix lint (#18389) (#18540) * ENHANCEMENTS * Add dropdown icon to label set template dropdown (#18564) (#18571) * BUGFIXES * comments on migrated issues/prs must link to the comment ID (#18630) (#18637) * Stop logging an error when notes are not found (#18626) (#18635) * Ensure that blob-excerpt links work for wiki (#18587) (#18624) * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620) * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606) * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588) * Prevent panic on prohibited user login with oauth2 (#18562) (#18563) * Collaborator trust model should trust collaborators (#18539) (#18557) * Detect conflicts with 3way merge (#18536) (#18537) * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535) * Add `GetUserTeams` (#18499) (#18531) * Fix review excerpt (#18502) (#18530) * Fix for AvatarURL database type (#18487) (#18529) * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505) * Fix OAuth Source Edit Page (#18495) (#18503) * Use "read" value for General Access (#18496) (#18500) * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473) * BUILD * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569) * DOCS * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534) * BREAKING * Remove golang vendored directory (#18277) * Paginate releases page & set default page size to 10 (#16857) * Use shadowing script for docker (#17846) * Only allow webhook to send requests to allowed hosts (#17482) * SECURITY * Disable content sniffing on `PlainTextBytes` (#18359) (#18365) * Only view milestones from current repo (#18414) (#18417) * Sanitize user-input on file name (#17666) * Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks (#17605) * FEATURES * Add/update SMTP auth providers via cli (#18197) * Support webauthn (#17957) * Team permission allow different unit has different permission (#17811) * Implement Well-Known URL for password change (#17777) * Add support for ssh commit signing (#17743) * Allow Loading of Diffs that are too large (#17739) * Add copy button to markdown code blocks (#17638) * Add .gitattribute assisted language detection to blame, diff and render (#17590) * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568) * Add Reindex buttons to repository settings page (#17494) * Make SSL cipher suite configurable (#17440) * Add groups scope/claim to OIDC/OAuth2 Provider (#17367) * Add simple update checker to Gitea (#17212) * Migrated Repository will show modifications when possible (#17191) * Create pub/priv keypair for federation (#17071) * Make LDAP be able to skip local 2FA (#16954) * Add nodeinfo endpoint for federation purposes (#16953) * Save and view issue/comment content history (#16909) * Use git attributes to determine generated and vendored status for language stats and diffs (#16773) * Add migrate from Codebase (#16768) * Add migration from GitBucket (#16767) * Add OAuth2 introspection endpoint (#16752) * Add proxy settings and support for migration and webhook (#16704) * Add microsoft oauth2 providers (#16544) * Send registration email on user autoregistration (#16523) * Defer Last Commit Info (#16467) * Support unprotected file patterns (#16395) * Add migrate from OneDev (#16356) * Add option to update pull request by `rebase` (#16125) * Add RSS/Atom feed support for user actions (#16002) * Add support for corporate WeChat webhooks (#15910) * Add a simple way to rename branch like gh (#15870) * Add bundle download for repository (#14538) * Add agit flow support in gitea (#14295) * API * Add MirrorUpdated field to Repository API type (#18267) * Adjust Fork API to allow setting a custom repository name (#18066) * Add API to manage repo tranfers (#17963) * Add API to get file commit history (#17652) * Add API to get issue/pull comments and events (timeline) (#17403) * Add API to get/edit wiki (#17278) * Add API for get user org permissions (#17232) * Add HTML urls to notification API (#17178) * Add API to get commit diff/patch (#17095) * Respond with updated notifications in API (#17064) * Add API to fetch git notes (#16649) * Generalize list header for API (#16551) * Add API Token Cache (#16547) * Allow Token API calls be authorized using the reverse-proxy header (#15119) * ENHANCEMENTS * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319) * Return nicer error if trying to pull from non-existent user (#18288) * Show pull link for agit pull request also (#18235) * Enable partial clone by default (#18195) * Added replay of webhooks (#18191) * Show OAuth callback error message (#18185) * Increase Salt randomness (#18179) * Add MP4 as default allowed attachment type (#18170) * Include folders into size cost (#18158) * Remove `/email2user` endpoint (#18127) * Handle invalid issues (#18111) * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069) * Support open compare page directly (#17975) * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954) * Clean legacy SimpleMDE code (#17926) * Refactor install page (db type) (#17919) * Improve interface when comparing a branch which has created a pull request (#17911) * Allow default branch to be inferred on compare page (#17908) * Display issue/comment role even if repo archived (#17907) * Always set a message-id on mails (#17900) * Change `<a>` elements to underline on hover (#17898) * Render issue references in file table (#17897) * Handle relative unix socket paths (#17836) * Move accessmode into models/perm (#17828) * Fix some org style problems (#17807) * Add List-Unsubscribe header (#17804) * Create menus for organization pages (#17802) * Switch archive URL code back to href attributes (#17796) * Refactor "refs/*" string usage by using constants (#17784) * Allow forks to org if you can create repos (#17783) * Improve install code to avoid low-level mistakes. (#17779) * Improve ellipsis buttons (#17773) * Add restrict and no-user-rc to authorized_keys (#17772) * Add copy Commit ID button in commits list (#17759) * Make `bind` error more readable (#17750) * Fix navbar on project view (#17749) * More pleasantly handle broken or missing git repositories (#17747) * Use `*PushUpdateOptions` as receiver (#17724) * Remove unused `user` paramater (#17723) * Better builtin avatar generator (#17707) * Cleanup and use global style on popups (#17674) * Move user/org deletion to services (#17673) * Added comment for changing issue ref (#17672) * Allow admins to change user avatars (#17661) * Only set `data-path` once for each file in diff pages (#17657) * Add icon to vscode clone link (#17641) * Add download button for file viewer (#17640) * Add pagination to fork list (#17639) * Use a standalone struct name for Organization (#17632) * Minor readability patch. (#17627) * Add context support for GetUserByID (#17602) * Move merge-section to `> .content` (#17582) * Remove NewSession method from db.Engine interface (#17577) * Move unit into models/unit/ (#17576) * Restrict GetDeletedBranchByID to the repositories deleted branches (#17570) * Refactor commentTags functionality (#17558) * Make Repo Code Indexer an Unique Queue (#17515) * Simplify Gothic to use our session store instead of creating a different store (#17507) * Add settings to allow different SMTP envelope from address (#17479) * Properly determine CSV delimiter (#17459) * Hide label comments if labels were added and removed immediately (#17455) * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438) * Add appearance section in settings (#17433) * Move key forms before list and add cancel button (#17432) * When copying executables to the docker chmod them (#17423) * Remove deprecated `extendDefaultPlugins` method of svgo (#17399) * Fix the click behavior for <tr> and <td> with [data-href] (#17388) * Refactor update checker to use AppState (#17387) * Improve async/await usage, and sort init calls in `index.js` (#17386) * Use a variable but a function for IsProd because of a slight performance increment (#17368) * Frontend refactor, PascalCase to camelCase, remove unused code (#17365) * Hide command line merge instructions when user can't push (#17339) * Move session to models/login (#17338) * Sync gitea app path for git hooks and authorized keys when starting (#17335) * Make the Mirror Queue a queue (#17326) * Add "Copy branch name" button to pull request page (#17323) * Fix repository summary on mobile (#17322) * Split `index.js` to separate files (#17315) * Show direct match on top for user search (#17303) * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301) * Upgrade chi to v5 (#17298) * Disable form autofill (#17291) * Improve behavior of "Fork" button (#17288) * Open markdown image links in new window (#17287) * Add hints for special Wiki pages (#17283) * Move add deploy key form before the list and add a cancel button (#17228) * Allow adding multiple issues to a project (#17226) * Add metrics to get issues by repository (#17225) * Add specific event type to header (#17222) * Redirect on project after issue created (#17211) * Reference in new issue modal: dont pre-populate issue title (#17208) * Always set a unique Message-ID header (#17206) * Add projects and project boards in exposed metrics (#17202) * Add metrics to get issues by label (#17201) * Add protection to disable Gitea when run as root (#17168) * Don't return binary file changes in raw PR diffs by default (#17158) * Support sorting for project board issuses (#17152) * Force color-adjust for markdown checkboxes (#17146) * Add option to copy line permalink (#17145) * Move twofactor to models/login (#17143) * Multiple tokens support for migrating from github (#17134) * Unify issue and PR subtitles (#17133) * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125) * Fix problem when database id is not increment as expected (#17124) * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123) * Re-allow clipboard copy on non-https sites (#17118) * DBContext is just a Context (#17100) * Move login related structs and functions to models/login (#17093) * Add SkipLocal2FA option to pam and smtp sources (#17078) * Move db related basic functions to models/db (#17075) * Fixes username tagging in "Reference in new issue" (#17074) * Use light/dark theme based on system preference (#17051) * Always emit the configuration path (#17036) * Add `AbsoluteListOptions` (#17028) * Use common sessioner for API and Web (#17027) * Fix overflow label in small view (#17020) * Report the associated filter if there is an error in LDAP (#17014) * Add "new issue" btn on project (#17001) * Add doctor dbconsistency check for release and attachment (#16978) * Disable Fomantic's CSS tooltips (#16974) * Add Cache-Control to avatar redirects (#16973) * Make mirror feature more configurable (#16957) * Add skip and limit to git.GetTags (#16897) * Remove ParseQueueConnStr as it is unused (#16878) * Remove unused Fomantic sidebar module (#16853) * Allow LDAP Sources to provide Avatars (#16851) * Remove Dashboard/Home button from the navbar (#16844) * Use conditions but not repo ids as query condition (#16839) * Add user settings key/value DB table (#16834) * Add buttons to allow loading of incomplete diffs (#16829) * Add information for migrate failure (#16803) * Add EdDSA JWT signing algorithm (#16786) * Add user status filter to admin user management page (#16770) * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766) * Do not use thin scrollbars on Firefox (#16738) * Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731) * Compute proper foreground color for labels (#16729) * Add edit button to wiki sidebar and footer (#16719) * Fix migration svg color (#16715) * Add link to vscode to repo header (#16664) * Add filter by owner and team to issue/pulls search endpoint (#16662) * Kanban colored boards (#16647) * Allow setting X-FRAME-OPTIONS (#16643) * Separate open and closed issue in metrics (#16637) * Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635) * Add setting to OAuth handlers to skip local 2FA authentication (#16594) * Make PR merge options more intuitive (#16582) * Show correct text when comparing commits on empty pull request (#16569) * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556) * Add an abstract json layout to make it's easier to change json library (#16528) * Make Mermaid.js limit configurable (#16519) * Improve 2FA autofill (#16473) * Add modals to Organization and Team remove/leave (#16471) * Show tag name on dashboard items list (#16466) * Change default cron schedules from @every 24h to @midnight (#16431) * Prevent double sanitize (#16386) * Replace `list.List` with slices (#16311) * Add configuration option to restrict users by default (#16256) * Move login out of models (#16199) * Support pagination of organizations on user settings pages (#16083) * Switch migration icon to svg (#15954) * Add left padding for chunk header of split diff view (#13397) * Allow U2F 2FA without TOTP (#11573) * BUGFIXES * GitLab reviews may not have the updated_at field set (#18450) (#18461) * Fix detection of no commits when the default branch is not master (#18422) (#18423) * Fix broken oauth2 authentication source edit page (#18412) (#18419) * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404) * Fix restore without topic failure (#18387) (#18400) * Fix commit's time (#18375) (#18392) * Fix partial cloning a repo (#18373) (#18377) * Stop trimming preceding and suffixing spaces from editor filenames (#18334) * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18386) * Fix mime-type detection for HTTP server (#18370) (#18371) * Stop trimming preceding and suffixing spaces from editor filenames (#18334) * Restore propagation of ErrDependenciesLeft (#18325) * Fix PR comments UI (#18323) * Use indirect comparison when showing pull requests (#18313) * Replace satori/go.uuid with gofrs/uuid (#18311) * Fix commit links on compare page (#18310) * Don't show double error response in git hook (#18292) * Handle missing default branch better in owner/repo/branches page (#18290) * Fix CheckRepoStats and reuse it during migration (#18264) * Prevent underline hover on cards (#18259) * Don't delete branch if other PRs with this branch are open (#18164) * Require codereview to have content (#18156) * Allow admin to associate missing LFS objects for repositories (#18143) * When attempting to subscribe other user to issue report why access denied (#18091) * Add option to convert CRLF to LF line endings for sendmail (#18075) * Only create pprof files for gitea serv if explicitly asked for (#18068) * Abort merge if head has been updated before pressing merge (#18032) * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004) * Use JSON module instead of stdlib json (#18003) * Fixed issue merged/closed wording (#17973) * Return nicer error for ForcePrivate (#17971) * Fix overflow in commit graph (#17947) * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941) * Use disable_form_autofill on Codebase and Gitbucket (#17936) * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928) * Fix markdown URL parsing (#17924) * Apply CSS Variables to all message elements (#17920) * Improve checkBranchName (#17901) * Update chi/middleware to chi/v5/middleware (#17888) * Fix position of label color picker colors (#17866) * Fix ListUnadoptedRepositories incorrect total count (#17865) * Remove whitespace inside rendered code `<td>` (#17859) * Make Co-committed-by and co-authored-by trailers optional (#17848) * Fix value of User.IsRestricted when oauth2 user registration (#17839) * Use new OneDev /milestones endpoint (#17782) * Prevent deadlock in TestPersistableChannelQueue (#17717) * Simplify code for writing SHA to name-rev (#17696) * Fix database deadlock when update issue labels (#17649) * Add warning for BIDI characters in page renders and in diffs (#17562) * Fix ipv6 parsing for builtin ssh server (#17561) * Multiple Escaping Improvements (#17551) * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442) * Show client-side error if wiki page is empty (#17415) * Fix context popup error (#17398) * Stop sanitizing full name in API (#17396) * Fix issue close/comment buttons on mobile (#17317) * Fix navbar UI (#17235) * Fix problem when database id is not increment as expected (#17229) * Open the DingTalk link in browser (#17084) * Remove heads pointing to missing old refs (#17076) * Fix commit status index problem (#17061) * Handle broken references in mirror sync (#17013) * Fix for create repo page layout (#17012) * Improve LDAP synchronization efficiency (#16994) * Add repo_id for attachment (#16958) * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705) * Remove duplicate csv import in modules/csv/csv.go (#16631) * Improve SMTP authentication and Fix user creation bugs (#16612) * Fixed emoji alias not parsed in links (#16221) * Calculate label URL on API (#16186) * TRANSLATION * Fix mispelling of starred as stared (#17465) * Re-separate the color translation strings (#17390) * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998) * BUILD * Add lockfile-check (#18285) * Don't store assets modified time into generated files (#18193) * MISC * Update JS dependencies (#17611) * SECURITY * Only view milestones from current repo (#18414) (#18418) * BUGFIXES * Fix broken when no commits and default branch is not master (#18422) (#18424) * Fix commit's time (#18375) (#18409) * Fix restore without topic failure (#18387) (#18401) * Fix mermaid import in 1.15 (it uses ESModule now) (#18382) * Update to go/text 0.3.7 (#18336) * MISC * Upgrade EasyMDE to 2.16.1 (#18278) (#18279) * BUGFIXES * Fix inconsistent PR comment counts (#18260) (#18261) * Fix release link broken (#18252) (#18253) * Fix update user from site administration page bug (#18250) (#18251) * Set HeadCommit when creating tags (#18116) (#18173) * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152) * Fix purple color in suggested label colors (#18241) (#18242) * SECURITY * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206) * BUGFIXES * Fix wrong redirect on org labels (#18128) (#18134) * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095) * Revert "Fix delete u2f keys bug (#18042)" (#18107) * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104) * Prevent NPE if gitea uploader fails to open url (#18080) (#18101) * Reset locale on login (#17734) (#18100) * Correctly handle failed migrations (#17575) (#18099) * Instead of using routerCtx just escape the url before routing (#18086) (#18098) * Quote references to the user table in consistency checks (#18072) (#18073) * Add NotFound handler (#18062) (#18067) * Ensure that git repository is closed before transfer (#18049) (#18057) * Use common sessioner for API and web routes (#18114) * TRANSLATION * Fix code search result hint on zh-CN (#18053) * BUGFIXES * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046) * Fix delete u2f keys bug (#18040) (#18042) * Reset Session ID on login (#18018) (#18041) * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035) * Stop printing 03d after escaped characters in logs (#18030) (#18034) * Reset locale on login (#18023) (#18025) * Fix reset password email template (#17025) (#18022) * Fix outType on gitea dump (#18000) (#18016) * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015) * Fix rename notification bug (#18011) * Prevent double decoding of % in url params (#17997) (#18001) * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992) * Prevent deadlock in create issue (#17970) (#17982) * TESTING * Use non-expiring key. (#17984) (#17985) * ENHANCEMENTS * Only allow webhook to send requests to allowed hosts (#17482) (#17510) * Fix login redirection links (#17451) (#17473) * BUGFIXES * Fix database inconsistent when admin change user email (#17549) (#17840) * Use correct user on releases (#17806) (#17818) * Fix commit count in tag view (#17698) (#17790) * Fix close issue but time watcher still running (#17643) (#17761) * Fix Migrate Description (#17692) (#17727) * Fix bug when project board get open issue number (#17703) (#17726) * Return 400 but not 500 when request archive with wrong format (#17691) (#17700) * Fix bug when read mysql database max lifetime (#17682) (#17690) * Fix database deadlock when update issue labels (#17649) (#17665) * Fix bug on detect issue/comment writer (#17592) * Remove appSubUrl from pasted images (#17572) (#17588) * Make `ParsePatch` more robust (#17573) (#17580) * Fix stats upon searching issues (#17566) (#17578) * Escape issue titles in comments list (#17555) (#17556) * Fix zero created time bug on commit api (#17546) (#17547) * Fix database keyword quote problem on migration v161 (#17522) (#17523) * Fix email with + when active (#17518) (#17520) * Stop double encoding blame commit messages (#17498) (#17500) * Quote the table name in CountOrphanedObjects (#17487) (#17488) * Run Migrate in Install rather than just SyncTables (#17475) (#17486) * BUILD * Fix golangci-lint warnings (#17598 et al) (#17668) * MISC * Preserve color when inverting emojis (#17797) (#17799) * BUGFIXES * Prevent panic in serv.go with Deploy Keys (#17434) (#17435) * Fix CSV render error (#17406) (#17431) * Read expected buffer size (#17409) (#17430) * Ensure that restricted users can access repos for which they are members (#17460) (#17464) * Make commit-statuses popup show correctly (#17447) (#17466) * TESTING * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463) * SECURITY * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) * BUGFIXES * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) * Ensure popup text is aligned left (backport for 1.15) (#17343) * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) * Disable core.protectNTFS (#17300) (#17302) * Use pointer for wrappedConn methods (#17295) (#17296) * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) * Handle duplicate keys on GPG key ring (#17242) (#17284) * Fix SVG side by side comparison link (#17375) (#17391) * BUGFIXES * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272) * Don't allow merged PRs to be reopened (#17192) (#17271) * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266) * Fix unwanted team review request deletion (#17257) (#17264) * Fix broken Activities link in team dashboard (#17255) (#17258) * API pull's head/base have correct permission(#17214) (#17245) * Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227) * Upgrade xorm to v1.2.5 (#17177) (#17188) * Fix missing repo link in issue/pull assigned emails (#17183) (#17184) * Fix bug of get context user (#17169) (#17172) * Nicely handle missing user in collaborations (#17049) (#17166) * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164) * Fix wrong i18n keys (#17150) (#17153) * Fix Archive Creation: correct transaction ending (#17151) * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141) * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) * ENHANCEMENT * Check user instead of organization when creating a repo from a template via API (#16346) (#17195) * TRANSLATION * v1.15 fix Sprintf format 'verbs' in locale files (#17187) * ENHANCEMENTS * Add fluid to ui container class to remove margin (#16396) (#16976) * Add caller to cat-file batch calls (#17082) (#17089) * BUGFIXES * Render full plain readme. (#17083) (#17090) * Upgrade xorm to v1.2.4 (#17059) * Fix bug of migrate comments which only fetch one page (#17055) (#17058) * Do not show issue context popup on external issues (#17050) (#17054) * Decrement Fork Num when converting from Fork (#17035) (#17046) * Correctly rollback in ForkRepository (#17034) (#17045) * Fix missing close in WalkGitLog (#17008) (#17009) * Add prefix to SVG id/class attributes (#16997) (#17000) * Fix bug of migrated repository not index (#16991) (#16996) * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990) * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) * Fix issue with issue default mail template (#16956) (#16975) * Ensure that rebase conflicts are handled in updates (#16952) (#16960) * Prevent panic on diff generation (#16950) (#16951) * BUGFIXES * Add unique constraint back into issue_index (#16938) * Close storage objects before cleaning (#16934) (#16942) * BUGFIXES * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923) * Prevent leave changes dialogs due to autofill fields (#16912) (#16920) * Ignore review comment when ref commit is missed (#16905) (#16919) * Fix wrong attachment removal (#16915) (#16917) * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913) * Correctly return the number of Repositories for Organizations (#16807) (#16911) * Test if LFS object is accessible (#16865) (#16904) * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900) * Fix dump and restore respository (#16698) (#16898) * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895) * Fix wiki raw commit diff/patch view (#16891) (#16892) * Ensure wiki repos are all closed (#16886) (#16888) * List limited and private orgs if authenticated on API (#16866) (#16879) * Simplify split diff view generation and remove JS dependency (#16775) (#16863) * Ensure that the default visibility is set on the user create page (#16845) (#16862) * In Render tolerate not being passed a context (#16842) (#16858) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) * Report the correct number of pushes on the feeds (#16811) (#16822) * Add primary_key to issue_index (#16813) (#16820) * Prevent NPE on empty commit (#16812) (#16819) * Fix branch pagination error (#16805) (#16816) * Add missing return to handleSettingRemoteAddrError (#16794) (#16795) * Remove spurious / from issues.opened_by (#16793) * Ensure that template compilation panics are sent to the logs (#16788) (#16792) * Update caddyserver/certmagic (#16789) (#16790) * BREAKING * Make app.ini permissions more restrictive (#16266) * Refactor Webhook + Add X-Hub-Signature (#16176) * Add asymmetric JWT signing (#16010) * Clean-up the settings hierarchy for issue_indexer queue (#16001) * Change default queue settings to be low go-routines (#15964) * Improve assets handler middleware (#15961) * Rename StaticUrlPrefix to AssetUrlPrefix (#15779) * Use a generic markup class to display externally rendered files and diffs (#15735) * Add frontend testing, require node 12 (#15315) * Move (custom) assets into subpath `/assets` (#15219) * Use level config in log section when sub log section not set level (#15176) * Links in markdown should be absolute to the repository not the server (#15088) * Upgrade to the latest version of golang-jwt (#16590) (#16606) * Set minimum supported version of go to 1.16 (#16710) * SECURITY * Encrypt LDAP bind password in db with SECRET_KEY (#15547) * Remove random password in Dockerfiles (#15362) * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * Correctly create of git-daemon-export-ok files (#16508) (#16514) * Don't show private user's repo in explore view (#16550) (#16554) * Update node tar dependency to 6.1.6 (#16622) (#16623) * FEATURES * Update Go-Git to take advantage of LargeObjectThreshold (#16316) * Support custom mime type mapping for text files (#16304) * Link to previous blames in file blame page (#16259) * Add LRU mem cache implementation (#16226) * Localize Email Templates (#16200) * Make command in authorized keys a template (#16003) * Add possibility to make branch in branch page (#15960) * Add email headers (#15939) * Make tasklist checkboxes clickable (#15791) * Add selecting tags on the compare page (#15723) * Add cron job to delete old actions from database (#15688) * On open repository open common cat file batch and batch-check (#15667) * Add tag protection (#15629) * Add push to remote mirror repository (#15157) * Add Image Diff for SVG files (#14867) * Add dashboard milestone search and repo milestone search by name. (#14866) * Add LFS Migration and Mirror (#14726) * Improve notifications for WIP draft PR's (#14663) * Disable Stars config option (#14653) * GPG Key Ownership verification with Signed Token (#14054) * OAuth2 auto-register (#5123) * API * Return updated repository when changing repository using API (#16420) * Let branch/tag name be a valid ref to get CI status (#16400) * Add endpoint to get commits of PR (#16300) * Allow COMMENT reviews to not specify a body (#16229) * Add subject-type filter to list notification API endpoints (#16177) * ListReleases add filter for draft and pre-releases (#16175) * ListIssues add more filters (#16174) * Issue Search Add filter for MilestoneNames (#16173) * GET / SET User Settings (#16169) * Expose repo.GetReviewers() & repo.GetAssignees() (#16168) * User expose counters (#16167) * Add repoGetTag (#16166) * Add repoCreateTag (#16165) * Creating a repo from a template repo via API (#15958) * Add Active and ProhibitLogin to API (#15689) * Add Location, Website and Description to API (#15675) * Expose resolver via API (#15167) * Swagger AccessToken fixes (#16574) (#16597) * Set AllowedHeaders on API CORS handler (#16524) (#16618) * ENHANCEMENTS * Support HTTP/2 in Let's Encrypt (#16371) * Introduce NotifySubjectType (#16320) * Add forge emojies (#16296) * Implemented head_commit for webhooks (#16282) * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278) * Add previous/next buttons to review comments (#16273) * Review comments: break-word for long file names (#16272) * Add configuration to restrict allowed user visibility modes (#16271) * Add scroll-margin-top to account for sticky header (#16269) * Add --quiet and --verbose to gitea web to control initial logging (#16260) * Use gitea logging module for git module (#16243) * Add tests for all webhooks (#16214) * Add button to delete undeleted repositories from failed migrations (#16197) * Speed up git diff highlight generation (#16180) * Add OpenID claims "profile" and "email". (#16141) * Reintroduce squash merge default comment as a config setting (#16134) * Add sanitizer rules per renderer (#16110) * Improve performance of dashboard list orgs (#16099) * Refactor assert statements in tests (#16089) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086) * Remove unnecessary goroutine (#16080) * Add attachments for PR reviews (#16075) * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070) * Add Visible modes function from Organisation to Users too (#16069) * Add checkbox to delete pull branch after successful merge (#16049) * Make commit info cancelable (#16032) * Make modules/context.Context a context.Context (#16031) * Unified custom config creation (#16012) * Make sshd_config more flexible regarding connections (#16009) * Append to existing trailers in generated squash commit message (#15980) * Always store primary email address into email_address table and also the state (#15956) * Load issue/PR context popup data only when needed (#15955) * Remove remaining fontawesome usage in templates (#15952) * Remove fomantic accordion module (#15951) * Small refactoring of modules/private (#15947) * Double the avatar size factor (#15941) * Add curl to rootless docker image (#15908) * Replace clipboard.js with async clipboard api (#15899) * Allow custom highlight mapping beyond file extensions (#15808) * Add trace logging to SSO methods (#15803) * Refactor routers directory (#15800) * Allow only internal registration (#15795) * Add a new internal hook to save ssh log (#15787) * Respect default merge message syntax when parsing item references (#15772) * OAuth2 login: Set account link to "login" as default behavior (#15768) * Use single shared random string generation function (#15741) * Hold the event source when there are no listeners (#15725) * Code comments improvements (#15722) * Provide OIDC compliant user info endpoint (#15721) * Fix webkit calendar icon color on arc-green (#15713) * Improve Light Chroma style (#15699) * Only use boost workers for leveldb shadow queues (#15696) * Add compare tag dropdown to releases page (#15695) * Add caret styling CSS (#15651) * Remove x-ua-compatible meta tag (#15640) * Refactor of link creation (#15619) * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) * Rewrite of the LFS server (#15523) * Display more repository type on admin repository management (#15440) * Remove usage of some JS globals (#15378) * SHA in merged commit comment should be rendered ui sha (#15376) * Add well-known config for OIDC (#15355) * Use route rather than use thus reducing the number of stack frames (#15301) * Code Formats, Nits & Unused Func/Var deletions (#15286) * Let package git depend on setting but not opposite (#15241) * Fixed sanitize errors (#15240) * response simple text message for not html request when 404 (#15229) * Remove file-loader dependency (#15196) * Refactor renders (#15175) * Add mimetype mapping settings (#15133) * Add Status Updates whilst Gitea migrations are occurring (#15076) * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073) * Counterwork seemingly unclickable repo button labels (#15064) * Add DefaultMergeStyle option to repository (#14789) * Added support for gopher URLs. (#14749) * Rework repository archive (#14723) * Add links to toggle WIP status (#14677) * Add Tabular Diff for CSV files (#14661) * Use milestone deadline when sorting issues (#14551) * BUGFIXES * Fix invalid params and typo of email templates (#16394) * Fix activation of primary email addresses (#16385) * Fix calculation for finalPage in repo-search component (#16382) * Specify user in rootless container numerically (#16361) * Detect encoding changes while parsing diff (#16330) * Fix U2F error reasons always hidden (#16327) * Prevent zombie processes (#16314) * Escape reference to `user` table in models.SearchEmails (#16313) * Fix default push instructions on empty repos (#16302) * Fix modified files list in webhooks when there is a space (#16288) * Fix webhook commits wrong hash on HEAD reset (#16283) * Fuzzer finds an NPE due to incorrect URLPrefix (#16249) * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238) * Do not show No match found for tribute (#16231) * Fix "Copy Link" for pull requests (#16230) * Fix diff expansion is missing final line in a file (#16222) * Fix private repo permission problem (#16142) * Fix not able to update local created non-urlencoded wiki pages (#16139) * More efficiently parse shas for shaPostProcessor (#16101) * Fix `doctor --run check-db-consistency --fix` with label fix (#16094) * Prevent webhook action buttons from shifting (#16087) * Change default TMPDIR path in rootless containers (#16077) * Fix typo and add TODO notice (#16064) * Use git log name-status in get last commit (#16059) * Fix 500 Error with branch and tag sharing the same name (#16040) * Fix get tag when migration (#16014) * Add custom emoji support (#16004) * Use filepath.ToSlash and Join in indexer defaults and queues (#15971) * Add permission check for ``GenerateRepository`` (#15946) * Ensure settings for Service and Mailer are read on the install page (#15943) * Fix layout of milestone view (#15927) * Unregister non-matching serviceworkers (#15834) * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693) * Attachment support repository route (#15580) * Fix missing icons and colorpicker when mounted on suburl (#15501) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304) * Prevent double-login for Git HTTP and LFS and simplify login (#15303) * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278) * Fix heatmap activity (#15252) * Remove vendored copy of fomantic-dropdown (#15193) * Update repository size on cron gc task (#15177) * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153) * Add code block highlight to orgmode back (#14222) * Remove User.GetOrganizations() (#14032) * Restore Accessibility for Dropdown (#16576) (#16617) * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) * Fix table alignment in markdown (#16596) (#16602) * Fix 500 on first wiki page (#16586) (#16598) * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) * Upgrade levelqueue to v0.4.0 (#16560) (#16561) * Handle too long PR titles correctly (#16517) (#16549) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Fix direct creation of external users on admin page (partial #16612) (#16613) * Prevent 500 on draft releases without tag (#16634) (#16636) * Restore creation of git-daemon-export-ok files (#16508) (#16514) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Fix crash following ldap authentication update (#16447) (#16448) * Restore compatibility with SQLServer 2008 R2 in migrations (#16638) * Fix direct creation of external users on admin page (#16613) * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659) * Fix NPE in fuzzer (#16680) (#16682) * Set issue_index when finishing migration (#16685) (#16687) * Skip patch download when no patch file exists (#16356) (#16681) * Ensure empty lines are copiable and final new line too (#16678) (#16692) * Fix wrong user in OpenID response (#16736) (#16741) * Do not use thin scrollbars on Firefox (#16738) (#16745) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739) * Keep attachments on tasklist update (#16750) (#16757) * TESTING * Bump `postgres` and `mysql` versions (#15710) * Add tests for clone from wiki (#15513) * Fix Benchmark tests, remove a broken one & add two new (#15250) * Create Proper Migration tests (#15116) * TRANSLATION * Use a special name for update default branch on repository setting (#15893) * Fix mirror_lfs source string in en-US locale (#15369) * BUILD * Upgrade xorm to v1.1.1 (#16339) * Disable legal comments in esbuild (#15929) * Switch to Node 16 to build fronted (#15804) * Use esbuild to minify CSS (#15756) * Use binary version of revive linter (#15739) * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465) * Stop packaging node_modules in release tarballs (#15273) * Introduce esbuild on webpack (#14578) * DOCS * Update queue workers documentation (#15999) * Comment out app.example.ini (#15807) * Improve logo customization docs (#15754) * Add some response status on api docs (#15399) * Rework Token API comments (#15162) * Add better errors for disabled account recovery (#15117) * MISC * Remove utf8 option from installation page (#16126) * Use Wants= over Requires= in systemd file (#15897) * BUGFIXES * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896) * Fix wiki raw commit diff/patch view (#16891) (#16893) * Ensure wiki repos are all closed (#16886) (#16889) * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849) * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740) * SECURITY * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540) * Switch to maintained JWT lib (#16532) (#16535) * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607) * BUGFIXES * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481) * SECURITY * Hide mirror passwords on repo settings page (#16022) (#16355) * Update bluemonday to v1.0.15 (#16379) (#16380) * BUGFIXES * Retry rename on lock induced failures (#16435) (#16439) * Validate issue index before querying DB (#16406) (#16410) * Fix crash following ldap authentication update (#16447) (#16449) * ENHANCEMENTS * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378) * BUGFIXES * Fix relative links in postprocessed images (#16334) (#16340) * Fix list_options GetStartEnd (#16303) (#16305) * Fix API to use author for commits instead of committer (#16276) (#16277) * Handle misencoding of login_source cfg in mssql (#16268) (#16275) * Fixed issues not updated by commits (#16254) (#16261) * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255) * Use html.Parse rather than html.ParseFragment (#16223) (#16225) * Fix milestone counters on new issue (#16183) (#16224) * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219) * SECURITY * Encrypt migration credentials at rest (#15895) (#16187) * Only check access tokens if they are likely to be tokens (#16164) (#16171) * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039) * Fix setting of SameSite on cookies (#15989) (#15991) * API * Repository object only count releases as releases (#16184) (#16190) * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190) * Fix overly strict edit pr permissions (#15900) (#16081) * BUGFIXES * Run processors on whole of text (#16155) (#16185) * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172) * Fix language switch for install page (#16043) (#16128) * Fix bug on getIssueIDsByRepoID (#16119) (#16124) * Set self-adjusting deadline for connection writing (#16068) (#16123) * Fix http path bug (#16117) (#16120) * Fix data URI scramble (#16098) (#16118) * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097) * git migration: don't prompt interactively for clone credentials (#15902) (#16082) * Fix case change in ownernames (#16045) (#16050) * Don't manipulate input params in email notification (#16011) (#16033) * Remove branch URL before IssueRefURL (#15968) (#15970) * Fix layout of milestone view (#15927) (#15940) * GitHub Migration, migrate draft releases too (#15884) (#15888) * Close the gitrepo when deleting the repository (#15876) (#15887) * Upgrade xorm to v1.1.0 (#15869) (#15885) * Fix blame row height alignment (#15863) (#15883) * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882) * Backport Fix LFS commit finder not working (#15856) (#15874) * Stop calling WriteHeader in Write (#15862) (#15873) * Add timeout to writing to responses (#15831) (#15872) * Return go-get info on subdirs (#15642) (#15871) * Restore PAM user autocreation functionality (#15825) (#15867) * Fix truncate utf8 string (#15828) (#15854) * Fix bound address/port for caddy's certmagic library (#15758) (#15848) * Upgrade unrolled/render to v1.1.1 (#15845) (#15846) * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840) * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839) * Set autocomplete off on branches selector (#15809) (#15833) * Add missing error to Doctor log (#15813) (#15824) * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816) * ENHANCEMENTS * Removable media support to snap package (#16136) (#16138) * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892) * DOCKER * Only write config in environment-to-ini if there are changes (#15861) (#15868) * Only offer hostcertificates if they exist (#15849) (#15853) * API * Make change repo settings work on empty repos (#15778) (#15789) * Add pull "merged" notification subject status to API (#15344) (#15654) * BUGFIXES * Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798) * Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775) * Set GIT_DIR correctly if it is not set (#15751) (#15769) * Fix bug where repositories appear unadopted (#15757) (#15767) * Not show `ref-in-new-issue` pop when issue was disabled (#15761) (#15765) * Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762) * Fix setting version table in dump (#15753) (#15759) * Fix close button change on delete in simplemde area (#15737) (#15747) * Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746) * Fix some ui bug about draft release (#15137) (#15745) * Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715) * Move tooltip down to allow selection of Remove File on error (#15672) (#15714) * Fix setting redis db path (#15698) (#15708) * Fix DB session cleanup (#15697) (#15700) * Fixed several activation bugs (#15473) (#15685) * Delete references if repository gets deleted (#15681) (#15684) * Fix orphaned objects deletion bug (#15657) (#15683) * Delete protected branch if repository gets removed (#15658) (#15676) * Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652) * Not update updated uinx for `git gc` (#15637) (#15641) * Fix commit graph author link (#15627) (#15630) * Fix webhook timeout bug (#15613) (#15621) * Resolve panic on failed interface conversion in migration v156 (#15604) (#15610) * Fix missing storage init (#15589) (#15598) * If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594) * Fix lfs management find (#15537) (#15578) * Fix NPE on view commit with notes (#15561) (#15573) * Fix bug on commit graph (#15517) (#15530) * Send size to /avatars if requested (#15459) (#15528) * Prevent migration 156 failure if tag commit missing (#15519) (#15527) * ENHANCEMENTS * Display conflict-free merge messages for pull requests (#15773) (#15796) * Exponential Backoff for ByteFIFO (#15724) (#15793) * Issue list alignment tweaks (#15483) (#15766) * Implement delete release attachments and update release attachments' name (#14130) (#15666) * Add placeholder text to deploy key textarea (#15575) (#15576) * Project board improvements (#15429) (#15560) * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365) * MISC * Fix webkit calendar icon color on arc-green (#15713) (#15728) * Performance improvement for last commit cache and show-ref (#15455) (#15701) * Bump unrolled/render to v1.1.0 (#15581) (#15608) * Add ETag header (#15370) (#15552) * BUGFIXES * Fix bug clone wiki (#15499) (#15502) * Github Migration ignore rate limit, if not enabled (#15490) (#15495) * Use subdir for URL (#15446) (#15493) * Query the DB for the hash before inserting in to email_hash (#15457) (#15491) * Ensure review dismissal only dismisses the correct review (#15477) (#15489) * Use index of the supported tags to choose user lang (#15452) (#15488) * Fix wrong file link in code search page (#15466) (#15486) * Quick template fix for built-in SSH server in admin config (#15464) (#15481) * Prevent superfluous response.WriteHeader (#15456) (#15476) * Fix ambiguous argument error on tags (#15432) (#15474) * Add created_unix instead of expiry to migration (#15458) (#15463) * Fix repository search (#15428) (#15442) * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439) * Fix wiki clone urls (#15430) (#15431) * Fix dingtalk icon url at webhook (#15417) (#15426) * Standardise icon on projects PR page (#15387) (#15408) * ENHANCEMENTS * Add option to skip LFS/attachment files for `dump` (#15407) (#15492) * Clone panel fixes (#15436) * Use semantic dropdown for code search query type (#15276) (#15364) * BUILD * Build go-git variants for windows (#15482) (#15487) * Lock down build-images dependencies (Partial #15479) (#15480) * MISC * Performance improvement for list pull requests (#15447) (#15500) * Fix potential copy lfs records failure when fork a repository (#15441) (#15485) * SECURITY * Respect approved email domain list for externally validated user registration (#15014) * Add reverse proxy configuration support for remote IP address detection (#14959) * Ensure validation occurs on clone addresses too (#14994) * Fix several render issues highlighted during fuzzing (#14986) * BREAKING * Fix double 'push tag' action feed (#15078) (#15083) * Remove possible resource leak (#15067) (#15082) * Handle unauthorized user events gracefully (#15071) (#15074) * Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475) * Migrate from Macaron to Chi framework (#14293) * Deprecate building for mips (#14174) * Consolidate Logos and update README header (#14136) * Inline manifest.json (#14038) * Store repository data in data path if not previously set (#13991) * Rename "gitea" png to "logo" (#13974) * Standardise logging of failed authentication attempts in internal SSH (#13962) * Add markdown support in organization description (#13549) * Improve users management through the CLI (#6001) (#10492) * FEATURES * Create a new issue with reference to lines of code from file view (#14863) * Repository transfer has to be confirmed, if user can not create repo for new owner (#14792) * Allow blocking some email domains from registering an account (#14667) * Create a new issue based on reference to an issue comment (#14366) * Add support to migrate from gogs (#14342) * Add pager to the branches page (#14202) * Minimal OpenID Connect implementation (#14139) * Display current stopwatch in navbar (#14122) * Display SVG files as images instead of text (#14101) * Disable SSH key deletion of externally managed Keys (#13985) * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462) * Add support for Mastodon OAuth2 provider (#13293) * Add gitea sendmail command (#13079) * Create DB session provider(based on xorm) (#13031) * Add dismiss review feature (#12674) * Make manual merge autodetection optional and add manual merge as merge method (#12543) * Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) * Create Rootless Docker image (#10154) * API * Speedup issue search (#15179) (#15192) * Get pull, return head branch sha, even if deleted (#14931) * Export LFS & TimeTracking function status (#14753) * Show Gitea version in swagger (#14654) * Fix PATCH /repos/{owner}/{repo} panic (#14637) * Add Restricted Field to User (#14630) * Add support for ref parameter to get raw file API (#14602) * Add affected files of commits to commit struct (#14579) * Fix CJK fonts again and misc. font issues (#14575) * Add delete release by tag & delete tag (#14563) & (#13358) * Add pagination to ListBranches (#14524) * Add signoff option in commit form (#14516) * GetRelease by tag only return release (#14397) * Add MirrorInterval to the API (#14163) * Make BasicAuth Prefix case insensitive (#14106) * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081) * Add ref to create/edit issue options & deprecated assignee (#13992) * Add Ref to Issue (#13946) * Expose default theme in meta and API (#13809) * Send error message when CSRF token is missing (#13676) * List, Check, Add & delete endpoints for repository teams (#13630) * Admin EditUser: Make FullName, Email, Website & Location optional (#13562) * Add more filters to issues search (#13514) * Add review request api (#11355) * BUGFIXES * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396) * Always set the merge base used to merge the commit (#15352) (#15385) * Upgrade to bluemonday 1.0.7 (#15379) (#15380) * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377) * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361) * Show diff on rename with diff changes (#15338) (#15339) * Fix handling of logout event (#15323) (#15337) * Fix CanCreateRepo check (#15311) (#15321) * Fix xorm log stack level (#15285) (#15316) * Fix bug in Wrap (#15302) (#15309) * Drop the event source if we are unauthorized (#15275) (#15280) * Backport Fix graph pagination (#15225) (#15249) * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200) * should run RetrieveRepoMetas() for empty pr (#15187) (#15190) * Move setting to enable closing issue via commit in non default branch to repo settings (#14965) * Show correct issues for team dashboard (#14952) * Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932) * Only allow issue labels from owner repository or organization (#14928) * Fix alignment of People and Teams right arrow on org homepage (#14924) * Fix overdue marking of closed issues and milestones (#14923) * Prevent panic when empty MilestoneID in repo/issue/list (#14911) * Fix migration context data (#14910) * Handle URLs with trailing slash (#14852) * Add CORS config on to /login/oauth/access_token endpoint (#14850) * Make searching issues by keyword case insensitive on DB (#14848) * Prevent use of double sub-path and incorrect asset path in manifest (#14827) * Fix link account ui (#14763) * Fix preview status switch button on wiki editor (#14742) * Fix github download on migration (#14703) * Fix svg spacing (#14638) * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623) * Truncated organizations name (#14615) * Exclude the current dump file from the dump (#14606) * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604) * Ensure memcache caching works when TTL greater than 30 days (#14592) * Remove NULs byte arrays passed to PostProcess (#14587) * Restore detection of branches are equal on compare page (#14586) * Fix incorrect key name so registerManualConfirm works (#14455) * Fix close/reopen with comment (#14436) * Allow passcode invalid error to appear (#14371) * Escape branch names in compare url (#14364) * Label and milestone webhooks on issue/pull creation (#14363) * Handle NotifyCreateRef as create branch in feeds (#14245) * Prevent clipping input text in Chrome + Segoe UI Font (#14179) * Fix UI on edit auth source page (#14137) * Fix git.parseTagData (#14105) * Refactor get tag to remove unnecessary steps (#14058) * Fix integrations test error with space in CURDIR path (#14056) * Dropdown triangle fixes (#14028) * Fix label of --id in admin delete user (#14005) * Cause NotifyMigrateRepository to emit a repo create webhook (#14004) * Update HEAD to match defaultBranch in template generation (#13948) * Fix action avatar loading (#13909) * Fix issue participants (#13893) * Fix avatar template error (#13833) * Fix review request notification email links when external issue tracker is enabled (#13723) * Fix blame line alignment (#13542) * Include OriginalAuthor in Reaction constraint (#13505) * Comments on review should have the same sha (#13448) * Fix whitespace rendering in diff (#13415) * Fixed git args duplication (#13411) * Fix bug on release publisherid migrations (#13410) * Fix --port setting (#13288) * Keep database transactions not too big (#13254) * Git version check, ignore pre-releases constraints (#13234) * Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) * Update Mirror IsEmpty status on synchronize (#13185) * Use GO variable in go-check target (#13146) (#13147) * ENHANCEMENTS * UI style improvements * Dropzone styling improvements (#15291) (#15374) * Add size to Save function (#15264) (#15270) * Monaco improvements (#15333) (#15345) * Support .mailmap in code activity stats (#15009) * Sort release attachments by name (#15008) * Add ui.explore settings to control view of explore pages (#14094) * Make internal SSH server host key path configurable (#14918) * Hide resync all ssh principals when using internal ssh server (#14904) * Add SameSite setting for cookies (#14900) * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781) * Add environment-to-ini to docker image (#14762) * Add preview support for wiki editor when disable simpleMDE (#14757) * Add easyMDE(simpleMDE) support for release content editor (#14744) * Organization removal confirmation using name not password (#14738) * Make branch names in PR description clickable (#14716) * Add Password Algorithm option to install page (#14701) * Add fullTextSearch to dropdowns by default (#14694) * Fix truncated organization names (#14655) * Whitespace in commits (#14650) * Sort / move project boards (#14634) * Make fileheader sticky in diffs (#14616) * Add helper descriptions on new repo page (#14591) * Move the stopwatches to the eventsource stream (#14588) * Add Content-Length header to HEAD requests (#14542) * Add Image Diff options in Diff view (#14450) * Improve Description in new/ edit Project template (#14429) * Allow ssh-keygen on Windows to detect ssh key type (#14413) * Display error if twofaSecret cannot be retrieved (#14372) * Sort issue search results by revelance (#14353) * Implement ghost comment mitigation (#14349) * Upgrade blevesearch dependency to v2.0.1 (#14346) * Add edit, delete and reaction support to code review comments on issue page (#14339) * Merge default and system webhooks under one menu (#14244) * Add option for administrator to reset user 2FA (#14243) * Add option to change username to the admin panel (#14229) * Check for 'main' as potential default branch name (#14193) * Project: show referenced PRs in issue cards (#14183) * Use caddy's certmagic library for extensible/robust ACME handling (#14177) * CLI support for OAuth sources custom icons (#14166) * Custom icons for OAuth sources (#14161) * Team dashboards (#14159) * KanBan: be able to set default board (#14147) * Disable Fomantic's custom scrollbars (#14109) * Add UI to delete tracked times (#14100) * Rework heatmap permissions (#14080) * Issue and pull request filters on organization dashboard (#14072) * Fix webhook list styling (#14001) * Show dropdown with all statuses for commit (#13977) * Show status check for merged PRs (#13975) * Diff stat improvements (#13954) * Report permissions denied in internal SSH (#13953) * Markdown task list improvements (#13952) * Heatmap days clickable (#13935) * chore: use octicon-mirror for feeds display (#13928) * Move diff split code into own template file (#13919) * Markdown: Enable wrapping in code blocks and a color tweak (#13894) * Do not reload page after adding comments in Pull Request reviews (#13877) * Add pull request manually merge instruction (#13840) * add thumbnail preview section to issue attachments (#13826) * Move Repo APIFormat to convert package (#13787) * Move notification APIFormat (#13783) * Swap swagger-ui with swagger-ui-dist (#13777) * User Settings: Ignore empty language codes & validate (#13755) * Improve migrate page and add card CSS (#13751) * Add block on official review requests branch protection (#13705) * Add review requested filter on pull request overview (#13701) * Use chronological commit order in default squash message (#13696) * Clickable links in pull request (and issue) titles (#13695) * Support shortened commit SHAs in URLs (#13686) * Use native git variants by default with go-git variants as build tag (#13673) * Don't render dropdown when only 1 merge style is available (#13670) * Move webhook type from int to string (#13664) * Direct avatar rendering (#13649) * Verify password for local-account activation (#13631) * Prevent clone protocol button flash on page load (#13626) * Remove fetch request from heatmap (#13623) * Refactor combine label comments with tests (#13619) * Move metrics from macaron to chi (#13601) * Issue and Pulls lists rework (#13594) * HTTP cache rework and enable caching for storage assets (#13569) * Use mount but not register for chi routes (#13555) * Use monaco for the git hook editor (#13552) * Make heatmap colors more distinct (#13533) * Lazy-load issue reviewers and assignees avatars (#13526) * Change search and filter icons to SVG (#13473) * Create tag on ui (#13467) * updateSize when create a repo with init commit (#13441) * Added title and action buttons to Project view page (#13437) * Override fomantic monospace fonts and set size (#13435) * Rework focused comment styling (#13434) * Tags cleanup (#13428) * Various style tweaks (#13418) * Refactor push update (#13381) * Comment box tweaks and SVG dropdown triangles (#13376) * Various style fixes (#13372) * Change repo home page icons to SVG (#13364) * Use CSS Vars for primary color (#13361) * Refactor image paste code (#13354) * Switch from SimpleMDE to EasyMDE (#13333) * Group Label Changed Comments in timeline (#13304) * Make the logger an interface (#13294) * Fix PR/Issue titles on mobile (#13292) * Rearrange the order of the merged by etc. in locale (#13284) * Replace footer and modal icons with SVG (#13245) * Issues overview should not show issues from archived repos (#13220) * Show stale label for stale code comment which is marked as resolved (#13213) * Use CSS Variables for fonts, remove postcss-loader (#13204) * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) * Move install pages out of main macaron routes (#13195) * Update outdated label to use Fomantic UI style (#13181) * Added option to disable webhooks (#13176) * Change order of possible-owner organizations to alphabetical (#13160) * Log IP on SSH authentication failure for Built-in SSH server (#13150) * Added option to disable migrations (#13114) * New "Add Mirror" Button in the Organization view (#13105) * Manually approve new registration (#13083) * Cron job to cleanup hook_task table (#13080) * Use the headline comment of pull-request as the squash commit's message (#13071) * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) * Slightly simplify the queue settings code to help reduce the risk of problems (#12976) * Add precise search type for Elastic Search (#12869) * Move APIFormat functions into convert package (#12856) * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766) * Add TrN for repository limit (#12492) * Refactor doctor (#12264) * Add the tag list page to the release page (#12096) * Redirect on changed user and org name (#11649) * load U2F js only on pages which need it (#11585) * Make archival asynchronous (#11296) * Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420) * Improve vfsgen to not unzip bindata files but send to browser directly (#7109) * Enhance release list (#6025) * DOCS * Swagger show models by default (#14880) * Add missing repo.projects unit into swagger (#14876) * Update docs and comments to remove macaron (#14491) * Issue template addition: Are you using Gitea behind CloudFlare? (#14098) * Generate man pages (#13901) * Reformat/fine-tune docs (#13897) * Added Table of Contents to long documentation pages (#13890) * Add docs command (#13429) * Update external-renderers.en-us.md (#13165) * MISC * Add builds for apple M1 (darwin arm64) (#14951) * Migrate to use jsoniter instead of encoding/json (#14841) * Reduce make verbosity (#13803) * Add git command error directory on log (#13194) * SECURITY * Update to bluemonday-1.0.6 (#15294) (#15298) * Clusterfuzz found another way (#15160) (#15169) * API * Fix wrong user returned in API (#15139) (#15150) * BUGFIXES * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317) * Speed up `enry.IsVendor` (#15213) (#15246) * Response 404 for diff/patch of a commit that not exist (#15221) (#15238) * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201) * MISC * Add size to Save function (#15264) (#15271) * SECURITY * Fix bug on avatar middleware (#15124) (#15125) * Fix another clusterfuzz identified issue (#15096) (#15114) * API * Fix nil exeption for get pull reviews API #15104 (#15106) * BUGFIXES * Fix markdown rendering in milestone content (#15056) (#15092) * SECURITY * Update to goldmark 1.3.3 (#15059) (#15061) * Another clusterfuzz spotted issue (#15032) (#15034) * API * Fix set milestone on PR creation (#14981) (#15001) * Prevent panic when editing forked repos by API (#14960) (#14963) * BUGFIXES * Fix bug when upload on web (#15042) (#15055) * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051) * Fix postgres ID sequences broken by recreate-table (#15015) (#15029) * Fix several render issues (#14986) (#15013) * Make sure sibling images get a link too (#14979) (#14995) * Fix Anchor jumping with escaped query components (#14969) (#14977) * Fix release mail html template (#14976) * Fix excluding more than two labels on issues list (#14962) (#14973) * Don't mark each comment poster as OP (#14971) (#14972) * Add "captcha" to list of reserved usernames (#14930) * Re-enable import local paths after reversion from #13610 (#14925) (#14927)
2022-02-13Revump all Go packages after go117 updatebsiegert1-2/+2
2022-01-09Revbump all Go packages after go117 updatebsiegert1-2/+2
2021-12-09Revbump all Go packages after go117 updatebsiegert1-2/+2
2021-12-08revbump for icu and libffiadam1-2/+2
2021-11-18gitea: let the RC script work unprivilegedkhorben3-6/+10
This takes advantage of the introduction of the SYSCONFBASE variable. Tested on NetBSD/amd64. While there, also fix a couple substitutions in the default configuration file (app.ini). Bumps PKGREVISION.
2021-11-05Revbump all Go packages after go117 updatebsiegert1-2/+2
2021-10-26www: Replace RMD160 checksums with BLAKE2s checksumsnia1-3/+3
All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts): www/nghttp2/distinfo Unfetchable distfiles (almost certainly fetched conditionally...): ./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx-devel/distinfo naxsi-1.3.tar.gz ./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx-devel/distinfo njs-0.5.0.tar.gz ./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz ./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx/distinfo naxsi-1.3.tar.gz ./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx/distinfo njs-0.5.0.tar.gz ./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
2021-10-08Revbump all Go packages after go117 updatebsiegert1-2/+2
2021-10-07www: Remove SHA1 hashes for distfilesnia1-3/+1
2021-09-17Revbump all Go packages after go117 updatebsiegert1-2/+2
2021-08-11Revbump all Go packages after go116 updatebsiegert1-2/+2
2021-07-13Revbump all Go packages after go116 updatebsiegert1-2/+2
2021-06-06Revbump all Go packages after go116 updatebsiegert1-2/+2
2021-05-08Revbump all Go packages after go116 updatebsiegert1-2/+2
2021-04-21revbump for textproc/icuadam1-2/+2
2021-03-19Revbump all Go packages after go115 updatebsiegert1-2/+2
2021-03-14gitea: re-generate the frontend fileskhorben3-177/+85
It turns out this new version of Gitea does need newer frontend files after all. A copy has been uploaded to ftp.netbsd.org as documented. Bumps PKGREVISION.
2021-03-12gitea: updated to 1.13.4khorben3-11/+291
This includes the following security fixes; in 1.13.0: * Add Allow-/Block-List for Migrate & Mirrors * Prevent git operations for inactive users * Disallow urlencoded new lines in git protocol paths if there is a port * Mitigate Security vulnerability in the git hook feature * Disable DSA ssh keys by default * Set TLS minimum version to 1.2 * Use argon as default password hash algorithm In 1.13.1: * Hide private participation in Orgs * Fix escaping issue in diff In 1.13.2: * Prevent panic on fuzzer provided string * Add secure/httpOnly attributes to the lang cookie In 1.13.3: * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one In 1.13.4: * Fix issue popups
2021-03-01gitea: do not log to the consolekhorben2-4/+4
When started as a service, gitea logs directly to the console, in addition to its own log files. This change redirects the standard output to /dev/null. Bumps PKGREVISION.
2021-01-23Revbump all Go packages after go115 updatebsiegert1-1/+2
2020-11-18gitea: Update to 1.12.6.jperkin3-15/+151
Fixes pkgsrc handling of the frontend artefacts, various files were previously missing, leading to errors in the web interface. Changes since 1.12.1: ## [1.12.6](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) - 2020-11-11 * SECURITY * Prevent git operations for inactive users (#13527) (#13537) * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525) * BUGFIXES * API should only return Json (#13511) (#13564) * Fix before and since query arguments at API (#13559) (#13560) * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492) * Fix link detection in repository description with tailing '_' (#13407) (#13408) * Remove obsolete change of email on profile page (#13341) (#13348) * Fix permission check on get Reactions API endpoints (#13344) (#13346) * Add migrated pulls to pull request task queue (#13331) (#13335) * API deny wrong pull creation options (#13308) (#13327) * Fix initial commit page & binary munching problem (#13249) (#13259) * Fix diff parsing (#13157) (#13136) (#13139) * Return error 404 not 500 from API if team does not exist (#13118) (#13119) * Prohibit automatic downgrades (#13108) (#13111) * Fix GitLab Migration Option AuthToken (#13101) * GitLab Label Color Normalizer (#12793) (#13100) * Log the underlying panic in runMigrateTask (#13096) (#13098) * Fix attachments list in edit comment (#13036) (#13097) * Fix deadlock when deleting team user (#13093) * Fix error create comment on outdated file (#13041) (#13042) * Fix repository create/delete event webhooks (#13008) (#13027) * Fix internal server error on README in submodule (#13006) (#13016) ## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01 * BUGFIXES * Allow U2F with default settings for gitea in subpath (#12990) (#13001) * Prevent empty div when editing comment (#12404) (#12991) * On mirror update also update address in DB (#12964) (#12967) * Allow extended config on cron settings (#12939) (#12943) * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940) * Fix internal server error from ListUserOrgs API (#12910) (#12915) * Update only the repository columns that need updating (#12900) (#12912) * Fix panic when adding long comment (#12892) (#12894) * Add size limit for content of comment on action ui (#12881) (#12890) * Convert User expose ID each time (#12855) (#12883) * Support slashes in release tags (#12864) (#12882) * Add missing information to CreateRepo API endpoint (#12848) (#12867) * On Migration respect old DefaultBranch (#12843) (#12858) * Fix notifications page links (#12838) (#12853) * Stop cloning unnecessarily on PR update (#12839) (#12852) * Escape more things that are passed through str2html (#12622) (#12850) * Remove double escape on labels addition in comments (#12809) (#12810) * Fix "only mail on mention" bug (#12775) (#12789) * Fix yet another bug with diff file names (#12771) (#12776) * RepoInit Respect AlternateDefaultBranch (#12746) (#12751) * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750) * ENHANCEMENTS * gitea dump: include version & Check InstallLock (#12760) (#12762) ## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02 * SECURITY * Escape provider name in oauth2 provider redirect (#12648) (#12650) * Escape Email on password reset page (#12610) (#12612) * When reading expired sessions - expire them (#12686) (#12690) * ENHANCEMENTS * StaticRootPath configurable at compile time (#12371) (#12652) * BUGFIXES * Fix to show an issue that is related to a deleted issue (#12651) (#12692) * Expire time acknowledged for cache (#12605) (#12611) * Fix diff path unquoting (#12554) (#12575) * Improve HTML escaping helper (#12562) * models: break out of loop (#12386) (#12561) * Default empty merger list to those with write permissions (#12535) (#12560) * Skip SSPI authentication attempts for /api/internal (#12556) (#12559) * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550) * Remove hardcoded ES indexername (#12521) (#12526) * Fix bug preventing transfer to private organization (#12497) (#12501) * Keys should not verify revoked email addresses (#12486) (#12495) * Do not add prefix on http/https submodule links (#12477) (#12479) * Fix ignored login on compare (#12476) (#12478) * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422) * Upgrade google/go-github to v32.1.0 (#12361) (#12390) * Render emoji's of Commit message on feed-page (#12373) * Fix handling of diff on unrelated branches when Git 2.28 used (#12370) ## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28 * BUGFIXES * Don't change creation date when updating Release (#12343) (#12351) * Show 404 page when release not found (#12328) (#12332) * Fix emoji detection in certain cases (#12320) (#12327) * Reduce emoji size (#12317) (#12327) * Fix double-indirection bug in logging IDs (#12294) (#12308) * Link to pull list page on sidebar when view pr (#12256) (#12263) * Extend Notifications API and return pinned notifications by default (#12164) (#12232) ## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11 * BUGFIXES * When deleting repository decrese user repository count in cache (#11954) (#12188) * Return full commit message instead of summary in commits API (#12186) (#12187) * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182) * Ensure GPG Subkeys are verified (#12155) (#12168) * Fix failing to cache last commit with key being to long (#12151) (#12161) * Multiple small admin dashboard fixes (#12153) (#12156) * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148) * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147) * Move EventSource to SharedWorker (#12095) (#12130) * Fix ui bug in wiki commit page (#12089) (#12125) * Fix gitgraph branch continues after merge (#12044) (#12105) * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104) * Ensure BlameReaders close at end of request (#12102) (#12103) * Fix panic when adding review comment (#12058) * ENHANCEMENTS * Disable dropzone's timeout for file uploads (#12024) (#12032)
2020-11-13Revbump all Go packages after go115 updatebsiegert1-2/+2
2020-11-08Revbump all Go packages after Go 1.15 update.bsiegert1-2/+2
2020-11-05*: Recursive revbump from textproc/icu-68.1ryoon1-2/+2
2020-10-15Revbump all Go packages after go115 update.bsiegert1-2/+2
2020-09-03Revbump all Go packages after default Go version was changed to 1.15.1bsiegert1-2/+2
2020-08-14Revbump all Go packages after go114 updatebsiegert1-2/+2
2020-07-17Revbump all Go packages after go114 update.bsiegert1-1/+2
2020-06-29gitea: Update to 1.21.jperkin4-1013/+62
Provided by teutat3s in joyent/pkgsrc#271, with fixes by me. Changes since 1.11.6: ## [1.12.1](https://github.com/go-gitea/gitea/releases/tag/v1.12.1) - 2020-06-21 * BUGFIXES * Handle multiple merges in gitgraph.js (#11996) (#12000) * Add serviceworker.js to KnownPublicEntries (#11992) (#11994) * For language detection do not try to analyze big files by content (#11971) (#11975) * ENHANCEMENTS * Fix scrollable header on dropdowns (#11893) (#11965) ## [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) - 2020-06-17 * BREAKING * When using API CreateRelease set created_unix to the tag commit time (#11218) * Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162) * Fix sanitizer config - multiple rules (#11133) * Remove check on username when using AccessToken authentication for the API (#11015) * Return 404 from Contents API when items don't exist (#10323) * Notification API should always return a JSON object with the current count of notifications (#10059) * Remove migration support from versions earlier than 1.6.0 (#10026) * SECURITY * Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662) * FEATURES * Improve config logging when WrappedQueue times out (#11174) * Add branch delete to API (#11112) * Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047) * Add a way to mark Conversation (code comment) resolved (#11037) * Handle yaml frontmatter in markdown (#11016) * Cache PullRequest Divergence (#10914) * Make `gitea admin auth list` formatting configurable (#10844) * Add Matrix webhook (#10831) * Add Organization Wide Labels (#10814) * Allow to set protected file patterns for files that can not be changed under no conditions (#10806) * Option to set default branch at repository creation (#10803) * Add request review from specific reviewers feature in pull request (#10756) * Add NextCloud oauth (#10562) * System-wide webhooks (#10546) * Relax sanitization as per https://github.com/jch/html-pipeline (#10527) * Use media links for img in post-process (#10515) * Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437) * Render READMEs in docs/ .gitea or .github from root (#10361) * Add feishu webhook support (#10229) * Cache last commit to accelerate the repository directory page visit (#10069) * Implement basic app.ini and path checks to doctor cmd (#10064) * Make WorkerPools and Queues flushable (#10001) * Implement "embedded" command to extract static resources (#9982) * Add API endpoint for repo transfer (#9947) * Make archive prefixing configurable with a global setting (#9943) * Add Unique Queue infrastructure and move TestPullRequests to this (#9856) * Issue/PR Context Popups (#9822) * Add "Update Branch" button to Pull Requests (#9784) * Add require signed commit for protected branch (#9708) * Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) * Add API notification endpoints (#9488) * Issue search support elasticsearch (#9428) * Add API branch protection endpoint (#9311) * Add a new command doctor to check if some wrong configurations on gitea instance (#9095) * Add support for migrating from Gitlab (#9084) * Add support for database schema in PostgreSQL (#8819) * Add setting to set default and global disabled repository units. (#8788) * Language statistics bar for repositories (#8037) * Restricted users (#6274) * BUGFIXES * Fix commenting on non-utf8 encoded files (#11916) (#11950) * Use google/uuid to instead satori/go.uuid (#11943) (#11946) * Align show/hide outdated button on code review block (#11932) (#11944) * Update to go-git v5.1.0 (#11936) (#11941) * Use ID or Where to instead directly use Get when load object from database (#11925) (#11934) * Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915) * Invalidate comments when file is shortened (#11882) (#11884) * Rework api/user/repos for pagination (#11827) (#11877) * Handle more pathological branch and tag names (#11843) (#11863) * Add doctor check to set IsArchived false if it is null (partial #11853) (#11859) * Prevent panic on empty HOST for mysql (#11850) (#11856) * Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836) * Fix reply octicon (#11821) (#11822) * Honor DEFAULT_PAGING_NUM for API (#11805) (#11813) * Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809) * In File Create/Update API return 404 if Branch does not exist (#11791) (#11795) * Fix doer of rename repo (#11789) (#11794) * Initialize SimpleMDE when making a code comment (#11749) (#11785) * Fix timezone on issue deadline (#11697) (#11784) * Fix to allow comment poster to edit or delete his own comments (#11671) (#11774) * Show full 500 error in API when Gitea in dev mode (#11641) (#11753) * Add missing templates for Matrix system webhooks (#11729) (#11748) * Fix verification of subkeys of default gpg key (#11713) (#11747) * Fix styling for commiter on diff view (#11715) (#11744) * Properly truncate system notices (#11714) (#11742) * Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718) * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682) * Doctor check & fix db consistency (#11111) (#11676) * Exclude generated files from language statistics (#11653) (#11670) * Return json on 500 error from API (#11574) (#11659) * When must change password only show Signout (#11600) (#11637) * Backport various styling fixes (#11619) * Fix wrong milestone in webhook message (#11596) (#11611) * Fix serviceworker output file and misc improvements (#11562) (#11610) * When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608) * Prevent empty query parameter being set on dashboard (#11561) (#11604) * Fix images in wiki edit preview (#11546) (#11602) * Prevent (caught) panic on login (#11590) (#11597) * Prevent transferring repos to invisible orgs (#11517) (#11549) * Move serviceworker to workbox and fix SSE interference (#11538) (#11547) * API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533) * Fix repo-list private and total count bugs (#11500) (#11532) * Fix form action template substitutions on admin pages (backport #11519) (#11531) * Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530) * TrimSpace when reading InternalToken from a file (#11502) (#11524) * Fix selected line color in arc-green (#11492) (#11520) * Make localstorage read ssh or https correctly (#11483) (#11490) * Check branch protection on IsUserAllowedToUpdate (#11448) * Fix margin on attached segment headers when they are separated by other element (#11425) * Fix webhook template when validation errors occur (#11421) * Fix NPE in template due to missing signing key on commit page (#11392) * Restore active background to Register button on Register page (#11390) * Fix hook failure due to relative LFS_CONTENT_PATH (#11362) * Correctly set the organization num repos (#11339) * Prevent 500 with badly formed task list (#11328) * Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327) * Handle panics that percolate up to the graceful module (#11291) * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248) * Patch fomantic-ui to workaround build issue (#11244) * Prevent panic during wrappedConn close at hammertime (#11219) * On logout force redirect to start page (#11202) * Fix creation of Organization repos by Users with max created personal repos (#11183) * Add option to increase provided OAuth2 token maximum size (#11180) * Log the indexer path on failure (#11172) * Ensure that relative paths in edit preview work (#11143) * Make API EditIssue and EditPullRequest issue notifications (#11123) * Send 404 immediately for known public requests (#11117) * Remove nil inserts in models (#11096) * Add GetReviews() to RetryDownloader (#11093) * Remove nonexistent serviceworker entries (#11091) * Simplify and fix GetApprovalCounts (#11086) * Fix wiki revision template and simplify some tmpl conditions (#11080) * Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067) * Align review-item svg octicons (#11065) * Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997) * Users should not be able to prohibit their own login (#10970) * Fix scrollbar issues in dropdowns (#10897) * Change the order of issues.closed_by to list opening user first (#10876) * Allow site admin to check /api/v1/orgs endpoints (#10867) * Avoid logging []byte in queue failures - convert to string first (#10865) * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863) * Fix assignees double load bug (#10856) * Handle push rejection in branch and upload (#10854) * In authorized_keys use double-quote for windows compatibility (#10841) * Fix milestone template (#10824) * log.Fatal on failure to listen to SSH port (#10795) * Fix forked repo has no icon and language stat. (#10791) * Fix tag/release deletion (#10663) * Fix webhook migration (#10641) * Migration for deleting orphaned dependencies (#10617) * Add migration to fix the old broken merge-bases (#10604) * Update templates for Go 1.14 (#10596) * Remove unnecessary parentheses in wiki/view template (#10583) * Change default value of DefaultCommandExecutionTimeout to match docs (#10581) * Handle panic in indexer initialisation better (#10534) * Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456) * Fixed wrong AppSubUrl in multiple templates (#10447) * Fix profile page CSS (#10406) * Inject SVG sprite via ajax (#10320) * Fix migration information update bug when linked github account (#10310) * Allow admin to check org membership by API for other users (#10201) * Fix topics dropdown (#10167) * Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134) * Fix IsErrPullClosed (#10093) * Accept punctuation after simple+cross repository issue references (#10091) * On merge of already closed PR redirect back to the pulls page (#10010) * Fix crowdin update script (#9969) * Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927) * Add option to prevent LDAP from deactivating everything on empty search (#9879) * Fix admin handling at merge of PR (#9749) * err_admin_name_pattern_not_allowed String Clarification (#9731) * Fix wrong original git service type on a migrated repository (#9693) * Fix ref links in issue overviews for tags (#8742) * ENHANCEMENTS * Fix search form button overlap (#11840) (#11864) * Make tabular menu styling consistent for arc-green (#11570) (#11798) * Add option to API to update PullRequest base branch (#11666) (#11796) * Increase maximum SQLite variables count to 32766 (#11696) (#11783) * Update emoji dataset with skin tone variants (#11678) (#11763) * Add logging to long migrations (#11647) (#11691) * Change language statistics to save size instead of percentage (#11681) (#11690) * Allow different HardBreaks settings for documents and comments (#11515) (#11599) * Fix alignment for commits on dashboard (#11595) (#11680) * Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673) * Handle expected errors in AddGPGkey API (#11644) (#11661) * Close EventSource before unloading the page (#11539) (#11557) * Ensure emoji render with regular font-weight (#11541) (#11545) * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542) * Tweak reaction buttons (#11516) * Use more toned colors for selected line (#11493) (#11511) * Increase width for authors on commit view (#11441) * Hide archived repos by default in repo-list (#11440) * Better styling for code review comment textarea (#11428) * Support view individual commit for wiki pages (#11415) * Fix yellow background on active elements in code review (#11414) * Better styling for code review comment form (#11413) * Change install description on homepage (#11395) * Ensure search action button is coalesced to adjacent input (#11385) * Switch code editor to Monaco (#11366) * Add paging and archive/private repository filtering to dashboard list (#11321) * Changed image of openid-connect logo for better look on arc-green theme (#11312) * Load Repo Topics on blame view too (#11307) * Change the style in admin notice content view from `<p>` to `<pre>` (#11301) * Allow log.xxx.default to set logging settings for the default logger only (#11292) * Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285) * Make sendmail a Process and have default timeout (#11256) * Check value of skip-repository flag in dump command (#11254) * Fix submit review form (#11252) * Allow unauthenticated users to compare (#11240) * Add EventSource support (#11235) * Refactor Milestone related (#11225) * Add pull review API endpoints (#11224) * Add a 'this' to issue close/reopened messages (#11204) * When migrating from Gitlab map Approvals to approving Reviews (#11147) * Improve representation of attachments in issues (#11141) * Protect default branch against deletion (#11115) * Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113) * Fix status label on branches list vertical alignment (#11109) * Add single release page and latest redirect (#11102) * Add missing commit states to PR checks template (#11085) * Change icon on title for merged PR to git-merge (#11064) * Add MergePull comment type instead of close for merge PR (#11058) * Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055) * Consolidate author name across timeline (#11053) * Refactor UpdateOAuth2Application (#11034) * Support unicode emojis and remove emojify.js (#11032) * Add git hook "warning" to admin panel (#11030) * Add flash notify for email preference setting success (#11027) * Remove package code.gitea.io/gitea/modules/git import out of models (#11025) * Match arc-green code tag color to code blocks (#11023) * Move syntax highlighting to web worker (#11017) * Prevent merge of outdated PRs on protected branches (#11012) * Add Get/Update for api/v1/user/applications/oauth2 (#11008) * Upgrade to most recent bluemonday (#11007) * Tweak code tags in markdown (#11000) * Reject duplicate AccessToken names (#10994) * Fix Ctrl-Enter shortcut for issues (#10986) * Provide `OwnerName` field for README template (#10981) * Prettify Timeline (#10972) * Add issue subscription check to API (#10967) * Use AJAX for notifications table (#10961) * Adjust label padding (#10957) * Avoiding directory execution on hook (#10954) (#10955) * Migrate ActivityHeatmap to Vue SFC (#10953) * Change merge strategy: do not check write access if user in merge white list (#10951) * Enable GO111MODULE=on globally in Makefile (#10939) * API endpoint to get single commit via SHA and Ref (#10915) * Add accordion to release list and hide non-latest (#10910) * Split dashboard elements into separate template files (#10885) * Add more message on sidebar menus (#10872) * Set MySQL rowtype to dynamic for new tables (#10833) * Completely fix task-list checkbox styling (#10798) * Hide gear icon for user who can't use them on sidebar (#10750) * Refactor Cron and merge dashboard tasks (#10745) * Change review status icons on pr view style to github style (#10737) * Make pagination optional for API list notification endpoints (#10714) * Fix tab indentation in code view (#10671) * Fix task-list checkbox styling (#10668) * Multiple LFS improvements (#10667) * Make PR message on pushes configurable (#10664) * Move dropzone.js to npm/webpack (#10645) * Ensure Update button is enabled even when CI has failed (#10640) * Add restricted user filter to LDAP authentication (#10600) * Add Yandex OAuth2 provider (#8335) (#10564) * Make avatar lookup occur at image request (#10540) * Prevent accidential selection of language stats bar (#10537) * Add fluid-icon (#10491) * Inform participants on UI too (#10473) * Build with go 1.14 (and raise minimum go version to 1.12) (#10467) * Add max-file-size to LFS (#10463) * Enable paggination for ListRepoTags API (#10454) * Update JS dependencies (#10450) * Show the username as a fallback on feeds if full name is blank (#10438) * Various dark theme fixes (#10416) * Display pull request head branch even the branch deleted or repository deleted (#10413) * Prevent Firefox from using apple-touch-icon (#10402) * Fix input[type=file] on dark theme (#10382) * Improve mobile review-box sizing (#10297) * Notification: queue ui.go notification-service (#10281) * Add detected file language to code search (#10256) * Index code and stats only for non-empty repositories (#10251) * Add Approval Counts to pulls list (#10238) * Limit label list height on edit issue page (#10216) * Improve 404 error message (#10214) * Tweak locale to respect singular conflicting file message in PR list (#10177) * Fix commit view (#10169) * Reorganize frontend files and tooling (#10168) * Allow emoji on popup label (#10166) * ListIssues add filter for milestones API (#10148) * Show if a PR has conflicting files on the PR lists (#10130) * Fix inconsistent label color format in API (#10129) * Show download count info in release list (#10124) * Add Octicon SVG spritemap (#10107) * Update aria-fixed semantic-dropdown to fomantic master (#10096) * Fix apple-touch-icon, regenerate images (#10065)(#10006) * Style blockquote for default issue mail template (#10024) * More expansions in template repositories (#10021) * Allow list collaborators for users with Read access to repo (#9995) * Add explicit dimensions to navbar avatar (#9986) * Remove loadCSS and preload woff2 icon fonts (#9976) * Fix commit view JS features, reimplement folding (#9968) * Fix review avatar image (#9962) * Improve notification pager (#9821) * Move jquery and jquery-migrate to npm/webpack (#9813) * Change font to Roboto to support more charsets (#9803) * Move mailer to use a queue (#9789) * Issue search on my related repositories (#9758) * Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685) * Move tracked time api convert to convert package (#9665) * Improve PR info in default merge message (#9635) * Granular webhook events (#9626) * Add Reviewed-on in commit message (#9623) * Add top author stats to activity page (#9615) * Allow repo admin to merge PR regardless of review status (#9611) * Migrate reactions when migrating repository from github (#9599) * API orgEditTeam make Fields optional (#9556) * Move create/fork repository from models to modules/repository (#9489) * Migrate reviews when migrating repository from github (#9463) * Times API add filters (#9373) * Move push commits from models to modules/repository (#9370) * Add API endpoint to check notifications [Extend #9488] (#9595) * Add GET /orgs API endpoint (#9560) * API add/generalize pagination (#9452) * Make create org repo API call same as github (#9186) * BUILD * Turn off go modules for xgo and gxz (#10963) * Add gitea-vet (#10948) * Rename scripts to build and add revive command as a new build tool command (#10942) * Add 'make lint', restructure 'compliance' pipeline (#10861) * Move JS build dependencies to 'dependencies' (#10763) * Use whitelist to find go files, run find only once (#10594) * Move vue and vue-calendar-heatmap to npm/webpack (#10188) * Move jquery.are-you-sure to npm/webpack (#10063) * Move highlight.js to npm/webpack (#10011) * Generate Bindata if TAGS="bindata" and not up-to-date (#10004) * Move CSS build to webpack (#9983) * Move fomantic target, update 'make help' (#9945) * Add css extraction and minification to webpack (#9944) * Misc webpack tweaks (#9924) * Make node_modules a order-only prerequisite (#9923) * Update documentation for the go module era (#9751) * Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714) * Use npm to manage fomantic and only build needed components (#9561) * MISC * Add gnupg to Dockerfile (#11365) * Update snapcraft.yaml for core18 and latest features (#11300) * Update JS dependencies, min Node.js version 10.13 (#11246) * Change default charset for MySQL on install to utf8mb4 (#10989) * Return issue subscription status from API subscribe (#10966) * Fix queue log param (#10733) * Add warning when using relative path to app.ini (#10104) ## [1.11.7](https://github.com/go-gitea/gitea/releases/tag/v1.11.7) - 2020-06-18 * BUGFIXES * Use ID or Where to instead directly use Get when load object from database (#11925) (#11935) * Fix __webpack_public_path__ for 1.11 (#11907) * Fix verification of subkeys of default gpg key (#11713) (#11902) * Remove unnecessary parentheses in wiki/view template (#11781) * Doctor fix xorm.Count nil on sqlite error (#11741)
2020-06-17Revbump Go packages after Go 1.14.4 update.bsiegert1-1/+2
2020-06-03gitea: Update to 1.11.6jperkin2-12/+19
Patch submitted by teutat3s. Changes since 1.11.5: ## [1.11.6](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) - 2020-05-30 * SECURITY * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683) * Use session for retrieving org teams (#11438) (#11439) * BUGFIXES * Return json on 500 error from API (#11574) (#11660) * Fix wrong milestone in webhook message (#11596) (#11612) * Prevent (caught) panic on login (#11590) (#11598) * Fix commit page js error (#11527) * Use media links for img in post-process (#10515) (#11504) * Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475) * Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461) * Allow all members of private orgs to see public repos (#11442) (#11459) * Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457) * Forcibly clean and destroy the session on logout (#11447) (#11451) * Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381) * Add tracked time fix to doctor (part of #11111) (#11138) * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544) * Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 (#11481)
2020-06-02Revbump for icuadam1-2/+2
2020-05-21gitea: Bump PKGREVISION for previous.jperkin1-1/+2
Apologies for the double commit, accidentally specified filename to cvs ci.
2020-05-21gitea: Various fixes.jperkin4-20/+65
Add a target to generate the frontend artefacts that are required at runtime, but do not build them by default as they require nodejs/npm which will download node modules during the build. Instead use a pre-built copy stored in LOCAL_PORTS. The web interface should now look correct. Use the supplied Makefile to simplify some of the targets. Remove unnecessary MAKE_DIRS (shadows an OWN_DIRS_PERMS), and fix permissions on some of the installed files. Based on joyent/pkgsrc#263 from GitHub user teutat3s.
2020-05-17gitea: Update to 1.11.5nia2-8/+7
## [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) - 2020-05-09 * BUGFIXES * Prevent timer leaks in Workerpool and others (#11333) (#11340) * Fix tracked time issues (#11349) (#11354) * Add NotifySyncPushCommits to indexer notifier (#11309) (#11338) * Allow X in addition to x in tasks (#10979) (#11335) * When delete tracked time through the API return 404 not 500 (#11319) (#11326) * Prevent duplicate records in organizations list when creating a repository (#11303) (#11325) * Manage port in submodule refurl (#11305) (#11323) * api.Context.NotFound(...) should tolerate nil (#11288) (#11306) * Show pull request selection even when unrelated branches (#11239) (#11283) * Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282) * Fix GetContents(): Dont't ignore Executables (#11192) (#11209) * Fix submodule paths when AppSubUrl is not root (#11098) (#11176) * Prevent clones and pushes to disabled wiki (#11131) (#11134) * Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130) * On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125) * Refresh codemirror on show pull comment tab (#11100) (#11122) * Fix merge dialog on protected branch with missing required statuses (#11074) (#11084) * Load pr Issue Poster on API too (#11033) (#11039) * Fix release counter on API repository info (#10968) (#10996) * Generate Diff and Patch direct from Pull head (#10936) (#10938) * Fix rebase conflict detection in git 2.26 (#10929) (#10930) * ENHANCEMENT * Fix 404 and 500 image size in small size screen (#11043) (#11049) * Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)
2020-05-01www/gitea: fix the SUBST block for updating the version numberrillig1-5/+6
In the distfile gitea-1.11.4.tar.gz, the version number is written as 1.9.0-dev, which is probably a mistake. Make sure that this version number is always fixed, until this inconsistency is fixed upstream.
2020-04-12Revbump all Go packages after default version switch to 1.14.bsiegert1-2/+2
2020-04-12Recursive revision bump after textproc/icu updateadam1-1/+2
2020-04-05gitea: Update to 1.11.4nia2-8/+7
## [1.11.4](https://github.com/go-gitea/gitea/releases/tag/v1.11.4) - 2020-04-01 * BUGFIXES * Only update merge_base if not already merged (#10909) * Fix milestones too many SQL variables bug (#10880) (#10904) * Protect against NPEs in notifications list (#10879) (#10883) * Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868) * Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797) * Account for empty lines in receive-hook message (#10773) (#10784) * Fix bug on branch API (#10767) (#10775) * Migrate to go-git/go-git v5.0.0 (#10735) (#10753) * Fix hiding of fields in authorization source page (#10734) (#10752) * Prevent default for linkAction (#10742) (#10743)
2020-03-21Revbump all Go packages after go113 update.bsiegert1-1/+2
2020-03-17gitea: Update to 1.11.3nia2-7/+7
## [1.11.3](https://github.com/go-gitea/gitea/releases/tag/v1.11.3) - 2020-03-10 * BUGFIXES * Prevent panic in stopwatch (#10670) (#10673) * Fix bug on pull view when required status check no ci result (#10648) (#10651) * Build explicitly with Go 1.13 (#10684)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-29 13:23:40 +0000