Skip to content

Commit 236bef5

Browse files
arunavo4arunavo4
committed
Update CHANGELOG for v3.0.0 release
- Add comprehensive v3.0.0 release notes - Document breaking changes - Detail new features: token encryption, SSO/OIDC, header auth - Include migration requirements
1 parent 03bad9a commit 236bef5

File tree

1 file changed

+36
-0
lines changed

1 file changed

+36
-0
lines changed

CHANGELOG.md

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,42 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
## [3.0.0] - 2025-07-17
11+
12+
### 🔴 Breaking Changes
13+
- **Authentication System Overhaul**: Migrated from JWT to Better Auth session-based authentication
14+
- **Login Method Changed**: Users now log in with email instead of username
15+
- **Environment Variables**: `JWT_SECRET` renamed to `BETTER_AUTH_SECRET`, new `BETTER_AUTH_URL` required
16+
- **API Endpoints**: Authentication endpoints moved from `/api/auth/login` to `/api/auth/[...all]`
17+
18+
### Added
19+
- **Token Encryption**: All GitHub and Gitea tokens now encrypted with AES-256-GCM
20+
- **SSO/OIDC Support**: Enterprise authentication with OAuth providers (Google, Azure AD, Okta, Authentik, etc.)
21+
- **Header Authentication**: Support for reverse proxy authentication headers (Authentik, Authelia, Traefik Forward Auth)
22+
- **OAuth Provider**: Gitea Mirror can act as an OIDC provider for other applications
23+
- **Automated Migration**: Docker containers auto-migrate from v2 to v3
24+
- **Session Management**: Improved security with session-based authentication
25+
- **Database Migration System**: Drizzle Kit for better schema management
26+
- **Zod v4 Compatibility**: Updated to Zod v4 for schema validation
27+
28+
### Improved
29+
- **Security**: Enhanced error handling and security practices throughout
30+
- **Documentation**: Comprehensive migration guide for v2 to v3 upgrade
31+
- **User Management**: Better Auth provides improved user lifecycle management
32+
- **Database Schema**: Optimized with proper indexes and relationships
33+
- **Password Hashing**: Using bcrypt via Better Auth for secure password storage
34+
35+
### Fixed
36+
- Mirroring issues for starred repositories
37+
- Various security vulnerabilities in authentication system
38+
- Improved error handling across all API endpoints
39+
40+
### Migration Required
41+
- All users must re-authenticate after upgrade
42+
- Existing tokens will be automatically encrypted
43+
- Database schema updates applied automatically
44+
- See [Migration Guide](MIGRATION_GUIDE.md) for detailed instructions
45+
1046
## [2.22.0] - 2025-07-07
1147

1248
### Added

0 commit comments

Comments
 (0)