v1.12.5

• BUGFIXES
  • Allow U2F with default settings for gitea in subpath (#12990) (#13001)
  • Prevent empty div when editing comment (#12404) (#12991)
  • On mirror update also update address in DB (#12964) (#12967)
  • Allow extended config on cron settings (#12939) (#12943)
  • Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
  • Fix internal server error from ListUserOrgs API (#12910) (#12915)
  • Update only the repository columns that need updating (#12900) (#12912)
  • Fix panic when adding long comment (#12892) (#12894)
  • Add size limit for content of comment on action ui (#12881) (#12890)
  • Convert User expose ID each time (#12855) (#12883)
  • Support slashes in release tags (#12864) (#12882)
  • Add missing information to CreateRepo API endpoint (#12848) (#12867)
  • On Migration respect old DefaultBranch (#12843) (#12858)
  • Fix notifications page links (#12838) (#12853)
  • Stop cloning unnecessarily on PR update (#12839) (#12852)
  • Escape more things that are passed through str2html (#12622) (#12850)
  • Remove double escape on labels addition in comments (#12809) (#12810)
  • Fix "only mail on mention" bug (#12775) (#12789)
  • Fix yet another bug with diff file names (#12771) (#12776)
  • RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
  • Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
• ENHANCEMENTS
  • gitea dump: include version & Check InstallLock (#12760) (#12762)

v1.12.4

• SECURITY
  • Escape provider name in oauth2 provider redirect (#12648) (#12650)
  • Escape Email on password reset page (#12610) (#12612)
  • When reading expired sessions - expire them (#12686) (#12690)
• ENHANCEMENTS
  • StaticRootPath configurable at compile time (#12371) (#12652)
• BUGFIXES
  • Fix to show an issue that is related to a deleted issue (#12651) (#12692)
  • Expire time acknowledged for cache (#12605) (#12611)
  • Fix diff path unquoting (#12554) (#12575)
  • Improve HTML escaping helper (#12562)
  • models: break out of loop (#12386) (#12561)
  • Default empty merger list to those with write permissions (#12535) (#12560)
  • Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
  • Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
  • Remove hardcoded ES indexername (#12521) (#12526)
  • Fix bug preventing transfer to private organization (#12497) (#12501)
  • Keys should not verify revoked email addresses (#12486) (#12495)
  • Do not add prefix on http/https submodule links (#12477) (#12479)
  • Fix ignored login on compare (#12476) (#12478)
  • Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
  • Upgrade google/go-github to v32.1.0 (#12361) (#12390)
  • Render emoji's of Commit message on feed-page (#12373)
  • Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

v1.12.3

• BUGFIXES
  • Don't change creation date when updating Release (#12343) (#12351)
  • Show 404 page when release not found (#12328) (#12332)
  • Fix emoji detection in certain cases (#12320) (#12327)
  • Reduce emoji size (#12317) (#12327)
  • Fix double-indirection bug in logging IDs (#12294) (#12308)
  • Link to pull list page on sidebar when view pr (#12256) (#12263)
  • Extend Notifications API and return pinned notifications by default (#12164) (#12232)

v1.12.2

• BUGFIXES
  • When deleting repository decrese user repositry count in cache (#11954) (#12188)
  • Gitea commits API again returns commit summaries, not full messages (#12186) (#12187)
  • Properly set HEAD when a repo is created with a non-master default branch (#12135) (#12182)
  • Ensure Subkeys are verified (#12155) (#12168)
  • Fix failing to cache last commit with key being to long (#12151) (#12161)
  • Multiple small admin dashboard fixes (#12153) (#12156)
  • Remove spurious logging (#12139) (#12148)
  • Fix repository setup instructions when default branch is not master (#12122) (#12147)
  • Move EventSource to SharedWorker (#12095) (#12130)
  • Fix ui bug in wiki commit page (#12089) (#12125)
  • Fix gitgraph branch continues after merge (#12044) (#12105)
  • Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
  • Ensure BlameReaders close at end of request (#12102) (#12103)
  • Fix comments webhook panic backport (#12058)
• ENHANCEMENTS
  • Disable dropzone's timeout (#12024) (#12032)

v1.12.1

• BUGFIXES
  • Handle multiple merges in gitgraph.js (#11996) (#12000)
  • Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
  • For language detection do not try to analyze big files by content (#11971) (#11975)
• ENHANCEMENTS
  • Fix scrollable header on dropdowns (#11893) (#11965)

v1.11.8

• BUGFIXES
  • Really fix webpack_public_path for 1.11 (#11961)

v1.12.0

BREAKING

• When using API CreateRelease set created_unix to the tag commit time (#11218)
• Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162)
• Fix sanitizer config - multiple rules (#11133)
• Remove check on username when using AccessToken authentication for the API (#11015)
• Return 404 from Contents API when items don't exist (#10323)
• Notification API should always return a JSON object with the current count of notifications (#10059)
• Remove migration support from versions earlier than 1.6.0 (#10026)

SECURITY

• Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)

FEATURES

• Improve config logging when WrappedQueue times out (#11174)
• Add branch delete to API (#11112)
• Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047)
• Add a way to mark Conversation (code comment) resolved (#11037)
• Handle yaml frontmatter in markdown (#11016)
• Cache PullRequest Divergence (#10914)
• Make gitea admin auth list formatting configurable (#10844)
• Add Matrix webhook (#10831)
• Add Organization Wide Labels (#10814)
• Allow to set protected file patterns for files that can not be changed under no conditions (#10806)
• Option to set default branch at repository creation (#10803)
• Add request review from specific reviewers feature in pull request (#10756)
• Add NextCloud oauth (#10562)
• System-wide webhooks (#10546)
• Relax sanitization as per https://github.com/jch/html-pipeline (#10527)
• Use media links for img in post-process (#10515)
• Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
• Render READMEs in docs/ .gitea or .github from root (#10361)
• Add feishu webhook support (#10229)
• Cache last commit to accelerate the repository directory page visit (#10069)
• Implement basic app.ini and path checks to doctor cmd (#10064)
• Make WorkerPools and Queues flushable (#10001)
• Implement "embedded" command to extract static resources (#9982)
• Add API endpoint for repo transfer (#9947)
• Make archive prefixing configurable with a global setting (#9943)
• Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
• Issue/PR Context Popups (#9822)
• Add "Update Branch" button to Pull Requests (#9784)
• Add require signed commit for protected branch (#9708)
• Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
• Add API notification endpoints (#9488)
• Issue search support elasticsearch (#9428)
• Add API branch protection endpoint (#9311)
• Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
• Add support for migrating from Gitlab (#9084)
• Add support for database schema in PostgreSQL (#8819)
• Add setting to set default and global disabled repository units. (#8788)
• Language statistics bar for repositories (#8037)
• Restricted users (#6274)

BUGFIXES

• Fix commenting on non-utf8 encoded files (#11916) (#11950)
• Use google/uuid to instead satori/go.uuid (#11943) (#11946)
• Align show/hide outdated button on code review block (#11932) (#11944)
• Update to go-git v5.1.0 (#11936) (#11941)
• Use ID or Where to instead directly use Get when load object from database (#11925) (#11934)
• Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915)
• Invalidate comments when file is shortened (#11882) (#11884)
• Rework api/user/repos for pagination (#11827) (#11877)
• Handle more pathological branch and tag names (#11843) (#11863)
• Add doctor check to set IsArchived false if it is null (partial #11853) (#11859)
• Prevent panic on empty HOST for mysql (#11850) (#11856)
• Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836)
• Fix reply octicon (#11821) (#11822)
• Honor DEFAULT_PAGING_NUM for API (#11805) (#11813)
• Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809)
• In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
• Fix doer of rename repo (#11789) (#11794)
• Initialize SimpleMDE when making a code comment (#11749) (#11785)
• Fix timezone on issue deadline (#11697) (#11784)
• Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
• Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
• Add missing templates for Matrix system webhooks (#11729) (#11748)
• Fix verification of subkeys of default gpg key (#11713) (#11747)
• Fix styling for commiter on diff view (#11715) (#11744)
• Properly truncate system notices (#11714) (#11742)
• Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
• Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
• Doctor check & fix db consistency (#11111) (#11676)
• Exclude generated files from language statistics (#11653) (#11670)
• Return json on 500 error from API (#11574) (#11659)
• When must change password only show Signout (#11600) (#11637)
• Backport various styling fixes (#11619)
• Fix wrong milestone in webhook message (#11596) (#11611)
• Fix serviceworker output file and misc improvements (#11562) (#11610)
• When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
• Prevent empty query parameter being set on dashboard (#11561) (#11604)
• Fix images in wiki edit preview (#11546) (#11602)
• Prevent (caught) panic on login (#11590) (#11597)
• Prevent transferring repos to invisible orgs (#11517) (#11549)
• Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
• API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
• Fix repo-list private and total count bugs (#11500) (#11532)
• Fix form action template substitutions on admin pages (backport #11519) (#11531)
• Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
• TrimSpace when reading InternalToken from a file (#11502) (#11524)
• Fix selected line color in arc-green (#11492) (#11520)
• Make localstorage read ssh or https correctly (#11483) (#11490)
• Check branch protection on IsUserAllowedToUpdate (#11448)
• Fix margin on attached segment headers when they are separated by other element (#11425)
• Fix webhook template when validation errors occur (#11421)
• Fix NPE in template due to missing signing key on commit page (#11392)
• Restore active background to Register button on Register page (#11390)
• Fix hook failure due to relative LFS_CONTENT_PATH (#11362)
• Correctly set the organization num repos (#11339)
• Prevent 500 with badly formed task list (#11328)
• Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327)
• Handle panics that percolate up to the graceful module (#11291)
• Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248)
• Patch fomantic-ui to workaround build issue (#11244)
• Prevent panic during wrappedConn close at hammertime (#11219)
• On logout force redirect to start page (#11202)
• Fix creation of Organization repos by Users with max created personal repos (#11183)
• Add option to increase provided OAuth2 token maximum size (#11180)
• Log the indexer path on failure (#11172)
• Ensure that relative paths in edit preview work (#11143)
• Make API EditIssue and EditPullRequest issue notifications (#11123)
• Send 404 immediately for known public requests (#11117)
• Remove nil inserts in models (#11096)
• Add GetReviews() to RetryDownloader (#11093)
• Remove nonexistent serviceworker entries (#11091)
• Simplify and fix GetApprovalCounts (#11086)
• Fix wiki revision template and simplify some tmpl conditions (#11080)
• Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067)
• Align review-item svg octicons (#11065)
• Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
• Users should not be able to prohibit their own login (#10970)
• Fix scrollbar issues in dropdowns (#10897)
• Change the order of issues.closed_by to list opening user first (#10876)
• Allow site admin to check /api/v1/orgs endpoints (#10867)
• Avoid logging []byte in queue failures - convert to string first (#10865)
• Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
• Fix assignees double load bug (#10856)
• Handle push rejection in branch and upload (#10854)
• In authorized_keys use double-quote for windows compatibility (#10841)
• Fix milestone template (#10824)
• log.Fatal on failure to listen to SSH port (#10795)
• Fix forked repo has no icon and language stat. (#10791)
• Fix tag/release deletion (#10663)
• Fix webhook migration (#10641)
• Migration for deleting orphaned dependencies (#10617)
• Add migration to fix the old broken merge-bases (#10604)
• Update templates for Go 1.14 (#10596)
• Remove unnecessary parentheses in wiki/view template (#10583)
• Change default value of DefaultCommandExecutionTimeout to match docs (#10581)
• Handle panic in indexer initialisation better (#10534)
• Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456)
• Fixed wrong AppSubUrl in multiple templates (#10447)
• Fix profile page CSS (#10406)
• Inject SVG sprite via ajax (#10320)
• Fix migration information update bug when linked github account (#10310)
• Allow admin to check org membership by API for other users (#10201)
• Fix topics dropdown (#10167)
• Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
• Fix IsErrPullClosed (#10093)
• Accept punctuation after simple+cross repository issue references (#10091)
• On merge of already closed PR redirect back to the pulls page (#10010)
• Fix crowdin update scr...

v1.11.7

• BUGFIXES
  • Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
  • Fix webpack_public_path for 1.11 (#11907)
  • Fix verification of subkeys of default gpg key (#11713) (#11902)
  • Remove unnecessary parentheses in wiki/view template (#11781)
  • Doctor fix xorm.Count nil on sqlite error (#11741)

v1.12.0-rc2

• BUGFIXES
  • In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
  • Fix doer of rename repo (#11789) (#11794)
  • Initialize SimpleMDE when making a code comment (#11749) (#11785)
  • Fix timezone on issue deadline (#11697) (#11784)
  • Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
  • Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
  • Add missing templates for Matrix system webhooks (#11729) (#11748)
  • Fix verification of subkeys of default gpg key (#11713) (#11747)
  • Fix styling for commiter on diff view (#11715) (#11744)
  • Properly truncate system notices (#11714) (#11742)
  • Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
  • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
  • Update emoji regex (#11584) (#11679)
  • Doctor check & fix db consistency (#11111) (#11676)
  • Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673)
  • Exclude generated files from language statistics (#11653) (#11670)
  • Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)
  • Return json on 500 error from API (#11574) (#11659)
  • When must change password only show Signout (#11600) (#11637)
  • Backport various styling fixes (#11619)
  • Fix wrong milestone in webhook message (#11596) (#11611)
  • Fix serviceworker output file and misc improvements (#11562) (#11610)
  • When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
  • Prevent empty query parameter being set on dashboard (#11561) (#11604)
  • Fix images in wiki edit preview (#11546) (#11602)
  • Allow different HardBreaks settings for documents and comments (#11515) (#11599)
  • Prevent (caught) panic on login (#11590) (#11597)
  • Prevent transferring repos to invisible orgs (#11517) (#11549)
  • Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
  • API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
  • Fix repo-list private and total count bugs (#11500) (#11532)
  • Fix form action template substitutions on admin pages (backport #11519) (#11531)
  • Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
  • TrimSpace when reading InternalToken from a file (#11502) (#11524)
  • Fix selected line color in arc-green (#11492) (#11520)
  • Make localstorage read ssh or https correctly (#11483) (#11490)
• ENHANCEMENTS
  • Make tabular menu styling consistent for arc-green (#11570) (#11798)
  • Add option to API to update PullRequest base branch (#11666) (#11796)
  • Increase maximum SQLite variables count to 32766 (#11696) (#11783)
  • Update emoji dataset with skin tone variants (#11678) (#11763)
  • Add logging to long migrations (#11647) (#11691)
  • Change language statistics to save size instead of percentage (#11681) (#11690)
  • Fix alignment for commits on dashboard (#11595) (#11680)
  • Handle expected errors in AddGPGkey API (#11644) (#11661)
  • Close EventSource before unloading the page (#11539) (#11557)
  • Ensure emoji render with regular font-weight (#11541) (#11545)
  • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542)
  • Tweak reaction buttons (#11516)
  • Use more toned colors for selected line (#11493) (#11511)

v1.11.6

• SECURITY
  • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
  • Use session for retrieving org teams (#11438) (#11439)
• BUGFIXES
  • Return json on 500 error from API (#11574) (#11660)
  • Fix wrong milestone in webhook message (#11596) (#11612)
  • Prevent (caught) panic on login (#11590) (#11598)
  • Fix commit page js error (#11527)
  • Use media links for img in post-process (#10515) (#11504)
  • Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
  • Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461)
  • Allow all members of private orgs to see public repos (#11442) (#11459)
  • Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
  • Forcibly clean and destroy the session on logout (#11447) (#11451)
  • Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381)
  • Add tracked time fix to doctor (part of #11111) (#11138)
  • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
  • Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 (#11481)