v1.8.0-rc2

• BUGFIXES
  • Disable benchmarking during tag events on DroneIO (#6365) (#6366)
  • Make sure units of a team are returned (#6379) (#6381)
  • Don't Unescape redirect_to cookie value (#6399) (#6401)
  • Fix dump table name error and add some test for dump database (#6394) (#6402)
  • Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
  • Display correct error for invalid mirror interval (#6414) (#6429)
  • Clean up ref name rules (#6437) (#6439)
  • Fix Hook & HookList in Swagger (#6432) (#6440)
  • Change order that PostProcess Processors are run (#6445) (#6447)

v1.7.5

• BUGFIXES
  • Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
  • Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)·
  • Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)

v1.8.0-rc1

• BREAKING
  • Add "ghost" and "notifications" to list of reserved user names. (#6208)
  • Change sqlite DB path default to data directory (#6198)
  • Adds MustChangePassword to user create/edit API (#6193)
  • Disable redirect for i18n (#5910)
  • Releases API paging (#5831)
  • Allow Macaron to be set to log through to gitea.log (#5667)
  • Don't close issues via commits on non-default branch (#5622)
• FEATURE
  • Add regenerate secret feature for oauth2 (#6291)
  • Expose issue stopwatch toggling via API (#5970)
  • Add other session providers (#5963)
  • Pull request conflict files detection (#5951)
  • Integrate OAuth2 Provider (#5378)
  • Implement "conversation lock" for issue comments (#5073)
  • Feature: Archive repos (#5009)
  • Discord Oauth2 support (#4476)
  • Allow to set organization visibility (public, internal, private) (#1763)
  • Added URL mapping for Release attachments like on github.com (#1707)
• ENHANCEMENT
  • Add support for client basic auth for exchanging access tokens (#6293)
  • Add ability to sort issues by due date (#6206) (#6244)
  • Style tweaks to issue selection (#6196)
  • Increase Username and Orgname MaxSize 35 -> 40 (#6178)
  • Coverage profile with multiple packages (#6167)
  • Split setting.go to multiple files (#6154)
  • Allow labels to contain emoji (#6063)
  • Disable git fsck for mirrored repos by default (#6018)
  • Add default time out for git operations (#6015)
  • Split setting.go as multiple files (#6014)
  • Make dashboard navbar and footer full-width (#6013)
  • Add lang specific font stacks for CJK (#6007)
  • Fix header menu misalignment (#6002)
  • Enhance closed PR and Issue status in the list (#6000)
  • Make navbar full width (#5998)
  • Add option to close issues via commit on a non master branch (#5992)
  • Support n as a line highlight prefix (#5987)
  • Search for org repos (#3031) (#5986)
  • Minor UI tweaks (#5980)
  • Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
  • Dashboard tweaks (#5974)
  • Fixes for repo topic editor (#5971)
  • Display the branch name in the commit view (#5950)
  • handle milestone events for issues and PR (#5947)
  • Add label names as filter in issue search api (#5946)
  • Repo header tweaks (#5945)
  • Better support for long repo names (#5932)
  • Fix wrapping long code lines (#5927)
  • Change GPG Validation colors and remove inline CSS (#5404) (#5896)
  • Fix "pulls.blocked_by_approvals" text (#5879)
  • Rename reject to 'request changes' (#5858)
  • Move input fields to add members to a team and repos to a team (#5853)
  • Config option to disable automatic repo watching (#5852)
  • New Issue ?body= query (#5851)
  • Add API to list tags (#5850)
  • Pagination for git tree API (#5838)
  • Add InternalTokenURI to load InternalToken from an external file (#5812)
  • Allow markdown files to read from the LFS (#5787)
  • Add the ability to use multiple labels as filters (#5786)
  • Adjust log settings when a user is not found. (#5771)
  • Log IP of failed ssh connection (#5766)
  • Moved defaults in defaults.go to setting.go (#5764)
  • Make DB connect more robust (#5738)
  • Add Default Pull Request Title (#5735)
  • Refactor repo.isBare to repo.isEmpty #5629 (#5714)
  • Add flag to skip repository dumping (#5695)
  • Prioritize "readme.md" (#5691)
  • Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
  • Allow for user specific themes (#5668)
  • Display branch name in delete branch confirmation modal. (#5654)
  • New API routes added (#5594)
  • Refactor notification for indexer (#5111)
  • Refactor mail notification (#5110)
  • Show email if the authenticated user owns the profile page being requested for (#4981)
  • Optimize pulls merging (#4921)
  • Sort Repositories widget by most recently updated (#3963) (#4599)
  • Allow markdown table to scroll (#4401)
  • Automatically clear stopwatch on merging a PR (#4327)
  • Add the Owner Name to differentiate when merging (#3807)
• BUGFIXES
  • Clean up various use of escape/unescape functions for URL generation (#6334)
  • Return 409 when creating repo if it already exists. (#6330)
  • Add same changes from issues page to milestone->issues page (#6328)
  • Fix ParsePatch function to work with quoted diff --git strings (#6323)
  • Fix reported issue in repo description (#6306)
  • Use url.PathEscape to escape the branchname (#6304)
  • Add robots.txt as reserved username (#6272)
  • Replace linkRegex with xurls library (#6261)
  • Remove visitLinksForShortLinks features (#6257)
  • Add unit types to repo action URL to correctly show 404 when archived (#6247)
  • Check organization visibility before everything else (#6234) (#6235)
  • Prevent double-close of issues (#6233)
  • Override xorm type mapping for U2F counter (#6232)
  • Add isAdmin to user API response (#6231)
  • Update git vendor to fix wrong release commit id and add migrations (#6224)
  • Fix fork button (#6223)
  • Fix renames over redirects (#6216)
  • Fix display dashboard even if require to change password (#6214)
  • Create a repo redirect when transferring ownership (#6210) (#6211)
  • Fix issue update race condition (#6194)
  • Fix bug when migrate repository 500 when repo is existed (#6188)
  • Fix scrollbar always present on page body (#6177)
  • Fix bug when set indexer as db and add tests (#6173)
  • Modify linkRegex to require http|https (#6171)
  • Fix bug user could change private repository to public when force private enabled. (#6156)
  • Fix admin list user/org API (#6143)
  • Make repo creation for API similar to UI (#6142)
  • Make document body a flexbox (#6139)
  • Refactor issue indexer, add some testing and fix a bug (#6131)
  • Load Issue attributes for API call (#6122)
  • Fix bug when update owner team then visit team's repo return 404 (#6119)
  • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
  • Show private organization for admin, fix #6111 (#6112)
  • Fix prohibit login check on authorization (#6106)
  • Move to ldap.v3 to fix #5928 (#6105)
  • Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
  • Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
  • Make sure labels are actually returned (#6053)
  • Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
  • After deleting a repo on admin panel, UI should remember the last sort type (#6033)
  • Default create repository on organisation on its dashboard (#6026)
  • Swagger: Remove spaces in MergePullRequestOption enum (#6016)
  • Fix metrics auth token detection (#6006)
  • Fix repo header issues (#5995)
  • Fix bug when deleting a linked account will removed all (#5989)
  • Make organization dropdown scrollable when using mouse wheel (#5988)
  • Fix empty ssh key importing in ldap (#5984)
  • Admin config page mailertype setting option update (#5973)
  • Fix redirect loop during forced password change (#5965)
  • Show user who created the repository instead of the organisation in action feed (#5948)
  • Remove all CommitStatus when a repo is deleted (#5940)
  • Fix ssh deploy and user key constraints (#1357) (#5939)
  • Fix log output (#5938)
  • Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
  • Fix compare button (#5929)
  • Fix bug when read public repo lfs file (#5912)
  • Only allow local login if password is non-empty (#5906)
  • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
  • Provide better panic handling (#5902)
  • Respect value of REQUIRE_SIGNIN_VIEW (#5901)
  • Show a 404 not a 500 if a repo does not exist (#5900)
  • Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
  • Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
  • Correct footer height if screen-width is to small (fixes #5878) (#5889)
  • In gitea serv switch off console logger to fix #5866 (#5887)
  • Don't allow pull requests to be created on an archived repository (#5883)
  • Support reviews on a deleted file path (#5880)
  • Fix compare button on upstream repo leading to 404 (#5877)
  • Fix null pointer on not logged in attempt to Sudo (#5872)
  • Fix new release creation API to allow empty target (#5870)
  • Fix an error while adding a dependency via UI. (#5862)
  • Fix failing migration v67 (#5849)
  • Fix delete correct temp directory (#5839)
  • Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
  • Fix topics saving internal error and disable for archived repos (#5821)
  • Fix TLS errors when using acme/autocert for local connections (#5820)
  • When creating new repository fsck option should be enabled (#5817)
  • Request for public keys only if LDAP attribute is set (#5816)
  • Fix serving of raw wiki files other than .md (#5814)
  • Fix migration 78 error mssql (#5791)
  • Disallow empty titles (#5785)
  • Fix the v78 migration script (#5776)
  • Ensure valid git author names passed in signatures (#5774)
  • Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
  • Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
  • Fixing PostgreSQL dump creation (#5747)
  • Add proper CORS preflight origin validation (#5740)
  • Disable auto-migrate in docker container (#5730)
  • In basic auth check for tokens before call UserSignIn (#5725)
  • Pooled and buffered gzip implementation (#5722)
  • Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
  • Keep file permissions during database migration (#5707)
  • Use correct value for "MSpan Structures Obtained" #4742 (#5706)
  • Refactor editor upload, update and delete to use git plumbing and add LFS s...

v1.7.4

• SECURITY
  • Fix potential XSS vulnerability in repository description. (#6306) (#6308)
• BUGFIXES
  • Fix wrong release commit id (#6224) (#6300)
  • Fix panic on empty signed commits (#6292) (#6300)
  • Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
  • Fix displaying dashboard even if required to change password (#6214) (#6215)

v1.7.3

• BUGFIXES
  • Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
  • Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
  • Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
  • Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
  • Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
  • Fix prohibit login check on authorization (#6106) (#6115)
  • Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
  • Fix deadlock in webhook PullRequest (#6102) (#6104)
  • Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
  • Fix compare button regression (#5929) (#6098)
  • Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)

v1.7.2

• BUGFIXES
  • Remove all CommitStatus when a repo is deleted (#5940) (#5941)
  • Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
  • Silence console logger in gitea serv (#5887) (#5943)
  • Handle milestone webhook events for issues and PR (#5947) (#5955)
  • Show user who created the repository instead of the organization in action feed (#5948) (#5956)
  • Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
  • Fix bug when deleting a linked account will removed all (#5989) (#5990)
  • Fix empty ssh key importing in ldap (#5984) (#6009)
  • Fix metrics auth token detection (#6006) (#6017)
  • Create repository on organisation by default on its dashboard (#6026) (#6048)
  • Make sure labels are actually returned in API (#6053) (#6059)
  • Switch to more recent build of xgo (#6070) (#6072)
  • In basic auth check for tokens before call UserSignIn (#5725) (#6083)

v1.7.1

• SECURITY
  • Disable redirect for i18n (#5910) (#5916)
  • Only allow local login if password is non-empty (#5906) (#5908)
  • Fix go-get URL generation (#5905) (#5907)
• BUGFIXES
  • Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
  • Request for public keys only if LDAP attribute is set (#5816) (#5819)
  • Fix delete correct temp directory (#5840) (#5839)
  • Fix an error while adding a dependency via UI (#5862) (#5876)
  • Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
  • When creating new repository fsck option should be enabled (#5817) (#5885)
  • Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
  • Fix bug when read public repo lfs file (#5913) (#5912)
  • Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
  • Fix compare button on upstream repo leading to 404 (#5877) (#5914)
• DOCS
  • Added docs for the tree api (#5835)
• MISC
  • Include Go toolchain to --version (#5832) (#5830)

v1.7.0

• SECURITY
  • Do not display the raw OpenID error in the UI (#5705) (#5712)
  • When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
  • Prevent DeleteFilePost doing arbitrary deletion (#5631)
• BREAKING
  • Restrict permission check on repositories and fix some problems (#5314)
  • Show only opened milestones on issues page milestone filter (#5051)
• FEATURE
  • Implement git refs API for listing references (branches, tags and other) (#5354)
  • Approvals at Branch Protection (#5350)
  • Add raw blob endpoint to get objects by SHA ID (#5334)
  • Add api for user to create org (#5268)
  • Create AuthorizedKeysCommand (#5236)
  • User action heatmap (#5131)
  • Refactor heatmap to vue component (#5401)
  • Webhook for Pull Request approval/rejection (#5027)
  • Add command for migrating database (#4954)
  • Search keyword by splitting provided values by , (#4939)
  • Create Progressive Web App (#4730)
  • Give user a link to create PR after push (#4716)
  • Add rebase with merge commit merge style (#3844) (#4052)
• BUGFIXES
  • Disallow empty titles (#5785) (#5794)
  • Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
  • Don't close issues via commits on non-default branch. (#5622) (#5643)
  • Fix commit page showing status for current default branch (#5650) (#5653)
  • Only count users own actions for heatmap contributions (#5647) (#5655)
  • Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
  • Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
  • Fix bug on modifying sshd username (#5624)
  • Delete tags in mirror which are removed for original repo. (#5609)
  • Fix wrong text getting saved on editing second comment on an issue. (#5608)
  • Fix nil pointer when adding a due date (#5587)
  • Fix type mismatch of format string (#5574)
  • Fix bug on upload file name (#5571)
  • Issue is not overdue when it is on the same date #5566 (#5568)
  • Fix indexer reindex bug when gitea restart (#5563)
  • Fix table name typo on SQL (#5562)
  • Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
  • Fix makefile generate buildstep (#5556)
  • Fix nil pointer base branch bug (#5555)
  • Fix permission check on api create org (#5523)
  • Fix detect force push failure on deletion of protected branches (#5522)
  • Fix approvals limitation (#5521)
  • Fix bug when a read perm user to edit his issue (#5516)
  • Fix adding reaction fail for read permission user (#5515)
  • Fixing MSSQL timestamp type (#5511)
  • Fix forgot deletion of notification when delete repository (#5506)
  • Fix empty wiki (#5504)
  • Fix clone wiki failed via ssh (#5503)
  • Fix code review on mssql (#5502)
  • Fix lfs version check warning log when using ssh protocol (#5501)
  • Fix topic name length on database (#5493)
  • Ensure that the closed_at is set for closed issues (#5449)
  • Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
  • Word-Break the WebHook url to prevent a ui-break (#5432)
  • Fix forgot removed records when deleting user (#5429)
  • Fix repository deletion when there is large number of issues in it (#5426)
  • Fix heatmap colors for Chrome/Safari (#5421)
  • Fix password variable shadowing (#5405)
  • Fix dependent issue searching when gitea is run in subpath (#5392)
  • Don't force a password change for the admin user when creating an account via cli (#5391)
  • API: '/orgs/:org/repos': return private repos with read access (#5383)
  • Don't send assign webhooks when creating issue (#5365)
  • Removing Labels via EditPullRequest API (#5348)
  • Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
  • Fix bug when users have serval teams with different units on different repositories (#5307)
  • Fix U2F if gitea is configured in subpath (#5302)
  • Fix file edit change preview functionality (#5300)
  • Update gitignore list (#5258)
  • Fixed heatmap not working in mssql (#5248)
  • Fixed wrong api request url for instances running in subfolders (#5247)
  • Fix compatibility heatmap with mysql 8 (#5232)
  • Fix data race on migrate repository (#5224)
  • Fix sqlite and mssql lock (#5214)
  • Fix sqlite lock (#5210)
  • Fix: Accept web-command cli flags if web-command is commited (#5200)
  • Fix: Add secret to all webhook's payload where it has been missing (#5199)
  • Fix race on updatesize (#5190)
  • Fix create team, update team missing units (#5188)
  • Fix sqlite lock (#5184 & #5176)
  • Fix showing pull request link when delete a branch (#5166)
  • Fix JSON result of empty array in heatmap data array (#5154)
  • Update build tags for sqlite_unlock notify (#5144)
  • This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
  • Fix deadlock when sqlite (#5118)
  • Add comment replies (#5104)
  • Fix home page template regression (#5102)
  • Fix regex to support optional end line of old section in diff hunk (#5096)
  • LDAP via simple auth separate bind user and search base (#5055)
  • Fix markdown image with link (#4675)
  • Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
• ENHANCEMENT
  • Delete organization endpoint added (#5601)
  • Update Licenses (#5558)
  • Support reverse proxy providing email (#5554)
  • Add git protocol v2 support via SSH on Docker image (#5520)
  • Add tests for api user orgs (#5494)
  • Allow link verification for services like Mastodon (#5481)
  • Improve team members and repositories settings UI (#5457)
  • Remove the required class from optional ssh port in installation page (#5428)
  • Explicitly disable Git credential helper (#5367)
  • Setting Labels via EditPullRequest API (#5347)
  • Implement pasting image from clipboard for browsers that supports that (#5317)
  • Milestone issues and pull requests (#5293)
  • Support envs on external render commands (#5278)
  • Add option to disable automatic mirror syncing. (#5242)
  • Remove unused db init on commands serv, update, hooks (#5225)
  • Serve audio files using HTML5 audio tag (#5221)
  • Pass link prefixes to external markup parsers (#5201)
  • Add AutoHead functionality. (#5186)
  • Fix emojis not showing in commit messages (#5168)
  • Block registration based on email domain (#5157)
  • Update vendor/go-sqlite3 (#5133 & #5162)
  • Update x/net lib (#5169)
  • Show review summary in pull requests (#5132)
  • Use type switch (#5122)
  • Remove duplicated if bodies (#5121)
  • Remove check for negative length (#5120)
  • Make switch more clear (#5119)
  • Use named const instead of a raw string (#5115)
  • Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
  • Refactor: err != nil check, just return error instead (#5093)
  • Add notification interface and refactor UI notifications (#5085)
  • Use APP_NAME on home page (#5048)
  • Explicitly decide whether to use TLS in mailer's configuration (#5024)
  • Generate random password (#5023)
  • UX of link account (Step 1) (#5006)
  • Make sure argsSet verifies string isn't empty too (#4980)
  • Improve performance of dashboard (#4977)
  • Keys API changes (#4960)
  • Add must-change-password flag to cli for creating a user (#4955)
  • Use native go method to get current user rather than environment variable (#4930)
  • Make gitea serv use api/internal (#4886)
  • Add support for search by uid (#4876)
  • Allow to add organization members as collaborators on organization owned repositories (#4748)
• TESTING
  • Kill testing processes if the test takes too long (#5174)
  • Update outdated Go toolchain version for .drone.yml (#5146)
  • Increase the retry limit to 20 times and the interval to 200ms (#5134)
  • Retry test-fixtures loading in case of transaction rollback (#5125)
  • Added test environment for mssql (#4282)
• BUILD
  • Replace lint to revive (#5422)
  • Update golang version in Dockerfile (#5246)
• DOCS
  • Typo in routers/api/v1/org/org.go fixed. (#5598)
  • Update the docs for sqlite_unlock_notify (#5145)
  • CN translation of docs part (#5049)
  • Kubernetes deployment file (#5046)
• MISC
  • Upgrade alpine to 3.8 (#5423)
  • Git-Trees API (#5403)
  • Only chown directories during docker setup if necessary. Fix #4425 (#5064)

v1.7.0-rc3

• SECURITY
  • Do not display the raw OpenID error in the UI (#5705) (#5712)
  • When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
• BUGFIX
  • Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
  • Don't close issues via commits on non-default branch. (#5622) (#5643)
  • Fix commit page showing status for current default branch (#5650) (#5653)
  • Only count users own actions for heatmap contributions (#5647) (#5655)
  • Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
  • Use correct value for "MSpan Structures Obtained" (#5706) (#5716)

v1.6.4

• BUGFIX
  • Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
  • When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
  • Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)