diff --git a/CHANGELOG.md b/CHANGELOG.md index 04fffd4a4e..ab8c2ac223 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,399 @@ This changelog goes through the changes that have been made in each release without substantial changes to our git log; to see the highlights of what has been added to each release, please refer to the [blog](https://blog.gitea.com). +## [1.22.4](https://github.com/go-gitea/gitea/releases/tag/v1.22.4) - 2024-11-14 + +* SECURITY + * Fix basic auth with webauthn (#32531) (#32536) + * Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479) +* PERFORMANCE + * Remove transaction for archive download (#32186) (#32520) +* BUGFIXES + * Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32365) (#32397) + * Fix get reviewers fails when selecting user without pull request permissions unit (#32415) (#32616) + * Fix adding index files to tmp directory (#32360) (#32593) + * Fix PR creation on forked repositories via API (#31863) (#32591) + * Fix missing menu tabs in organization project view page (#32313) (#32592) + * Support HTTP POST requests to `/userinfo`, aligning to OpenID Core specification (#32578) (#32594) + * Fix debian package clean up cron job (#32351) (#32590) + * Fix GetInactiveUsers (#32540) (#32588) + * Allow the actions user to login via the jwt token (#32527) (#32580) + * Fix submodule parsing (#32571) (#32577) + * Refactor find forks and fix possible bugs that weaken permissions check (#32528) (#32547) + * Fix some places that don't respect org full name setting (#32243) (#32550) + * Refactor push mirror find and add check for updating push mirror (#32539) (#32549) + * Fix basic auth with webauthn (#32531) (#32536) + * Fix artifact v4 upload above 8MB (#31664) (#32523) + * Fix oauth2 error handle not return immediately (#32514) (#32516) + * Fix action not triggered when commit message is too long (#32498) (#32507) + * Fix `GetRepoLink` nil pointer dereference on dashboard feed page when repo is deleted with actions enabled (#32501) (#32502) + * Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32397) (#32397) + * Fix the permission check for user search API and limit the number of returned users for `/user/search` (#32310) + * Fix SearchIssues swagger docs (#32208) (#32298) + * Fix dropdown content overflow (#31610) (#32250) + * Disable Oauth check if oauth disabled (#32368) (#32480) + * Respect renamed dependencies of Cargo registry (#32430) (#32478) + * Fix mermaid diagram height when initially hidden (#32457) (#32464) + * Fix broken releases when re-pushing tags (#32435) (#32449) + * Only provide the commit summary for Discord webhook push events (#32432) (#32447) + * Only query team tables if repository is under org when getting assignees (#32414) (#32426) + * Fix created_unix for mirroring (#32342) (#32406) + * Respect UI.ExploreDefaultSort setting again (#32357) (#32385) + * Fix broken image when editing comment with non-image attachments (#32319) (#32345) + * Fix disable 2fa bug (#32320) (#32330) + * Always update expiration time when creating an artifact (#32281) (#32285) + * Fix null errors on conversation holder (#32258) (#32266) (#32282) + * Only rename a user when they should receive a different name (#32247) (#32249) + * Fix checkbox bug on private/archive filter (#32236) (#32240) + * Add a doctor check to disable the "Actions" unit for mirrors (#32424) (#32497) + * Quick fix milestone deadline 9999 (#32423) + * Make `show stats` work when only one file changed (#32244) (#32268) + * Make `owner/repo/pulls` handlers use "PR reader" permission (#32254) (#32265) + * Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246) (#32252) +* MISC + * Remove unnecessary code: `GetPushMirrorsByRepoID` called on all repo pages (#32560) (#32567) + * Improve some sanitizer rules (#32534) + * Update nix development environment vor v1.22.x (#32495) + * Add warn log when deleting inactive users (#32318) (#32321) + * Update github.com/go-enry/go-enry to v2.9.1 (#32295) (#32296) + * Warn users when they try to use a non-root-url to sign in/up (#32272) (#32273) + +## [1.22.3](https://github.com/go-gitea/gitea/releases/tag/v1.22.3) - 2024-10-08 + +* SECURITY + * Fix bug when a token is given public only (#32204) (#32218) +* PERFORMANCE + * Increase `cacheContextLifetime` to reduce false reports (#32011) (#32023) + * Don't join repository when loading action table data (#32127) (#32143) +* BUGFIXES + * Fix javascript error when an anonymous user visits migration page (#32144) (#32179) + * Don't init signing keys if oauth2 provider is disabled (#32177) + * Fix wrong status of `Set up Job` when first step is skipped (#32120) (#32125) + * Fix bug when deleting a migrated branch (#32075) (#32123) + * Truncate commit message during Discord webhook push events (#31970) (#32121) + * Allow to set branch protection in an empty repository (#32095) (#32119) + * Fix panic when cloning with wrong ssh format. (#32076) (#32118) + * Fix rename branch permission bug (#32066) (#32108) + * Fix: database not update release when using `git push --tags --force` (#32040) (#32074) + * Add missing comment reply handling (#32050) (#32065) + * Do not escape relative path in RPM primary index (#32038) (#32054) + * Fix `/repos/{owner}/{repo}/pulls/{index}/files` endpoint not populating `previous_filename` (#32017) (#32028) + * Support allowed hosts for migrations to work with proxy (#32025) (#32026) + * Fix the logic of finding the latest pull review commit ID (#32139) (#32165) + * Fix bug in getting merged pull request by commit (#32079) (#32117) + * Fix wrong last modify time (#32102) (#32104) + * Fix incorrect `/tokens` api (#32085) (#32092) + * Handle invalid target when creating releases using API (#31841) (#32043) + * Check if the `due_date` is nil when editing issues (#32035) (#32042) + * Fix container parallel upload bugs (#32022) + * Fixed race condition when deleting documents by repoId in ElasticSearch (#32185) (#32188) + * Refactor CSRF protector (#32057) (#32069) + * Fix Bug in Issue/pulls list (#32081) (#32115) + * Include collaboration repositories on dashboard source/forks/mirrors list (#31946) (#32122) + * Add null check for responseData.invalidTopics (#32212) (#32217) +* TESTING + * Fix mssql ci with a new mssql version on ci (#32094) +* MISC + * Upgrade some dependencies include minio-go (#32166) + * Add bin to Composer Metadata (#32099) (#32106) + * Lazy load avatar images (#32051) (#32063) + * Upgrade cache to v0.2.1 (#32003) (#32009) + +## [1.22.2](https://github.com/go-gitea/gitea/releases/tag/v1.22.2) - 2024-08-28 + +* Security + * Replace v-html with v-text in search inputbox (#31966) (#31973) + * Fix nuget/conan/container packages upload bugs (#31967) (#31982) +* PERFORMANCE + * Refactor the usage of batch catfile (#31754) (#31889) +* BUGFIXES + * Fix overflowing content in action run log (#31842) (#31853) + * Scroll images in project issues separately from the remaining issue (#31683) (#31823) + * Add `:focus-visible` style to buttons (#31799) (#31819) + * Fix the display of project type for deleted projects (#31732) (#31734) + * Fix API owner ID should be zero when created repo secret (#31715) (#31811) + * Set owner id to zero when GetRegistrationToken for repo (#31725) (#31729) + * Fix API endpoint for registration-token (#31722) (#31728) + * Add permission check when creating PR (#31033) (#31720) + * Don't return 500 if mirror url contains special chars (#31859) (#31895) + * Fix agit automerge (#31207) (#31881) + * Add CfTurnstileSitekey context data to all captcha templates (#31874) (#31876) + * Avoid returning without written ctx when posting PR (#31843) (#31848) + * Fix raw wiki links (#31825) (#31845) + * Fix panic of ssh public key page after deletion of auth source (#31829) (#31836) + * Fixes for unreachable project issues when transfer repository from organization (#31770) (#31828) + * Show lock owner instead of repo owner on LFS setting page (#31788) (#31817) + * Fix `IsObjectExist` with gogit (#31790) (#31806) + * Fix protected branch files detection on pre_receive hook (#31778) (#31796) + * Add `TAGS` to `TEST_TAGS` and fix bugs found with gogit (#31791) (#31795) + * Rename head branch of pull requests when renaming a branch (#31759) (#31774) + * Fix wiki revision pagination (#31760) (#31772) + * Bump vue-bar-graph (#31705) (#31753) + * Distinguish LFS object errors to ignore missing objects during migration (#31702) (#31745) + * Make GetRepositoryByName more safer (#31712) (#31718) + * Fix a branch divergence cache bug (#31659) (#31661) + * Allow org team names of length 255 in create team form (#31564) (#31603) + * Use old behavior for telegram webhook (#31588) + * Bug fix for translation in ru (#31892) + * Fix actions notify bug (#31866) (#31875) + * Fix the component of access token list not mounted (#31824) (#31868) + * Add missing repository type filter parameters to pager (#31832) (#31837) + * Fix dates displaying in a wrong manner when we're close to the end of… (#31750) + * Fix "Filter by commit" Dropdown (#31695) (#31696) + * Properly filter issue list given no assignees filter (#31522) (#31685) + * Prevent update pull refs manually and will not affect other refs update (#31931)(#31955) + * Fix sort order for organization home and user profile page (#31921) (#31922) + * Fix search team (#31923) (#31942) + * Fix 500 error when state params is set when editing issue/PR by API (#31880) (#31952) + * Fix index too many file names bug (#31903) (#31953) + * Add lock for parallel maven upload (#31851) (#31954) +* MISC + * Remove "dsa-1024" testcases from Test_SSHParsePublicKey and Test_calcFingerprint (#31905) (#31914) + * Upgrade bleve to 2.4.2 (#31894) + * Remove unneccessary uses of `word-break: break-all` (#31637) (#31652) + * Return an empty string when a repo has no avatar in the repo API (#31187) (#31567) + * Upgrade micromatch to 4.0.8 (#31944) + * Update webpack to 5.94.0 (#31941) + +## [1.22.1](https://github.com/go-gitea/gitea/releases/tag/v1.22.1) - 2024-07-04 + +* SECURITY + * Add replacement module for `mholt/archiver` (#31267) (#31270) +* API + * Fix missing images in editor preview due to wrong links (#31299) (#31393) + * Fix duplicate sub-path for avatars (#31365) (#31368) + * Reduce memory usage for chunked artifact uploads to MinIO (#31325) (#31338) + * Remove sub-path from container registry realm (#31293) (#31300) + * Fix NuGet Package API for $filter with Id equality (#31188) (#31242) + * Add an immutable tarball link to archive download headers for Nix (#31139) (#31145) + * Add missed return after `ctx.ServerError` (#31130) (#31133) +* BUGFIXES + * Fix avatar radius problem on the new issue page (#31506) (#31508) + * Fix overflow menu flickering on mobile (#31484) (#31488) + * Fix poor table column width due to breaking words (#31473) (#31477) + * Support relative paths to videos from Wiki pages (#31061) (#31453) + * Fix new issue/pr avatar (#31419) (#31424) + * Increase max length of org team names from 30 to 255 characters (#31410) (#31421) + * Fix line number width in code preview (#31307) (#31316) + * Optimize runner-tags layout to enhance visual experience (#31258) (#31263) + * Fix overflow on push notification (#31179) (#31238) + * Fix overflow on notifications (#31178) (#31237) + * Fix overflow in issue card (#31203) (#31225) + * Split sanitizer functions and fine-tune some tests (#31192) (#31200) + * use correct l10n string (#31487) (#31490) + * Fix dropzone JS error when attachment is disabled (#31486) + * Fix web notification icon not updated once you read all notifications (#31447) (#31466) + * Switch to "Write" tab when edit comment again (#31445) (#31461) + * Fix the link for .git-blame-ignore-revs bypass (#31432) (#31442) + * Fix the wrong line number in the diff view page when expanded twice. (#31431) (#31440) + * Fix labels and projects menu overflow on issue page (#31435) (#31439) + * Fix Account Linking UpdateMigrationsByType (#31428) (#31434) + * Fix markdown math brackets render problem (#31420) (#31430) + * Fix rendered wiki page link (#31398) (#31407) + * Fix natural sort (#31384) (#31394) + * Allow downloading attachments of draft releases (#31369) (#31380) + * Fix repo graph JS (#31377) + * Fix incorrect localization `explorer.go` (#31348) (#31350) + * Fix hash render end with colon (#31319) (#31346) + * Fix line number widths (#31341) (#31343) + * Fix navbar `+` menu flashing on page load (#31281) (#31342) + * Fix adopt repository has empty object name in database (#31333) (#31335) + * Delete legacy cookie before setting new cookie (#31306) (#31317) + * Fix some URLs whose sub-path is missing (#31289) (#31292) + * Fix admin oauth2 custom URL settings (#31246) (#31247) + * Make pasted "img" tag has the same behavior as markdown image (#31235) (#31243) + * Fix agit checkout command line hint & fix ShowMergeInstructions checking (#31219) (#31222) + * Fix the possible migration failure on 286 with postgres 16 (#31209) (#31218) + * Fix branch order (#31174) (#31193) + * Fix markup preview (#31158) (#31166) + * Fix push multiple branches error with tests (#31151) (#31153) + * Fix API repository object format missed (#31118) (#31132) + * Fix missing memcache import (#31105) (#31109) + * Upgrade `github.com/hashicorp/go-retryablehttp` (#31499) + * Fix double border in system status table (#31363) (#31401) + * Fix bug filtering issues which have no project (#31337) (#31367) + * Fix #31185 try fix lfs download from bitbucket failed (#31201) (#31329) + * Add nix flake for dev shell (#30967) (#31310) + * Fix and clean up `ConfirmModal` (#31283) (#31291) + * Optimize repo-list layout to enhance visual experience (#31272) (#31276) + * fixed the dropdown menu for the top New button to expand to the left (#31273) (#31275) + * Fix Activity Page Contributors dropdown (#31264) (#31269) + * fix: allow actions artifacts storage migration to complete succesfully (#31251) (#31257) + * Make blockquote attention recognize more syntaxes (#31240) (#31250) + * Remove .segment from .project-column (#31204) (#31239) + * Ignore FindRecentlyPushedNewBranches err (#31164) (#31171) + * Use vertical layout for multiple code expander buttons (#31122) (#31152) + * Remove duplicate `ProxyPreserveHost` in Apache httpd doc (#31143) (#31147) + * Improve mobile review ui (#31091) (#31136) + * Fix DashboardRepoList margin (#31121) (#31128) + * Update pip related commands for docker (#31106) (#31111) + +## [1.22.0](https://github.com/go-gitea/gitea/releases/tag/v1.22.0) - 2024-05-27 + +This release stands as a monumental milestone in our development journey with a record-breaking incorporation of [1528](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+milestone%3A1.22.0+is%3Amerged) pull requests. It marks the most extensive update in Gitea's history, showcasing a plethora of new features and infrastructure improvements. + +Noteworthy advancements in this release include the introduction of `HTMX` and `Tailwind`, signaling a strategic shift as we gradually phase out `jquery` and `Fomantic UI`. These changes reflect our commitment to embracing modern technologies and enhancing the user experience. + +Key highlights of this release encompass significant changes categorized under `BREAKING`, `FEATURES`, `ENHANCEMENTS`, and `PERFORMANCE`, each contributing to a more robust and efficient Gitea platform. + +* BREAKING + * Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003) (#31020) + * Remember log in for a month by default (#30150) + * Breaking summary for template refactoring (#29395) + * All custom templates need to follow these changes + * Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662) + * Make offline mode as default to not connect external avatar service by default (#28548) + * Include public repos in the doer's dashboard for issue search (#28304) + * Use restricted sanitizer for repository description (#28141) + * Support storage base path as prefix (#27827) + * Enhanced auth token / remember me (#27606) + * Rename the default themes to `gitea-light`, `gitea-dark`, `gitea-auto` (#27419) + * If you didn't see the new themes, please remove the `[ui].THEMES` config option from `app.ini` + * Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (#27337) +* FEATURES + * Allow everyone to read or write a wiki by a repo unit setting (#30495) + * Use raw Wiki links for non-renderable Wiki files (#30273) + * Render embedded code preview by permalink in markdown (#30234) (#30249) + * Support repo code search without setting up an indexer (#29998) + * Support pasting URLs over markdown text (#29566) + * Allow to change primary email before account activation (#29412) + * Customizable "Open with" applications for repository clone (#29320) + * Allow options to disable user deletion from the interface on app.ini (#29275) + * Extend issue template YAML engine (#29274) + * Add support for `linguist-detectable` and `linguist-documentation` (#29267) + * Implement code frequency graph (#29191) + * Show commit status for releases (#29149) + * Add user blocking (#29028) + * Actions Artifacts v4 backend (#28965) + * Add merge style `fast-forward-only` (#28954) + * Retarget depending pulls when the parent branch is deleted (#28686) + * Add global setting on how timestamps should be rendered (#28657) + * Implement actions badge SVGs (#28102) + * Add skip ci functionality (#28075) + * Show latest commit for file (#28067) + * Allow to sync tags from the admin dashboard (#28045) + * Add Profile Readme for Organisations (#27955) + * Implement contributors graph (#27882) + * Artifact deletion in actions ui (#27172) + * Add API routes to get runner registration token (#27144) + * Add support for forking single branch (#25821) + * Add support for sha256 repositories (#23894) + * Add admin API route for managing user's badges (#23106) +* ENHANCEMENTS + * Make gitea webhooks openproject compatible (#28435) (#31081) + * Support using label names when changing issue labels (#30943) (#30958) + * Fix various problems around project board view (#30696) (#30902) + * Improve context popup rendering (#30824) (#30829) + * Allow to save empty comment (#30706) + * Prevent allow/reject reviews on merged/closed PRs (#30686) + * Initial support for colorblindness-friendly themes (#30625) + * Some NuGet package enhancements (#30280) (#30324) + * Markup color and font size fixes (#30282) (#30310) + * Show 12 lines in markup code preview (#30255) (#30257) + * Add `[other].SHOW_FOOTER_POWERED_BY` setting to hide `Powered by` (#30253) + * Pulse page improvements (#30149) + * Render code tags in commit messages (#30146) + * Prevent re-review and dismiss review actions on closed and merged PRs (#30065) + * Cancel previous runs of the same PR automatically (#29961) + * Drag-and-drop improvements for projects and issue pins (#29875) + * Add default board to new projects, remove uncategorized pseudo-board (#29874) + * Prevent layout shift in `` items (#29831) + * Add skip ci support for pull request title (#29774) + * Add more stats tables (#29730) + * Update API to return 'source_id' for users (#29718) + * Determine fuzziness of bleve indexer by keyword length (#29706) + * Expose fuzzy search for issues/pulls (#29701) + * Put an edit file button on pull request files to allow a quick operation (#29697) + * Fix action runner offline label padding (#29691) + * Update allowed attachment types (#29688) + * Completely style the webkit autofill (#29683) + * Highlight archived labels (#29680) + * Add a warning for disallowed email domains (#29658) + * Set user's 24h preference from their current OS locale (#29651) + * Add setting to disable user features when user login type is not plain (#29615) + * Improve natural sort (#29611) + * Make wiki default branch name changeable (#29603) + * Unify search boxes (#29530) + * Add support for API blob upload of release attachments (#29507) + * Detect broken git hooks (#29494) + * Sync branches to DB immediately when handling git hook calling (#29493) + * Allow options to disable user GPG key configuration from the interface on app.ini (#29486) + * Allow options to disable user SSH key configuration from the interface on app.ini (#29447) + * Use relative links for commits, mentions, and issues in markdown (#29427) + * Add ``, rename webcomponents (#29400) + * Include resource state events in Gitlab downloads (#29382) + * Properly migrate target branch change GitLab comment (#29340) + * Recolor dark theme to blue shade (#29283) + * Partially enable MSSQL case-sensitive collation support (#29238) + * Auto-update the system status in the admin dashboard (#29163) + * Integrate alpine `noarch` packages into other architectures index (#29137) + * Document how the TOC election process works (#29135) + * Tweak repo header (#29134) + * Make blockquote border size less aggressive (#29124) + * Downscale pasted PNG images based on metadata (#29123) + * Show `View at this point in history` for every commit (#29122) + * Add support for action artifact serve direct (#29120) + * Change webhook-type in create-view (#29114) + * Drop "@" from the email sender to avoid spam filters (#29109) + * Allow non-admin users to delete review requests (#29057) + * Improve user search display name (#29002) + * Include username in email headers (#28981) + * Show whether a PR is WIP inside popups (#28975) + * Also match weakly validated ETags (#28957) + * Support nuspec manifest download for Nuget packages (#28921) + * Fix hardcoded GitHub icon used as migrated release avatar (#28910) + * Propagate install_if and provider_priority to APKINDEX (#28899) + * Add artifacts v4 JWT to job message and accept it (#28885) + * Enable/disable owner and repo projects independently (#28805) + * Add non-JS fallback for reaction tooltips (#28785) + * Add the ability to see open and closed issues at the same time (#28757) + * Move sign-in labels to be above inputs (#28753) + * Display the latest sync time for pull mirrors on the repo page (#28712) + * Show in Web UI if the file is vendored and generated (#28620) + * Add orphaned topic consistency check (#28507) + * Add branch protection setting for ignoring stale approvals (#28498) + * Add option to set language in admin user view (#28449) + * Fix incorrect run order of action jobs (#28367) + * Add missing exclusive in advanced label options (#28322) + * Added instance-level variables (#28115) + * Add edit option for README.md (#28071) + * Fix link to `Code` tab on wiki commits (#28041) + * Allow to set explore page default sort (#27951) + * Improve PR diff view on mobile (#27883) + * Properly migrate automatic merge GitLab comments (#27873) + * Display issue task list on project cards (#27865) + * Add Index to pull_auto_merge.doer_id (#27811) + * Fix display member unit in the menu bar if there are no hidden members in public org (#27795) + * List all Debian package versions in `Packages` (#27786) + * Allow pull requests Manually Merged option to be used by non-admins (#27780) + * Only show diff file tree when more than one file changed (#27775) + * Show placeholder email in privacy popup (#27770) + * Revamp repo header (#27760) + * Add `must-change-password` command line parameter (#27626) + * Unify password changing and invalidate auth tokens (#27625) + * Add border to file tree 'sub-items' and add padding to 'item-file' (#27593) + * Add slow SQL query warning (#27545) + * Pre-register OAuth application for tea (#27509) + * Differentiate between `push` and `pull` `mirror sync in progress` (#27390) + * Link to file from its history (#27354) + * Add a shortcut to user's profile page to admin user details (#27299) + * Doctor: delete action entries without existing user (#27292) + * Show total TrackedTime on issue/pull/milestone lists (#26672) + * Don't show the new pull request button when the page is not compare pull (#26431) + * Add `Hide/Show all checks` button to commit status check (#26284) + * Improvements of releases list and tags list (#25859) +* PERFORMANCE + * Fix package list performance (#30520) (#30616) + * Add commit status summary table to reduce query from commit status table (#30223) + * Refactor markup/csv: don't read all to memory (#29760) + * Lazy load object format with command line and don't do it in OpenRepository (#29712) + * Add cache for branch divergence on branch list page (#29577) + * Do some performance optimization for issues list and view issue/pull (#29515) + * Cache repository default branch commit status to reduce query on commit status table (#29444) + * Use `crypto/sha256` (#29386) + * Some performance optimization on the dashboard and issues page (#29010) + * Add combined index for issue_user.uid and issue_id (#28080) + ## [1.21.11](https://github.com/go-gitea/gitea/releases/tag/v1.21.11) - 2024-04-07 * SECURITY