The NetBSD Project

CVS log for pkgsrc/www/gitea/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / gitea

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.114: download - view: text, markup, annotated - select for diffs
Thu Nov 14 22:22:04 2024 UTC (3 weeks, 4 days ago) by wiz
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.113: preferred, colored
Changes since revision 1.113: +2 -2 lines
*: recursive bump for icu 76 shlib major version bump

Revision 1.113: download - view: text, markup, annotated - select for diffs
Fri Nov 1 12:54:50 2024 UTC (5 weeks, 4 days ago) by wiz
Branches: MAIN
Diff to: previous 1.112: preferred, colored
Changes since revision 1.112: +2 -2 lines
*: revbump for icu downgrade

Revision 1.112: download - view: text, markup, annotated - select for diffs
Fri Nov 1 00:54:03 2024 UTC (5 weeks, 4 days ago) by wiz
Branches: MAIN
Diff to: previous 1.111: preferred, colored
Changes since revision 1.111: +2 -2 lines
*: recursive bump for icu 76.1 shlib bump

Revision 1.111: download - view: text, markup, annotated - select for diffs
Fri Sep 6 18:49:00 2024 UTC (3 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3
Diff to: previous 1.110: preferred, colored
Changes since revision 1.110: +2 -2 lines
Revbump all Go packages after go122 update

Revision 1.110: download - view: text, markup, annotated - select for diffs
Sun Aug 11 15:57:13 2024 UTC (3 months, 4 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.109: preferred, colored
Changes since revision 1.109: +2 -2 lines
Revbump all Go packages after update

Revision 1.109: download - view: text, markup, annotated - select for diffs
Wed Jul 3 06:59:35 2024 UTC (5 months, 1 week ago) by bsiegert
Branches: MAIN
Diff to: previous 1.108: preferred, colored
Changes since revision 1.108: +2 -2 lines
Revbump all Go packages after go122 security update

Revision 1.108: download - view: text, markup, annotated - select for diffs
Thu Jun 13 13:47:12 2024 UTC (5 months, 3 weeks ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2024Q2-base, pkgsrc-2024Q2
Diff to: previous 1.107: preferred, colored
Changes since revision 1.107: +2 -1 lines
Revbump all Go packages after go122 update

Revision 1.107: download - view: text, markup, annotated - select for diffs
Sun Jun 9 22:55:38 2024 UTC (6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.106: preferred, colored
Changes since revision 1.106: +4 -5 lines
gitea: update to 1.22.0.

This release stands as a monumental milestone in our development
journey with a record-breaking incorporation of 1481 pull requests.
It marks the most extensive update in Gitea's history, showcasing
a plethora of new features and infrastructure improvements.

Noteworthy advancements in this release include the introduction
of HTMX and Tailwind, signaling a strategic shift as we gradually
phase out jquery and Fomantic UI. These changes reflect our commitment
to embracing modern technologies and enhancing the user experience.

BREAKING

    Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003) (#31020)
    Remember log in for a month by default (#30150)
    Breaking summary for template refactoring (#29395)
        All custom templates need to follow these changes
    Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)
    Make offline mode as default to not connect external avatar service by default (#28548)
    Include public repos in the doer's dashboard for issue search (#28304)
    Use restricted sanitizer for repository description (#28141)
    Support storage base path as prefix (#27827)
    Enhanced auth token / remember me (#27606)
    Rename the default themes to gitea-light, gitea-dark, gitea-auto (#27419)
        If you didn't see the new themes, please remove the [ui].THEMES config option from app.ini
    Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (#27337)

FEATURES

    Allow everyone to read or write a wiki by a repo unit setting (#30495)
    Use raw Wiki links for non-renderable Wiki files (#30273)
    Render embedded code preview by permalink in markdown (#30234) (#30249)
    Support repo code search without setting up an indexer (#29998)
    Support pasting URLs over markdown text (#29566)
    Allow to change primary email before account activation (#29412)
    Customizable "Open with" applications for repository clone (#29320)
    Allow options to disable user deletion from the interface on app.ini (#29275)
    Extend issue template YAML engine (#29274)
    Add support for linguist-detectable and linguist-documentation (#29267)
    Implement code frequency graph (#29191)
    Show commit status for releases (#29149)
    Add user blocking (#29028)
    Actions Artifacts v4 backend (#28965)
    Add merge style fast-forward-only (#28954)
    Retarget depending pulls when the parent branch is deleted (#28686)
    Add global setting on how timestamps should be rendered (#28657)
    Implement actions badge SVGs (#28102)
    Add skip ci functionality (#28075)
    Show latest commit for file (#28067)
    Allow to sync tags from the admin dashboard (#28045)
    Add Profile Readme for Organisations (#27955)
    Implement contributors graph (#27882)
    Artifact deletion in actions ui (#27172)
    Add API routes to get runner registration token (#27144)
    Add support for forking single branch (#25821)
    Add support for sha256 repositories (#23894)
    Add admin API route for managing user's badges (#23106)

ENHANCEMENTS

    Make gitea webhooks openproject compatible (#28435) (#31081)
    Support using label names when changing issue labels (#30943) (#30958)
    Fix various problems around project board view (#30696) (#30902)
    Improve context popup rendering (#30824) (#30829)
    Allow to save empty comment (#30706)
    Prevent allow/reject reviews on merged/closed PRs (#30686)
    Initial support for colorblindness-friendly themes (#30625)
    Some NuGet package enhancements (#30280) (#30324)
    Markup color and font size fixes (#30282) (#30310)
    Show 12 lines in markup code preview (#30255) (#30257)
    Add [other].SHOW_FOOTER_POWERED_BY setting to hide Powered by (#30253)
    Pulse page improvements (#30149)
    Render code tags in commit messages (#30146)
    Prevent re-review and dismiss review actions on closed and merged PRs (#30065)
    Cancel previous runs of the same PR automatically (#29961)
    Drag-and-drop improvements for projects and issue pins (#29875)
    Add default board to new projects, remove uncategorized pseudo-board (#29874)
    Prevent layout shift in <overflow-menu> items (#29831)
    Add skip ci support for pull request title (#29774)
    Add more stats tables (#29730)
    Update API to return 'source_id' for users (#29718)
    Determine fuzziness of bleve indexer by keyword length (#29706)
    Expose fuzzy search for issues/pulls (#29701)
    Put an edit file button on pull request files to allow a quick operation (#29697)
    Fix action runner offline label padding (#29691)
    Update allowed attachment types (#29688)
    Completely style the webkit autofill (#29683)
    Highlight archived labels (#29680)
    Add a warning for disallowed email domains (#29658)
    Set user's 24h preference from their current OS locale (#29651)
    Add setting to disable user features when user login type is not plain (#29615)
    Improve natural sort (#29611)
    Make wiki default branch name changeable (#29603)
    Unify search boxes (#29530)
    Add support for API blob upload of release attachments (#29507)
    Detect broken git hooks (#29494)
    Sync branches to DB immediately when handling git hook calling (#29493)
    Allow options to disable user GPG key configuration from the interface on app.ini (#29486)
    Allow options to disable user SSH key configuration from the interface on app.ini (#29447)
    Use relative links for commits, mentions, and issues in markdown (#29427)
    Add <overflow-menu>, rename webcomponents (#29400)
    Include resource state events in Gitlab downloads (#29382)
    Properly migrate target branch change GitLab comment (#29340)
    Recolor dark theme to blue shade (#29283)
    Partially enable MSSQL case-sensitive collation support (#29238)
    Auto-update the system status in the admin dashboard (#29163)
    Integrate alpine noarch packages into other architectures index (#29137)
    Document how the TOC election process works (#29135)
    Tweak repo header (#29134)
    Make blockquote border size less aggressive (#29124)
    Downscale pasted PNG images based on metadata (#29123)
    Show View at this point in history for every commit (#29122)
    Add support for action artifact serve direct (#29120)
    Change webhook-type in create-view (#29114)
    Drop "@" from the email sender to avoid spam filters (#29109)
    Allow non-admin users to delete review requests (#29057)
    Improve user search display name (#29002)
    Include username in email headers (#28981)
    Show whether a PR is WIP inside popups (#28975)
    Also match weakly validated ETags (#28957)
    Support nuspec manifest download for Nuget packages (#28921)
    Fix hardcoded GitHub icon used as migrated release avatar (#28910)
    Propagate install_if and provider_priority to APKINDEX (#28899)
    Add artifacts v4 JWT to job message and accept it (#28885)
    Enable/disable owner and repo projects independently (#28805)
    Add non-JS fallback for reaction tooltips (#28785)
    Add the ability to see open and closed issues at the same time (#28757)
    Move sign-in labels to be above inputs (#28753)
    Display the latest sync time for pull mirrors on the repo page (#28712)
    Show in Web UI if the file is vendored and generated (#28620)
    Add orphaned topic consistency check (#28507)
    Add branch protection setting for ignoring stale approvals (#28498)
    Add option to set language in admin user view (#28449)
    Fix incorrect run order of action jobs (#28367)
    Add missing exclusive in advanced label options (#28322)
    Added instance-level variables (#28115)
    Add edit option for README.md (#28071)
    Fix link to Code tab on wiki commits (#28041)
    Allow to set explore page default sort (#27951)
    Improve PR diff view on mobile (#27883)
    Properly migrate automatic merge GitLab comments (#27873)
    Display issue task list on project cards (#27865)
    Add Index to pull_auto_merge.doer_id (#27811)
    Fix display member unit in the menu bar if there are no hidden members in public org (#27795)
    List all Debian package versions in Packages (#27786)
    Allow pull requests Manually Merged option to be used by non-admins (#27780)
    Only show diff file tree when more than one file changed (#27775)
    Show placeholder email in privacy popup (#27770)
    Revamp repo header (#27760)
    Add must-change-password command line parameter (#27626)
    Unify password changing and invalidate auth tokens (#27625)
    Add border to file tree 'sub-items' and add padding to 'item-file' (#27593)
    Add slow SQL query warning (#27545)
    Pre-register OAuth application for tea (#27509)
    Differentiate between push and pull mirror sync in progress (#27390)
    Link to file from its history (#27354)
    Add a shortcut to user's profile page to admin user details (#27299)
    Doctor: delete action entries without existing user (#27292)
    Show total TrackedTime on issue/pull/milestone lists (#26672)
    Don't show the new pull request button when the page is not compare pull (#26431)
    Add Hide/Show all checks button to commit status check (#26284)
    Improvements of releases list and tags list (#25859)

PERFORMANCE

    Fix package list performance (#30520) (#30616)
    Add commit status summary table to reduce query from commit status table (#30223)
    Refactor markup/csv: don't read all to memory (#29760)
    Lazy load object format with command line and don't do it in OpenRepository (#29712)
    Add cache for branch divergence on branch list page (#29577)
    Do some performance optimization for issues list and view issue/pull (#29515)
    Cache repository default branch commit status to reduce query on commit status table (#29444)
    Use crypto/sha256 (#29386)
    Some performance optimization on the dashboard and issues page (#29010)
    Add combined index for issue_user.uid and issue_id (#28080)

Revision 1.106: download - view: text, markup, annotated - select for diffs
Sat Jun 1 14:03:04 2024 UTC (6 months, 1 week ago) by bsiegert
Branches: MAIN
Diff to: previous 1.105: preferred, colored
Changes since revision 1.105: +2 -2 lines
Revbump all Go packages, default Go version is now 1.22.

Revision 1.105: download - view: text, markup, annotated - select for diffs
Wed May 29 16:34:49 2024 UTC (6 months, 1 week ago) by adam
Branches: MAIN
Diff to: previous 1.104: preferred, colored
Changes since revision 1.104: +2 -1 lines
revbump after icu and protobuf updates

Revision 1.104: download - view: text, markup, annotated - select for diffs
Tue May 14 11:33:21 2024 UTC (6 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.103: preferred, colored
Changes since revision 1.103: +10 -8 lines
gitea: update to 1.21.11.

1.21.11


    SECURITY
        Use go1.21.9 to include Golang security fix
        Fix possible renderer security problem (#30136) (#30315)
        Performance optimization for git push and check permissions for push options (#30104) (#30354)
    BUGFIXES
        Fix close file in the Upload func (#30262) (#30269)
        Fix inline math blocks can't be preceeded/followed by alphanumerical characters (#30175) (#30250)
        Fix missing 0 prefix of GPG key id (#30245) (#30247)
        Include encoding in signature payload (#30174) (#30181)
        Move from max( id ) to max( index ) for latest commit statuses (#30076) (#30155)
        Load attachments for code comments (#30124) (#30126)
        Fix gitea doctor will remove repo-avatar files when executing command storage-archives (#30094) (#30120)
        Fix possible data race on tests (#30093) (#30108)
        Fix duplicate migrated milestones (#30102) (#30105)
        Fix panic for fixBrokenRepoUnits16961 (#30068) (#30100)
        Fix incorrect SVGs (#30087) (#30086)
        Fix create commit status (#30225) (#30340)
        Fix misuse of unsupported global variables (#30402)
        Fix to delete the cookie when AppSubURL is non-empty (#30375) (#30468)
        Avoid user does not exist error when detecting schedule actions when the commit author is an external user (#30357) (#30408)
        Change the default maxPerPage for gitbucket (#30392) (#30471)
        Check the token's owner and repository when registering a runner (#30406) (#30412)
        Avoid losing token when updating mirror settings (#30429) (#30466)
        Fix commit status cache which missed target_url (#30426) (#30445)
        Fix rename branch 500 when the target branch is deleted but exist in database (#30430) (#30437)
        Fix mirror error when mirror repo is empty (#30432) (#30467)
        Use db.ListOptions directly instead of Paginator interface to make it easier to use and fix performance of /pulls and /issues (#29990) (#30447)
        Fix code owners will not be mentioned when a pull request comes from a forked repository (#30476) (#30497)
    DOCS
        Update actions variables documents (#30394) (#30405)
    MISC
        Update katex to 0.16.10 (#30089)
        Upgrade go-sqlite to v1.14.22 (#30462)

1.21.10


    BUGFIXES
        Fix Add/Remove WIP on pull request title failure (#29999) (#30066)
        Fix misuse of TxContext (#30061) (#30062)
        Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org (#30013) (#30035)
    MISC
        Escape paths for find file correctly (#30026) (#30031)
        Remove duplicate option in admin screen and now-unused translation keys (#28492) (#30024)
        Fix manual merge form and 404 page templates (#30000)

1.21.9


v1.21.9

    PERFORMANCE
        Only do counting when count_only=true for repo dashboard (#29884) (#29905)
        Add cache for dashboard commit status (#29932)
    ENHANCEMENT
        Make runs-on support variable expression (#29468) (#29782)
        Show Actions post step when it's running (#29926) (#29928)
    BUGFIXES
        Fix PR creation via API between branches of the same repo with head field namespaced (#26986) (#29857)
        Fix and rewrite markup anchor processing (#29931) (#29946)
        Notify reviewers added via CODEOWNERS (#29842) (#29902)
        Fix template error when comment review doesn't exist (#29888) (#29889)
        Fix user id column case (#29863) (#29867)
        Make meilisearch do exact search for issues (#29740 & #29671) (#29846)
        Fix the for attribute not pointing to the ID of the color picker (#29813) (#29815)
        Fix codeowner detected diff base branch to mergebase (#29783) (#29807)
        Fix Safari spinner rendering (#29801) (#29802)
        Fix missing translation on milestones (#29785) (#29789)
        Fix user router possible panic (#29751) (#29786)
        Fix possible NPE in ToPullReviewList (#29759) (#29775)
        Fix the wrong default value of ENABLE_OPENID_SIGNIN on docs (#29925) (#29927)
        Solving the issue of UI disruption when the review is deleted without refreshing (#29951) (#29968)
        Fix loadOneBranch panic (#29938) (#29939)
        Fix invalid link of the commit status when ref is tagged (#29752) (#29908)
        Editor error message misleading due to re-used key. (#29859) (#29876)
        Fix double border and border-radius on empty action steps (#29845) (#29850)
        Use Temporal.PlainDate for absolute dates (#29804) (#29808)
        Fix incorrect package link method calls in templates (#29580) (#29764)
        Fix the bug that the user may log out if GetUserByID returns unknown error (#29962) (#29964)
        Performance improvements for pull request list page (#29900) (#29972)
        Fix bugs in rerunning jobs (#29983) (#29955)

Revision 1.103: download - view: text, markup, annotated - select for diffs
Fri Apr 5 19:14:12 2024 UTC (8 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.102: preferred, colored
Changes since revision 1.102: +2 -1 lines
Revbump all Go packages after go121 update

Revision 1.102: download - view: text, markup, annotated - select for diffs
Sun Mar 17 13:47:26 2024 UTC (8 months, 3 weeks ago) by tm
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1
Diff to: previous 1.101: preferred, colored
Changes since revision 1.101: +4 -5 lines
gitea: update to 1.21.6

* SECURITY
  * Fix XSS vulnerabilities (#29336)
  * Use general token signing secret (#29205) (#29325)
* ENHANCEMENTS
  * Refactor git version functions and check compatibility (#29155) (#29157)
  * Improve user experience for outdated comments (#29050) (#29086)
  * Hide code links on release page if user cannot read code (#29064) (#29066)
  * Wrap contained tags and branches again (#29021) (#29026)
  * Fix incorrect button CSS usages (#29015) (#29023)
  * Strip trailing newline in markdown code copy (#29019) (#29022)
  * Implement some action notifier functions (#29173) (#29308)
  * Load outdated comments when (un)resolving conversation on PR timeline (#29203) (#29221)
* BUGFIXES
  * Refactor issue template parsing and fix API endpoint (#29069) (#29140)
  * Fix swift packages not resolving (#29095) (#29102)
  * Remove SSH workaround (#27893) (#29332)
  * Only log error when tag sync fails (#29295) (#29327)
  * Fix SSPI user creation (#28948) (#29323)
  * Improve the `issue_comment` workflow trigger event (#29277) (#29322)
  * Discard unread data of `git cat-file` (#29297) (#29310)
  * Fix error display when merging PRs (#29288) (#29309)
  * Prevent double use of `git cat-file` session. (#29298) (#29301)
  * Fix missing link on outgoing new release notifications (#29079) (#29300)
  * Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
  * Always write proc-receive hook for all git versions (#29287) (#29291)
  * Do not show delete button when time tracker is disabled (#29257) (#29279)
  * Workaround to clean up old reviews on creating a new one (#28554) (#29264)
  * Fix bug when the linked account was disactived and list the linked accounts (#29263)
  * Do not use lower tag names to find releases/tags (#29261) (#29262)
  * Fix missed edit issues event for actions (#29237) (#29251)
  * Only delete scheduled workflows when needed (#29091) (#29235)
  * Make submit event code work with both jQuery event and native event (#29223) (#29234)
  * Fix push to create with capitalize repo name (#29090) (#29206)
  * Use ghost user if user was not found (#29161) (#29169)
  * Dont load Review if Comment is CommentTypeReviewRequest (#28551) (#29160)
  * Refactor parseSignatureFromCommitLine (#29054) (#29108)
  * Avoid showing unnecessary JS errors when there are elements with different origin on the page (#29081) (#29089)
  * Fix gitea-origin-url with default ports (#29085) (#29088)
  * Fix orgmode link resolving (#29024) (#29076)
  * Fix Elasticsearh Request Entity Too Large #28117 (#29062) (#29075)
  * Do not render empty comments (#29039) (#29049)
  * Avoid sending update/delete release notice when it is draft (#29008) (#29025)
  * Fix gitea-action user avatar broken on edited menu (#29190) (#29307)
  * Disallow merge when required checked are missing (#29143) (#29268)
  * Fix incorrect link to swift doc and swift package-registry login command (#29096) (#29103)
  * Convert visibility to number (#29226) (#29244)
* DOCS
  * Remove outdated docs from some languages (#27530) (#29208)
  * Fix typos in the documentation (#29048) (#29056)
  * Explained where create issue/PR template (#29035)

* SECURITY
  * Prevent anonymous container access if `RequireSignInView` is enabled (#28877) (#28882)
  * Update go dependencies and fix go-git (#28893) (#28934)
* BUGFIXES
  * Revert "Speed up loading the dashboard on mysql/mariadb (#28546)" (#29006) (#29007)
  * Fix an actions schedule bug (#28942) (#28999)
  * Fix update enable_prune even if mirror_interval is not provided (#28905) (#28929)
  * Fix uploaded artifacts should be overwritten (#28726) backport v1.21 (#28832)
  * Preserve BOM in web editor (#28935) (#28959)
  * Strip `/` from relative links (#28932) (#28952)
  * Don't remove all mirror repository's releases when mirroring (#28817) (#28939)
  * Implement `MigrateRepository` for the actions notifier (#28920) (#28923)
  * Respect branch info for relative links (#28909) (#28922)
  * Don't reload timeline page when (un)resolving or replying conversation (#28654) (#28917)
  * Only migrate the first 255 chars of a Github issue title (#28902) (#28912)
  * Fix sort bug on repository issues list (#28897) (#28901)
  * Fix `DeleteCollaboration` transaction behaviour (#28886) (#28889)
  * Fix schedule not trigger bug because matching full ref name with short ref name (#28874) (#28888)
  * Fix migrate storage bug (#28830) (#28867)
  * Fix archive creating LFS hooks and breaking pull requests (#28848) (#28851)
  * Fix reverting a merge commit failing (#28794) (#28825)
  * Upgrade xorm to v1.3.7 to fix a resource leak problem caused by Iterate (#28891) (#28895)
  * Fix incorrect PostgreSQL connection string for Unix sockets (#28865) (#28870)
* ENHANCEMENTS
  * Make loading animation less aggressive (#28955) (#28956)
  * Avoid duplicate JS error messages on UI (#28873) (#28881)
  * Bump `@github/relative-time-element` to 4.3.1 (#28819) (#28826)
* MISC
  * Warn that `DISABLE_QUERY_AUTH_TOKEN` is false only if it's explicitly defined (#28783) (#28868)
  * Remove duplicated checkinit on git module (#28824) (#28831)

* SECURITY
  * Update github.com/cloudflare/circl (#28789) (#28790)
  * Require token for GET subscription endpoint (#28765) (#28768)
* BUGFIXES
  * Use refname:strip-2 instead of refname:short when syncing tags (#28797) (#28811)
  * Fix links in issue card (#28806) (#28807)
  * Fix nil pointer panic when exec some gitea cli command (#28791) (#28795)
  * Require token for GET subscription endpoint (#28765) (#28778)
  * Fix button size in "attached header right" (#28770) (#28774)
  * Fix `convert.ToTeams` on empty input (#28426) (#28767)
  * Hide code related setting options in repository when code unit is disabled (#28631) (#28749)
  * Fix incorrect URL for "Reference in New Issue" (#28716) (#28723)
  * Fix panic when parsing empty pgsql host (#28708) (#28709)
  * Upgrade xorm to new version which supported update join for all supported databases (#28590) (#28668)
  * Fix alpine package files are not rebuilt (#28638) (#28665)
  * Avoid cycle-redirecting user/login page (#28636) (#28658)
  * Fix empty ref for cron workflow runs (#28640) (#28647)
  * Remove unnecessary syncbranchToDB with tests (#28624) (#28629)
  * Use known issue IID to generate new PR index number when migrating from GitLab (#28616) (#28618)
  * Fix flex container width (#28603) (#28605)
  * Fix the scroll behavior for emoji/mention list (#28597) (#28601)
  * Fix wrong due date rendering in issue list page (#28588) (#28591)
  * Fix `status_check_contexts` matching bug (#28582) (#28589)
  * Fix 500 error of searching commits (#28576) (#28579)
  * Use information from previous blame parts (#28572) (#28577)
  * Update mermaid for 1.21 (#28571)
  * Fix 405 method not allowed CORS / OIDC (#28583) (#28586) (#28587) (#28611)
  * Fix `GetCommitStatuses` (#28787) (#28804)
  * Forbid removing the last admin user (#28337) (#28793)
  * Fix schedule tasks bugs (#28691) (#28780)
  * Fix issue dependencies (#27736) (#28776)
  * Fix system webhooks API bug (#28531) (#28666)
  * Fix when private user following user, private user will not be counted in his own view (#28037) (#28792)
  * Render code block in activity tab (#28816) (#28818)
* ENHANCEMENTS
  * Rework markup link rendering (#26745) (#28803)
  * Modernize merge button (#28140) (#28786)
  * Speed up loading the dashboard on mysql/mariadb (#28546) (#28784)
  * Assign pull request to project during creation (#28227) (#28775)
  * Show description as tooltip instead of title for labels (#28754) (#28766)
  * Make template `DateTime` show proper tooltip (#28677) (#28683)
  * Switch destination directory for apt signing keys (#28639) (#28642)
  * Include heap pprof in diagnosis report to help debugging memory leaks (#28596) (#28599)
* DOCS
  * Suggest to use Type=simple for systemd service (#28717) (#28722)
  * Extend description for ARTIFACT_RETENTION_DAYS (#28626) (#28630)
* MISC
  * Add -F to commit search to treat keywords as strings (#28744) (#28748)
  * Add download attribute to release attachments (#28739) (#28740)
  * Concatenate error in `checkIfPRContentChanged` (#28731) (#28737)
  * Improve 1.21 document for Database Preparation (#28643) (#28644)

* SECURITY
  * Update golang.org/x/crypto (#28519)
* API
  * chore(api): support ignore password if login source type is LDAP for creating user API (#28491) (#28525)
  * Add endpoint for not implemented Docker auth (#28457) (#28462)
* ENHANCEMENTS
  * Add option to disable ambiguous unicode characters detection (#28454) (#28499)
  * Refactor SSH clone URL generation code (#28421) (#28480)
  * Polyfill SubmitEvent for PaleMoon (#28441) (#28478)
* BUGFIXES
  * Fix the issue ref rendering for wiki (#28556) (#28559)
  * Fix duplicate ID when deleting repo (#28520) (#28528)
  * Only check online runner when detecting matching runners in workflows (#28286) (#28512)
  * Initalize stroage for orphaned repository doctor (#28487) (#28490)
  * Fix possible nil pointer access (#28428) (#28440)
  * Don't show unnecessary citation JS error on UI (#28433) (#28437)
* DOCS
  * Update actions document about comparsion as Github Actions (#28560) (#28564)
  * Fix documents for "custom/public/assets/" (#28465) (#28467)
* MISC
  * Fix inperformant query on retrifing review from database. (#28552) (#28562)
  * Improve the prompt for "ssh-keygen sign" (#28509) (#28510)
  * Update docs for DISABLE_QUERY_AUTH_TOKEN (#28485) (#28488)
  * Fix Chinese translation of config cheat sheet[API] (#28472) (#28473)
  * Retry SSH key verification with additional CRLF if it failed (#28392) (#28464)

* SECURITY
  * Rebuild with recently released golang version
  * Fix missing check (#28406) (#28411)
  * Do some missing checks (#28423) (#28432)
* BUGFIXES
  * Fix margin in server signed signature verification view (#28379) (#28381)
  * Fix object does not exist error when checking citation file (#28314) (#28369)
  * Use `filepath` instead of `path` to create SQLite3 database file (#28374) (#28378)
  * Fix the runs will not be displayed bug when the main branch have no workflows but other branches have (#28359) (#28365)
  * Handle repository.size column being NULL in migration v263 (#28336) (#28363)
  * Convert git commit summary to valid UTF8. (#28356) (#28358)
  * Fix migration panic due to an empty review comment diff (#28334) (#28362)
  * Add `HEAD` support for rpm repo files (#28309) (#28360)
  * Fix RPM/Debian signature key creation (#28352) (#28353)
  * Keep profile tab when clicking on Language (#28320) (#28331)
  * Fix missing issue search index update when changing status (#28325) (#28330)
  * Fix wrong link in `protect_branch_name_pattern_desc` (#28313) (#28315)
  * Read `previous` info from git blame (#28306) (#28310)
  * Ignore "non-existing" errors when getDirectorySize calculates the size (#28276) (#28285)
  * Use appSubUrl for OAuth2 callback URL tip (#28266) (#28275)
  * Meilisearch: require all query terms to be matched (#28293) (#28296)
  * Fix required error for token name (#28267) (#28284)
  * Fix issue will be detected as pull request when checking `First-time contributor` (#28237) (#28271)
  * Use full width for project boards (#28225) (#28245)
  * Increase "version" when update the setting value to a same value as before (#28243) (#28244)
  * Also sync DB branches on push if necessary (#28361) (#28403)
  * Make gogit Repository.GetBranchNames consistent (#28348) (#28386)
  * Recover from panic in cron task (#28409) (#28425)
  * Deprecate query string auth tokens (#28390) (#28430)
* ENHANCEMENTS
  * Improve doctor cli behavior (#28422) (#28424)
  * Fix margin in server signed signature verification view (#28379) (#28381)
  * Refactor template empty checks (#28351) (#28354)
  * Read `previous` info from git blame (#28306) (#28310)
  * Use full width for project boards (#28225) (#28245)
  * Enable system users search via the API (#28013) (#28018)

* SECURITY
  * Fix comment permissions (#28213) (#28216)
* BUGFIXES
  * Fix delete-orphaned-repos (#28200) (#28202)
  * Make CORS work for oauth2 handlers (#28184) (#28185)
  * Fix missing buttons (#28179) (#28181)
  * Fix no ActionTaskOutput table waring (#28149) (#28152)
  * Fix empty action run title (#28113) (#28148)
  * Use "is-loading" to avoid duplicate form submit for code comment (#28143) (#28147)
  * Fix Matrix and MSTeams nil dereference (#28089) (#28105)
  * Fix incorrect pgsql conn builder behavior (#28085) (#28098)
  * Fix system config cache expiration timing (#28072) (#28090)
  * Restricted users only see repos in orgs which their team was assigned to (#28025) (#28051)
* API
  * Fix permissions for Token DELETE endpoint to match GET and POST (#27610) (#28099)
* ENHANCEMENTS
  * Do not display search box when there's no packages yet (#28146) (#28159)
  * Add missing `packages.cleanup.success` (#28129) (#28132)
* DOCS
  * Docs: Replace deprecated IS_TLS_ENABLED mailer setting in email setup (#28205) (#28208)
  * Fix the description about the default setting for action in quick start document (#28160) (#28168)
  * Add guide page to actions when there's no workflows (#28145) (#28153)
* MISC
  * Use full width for PR comparison (#28182) (#28186)

* BREAKING
  * Restrict certificate type for builtin SSH server (#26789)
  * Refactor to use urfave/cli/v2 (#25959)
  * Move public asset files to the proper directory (#25907)
  * Remove commit status running and warning to align GitHub (#25839) (partially reverted: Restore warning commit status (#27504) (#27529))
  * Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)
  * Set SSH_AUTHORIZED_KEYS_BACKUP to false (#25412)
* FEATURES
  * User details page (#26713)
  * Chore(actions): support cron schedule task (#26655)
  * Support rebuilding issue indexer manually (#26546)
  * Allow to archive labels (#26478)
  * Add disable workflow feature (#26413)
  * Support `.git-blame-ignore-revs` file (#26395)
  * Pre-register OAuth2 applications for git credential helpers (#26291)
  * Add `Retry` button when creating a mirror-repo fails (#26228)
  * Artifacts retention and auto clean up (#26131)
  * Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
  * Implement auto-cancellation of concurrent jobs if the event is push (#25716)
  * Newly pushed branches hints on repository home page (#25715)
  * Display branch commit status (#25608)
  * Add direct serving of package content (#25543)
  * Add commits dropdown in PR files view and allow commit by commit review (#25528)
  * Allow package cleanup from admin page (#25307)
  * Batch delete issue and improve tippy opts (#25253)
  * Show branches and tags that contain a commit (#25180)
  * Add actor and status dropdowns to run list (#25118)
  * Allow Organisations to have a E-Mail (#25082)
  * Add codeowners feature (#24910)
  * Actions Artifacts support uploading multiple files and directories (#24874)
  * Support configuration variables on Gitea Actions (#24724)
  * Support downloading raw task logs (#24451)
* API
  * Unify two factor check (#27915) (#27929)
  * Fix package webhook (#27839) (#27855)
  * Fix/upload artifact error windows (#27802) (#27840)
  * Fix bad method call when deleting user secrets via API (#27829) (#27831)
  * Do not force creation of _cargo-index repo on publish (#27266) (#27765)
  * Delete repos of org when purge delete user (#27273) (#27728)
  * Fix org team endpoint (#27721) (#27727)
  * Api: GetPullRequestCommits: return file list (#27483) (#27539)
  * Don't let API add 2 exclusive labels from same scope (#27433) (#27460)
  * Redefine the meaning of column is_active to make Actions Registration Token generation easier (#27143) (#27304)
  * Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27251)
  * Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27163)
  * Allow empty Conan files (#27092)
  * Fix token endpoints ignore specified account (#27080)
  * Reduce usage of `db.DefaultContext` (#27073) (#27083) (#27089) (#27103) (#27262) (#27265) (#27347) (#26076)
  * Make SSPI auth mockable (#27036)
  * Extract auth middleware from service (#27028)
  * Add `RemoteAddress` to mirrors (#26952)
  * Feat(API): add routes and functions for managing user's secrets (#26909)
  * Feat(API): add secret deletion functionality for repository (#26808)
  * Feat(API): add route and implementation for creating/updating repository secret (#26766)
  * Add Upload URL to release API (#26663)
  * Feat(API): update and delete secret for managing organization secrets (#26660)
  * Feat: implement organization secret creation API (#26566)
  * Add API route to list org secrets (#26485)
  * Set commit id when ref used explicitly (#26447)
  * PATCH branch-protection updates check list even when checks are disabled (#26351)
  * Add file status for API "Get a single commit from a repository" (#16205) (#25831)
  * Add API for changing Avatars (#25369)
* BUGFIXES
  * Fix viewing wiki commit on empty repo (#28040) (#28044)
  * Enable system users for comment.LoadPoster (#28014) (#28032)
  * Fixed duplicate attachments on dump on windows (#28019) (#28031)
  * Fix wrong xorm Delete usage(backport for 1.21) (#28002)
  * Add word-break to repo description in home page (#27924) (#27957)
  * Fix rendering assignee changed comments without assignee (#27927) (#27952)
  * Add word break to release title (#27942) (#27947)
  * Fix JS NPE when viewing specific range of PR commits (#27912) (#27923)
  * Show correct commit sha when viewing single commit diff (#27916) (#27921)
  * Fix 500 when deleting a dismissed review (#27903) (#27910)
  * Fix DownloadFunc when migrating releases (#27887) (#27890)
  * Fix http protocol auth (#27875) (#27876)
  * Refactor postgres connection string building (#27723) (#27869)
  * Close all hashed buffers (#27787) (#27790)
  * Fix label render containing invalid HTML (#27752) (#27762)
  * Fix duplicate project board when hitting `enter` key (#27746) (#27751)
  * Fix `link-action` redirect network error (#27734) (#27749)
  * Fix sticky diff header background (#27697) (#27712)
  * Always delete existing scheduled action tasks (#27662) (#27688)
  * Support allowed hosts for webhook to work with proxy (#27655) (#27675)
  * Fix poster is not loaded in get default merge message (#27657) (#27666)
  * Improve dropdown button alignment and fix hover bug (#27632) (#27637)
  * Improve retrying index issues (#27554) (#27634)
  * Fix 404 when deleting Docker package with an internal version (#27615) (#27630)
  * Backport manually for a tmpl issue in v1.21 (#27612)
  * Don't show Link to TOTP if not set up (#27585) (#27588)
  * Fix data-race bug when accessing task.LastRun (#27584) (#27586)
  * Fix attachment download bug (#27486) (#27571)
  * Respect SSH.KeygenPath option when calculating ssh key fingerprints (#27536) (#27551)
  * Improve dropdown's behavior when there is a search input in menu (#27526) (#27534)
  * Fix panic in storageHandler (#27446) (#27479)
  * When comparing with an non-exist repository, return 404 but 500 (#27437) (#27442)
  * Fix pr template (#27436) (#27440)
  * Fix git 2.11 error when checking IsEmpty (#27393) (#27397)
  * Allow get release download files and lfs files with oauth2 token format (#26430) (#27379)
  * Fix missing ctx for GetRepoLink in dashboard (#27372) (#27375)
  * Absolute positioned checkboxes  overlay floated elements (#26870) (#27366)
  * Introduce fixes and more rigorous tests for 'Show on a map' feature (#26803) (#27365)
  * Fix repo count in org action settings (#27245) (#27353)
  * Add logs for data broken of comment review (#27326) (#27345)
  * Fix the approval count of PR when there is no protection branch rule (#27272) (#27343)
  * Fix Bug in Issue Config when only contact links are set (#26521) (#27334)
  * Improve issue history dialog and make poster can delete their own history (#27323) (#27327)
  * Fix orphan check for deleted branch (#27310) (#27321)
  * Fix protected branch icon location (#26576) (#27317)
  * Fix yaml test (#27297) (#27303)
  * Fix some animation bugs (#27287) (#27294)
  * Fix incorrect change from #27231 (#27275) (#27282)
  * Add missing public user visibility in user details page (#27246) (#27250)
  * Fix EOL handling in web editor (#27141) (#27234)
  * Fix issues on action runners page (#27226) (#27233)
  * Quote table `release` in sql queries (#27205) (#27218)
  * Fix release URL in webhooks (#27182) (#27185)
  * Fix review request number and add more tests (#27104) (#27168)
  * Fix the variable regexp pattern on web page (#27161) (#27164)
  * Fix: treat tab "overview" as "repositories" in user profiles without readme (#27124)
  * Fix NPE when editing OAuth2 applications (#27078)
  * Fix the incorrect route path in the user edit page. (#27007)
  * Fix the secret regexp pattern on web page (#26910)
  * Allow users with write permissions for issues to add attachments with API (#26837)
  * Make "link-action" backend code respond correct JSON content (#26680)
  * Use line-height: normal by default (#26635)
  * Fix NPM packages name validation (#26595)
  * Rewrite the DiffFileTreeItem and fix misalignment (#26565)
  * Return empty when searching issues with no repos (#26545)
  * Explain SearchOptions and fix ToSearchOptions (#26542)
  * Add missing triggers to update issue indexer (#26539)
  * Handle base64 decoding correctly to avoid panic (#26483)
  * Avoiding accessing undefined mentionValues (#26461)
  * Fix incorrect redirection in new issue using references (#26440)
  * Fix the bug when getting files changed for `pull_request_target` event (#26320)
  * Remove IsWarning in  tmpl (#26120)
  * Fix loading `LFS_JWT_SECRET` from wrong section (#26109)
  * Fixing redirection issue for logged-in users (#26105)
  * Improve "gitea doctor" sub-command and fix "help" commands (#26072)
  * Fix the truncate and alignment problem for some admin tables (#26042)
  * Update minimum password length requirements (#25946)
  * Do not "guess" the file encoding/BOM when using API to upload files (#25828)
  * Restructure issue list template, styles (#25750)
  * Fix `ref` for workflows triggered by `pull_request_target` (#25743)
  * Fix issues indexer document mapping (#25619)
  * Use JSON response for "user/logout" (#25522)
  * Fix migrate page layout on mobile (#25507)
  * Link to existing PR when trying to open a new PR on the same branches (#25494)
  * Do not publish docker release images on `-dev` tags (#25471)
  * Support `pull_request_target` event (#25229)
  * Modify the content format of the Feishu webhook (#25106)
* ENHANCEMENTS
  * Render email addresses as such if followed by punctuation (#27987) (#27992)
  * Show error toast when file size exceeds the limits (#27985) (#27986)
  * Fix citation error when the file size is larger than 1024 bytes (#27958) (#27965)
  * Remove action runners on user deletion (#27902) (#27908)
  * Remove set tabindex on view issue (#27892) (#27896)
  * Reduce margin/padding on flex-list items and divider (#27872) (#27874)
  * Change katex limits (#27823) (#27868)
  * Clean up template locale usage (#27856) (#27857)
  * Add dedicated class for empty placeholders (#27788) (#27792)
  * Add gap between diff boxes (#27776) (#27781)
  * Fix incorrect "tab" parameter for repo search sub-template (#27755) (#27764)
  * Enable followCursor for language stats bar (#27713) (#27739)
  * Improve diff tree spacing (#27714) (#27719)
  * Feed UI Improvements (#27356) (#27717)
  * Improve feed icons and feed merge text color (#27498) (#27716)
  * [FIX] resolve confusing colors in languages stats by insert a gap (#27704) (#27715)
  * Add doctor dbconsistency fix to delete repos with no owner (#27290) (#27693)
  * Fix required checkboxes in issue forms (#27592) (#27692)
  * Hide archived labels by default from the suggestions when assigning labels for an issue (#27451) (#27661)
  * Cleanup repo details icons/labels (#27644) (#27654)
  * Keep filter when showing unfiltered results on explore page (#27192) (#27589)
  * Show manual cron run's last time (#27544) (#27577)
  * Revert "Fix pr template (#27436)" (#27567)
  * Increase queue length (#27555) (#27562)
  * Avoid run change title process when the title is same (#27467) (#27558)
  * Remove max-width and add hide text overflow (#27359) (#27550)
  * Add hover background to wiki list page (#27507) (#27521)
  * Fix mermaid flowchart margin issue (#27503) (#27516)
  * Refactor system setting (#27000) (#27452)
  * Fix  missing `ctx`  in new_form.tmpl  (#27434) (#27438)
  * Add Index to `action.user_id` (#27403) (#27425)
  * Don't use subselect in `DeleteIssuesByRepoID` (#27332) (#27408)
  * Add support for HEAD ref in /src/branch and /src/commit routes (#27384) (#27407)
  * Make Actions tasks/jobs timeouts configurable by the user (#27400) (#27402)
  * Hide archived labels when filtering by labels on the issue list (#27115) (#27381)
  * Highlight user details link (#26998) (#27376)
  * Add protected branch name description (#27257) (#27351)
  * Improve tree not found page (#26570) (#27346)
  * Add Index to `comment.dependent_issue_id` (#27325) (#27340)
  * Improve branch list UI (#27319) (#27324)
  * Fix divider in subscription page (#27298) (#27301)
  * Add missed return to actions view fetch (#27289) (#27293)
  * Backport ctx locale refactoring manually (#27231) (#27259) (#27260)
  * Disable `Test Delivery` and `Replay` webhook buttons when webhook is inactive (#27211) (#27253)
  * Use mask-based fade-out effect for `.new-menu` (#27181) (#27243)
  * Cleanup locale function usage (#27227) (#27240)
  * Fix z-index on markdown completion (#27237) (#27239)
  * Fix Fomantic UI dropdown icon bug when there is a search input in menu (#27225) (#27228)
  * Allow copying issue comment link on archived repos and when not logged in (#27193) (#27210)
  * Fix: text decorator on issue sidebar menu label (#27206) (#27209)
  * Fix dropdown icon position (#27175) (#27177)
  * Add index to `issue_user.issue_id` (#27154) (#27158)
  * Increase auth provider icon size on login page (#27122)
  * Remove a `gt-float-right` and some unnecessary helpers (#27110)
  * Change green buttons to primary color (#27099)
  * Use db.WithTx for AddTeamMember to avoid ctx abuse (#27095)
  * Use `print` instead of `printf` (#27093)
  * Remove the useless function `GetUserIssueStats` and move relevant tests to `indexer_test.go` (#27067)
  * Search branches (#27055)
  * Display all user types and org types on admin management UI (#27050)
  * Ui correction in mobile view nav bar left aligned items. (#27046)
  * Chroma color tweaks (#26978)
  * Move some functions to service layer (#26969)
  * Improve "language stats" UI (#26968)
  * Replace `util.SliceXxx`  with `slices.Xxx` (#26958)
  * Refactor dashboard/feed.tmpl (#26956)
  * Move repository deletion to service layer (#26948)
  * Fix the missing repo count (#26942)
  * Improve hint when uploading a too large avatar (#26935)
  * Extract common code to new template (#26933)
  * Move createrepository from module to service layer (#26927)
  * Move notification interface to services layer (#26915)
  * Move feed notification service layer (#26908)
  * Move ui notification to service layer (#26907)
  * Move indexer notification to service layer (#26906)
  * Move mail notification logic to service layer (#26905)
  * Extract common code to new template (#26903)
  * Show queue's active worker number (#26896)
  * Fix media description render for orgmode (#26895)
  * Remove CSS `has` selector and improve various styles (#26891)
  * Relocate the `RSS user feed` button (#26882)
  * Refactor "shortsha" (#26877)
  * Refactor `og:description` to limit the max length (#26876)
  * Move web/api context related testing function into a separate package (#26859)
  * Redable error on S3 storage connection failure (#26856)
  * Improve opengraph previews (#26851)
  * Add more descriptive error on forgot password page (#26848)
  * Show always repo count in header (#26842)
  * Remove "TODO" tasks from CSS file (#26835)
  * Render code blocks in repo description (#26830)
  * Minor dashboard tweaks, fix flex-list margins (#26829)
  * Remove polluted `.ui.right` (#26825)
  * Display archived labels specially when listing labels (#26820)
  * Remove polluted ".ui.left" style (#26809)
  * Make it posible to customize nav text color via css var (#26807)
  * Refactor lfs requests (#26783)
  * Improve flex list item padding (#26779)
  * Remove fomantic `text` module (#26777)
  * Remove fomantic `item` module (#26775)
  * Remove redundant nil check in `WalkGitLog` (#26773)
  * Reduce some allocations in type conversion (#26772)
  * Refactor some CSS styles and simplify code (#26771)
  * Unify `border-radius` behavior (#26770)
  * Improve modal dialog UI (#26764)
  * Allow "latest" to be used in release vTag when downloading file (#26748)
  * Adding hint `Archived` to archive label. (#26741)
  * Move `modules/mirror` to `services` (#26737)
  * Add "dir=auto" for input/textarea elements by default (#26735)
  * Add auth-required to config.json for Cargo http registry (#26729)
  * Simplify helper CSS classes and avoid abuse (#26728)
  * Make web context initialize correctly for different cases (#26726)
  * Focus editor on "Write" tab click (#26714)
  * Remove incorrect CSS helper classes (#26712)
  * Fix review bar misalignment (#26711)
  * Add reverseproxy auth for API back with default disabled (#26703)
  * Add default label in branch select list (#26697)
  * Improve Image Diff UI (#26696)
  * Fixed text overflow in dropdown menu (#26694)
  * [Refactor] getIssueStatsChunk to move inner function into own one (#26671)
  * Remove fomantic loader module (#26670)
  * Add `member`, `collaborator`, `contributor`, and `first-time contributor` roles and tooltips (#26658)
  * Improve some flex layouts (#26649)
  * Improve the branch selector tab UI (#26631)
  * Improve show role (#26621)
  * Remove avatarHTML from template helpers (#26598)
  * Allow text selection in actions step header (#26588)
  * Improve translation of milestone filters (#26569)
  * Add optimistic lock to ActionRun table (#26563)
  * Update team invitation email link (#26550)
  * Differentiate better between user settings and admin settings (#26538)
  * Check disabled workflow when rerun jobs (#26535)
  * Improve deadline icon location in milestone list page (#26532)
  * Improve repo sub menu (#26531)
  * Fix the display of org level badges (#26504)
  * Rename `Sync2` -> `Sync` (#26479)
  * Fix stderr usages (#26477)
  * Remove fomantic transition module (#26469)
  * Refactor tests (#26464)
  * Refactor project templates (#26448)
  * Fall back to esbuild for css minify (#26445)
  * Always show usernames in reaction tooltips (#26444)
  * Use correct pull request commit link instead of a generic commit link (#26434)
  * Refactor "editorconfig" (#26391)
  * Make `user-content-* ` consistent with github (#26388)
  * Remove unnecessary template helper repoAvatar (#26387)
  * Remove unnecessary template helper DisableGravatar (#26386)
  * Use template context function for avatar rendering (#26385)
  * Rename code_langauge.go to code_language.go (#26377)
  * Use more `IssueList` instead of `[]*Issue` (#26369)
  * Do not highlight `#number` in documents (#26365)
  * Fix display problems of members and teams unit (#26363)
  * Fix 404 error when remove self from an organization (#26362)
  * Improve CLI and messages (#26341)
  * Refactor backend SVG package and add tests (#26335)
  * Add link to job details and tooltip to commit status in repo list in dashboard (#26326)
  * Use yellow if an approved review is stale (#26312)
  * Remove commit load branches and tags in wiki repo (#26304)
  * Add highlight to selected repos in milestone dashboard (#26300)
  * Delete `issue_service.CreateComment` (#26298)
  * Do not show Profile README when repository is private (#26295)
  * Tweak actions menu (#26278)
  * Start using template context function (#26254)
  * Use calendar icon for `Joined on...` in profiles (#26215)
  * Add 'Show on a map' button to Location in profile, fix layout (#26214)
  * Render plaintext task list items for markdown files (#26186)
  * Add tooltip to describe LFS table column and color `delete LFS file` button red (#26181)
  * Release attachments duplicated check (#26176)
  * De-emphasize issue sidebar buttons (#26171)
  * Fixing the align of commit stats in commit_page template. (#26161)
  * Allow editing push mirrors after creation (#26151)
  * Move web JSON functions to web context and simplify code (#26132)
  * Refactor improve NoBetterThan (#26126)
  * Improve clickable area in repo action view page (#26115)
  * Add context parameter to some database functions (#26055)
  * Docusaurus-ify (#26051)
  * Improve text for empty issue/pr description (#26047)
  * Categorize admin settings sidebar panel (#26030)
  * Remove redundant "RouteMethods" method (#26024)
  * Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
  * Add a link to OpenID Issuer URL in WebFinger response (#26000)
  * Fix UI for release tag page / wiki page / subscription page (#25948)
  * Support copy protected branch from template repository (#25889)
  * Improve display of Labels/Projects/Assignees sort options (#25886)
  * Fix margin on the new/edit project page. (#25885)
  * Show image size on view page (#25884)
  * Remove ref name in PR commits page (#25876)
  * Allow the use of alternative net.Listener implementations by downstreams (#25855)
  * Refactor "Content" for file uploading (#25851)
  * Add error info if no user can fork the repo (#25820)
  * Show edit title button on commits tab of PR, too (#25791)
  * Introduce `flex-list` & `flex-item` elements for Gitea UI (#25790)
  * Don't stack PR tab menu on small screens (#25789)
  * Repository Archived text title center align (#25767)
  * Make route middleware/handler mockable (#25766)
  * Move issue filters to shared template (#25729)
  * Use frontend fetch for branch dropdown component (#25719)
  * Add open/closed field support for issue index (#25708)
  * Some less naked returns (#25682)
  * Fix inconsistent user profile layout across tabs (#25625)
  * Get latest commit statuses from database instead of git data on dashboard for repositories (#25605)
  * Adding  branch-name copy  to clipboard branches screen. (#25596)
  * Update emoji set to Unicode 15 (#25595)
  * Move some files under repo/setting (#25585)
  * Add custom ansi colors and CSS variables for them (#25546)
  * Add log line anchor for action logs (#25532)
  * Use flex instead of float for sort button and search input (#25519)
  * Update octicons and use `octicon-file-directory-symlink` (#25453)
  * Add toasts to UI (#25449)
  * Fine tune project board label colors and modal content background (#25419)
  * Import additional secrets via file uri (#25408)
  * Switch to ansi_up for ansi rendering in actions (#25401)
  * Store and use seconds for timeline time comments (#25392)
  * Support displaying diff stats in PR tab bar (#25387)
  * Use fetch form action for lock/unlock/pin/unpin on sidebar (#25380)
  * Refactor: TotalTimes return seconds (#25370)
  * Navbar styling rework (#25343)
  * Introduce shared template for search inputs (#25338)
  * Only show 'Manage Account Links' when necessary (#25311)
  * Improve 'Privacy' section in profile settings (#25309)
  * Substitute variables in path names of template repos too (#25294)
  * Fix tags line no margin see #25255 (#25280)
  * Use fetch to send requests to create issues/comments (#25258)
  * Change form actions to fetch for submit review box (#25219)
  * Improve AJAX link and modal confirm dialog (#25210)
  * Reduce unnecessary DB queries for Actions tasks (#25199)
  * Disable `Create column` button while the column name is empty (#25192)
  * Refactor indexer (#25174)
  * Adjust style for action run list (align icons, adjust padding) (#25170)
  * Remove duplicated functions when deleting a branch (#25128)
  * Make confusable character warning less jarring (#25069)
  * Highlight viewed files differently in the PR filetree (#24956)
  * Support changing labels of Actions runner without re-registration (#24806)
  * Fix duplicate Reviewed-by trailers (#24796)
  * Resolve issue with sort icons on admin/users and admin/runners (#24360)
  * Split lfs size from repository size (#22900)
  * Sync branches into databases (#22743)
  * Disable run user change in installation page (#22499)
  * Add merge files files to GetCommitFileStatus (#20515)
  * Show OpenID Connect and OAuth on signup page (#20242)
* SECURITY
  * Dont leak private users via extensions (#28023) (#28029)
  * Expanded minimum RSA Keylength to 3072 (#26604)
* TESTING
  * Add user secrets API integration tests (#27832) (#27852)
  * Add tests for db indexer in indexer_test.go (#27087)
  * Speed up TestEventSourceManagerRun (#26262)
  * Add unit test for user renaming (#26261)
  * Add some Wiki unit tests (#26260)
  * Improve unit test for caching (#26185)
  * Add unit test for `HashAvatar` (#25662)
* TRANSLATION
  * Backport translations to v1.21 (#27899)
  * Fix issues in translation file (#27699) (#27737)
  * Add locale for deleted head branch (#26296)
  * Improve multiple strings in en-US locale (#26213)
  * Fix broken translations for package documantion (#25742)
  * Correct translation wrong format (#25643)
* BUILD
  * Dockerfile small refactor (#27757) (#27826)
  * Fix build errors on BSD (in BSDMakefile) (#27594) (#27608)
  * Fully replace drone with actions (#27556) (#27575)
  * Enable markdownlint `no-duplicate-header` (#27500) (#27506)
  * Enable production source maps for index.js, fix CSS sourcemaps (#27291) (#27295)
  * Update snap package (#27021)
  * Bump go to 1.21 (#26608)
  * Bump xgo to go-1.21.x and node to 20 in release-version (#26589)
  * Add template linting via djlint (#25212)
* DOCS
  * Change default size of issue/pr attachments and repo file (#27946) (#28017)
  * Remove `known issue` section in Gitea Actions Doc (#27930) (#27938)
  * Remove outdated paragraphs when comparing Gitea Actions to GitHub Actions (#27119)
  * Update brew installation documentation since gitea moved to brew core package (#27070)
  * Actions are no longer experimental, so enable them by default (#27054)
  * Add a documentation note for Windows Service (#26938)
  * Add sparse url in cargo package guide (#26937)
  * Update nginx recommendations (#26924)
  * Update backup instructions to align with archive structure (#26902)
  * Expanding documentation in queue.go (#26889)
  * Update info regarding internet connection for build (#26776)
  * Docs: template variables (#26547)
  * Update index doc (#26455)
  * Update zh-cn documentation (#26406)
  * Fix typos and grammer problems for actions documentation (#26328)
  * Update documentation for 1.21 actions (#26317)
  * Doc update swagger doc for POST /orgs/{org}/teams (#26155)
  * Doc sync authentication.md to zh-cn (#26117)
  * Doc guide the user to create the appropriate level runner (#26091)
  * Make organization redirect warning more clear (#26077)
  * Update blog links (#25843)
  * Fix default value for LocalURL (#25426)
  * Update `from-source.zh-cn.md` & `from-source.en-us.md` - Cross Compile Using Zig (#25194)
* MISC
  * Replace deprecated `elliptic.Marshal` (#26800)
  * Add elapsed time on debug for slow git commands (#25642)

* ENHANCEMENTS
  * Fix z-index on markdown completion (#27237) (#27242 & #27238)
  * Use secure cookie for HTTPS sites (#26999) (#27013)
* BUGFIXES
  * Fix git 2.11 error when checking IsEmpty (#27393) (#27396)
  * Allow get release download files and lfs files with oauth2 token format (#26430) (#27378)
  * Fix orphan check for deleted branch (#27310) (#27320)
  * Quote table `release` in sql queries (#27205) (#27219)
  * Fix release URL in webhooks (#27182) (#27184)
  * Fix successful return value for `SyncAndGetUserSpecificDiff` (#27152) (#27156)
  * fix pagination for followers and following (#27127) (#27138)
  * Fix issue templates when blank isses are disabled (#27061) (#27082)
  * Fix context cache bug & enable context cache for dashabord commits' authors(#26991) (#27017)
  * Fix INI parsing for value with trailing slash (#26995) (#27001)
  * Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27249)
  * Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27167 & #27162)
  * Fix bug of review request number (#27406) (#27104)
* TESTING
  * services/wiki: Close() after error handling (#27129) (#27137)
* DOCS
  * Improve actions docs related to `pull_request` event (#27126) (#27145)
* MISC
  * Add logs for data broken of comment review (#27326) (#27344)
  * Load reviewer before sending notification (#27063) (#27064)

* SECURITY
  * Check blocklist for emails when adding them to account (#26812) (#26831)
* ENHANCEMENTS
  * Add `branch_filter` to hooks API endpoints (#26599) (#26632)
  * Fix incorrect "tabindex" attributes (#26733) (#26734)
  * Use line-height: normal by default (#26635) (#26708)
  * Fix unable to display individual-level project (#26198) (#26636)
* BUGFIXES
  * Fix wrong review requested number (#26784) (#26880)
  * Avoid double-unescaping of form value (#26853) (#26863)
  * Redirect from `{repo}/issues/new` to `{repo}/issues/new/choose` when blank issues are disabled (#26813) (#26847)
  * Sync tags when adopting repos (#26816) (#26834)
  * Fix verifyCommits error when push a new branch (#26664) (#26810)
  * Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests (#26759) (#26806)
  * Fix some slice append usages (#26778) (#26798)
  * Add fix incorrect can_create_org_repo for org owner team (#26683) (#26791)
  * Fix bug for ctx usage (#26763)
  * Make issue template field template access correct template data (#26698) (#26709)
  * Use correct minio error (#26634) (#26639)
  * Ignore the trailing slashes when comparing oauth2 redirect_uri (#26597) (#26618)
  * Set errwriter for urfave/cli v1 (#26616)
  * Fix reopen logic for agit flow pull request (#26399) (#26613)
  * Fix context filter has no effect in dashboard (#26695) (#26811)
  * Fix being unable to use a repo that prohibits accepting PRs as a PR source. (#26785) (#26790)
  * Fix Page Not Found error (#26768)

* BREAKING
  * Fix the wrong derive path (#26271) (#26318)
* SECURITY
  * Fix API leaking Usermail if not logged in (#25097) (#26350)
* FEATURES
  * Add ThreadID parameter for Telegram webhooks (#25996) (#26480)
* ENHANCEMENTS
  * Add minimum polyfill to support "relative-time-element" in PaleMoon (#26575) (#26578)
  * Fix dark theme highlight for "NameNamespace" (#26519) (#26527)
  * Detect ogg mime-type as audio or video (#26494) (#26505)
  * Use `object-fit: contain` for oauth2 custom icons (#26493) (#26498)
  * Move dropzone progress bar to bottom to show filename when uploading (#26492) (#26497)
  * Remove last newline from config file (#26468) (#26471)
  * Minio: add missing region on client initialization (#26412) (#26438)
  * Add pull request review request webhook event (#26401) (#26407)
  * Fix text truncate (#26354) (#26384)
  * Fix incorrect color of selected assignees when create issue (#26324) (#26372)
  * Display human-readable text instead of cryptic filemodes (#26352) (#26358)
  * Hide `last indexed SHA` when a repo could not be indexed yet (#26340) (#26345)
  * Fix the topic validation rule and suport dots (#26286) (#26303)
  * Fix due date rendering the wrong date in issue (#26268) (#26274)
  * Don't autosize textarea in diff view (#26233) (#26244)
  * Fix commit compare style (#26209) (#26226)
  * Warn instead of reporting an error when a webhook cannot be found (#26039) (#26211)
* BUGFIXES
  * Use "input" event instead of "keyup" event for migration form (#26602) (#26605)
  * Do not use deprecated log config options by default (#26592) (#26600)
  * Fix "issueReposQueryPattern does not match query" (#26556) (#26564)
  * Sync repo's IsEmpty status correctly (#26517) (#26560)
  * Fix project filter bugs (#26490) (#26558)
  * Use `hidden` over `clip` for text truncation (#26520) (#26522)
  * Set "type=button" for editor's toolbar buttons (#26510) (#26518)
  * Fix NuGet search endpoints (#25613) (#26499)
  * Fix storage path logic especially for relative paths (#26441) (#26481)
  * Close stdout correctly for "git blame" (#26470) (#26473)
  * Check first if minio bucket exists before trying to create it (#26420) (#26465)
  * Avoiding accessing undefined tributeValues #26461 (#26462)
  * Call git.InitSimple for runRepoSyncReleases (#26396) (#26450)
  * Add transaction when creating pull request created dirty data (#26259) (#26437)
  * Fix wrong middleware sequence (#26428) (#26436)
  * Fix admin queue page title and fix CI failures (#26409) (#26421)
  * Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) (#26405)
  * Bypass MariaDB performance bug of the "IN" sub-query, fix incorrect IssueIndex (#26279) (#26368)
  * Fix incorrect CLI exit code and duplicate error message (#26346) (#26347)
  * Prevent newline errors with Debian packages (#26332) (#26342)
  * Fix bug with sqlite load read (#26305) (#26339)
  * Make git batch operations use parent context timeout instead of default timeout (#26325) (#26330)
  * Support getting changed files when commit ID is `EmptySHA` (#26290) (#26316)
  * Clarify the logger's MODE config option (#26267) (#26281)
  * Use shared template for webhook icons (#26242) (#26246)
  * Fix pull request check list is limited (#26179) (#26245)
  * Fix attachment clipboard copy on insecure origin (#26224) (#26231)
  * Fix access check for org-level project (#26182) (#26223)
* MISC
  * Improve profile readme rendering (#25988) (#26453)
  * [docs] Add missing backtick in quickstart.zh-cn.md (#26349) (#26357)
  * Upgrade x/net to 0.13.0 (#26301)

* ENHANCEMENTS
  * Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
  * Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
* BUGFIXES
  * Fix allowed user types setting problem (#26200) (#26206)
  * Fix handling of plenty Nuget package versions (#26075) (#26173)
  * Fix UI regression of asciinema player (#26159) (#26162)
  * Fix LFS object list style (#26133) (#26147)
  * Fix allowed user types setting problem (#26200) (#26206)
  * Prevent primary key update on migration (#26192) (#26199)
  * Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882) (#26158)
  * Fix bugs in LFS meta garbage collection (#26122) (#26157)
  * Update xorm version (#26128) (#26150)
  * Remove "misc" scope check from public API endpoints (#26134) (#26149)
  * Fix CLI allowing creation of access tokens with existing name (#26071) (#26144)
  * Fix incorrect router logger (#26137) (#26143)
  * Improve commit graph alignment and truncating (#26112) (#26127)
  * Avoid writing config file if not installed (#26107) (#26113)
  * Fix escape problems in the branch selector (#25875) (#26103)
  * Fix handling of Debian files with trailing slash (#26087) (#26098)
  * Fix Missing 404 swagger response docs for /admin/users/{username} (#26086) (#26089)
  * Use stderr as fallback if the log file can't be opened (#26074) (#26083)
  * Increase table cell horizontal padding (#26140) (#26142)
  * Fix wrong workflow status when rerun a job in an already finished workflow (#26119) (#26124)
  * Fix duplicated url prefix on issue context menu (#26066) (#26067)

* SECURITY
  * Disallow dangerous URL schemes (#25960) (#25964)
* ENHANCEMENTS
  * Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947) (#25972)
  * Make pending commit status yellow again (#25935) (#25968)
* BUGFIXES
  * Fix version in rpm repodata/primary.xml.gz (#26009) (#26048)
  * Fix env config parsing for "GITEA____APP_NAME" (#26001) (#26013)
  * ParseScope with owner/repo always sets owner to zero (#25987) (#25989)
  * Fix SSPI auth panic (#25955) (#25969)
  * Avoid creating directories when loading config (#25944) (#25957)
  * Make environment-to-ini work with INSTALL_LOCK=true (#25926) (#25937)
  * Ignore `runs-on` with expressions when warning no matched runners (#25917) (#25933)
  * Avoid opening/closing PRs which are already merged (#25883) (#25903)
* DOCS
  * RPM Registry: Show zypper commands for SUSE based distros as well (#25981) (#26020)
  * Correctly refer to dev tags as nightly in the docker docs (#26004) (#26019)
  * Update path related documents (#25417) (#25982)
* MISC
  * Adding remaining enum for migration repo model type. (#26021) (#26034)
  * Fix the route for pull-request's authors (#26016) (#26018)
  * Fix commit status color on dashboard repolist (#25993) (#25998)
  * Avoid hard-coding height in language dropdown menu (#25986) (#25997)
  * Add shutting down notice (#25920) (#25922)
  * Fix incorrect milestone count when provide a keyword (#25880) (#25904)

* BREAKING
  * Fix WORK_DIR for docker (root) image (#25738) (#25811)
  * Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581) (#25604)
  * Refactor path & config system (#25330) (#25416)
  * Fix all possible setting error related storages and added some tests (#23911) (#25244)
  * Use a separate admin page to show global stats, remove `actions` stat (#25062)
  * Remove the service worker (#25010)
  * Remove meta tags `theme-color` and `default-theme` (#24960)
  * Use `[git.config]` for reflog cleaning up (#24958)
  * Allow all URL schemes in Markdown links by default (#24805)
  * Redesign Scoped Access Tokens (#24767)
  * Fix team members API endpoint pagination (#24754)
  * Rewrite logger system (#24726)
  * Increase default LFS auth timeout from 20m to 24h (#24628)
  * Rewrite queue (#24505)
  * Remove unused setting `time.FORMAT` (#24430)
  * Refactor `setting.Other` and remove unused `SHOW_FOOTER_BRANDING` (#24270)
  * Correct the access log format (#24085)
  * Reserve ".png" suffix for user/org names (#23992)
  * Prefer native parser for SSH public key parsing (#23798)
  * Editor preview support for external renderers (#23333)
  * Add Gitea Profile Readmes (#23260)
  * Refactor `ctx` in templates (#23105)
* SECURITY
  * Test if container blob is accessible before mounting (#22759) (#25784)
  * Set type="password" on all auth_token fields (#22175)
* FEATURES
  * Add button on diff header to copy file name, misc diff header tweaks (#24986)
  * API endpoint for changing/creating/deleting multiple files (#24887)
  * Support changing git config through `app.ini`, use `diff.algorithm=histogram` by default (#24860)
  * Add up and down arrows to selected lookup repositories (#24727)
  * Add Go package registry (#24687)
  * Add status indicator on main home screen for each repo (#24638)
  * Support for status check pattern (#24633)
  * Implement Cargo HTTP index (#24452)
  * Add Debian package registry (#24426)
  * Add the ability to pin Issues (#24406)
  * Add follow organization and fix the logic of following page (#24345)
  * Allow `webp` images as avatars (#24248)
  * Support upload `outputs` and use `needs` context on Actions (#24230)
  * Allow adding new files to an empty repo (#24164)
  * Make wiki title supports dashes and improve wiki name related features (#24143)
  * Add monospace toggle button to textarea (#24034)
  * Use auto-updating, natively hoverable, localized time elements (#23988)
  * Add ntlm authentication support for mail (#23811)
  * Add CLI command to register runner tokens (#23762)
  * Add Alpine package registry (#23714)
  * Expand/Collapse all changed files (#23639)
  * Add unset default project column (#23531)
  * Add activity feeds API (#23494)
  * Add RPM registry (#23380)
  * Add meilisearch support (#23136)
  * Add API for License templates (#23009)
  * Add admin API email endpoints (#22792)
  * Add user rename endpoint to admin api (#22789)
  * Add API for gitignore templates (#22783)
  * Implement actions artifacts (#22738)
  * Add RSS Feeds for branches and files (#22719)
  * Display when a repo was archived (#22664)
  * Add Swift package registry (#22404)
  * Add CRAN package registry (#22331)
  * Add user webhooks (#21563)
  * Implement systemd-notify protocol (#21151)
  * Implement Issue Config (#20956)
  * Add API to manage issue dependencies (#17935)
* API
  * Use correct response code in push mirror creation response in v1_json.tmpl (#25476) (#25571)
  * Fix `Permission` in API returned repository struct (#25388) (#25441)
  * Add API for Label templates (#24602)
  * Filters for GetAllCommits (#24568)
  * Add ability to specify '--not' from GetAllCommits (#24409)
  * Support uploading file to empty repo by API (#24357)
  * Add absent repounits to create/edit repo API (#23500)
  * Add login name and source id for admin user searching API (#23376)
  * Create a branch directly from commit on the create branch API (#22956)
* ENHANCEMENTS
  * Make `add line comment` buttons focusable (#25894) (#25896)
  * Always pass 6-digit hex color to monaco (#25780) (#25782)
  * Clarify "text-align" CSS helpers, fix clone button padding (#25763) (#25764)
  * Hide `add file` button for pull mirrors (#25748) (#25751)
  * Allow/fix review (approve/reject) of empty PRs (#25690) (#25732)
  * Fix tags header and pretty format numbers (#25624) (#25694)
  * Actions list enhancements (#25601) (#25678)
  * Fix show more for image on diff page (#25672) (#25673)
  * Prevent SVG shrinking (#25652) (#25669)
  * Fix UI misalignment on user setting page (#25629) (#25656)
  * Use css on labels (#25626) (#25636)
  * Read-only checkboxes don't appear and don't entirely act the way one might expect (#25573) (#25602)
  * Redirect to package after version deletion (#25594) (#25599)
  * Reduce table padding globally (#25568) (#25577)
  * Change `Regenerate Secret` button display (#25534) (#25541)
  * Fix rerun icon on action view component (#25531) (#25536)
  * Move some regexp out of functions (#25430) (#25445)
  * Diff page enhancements (#25398) (#25437)
  * Various UI fixes (#25264) (#25431)
  * Fix label list divider (#25312) (#25372)
  * Fix UI on mobile view (#25315) (#25340)
  * When viewing a file, hide the add button (#25320) (#25339)
  * Show if File is Executable (#25287) (#25300)
  * Fix edit OAuth application width (#25262) (#25263)
  * Use flex to align SVG and text (#25163) (#25260)
  * Revert overflow: overlay (revert #21850) (#25231) (#25239)
  * Use inline SVG for built-in OAuth providers (#25171) (#25234)
  * Change access token UI to select dropdowns (#25109) (#25230)
  * Remove hacky patch for "safari emoji glitch fix"  (#25208) (#25211)
  * Minor arc-green color tweaks (#25175) (#25205)
  * Button and color enhancements (#24989) (#25176)
  * Fix mobile navbar and misc cleanups (#25134) (#25169)
  * Modify OAuth login ui and fix display name, iconurl related logic (#25030) (#25161)
  * Improve notification icon and navbar  (#25111) (#25124)
  * Add details summary for vertical menus in settings to allow toggling (#25098)
  * Don't display `select all issues` checkbox when no issues are available (#25086)
  * Use RepositoryList instead of []*Repository (#25074)
  * Add ability to set multiple redirect URIs in OAuth application UI (#25072)
  * Use git command instead of the ini package to remove the `origin` remote (#25066)
  * Remove cancel button from branch protection form (#25063)
  * Show file tree by default (#25052)
  * Add Progressbar to Milestone Page (#25050)
  * Minor UI improvements: logo alignment, auth map editor, auth name display (#25043)
  * Allow for PKCE flow without client secret + add docs (#25033)
  * Refactor INI package (first step) (#25024)
  * Various style fixes (#25008)
  * Fix delete user account modal (#25004)
  * Refactor diffFileInfo / DiffTreeStore (#24998)
  * Add user level action runners (#24995)
  * Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest (#24988)
  * Add step start time to `ViewStepLog` (#24980)
  * Add dark mode to API Docs (#24971)
  * Display file mode for new file and file mode changes (#24966)
  * Make the 500 page load themes (#24953)
  * Show `bot` label next to username when rendering autor link if the user is a bot (#24943)
  * Repo list improvements, fix bold helper classes (#24935)
  * Improve queue and logger context (#24924)
  * Improve RunMode / dev mode (#24886)
  * Improve some Forms (#24878)
  * Add show timestamp/seconds and fullscreen options to action page (#24876)
  * Fix double border and adjust width for user profile page (#24870)
  * Improve Actions CSS (#24864)
  * Fix `@font-face` overrides (#24855)
  * Remove `In your repositories` link in milestones dashboard (#24853)
  * Fix missing yes/no in delete time log modal (#24851)
  * Show new pull request button also on subdirectories and files (#24842)
  * Make environment-to-ini  support loading key value from file (#24832)
  * Support wildcard in email domain allow/block list (#24831)
  * Use `CommentList` instead of `[]*Comment` (#24828)
  * Add RTL rendering support to Markdown (#24816)
  * Rework notifications list (#24812)
  * Mute repo names in dashboard repo list (#24811)
  * Fix max width and margin of comment box on conversation page (#24809)
  * Some refactors for issues stats (#24793)
  * Rework label colors (#24790)
  * Fix OAuth login loading state (#24788)
  * Remove duplicated issues options and some more refactors (#24787)
  * Decouple the different contexts from each other (#24786)
  * Remove background on user dashboard filter bar (#24779)
  * Improve and fix bugs surrounding reactions (#24760)
  * Make the color of zero-contribution-squares in the activity heatmap more subtle (#24758)
  * Fix WEBP image copying (#24743)
  * Rework OAuth login buttons, swap github logo to monocolor (#24740)
  * Consolidate the two review boxes into one (#24738)
  * Unification of registration fields order (#24737)
  * Refactor Pull Mirror and fix out-of-sync bugs (#24732)
  * Improvements for action detail page (#24718)
  * Fix flash of unstyled content in action view page (#24712)
  * Don't filter action runs based on state (#24711)
  * Optimize actions list by removing an unnecessary `git` call (#24710)
  * Support no label/assignee filter and batch clearing labels/assignees (#24707)
  * Add icon support for safari (#24697)
  * Use standard HTTP library to serve files (#24693)
  * Improve button-ghost, remove tertiary button (#24692)
  * Only hide tooltip tippy instances (#24688)
  * Support migrating storage for actions log via command line (#24679)
  * Remove highlight in repo list (#24675)
  * Add markdown preview to Submit Review Textarea (#24672)
  * Update pin and add pin-slash (#24669)
  * Improve empty notifications display (#24668)
  * Support SSH for go get (#24664)
  * Improve avatar uploading / resizing / compressing, remove Fomantic card module (#24653)
  * Only show one tippy at a time (#24648)
  * Notification list enhancements, fix striped tables on dark theme (#24639)
  * Improve queue & process & stacktrace (#24636)
  * Use the type RefName for all the needed places and fix pull mirror sync bugs (#24634)
  * Remove fluid on compare diff page (#24627)
  * Add a tooltip to the job rerun button (#24617)
  * Attach a tooltip to the action status icon (#24614)
  * Make the actions control button look like an actual button (#24611)
  * Remove unnecessary code (#24610)
  * Make repo migration cancelable and fix various bugs (#24605)
  * Improve updating Actions tasks (#24600)
  * Attach a tooltip to the action control button (#24595)
  * Make repository response support HTTP range request (#24592)
  * Improve Gitea's web context, decouple "issue template" code into service package (#24590)
  * Modify luminance calculation and extract related functions into single files (#24586)
  * Simplify template helper functions (#24570)
  * Split "modules/context.go" to separate files (#24569)
  * Add org visibility label to non-organization's dashboard (#24558)
  * Update LDAP filters to include both username and email address (#24547)
  * Review fixes and enhancements (#24526)
  * Display warning when user try to rename default branch (#24512)
  * Fix color for transfer related buttons when having no permission to act (#24510)
  * Rework button coloring, add focus and active colors (#24507)
  * New webhook trigger for receiving Pull Request review requests (#24481)
  * Add goto issue id function (#24479)
  * Fix incorrect webhook time and use relative-time to display it (#24477)
  * RSS icon fixes (#24476)
  * Replace `N/A` with `-` everywhere (#24474)
  * Pass 'not' to commit count (#24473)
  * Enhance stylelint rule config, remove dead CSS (#24472)
  * Remove `font-awesome` and fomantic `icon` module (#24471)
  * Improve "new-menu" (#24465)
  * Remove fomantic breadcrumb module (#24463)
  * Improve template system and panic recovery (#24461)
  * Make Issue/PR/projects more compact, misc CSS tweaks (#24459)
  * Replace remaining fontawesome dropdown icons with SVG (#24455)
  * Remove all direct references to font-awesome (#24448)
  * Move links out of translation (#24446)
  * Add `ui-monospace` and `SF Mono` to `--fonts-monospace` (#24442)
  * Hide 'Mirror Settings' when unneeded, improve hints (#24433)
  * Add "Updated" column for admin repositories list (#24429)
  * Improve issue list filter (#24425)
  * Rework header bar on issue, pull requests and milestone (#24420)
  * Improve template helper (#24417)
  * Make repo size style matches others (commits/branches/tags) (#24408)
  * Support markdown editor for issue template (#24400)
  * Improve commit date in commit graph (#24399)
  * Start cleaning the messy ".ui.left / .ui.right", improve label list page, fix stackable menu (#24393)
  * Merge setting.InitXXX into one function with options (#24389)
  * Move `Rename branch` from repo settings page to the page of branches list (#24380)
  * Improve protected branch setting page (#24379)
  * Display 'Unknown' when runner.version is empty (#24378)
  * Display owner of a runner as a tooltip instead of static text (#24377)
  * Fix incorrect last online time in runner_edit.tmpl (#24376)
  * Fix unclear `IsRepositoryExist` logic (#24374)
  * Add custom helm repo name generated from url (#24363)
  * Replace placeholders in licenses (#24354)
  * Add rerun workflow button and refactor to use SVG octicons (#24350)
  * Fix runner button height (#24338)
  * Restore bold on repolist (#24337)
  * Improve RSS (#24335)
  * Refactor "route" related code, fix Safari cookie bug (#24330)
  * Alert error message if open dependencies are included in the issues that try to batch close (#24329)
  * Add missed column title in runner management page (#24328)
  * Automatically select the org when click create repo from org dashboard (#24325)
  * Modify width of ui container, fine tune css for settings pages and org header (#24315)
  * Fix config list overflow and layout (#24312)
  * Improve some modal action buttons (#24289)
  * Move code from module to service (#24287)
  * Sort users and orgs on explore by recency by default (#24279)
  * Allow using localized absolute date times within phrases with place holders and localize issue due date events (#24275)
  * Show workflow config error on file view also (#24267)
  * Improve template helper functions: string/slice (#24266)
  * Use more specific test methods (#24265)
  * Add `DumpVar` helper function to help debugging templates (#24262)
  * Limit avatar upload to valid image files (#24258)
  * Improve emoji and mention matching (#24255)
  * Change to vertical navbar layout for secondary navbar for repo/user/admin settings (#24246)
  * Refactor config provider (#24245)
  * Improve test logger (#24235)
  * Default show closed actions list if all actions was closed (#24234)
  * Add missing badges in user profile for /projects and /packages (#24232)
  * Add repository counter badge to repository tab (#24205)
  * Move secrets and runners settings to actions settings (#24200)
  * Require at least one unit to be enabled (#24189)
  * Use same action status svg icons on actions list as on action page (#24178)
  * Use secondary pointing menu for tabs on user/organization home page (#24162)
  * Improve Wiki TOC (#24137)
  * Refactor locale number (#24134)
  * Localize activity heatmap (except tooltip) (#24131)
  * Fix duplicate modals when clicking on "remove all" repository button (#24129)
  * Add runner check in repo action page (#24124)
  * Support triggering workflows by wiki related events (#24119)
  * Refactor cookie (#24107)
  * Remove untranslatable `on_date` key (#24106)
  * Refactor delete_modal_actions template and use it for project column related actions (#24097)
  * Improve git log for debugging (#24095)
  * Add option to search for users is active join a team (#24093)
  * Add PDF rendering via PDFObject (#24086)
  * Refactor web route (#24080)
  * Make HTML template functions support context (#24056)
  * Refactor rename user and rename organization (#24052)
  * Localize milestone related time strings (#24051)
  * Expand selected file when clicking file tree (#24041)
  * Add popup to hashed comments/pull requests/issues in file editing/adding preview tab (#24040)
  * Add placeholder and aria attributes to release and wiki edit page (#24031)
  * Add new user types `reserved`, `bot`, and `remote` (#24026)
  * Allow adding SSH keys even if SSH server is disabled (#24025)
  * Use a general approach to access custom/static/builtin assets (#24022)
  * Update github.com/google/go-github to v52 (#24004)
  * Replace tribute with text-expander-element for textarea (#23985)
  * Group template helper functions, remove `Printf`, improve template error messages (#23982)
  * Drop "unrolled/render" package (#23965)
  * Add job.duration in web ui (#23963)
  * Tweak pull request branch delete ui (#23951)
  * Merge template functions "dict/Dict/mergeinto" (#23932)
  * Use a general Eval function for expressions in templates. (#23927)
  * Clean template/helper.go (#23922)
  * Actions: Use default branch as ref when a branch/tag delete occurs (#23910)
  * Add tooltips for MD editor buttons and add `muted` class for buttons (#23896)
  * Improve markdown editor: width, height, preferred (#23895)
  * Make Release Download URLs predictable (#23891)
  * Remove fomantic ".link" selector and styles (#23888)
  * Added close/open button to details page of milestone (#23877)
  * Introduce GitHub markdown editor, keep EasyMDE as fallback (#23876)
  * Introduce GiteaLocaleNumber custom element to handle number localization on pages. (#23861)
  * Make first section on home page full width (#23854)
  * Use different SVG for pending and running actions (#23836)
  * Display image size for multiarch container images (#23821)
  * Improve action log display with control chars (#23820)
  * Fix dropdown direction behavior (#23806)
  * Fix incorrect/Improve error handle in edit user page (#23805)
  * Use clippie module to copy to clipboard (#23801)
  * Make minio package support legacy MD5 checksum (#23768)
  * Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766)
  * Refactor docs (#23752)
  * Fix markup background, improve wiki rendering (#23750)
  * Make label templates have consistent behavior and priority (#23749)
  * Improve LoadUnitConfig to handle invalid or duplicate units (#23736)
  * Append `(comment)` when a link points at a comment rather than the whole issue (#23734)
  * Clean some legacy files and move some build files (#23699)
  * Refactor repo commit list (#23690)
  * Refactor internal API for git commands, use meaningful messages instead of "Internal Server Error" (#23687)
  * Add aria attributes to interactive time tooltips. (#23661)
  * Fix long project name display in issue list and in related dropdown (#23653)
  * Use data-tooltip-content for tippy tooltip (#23649)
  * Fix new issue/pull request btn margin when it is next to sort (#23647)
  * Fine tune more downdrop settings, use SVG for labels, improve Repo Topic Edit form (#23626)
  * Allow new file and edit file preview if it has editable extension (#23624)
  * Replace a few fontawesome icons with svg (#23602)
  * `Publish Review` buttons should indicate why they are disabled (#23598)
  * Convert issue list checkboxes to native (#23596)
  * Set opaque background on markup and images (#23578)
  * Use a general approach to show tooltip, fix temporary tooltip bug (#23574)
  * Improve `<SvgIcon>` to make it output `svg` node and optimize performance (#23570)
  * Enable color for consistency checks diffs (#23563)
  * Fix dropdown icon misalignment when using fomantic icon (#23558)
  * Decouple the issue-template code from comment_tab.tmpl (#23556)
  * Remove `id="comment-form"` dead code, fix tag (#23555)
  * Diff improvements (#23553)
  * Sort Python package descriptors by version to mimic PyPI format (#23550)
  * Use a general approch to improve a11y for all checkboxes and dropdowns. (#23542)
  * Fix long name ui issues and label ui issue (#23541)
  * Return `repository` in npm package metadata endpoint (#23539)
  * Use `project.IconName` instead of repeated unreadable `if-else` chains (#23538)
  * Remove stars in dashboard repo list (#23530)
  * Update mini-css-extract-plugin, remove postcss (#23520)
  * Change `Close` to either `Close issue` or `Close pull request` (#23506)
  * Fix theme-auto loading (#23504)
  * Fix tags sort by creation time (descending) on branch/tag dropdowns (#23491)
  * Display the version of runner in the runner list (#23490)
  * Replace Less with CSS (#23481)
  * Fix `.locale.Tr` function not found in delete modal (#23468)
  * Allow both fullname and username search when `DEFAULT_SHOW_FULL_NAME` is true (#23463)
  * Add project type descriptions in issue badge and improve project icons (#23437)
  * Use context for `RepositoryList.LoadAttributes` (#23435)
  * Refactor branch/tag selector to Vue SFC (#23421)
  * Keep (add if not existing) xmlns attribute for generated SVG images (#23410)
  * Refactor dashboard repo list to Vue SFC (#23405)
  * Add workflow error notification in ui (#23404)
  * Refactor branch/tag selector dropdown (first step) (#23394)
  * Reduce duplicate and useless code in options (#23369)
  * Convert `<div class="button">` to `<button class="button">` (#23337)
  * Add path prefix to ObjectStorage.Iterator (#23332)
  * Improve cache context (#23330)
  * Move pidfile creation from setting to web cmd package (#23285)
  * Fix tags view (#23243)
  * Add commit info in action page (#23210)
  * Support paste treepath when creating a new file or updating the file name (#23209)
  * Allow skipping forks and mirrors from being indexed (#23187)
  * Use context parameter in services/repository (#23186)
  * Hide target selector if tag exists when creating new release (#23171)
  * Improve FindProjects (#23085)
  * Clean Path in Options (#23006)
  * Add margin top to the top of branches (#23002)
  * Remove unnecessary and incorrect `find('.menu').toggle()` (#22987)
  * Improve GetBoards and getDefaultBoard (#22981)
  * Improve squash merge commit author and co-author with private emails (#22977)
  * Add --quiet option to gitea dump (#22969)
  * Add pagination for dashboard and user activity feeds (#22937)
  * Handle files starting with colons in WalkGitLog (#22935)
  * Add "Reviewed by you" filter for pull requests (#22927)
  * Parse external request id from request headers, and print it in access log (#22906)
  * Replace `repo.namedBlob` by `git.TreeEntry`. (#22898)
  * Pull Requests: add button to compare force pushed commits (#22857)
  * Fix pull request update showing too many commits with multiple branches (#22856)
  * Require approval to run actions for fork pull request (#22803)
  * Projects: rename Board to Column in interface and improve consistency (#22767)
  * Add user visibility in dashboard navbar (#22747)
  * Add .livemd as a markdown extension (#22730)
  * Clean up WebAuthn javascript code and remove JQuery code (#22697)
  * Merge message template support for rebase without merge commit (#22669)
  * Show editorconfig warnings when viewing a malformed editorconfig (#21257)
  * Npm packages: set repository link based on the url in package.json (#20379)
* BUGFIXES
  * Add support for different Maven POM encoding (#25873) (#25890)
  * Fix incorrect repo url when changed the case of ownername (#25733) (#25881)
  * Fix empty project displayed in issue sidebar (#25802) (#25854)
  * Show correct SSL Mode on "install page" (#25818) (#25838)
  * Fix the error message when the token is incorrect (#25701) (#25836)
  * Fix incorrect oldest sort in project list (#25806) (#25835)
  * For API attachments, use API URL (#25639) (#25814)
  * Avoid amending the Rebase and Fast-forward merge if there is no message template (#25779) (#25809)
  * Make "install page" respect environment config (#25648) (#25799)
  * Fix activity type match in `matchPullRequestEvent` (#25746) (#25796)
  * Fix notification list bugs (#25781) (#25787)
  * Revert package access change from #23879 (#25707) (#25785)
  * Check `ctx.Written()` for `GetActionIssue` (#25698) (#25711)
  * Fix position of org follow button (#25688) (#25692)
  * Fix the nil pointer when assigning issues to projects (#25665) (#25677)
  * Log the real reason when authentication fails (but don't show the user) (#25414) (#25660)
  * Fix bug when change user name (#25637) (#25646)
  * Make "cancel" buttons have proper type in modal forms (#25618) (#25641)
  * Use AfterCommitId to get commit for Viewed functionality (#25529) (#25612)
  * Fix bug of branches API with tests(#25578) (#25579)
  * Fix content holes in Actions task logs file (#25560) (#25566)
  * Fix bugs related to notification endpoints (#25548) (#25562)
  * Add Adopt repository event and handler (#25497) (#25518)
  * Improve wiki sidebar and TOC (#25460) (#25477)
  * Make "dismiss" content shown correctly (#25461) (#25465)
  * Change default email domain for LDAP users (#25425) (#25434)
  * Fix missing commit message body when the message has leading newlines (#25418) (#25422)
  * Fix LDAP sync when Username Attribute is empty (#25278) (#25379)
  * Fetch all git data for embedding correct version in docker image (#25361) (#25373)
  * Fix incorrect actions ref_name (#25358) (#25367)
  * Write absolute AppDataPath to app.ini when installing (#25331) (#25347)
  * Fix incorrect config argument position for builtin SSH server (#25341)
  * Remove EasyMDE focus outline on text (#25328) (#25332)
  * Fix displayed RPM repo url (#25310) (#25313)
  * Fix index generation parallelly failure (#25235) (#25269)
  * Fix panic when migrating a repo from GitHub with issues (#25246) (#25247)
  * Fix task list checkbox toggle to work with YAML front matter (#25184) (#25227)
  * Fix compatible for webhook ref type (#25195) (#25223)
  * Hide limited users if viewed by anonymous ghost (#25214) (#25220)
  * Do not overwrite the log mode when installing (#25203) (#25209)
  * Fix fullscreen for action  (#25200) (#25207)
  * Add `WithPullRequest` for `actionsNotifier` (#25144) (#25197)
  * Fix `MilestoneIDs` when querying issues (#25125) (#25141)
  * Fix incorrect git ignore rule and add missing license files (#25135) (#25138)
  * Remove incorrect element ID on "post-install" page (#25104) (#25129)
  * Fix 500 error caused by notifications without an issue such as repo transfers (#25101)
  * Help to recover from corrupted levelqueue (#24912)
  * Fix 500 error when select `No assignee` filter in issue list page (#24854)
  * Add validations.required check to dropdown field (#24849)
  * Reenable creating default webhooks. (#24626)
  * Fix incorrect user visibility (#24557)
  * Fix commits pushed with deploy keys not shown in dashboard (#24521)
  * Check length of `LogIndexes` in case it is outdated (#24516)
  * Fix incorrect CurrentUser check for docker rootless (#24441)
  * Fix some mistakes when using `ignSignIn` (#24415)
  * Fix incorrect CORS response in Http Git handler (#24303)
  * Fix issue attachment handling (#24202)
  * Make mention autocomplete case insensitive in new markdown editor (#24190)
  * Use 1.18's aria role for dropdown menus (#24144)
  * Fix internal sever error when visiting a PR that bound to the deleted team (#24127)
  * Add migration to fix external unit access mode of owner/admin team (#24117)
  * Show friendly 500 error page to users and developers (#24110)
  * Fix meilisearch not working when searching across multiple repositories (#24109)
  * Fix math and mermaid rendering bugs (#24049)
  * Remove "inverted" class on creating new label and cancel buttons (#24030)
  * Allow repo admins too to delete the repo (#23940)
  * Disable editing tags (#23883)
  * Fix review conversation reply (#23846)
  * Fix incorrect CORS failure detection logic (#23844)
  * Remove incorrect HTML self close tag (#23748)
  * Fix incorrect `toggle` buttons (#23676)
  * Introduce path Clean/Join helper functions (#23495)
  * Fix missed migration in #22235 (#23482)
  * Do not store user projects as organization projects (#23353)
  * Fix incorrect display for comment context menu (#23343)
  * Make Ctrl+Enter submit a pending comment (starting review) instead of submitting a single comment (#23245)
  * Fix submit button won't refresh in New Repository Fork page (#22994)
  * Remove stars when repo goes private (#19904)
* TESTING
  * Add unit test for repository collaboration (#25640) (#25658)
  * Add missing test case and fix typo in tests (#24915)
  * Kd/fix redis unit test (#24650)
  * Add owner team permission check test (#24096)
  * Test renderReadmeFile (#23185)
  * Add default owner team to privated_org and limited_org in unit test (#23109)
  * Speed up HasUserStopwatch & GetActiveStopwatch (#23051)
  * Remove all package data after tests (#22984)
* TRANSLATION
  * Backport locales to v1.20 (#25899)
  * Translate untranslated string in issues list (#25759) (#25761)
  * Remove broken translations (#25737)
  * Show correct naming for 1 comment (#25704) (#25712)
  * Add Chinese documentations for Actions (#24902)
  * Change `valid_until` translation to `valid_until_date` and include placeholder for the date (#24563)
  * Change `add_on` translation to `added_on` and include placeholder for the date (#24562)
  * Change `join_on` translation to `joined_on` and include placeholder for the date (#24550)
  * Use double quotes consistently in en-US (#24141)
  * Clarify Gitea/Crowdin locale behaviors, add tests for LocaleStore, fix some strings with semicolons (#23819)
  * Update localization.zh-cn.md (#23448)
  * Fix grammar in error message (#23273)
* BUILD
  * Correct permissions for `.ssh` and `authorized_keys` (#25721) (#25730)
  * Upgrade snap to node 20 (#24990)
  * Use Go 1.20 for next release (#24859)
  * Ignore build for docs only (#24761)
  * Update cron-translations.yml (#24708)
  * Update to Alpine 3.18 (#24700)
  * Check latest version on CI (#24556)
  * Upgrade to Node 20 on CI, enable actions cancellation (#24524)
  * Mark `/templates/swagger/v1_json.tmpl` as generated file (#24306)
  * Enable forbidigo linter (#24278)
  * Introduce lint-md and compliance-docs pipeline (#24021)
  * Add eslint-plugin-custom-elements (#23991)
  * Update eslints for Vue 3 (#23935)
  * Improve backport-locales.go (#23807)
  * Don't run unnecessary steps when only docs changed (#23103)
* DOCS
  * Docs: rootless docker ssh's default port is 2222 (#25771) (#25772)
  * Add documentation about supported workflow trigger events (#25582) (#25589)
  * Document creating an API key from the CLI (#25504)
  * Use the new download domain replace the old (#25405) (#25409)
  * Add Exoscale to installation on cloud provider docs (#25342) (#25346)
  * Improve some documents: release version, logging, NFS lock (#25202) (#25204)
  * Change branch name from master to main in some documents' links (#25126) (#25140)
  * Introduce how to configure cache when starting a Runner with Docker (#25077)
  * Docs: remove an extraneous whitespace (#24949)
  * Update Asciidoc markup example with safe defaults (#24920)
  * Fix \<empty\> in administration/config-cheat-sheet.en-us.md (#24905)
  * Rename docs packages title from xxx Packages Repository -> xxx Package Registry (#24895)
  * Replace `drone exec` to `act_runner exec` in test README.md (#24791)
  * Update packages overview page (#24730)
  * Docs for creating a user to run Gitea on Fedora/RHEL/CentOS (#24725)
  * Move actions as usage's subdirectory and update comparsion zh-cn version (#24719)
  * Document `redis-cluster` explicitly in config (#24717)
  * Improve reverse-proxy document and fix nginx config bug (#24616)
  * Fix broken `README` link (#24546)
  * Update `CONTRIBUTING.md` (#24492)
  * Docs for Gitea Actions (#24405)
  * Zh-cn support on doc pages (#24166)
  * Fix https setup doc zh-cn (#24015)
  * Adjust some documentations titles (#23941)
  * More specific and unique feed name for NuGet install command template. (#23889)
  * Clarify that Gitea requires JavaScript (#23677)
  * Rename develop -> development, contribute -> contributing, administer -> administration (#23662)
  * Update PR documentation (#23620)
  * Add package registry architecture overview (#23445)
  * Add gradle samples in maven doc of packages (#23374)
  * Improve the frontend guideline (#23298)
  * Add document for `webcomponents` (#23261)
  * Add Gitea Community Code of Conduct (#23188)
  * Avoid Hugo from adding quote to actions url (#23097)
  * Improve reverse proxies documentation (#23068)
  * Docs: HTTPS configuration for zh-cn (#23039)
* MISC
  * Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) (#25576)
  * Align language menu icon and fit the footer area (#25556) (#25563)
  * Fix sub-command log level (#25537) (#25553)
  * Fix admin-dl-horizontal (#25512) (#25535)
  * Fix input `line-height` cutting off `g` (#25334) (#25533)
  * Clarify the reason why the user can't add a new email if there is a pending activation (#25509) (#25514)
  * Improve loadprojects for issue list (#25468) (#25493)
  * Use "utf8mb4" for MySQL by default (#25432)
  * Show outdated comments in files changed tab (#24936) (#25428)
  * Avoid polluting config file when "save" (#25395) (#25406)
  * Fix blank dir message when uploading files from web editor (#25391) (#25400)
  * Fix issue filters on mobile view (#25368) (#25371)
  * Avoid polluting the config (#25345) (#25354)
  * Fix action runner last online state on edit page (#25337)
  * Remove fomantic inverted variations (#25286) (#25289)
  * Show OAuth2 errors to end users (#25261) (#25271)
  * Fix profile render when the README.md size is larger than 1024 bytes (#25270)
  * Fix strange UI behavior of cancelling dismiss review modal (#25172)
  * Update js dependencies (#25137) (#25151)
  * Fix swagger documentation for multiple files API endpoint (#25110)
  * Fix link to customizing-gitea (#25056)
  * Add Link to Stars and Forks Page to Repo List (#24931)
  * Improve confusable character string (#24911)
  * Fix install page context, make the install page tests really test (#24858)
  * Add gitea manager reload-templates command (#24843)
  * Create pull request for base after editing file, if not enabled on fork (#24841)
  * Fix video width overflow in markdown, and other changes to match img (#24834)
  * Support Copy Link for video attachments (#24833)
  * Improve accessibility when (re-)viewing files (#24817)
  * Update JS dependencies (#24815)
  * Bump vm2 from 3.9.17 to 3.9.18 (#24742)
  * Add IsErrRepoFilesAlreadyExist check when fork repo (#24678)
  * Fix typo in act-runner file (#24652)
  * Do not send "registration success email" for external auth sources (#24632)
  * Filter get single commit (#24613)
  * Make diff view full width again (#24598)
  * Add permission check for moving issue action in project view page (#24589)
  * Revert "Prevent a user with a different email from accepting the team invite" (#24531)
  * Temporarily disable PATs until next release (#24527)
  * Clean up polluted styles and remove dead CSS code (#24497)
  * Faster git.GetDivergingCommits (#24482)
  * Fix test delivery button in repo webhook settings page (#24478)
  * Use globally shared HTMLRender (#24436)
  * Changelog 1.19.2 (#24365) (#24403)
  * Fix layouts of admin table / adapt repo / email test (#24370)
  * Gitea Actions add `base_ref`, `head_ref`, `api_url`, `ref_type` fields (#24356)
  * Fix 404 error when leaving the last private org team (#24322)
  * Improve External Wiki in Repo Header (#24304)
  * Updated upgrade script that is informing user that Gitea service has to be running in order to upgrade it (#24260)
  * Add run status in action view page (#24223)
  * Update JS dependencies (#24218)
  * Bump vm2 from 3.9.15 to 3.9.16 (#24089)
  * Update github.com/google/go-github to v51 (#23946)
  * Show visibility status of email in own profile (#23900)
  * Refactor authors dropdown (send get request from frontend to avoid long wait time) (#23890)
  * Add self to maintainers (#23644)
  * Upgrade to npm lockfile v3 and explicitely set it (#23561)
  * Improve indices for `action` table (#23532)
  * Update JS dependencies, Require Node.js 16 (#23528)
  * Add init file for Ubuntu (#23362)
  * Update go.mod dependencies (#23126)
  * Use minio/sha256-simd for accelerated SHA256 (#23052)
  * More detailed branch delete message (#22696)
  * Add tooltips to `Hide comment type` settings where necessary (#21306)

* SECURITY
  * Fix open redirect check for more cases (#25143) (#25155)
* API
  * Return `404` in the API if the requested webhooks were not found (#24823) (#24830)
  * Fix `organization` field being `null` in `GET /api/v1/teams/{id}` (#24694) (#24696)
* ENHANCEMENTS
  * Set `--font-weight-bold` to 600 (#24840)
  * Make mailer SMTP check have timed context (#24751) (#24759)
  * Do not select line numbers when selecting text from the action run logs (#24594) (#24596)
* BUGFIXES
  * Fix bug when change user name (#25637) (#25645)
  * Fix task list checkbox toggle to work with YAML front matter (#25184) (#25236)
  * Hide limited users if viewed by anonymous ghost (#25214) (#25224)
  * Add `WithPullRequest` for `actionsNotifier` (#25144) (#25196)
  * Fix parallelly generating index failure with Mysql (#24567) (#25081)
  * GitLab migration: Sanitize response for reaction list (#25054) (#25059)
  * Fix users cannot visit issue attachment bug (#25019) (#25027)
  * Fix missing reference prefix of commits when sync mirror repository (#24994)
  * Only validate changed columns when update user (#24867) (#24903)
  * Make DeleteIssue use correct context (#24885)
  * Fix topics deleted via API not being deleted in org page (#24825) (#24829)
  * Fix Actions being enabled accidentally (#24802) (#24810)
  * Fix missed table name on iterate lfs meta objects (#24768) (#24774)
  * Fix safari cookie session bug (#24772)
  * Respect original content when creating secrets (#24745) (#24746)
  * Fix Pull Mirror out-of-sync bugs (#24732) (#24733)
  * Fix run list broken when trigger user deleted (#24706) (#24709)
  * Fix issues list page multiple selection update milestones (#24660) (#24663)
  * Fix: release page for empty or non-existing target (#24659)
  * Fix close org projects (#24588) (#24591)
  * Refresh the refernce of the closed PR when reopening (#24231) (#24587)
  * Fix the permission of team's `Actions` unit issue (#24536) (#24545)
  * Bump go.etcd.io/bbolt and blevesearch deps (#23062) (#24519)
  * Fix new wiki page mirror (#24518)
  * Match unqualified references when syncing pulls as well (#23070)
* DOCS
  * Change branch name from master to main in some documents' links (#25126) (#25139)
  * Remove unnecessary content on docs (#24976) (#25001)
  * Unify doc links to use paths relative to doc folder (#24979) (#25000)
  * Fix docs documenting invalid `@every` for `OLDER_THAN` cron settings (#24695) (#24698)
* MISC
  * Merge different languages for language stats (#24900) (#24921)
  * Hiding Secrets options when Actions feature is disabled (#24792)
  * Improve decryption failure message (#24573) (#24575)
  * Makefile: Use portable !, not GNUish -not, with find(1). (#24565) (#24572)

* SECURITY
  * Use golang 1.20.4 to fix CVE-2023-24539, CVE-2023-24540, and CVE-2023-29400
* ENHANCEMENTS
  * Enable whitespace rendering on selection in Monaco (#24444) (#24485)
  * Improve milestone filter on issues page (#22423) (#24440)
* BUGFIXES
  * Fix api error message if fork exists (#24487) (#24493)
  * Fix user-cards format (#24428) (#24431)
  * Fix incorrect CurrentUser check for docker rootless (#24435)
  * Getting the tag list does not require being signed in (#24413) (#24416)

* SECURITY
  * Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
  * Only delete secrets belonging to its owner (#24284) (#24286)
* API
  * Fix typo in API route (#24310) (#24332)
  * Fix access token issue on some public endpoints (#24194) (#24259)
* ENHANCEMENTS
  * Fix broken clone script on an empty archived repo (#24339) (#24348)
  * Fix Monaco IOS keyboard button (#24341) (#24347)
  * Don't set meta `theme-color` by default (#24340) (#24346)
  * Wrap too long push mirror addresses (#21120) (#24334)
  * Add --font-weight-bold and set previous bold to 601 (#24307) (#24331)
  * Unify nightly naming across binaries and docker images (#24116) (#24308)
  * Fix footer display (#24251) (#24269)
  * Fix label color, fix divider in dropdown (#24215) (#24244)
  * Vertical widths of containers removed (#24184) (#24211)
  * Use correct locale key for forks page (#24172) (#24175)
  * Sort repo topic labels by name (#24123) (#24153)
  * Highlight selected file in the PR file tree (#23947) (#24126)
* BUGFIXES
  * Fix auth check bug (#24382) (#24387)
  * Add tags list for repos whose release setting is disabled (#23465) (#24369)
  * Fix wrong error info in RepoRefForAPI (#24344) (#24351)
  * Fix no edit/close/delete button in org repo project view page (#24349)
  * Respect the REGISTER_MANUAL_CONFIRM setting when registering via OIDC (#24035) (#24333)
  * Remove org users who belong to no teams (#24247) (#24313)
  * Fix bug when deleting wiki with no code write permission (#24274) (#24295)
  * Handle canceled workflow as a warning instead of a fail (#24282) (#24292)
  * Load reviewer for comments when dismissing a review (#24281) (#24288)
  * Show commit history for closed/merged PRs (#24238) (#24261)
  * Fix owner team access mode value in team_unit table (#24224)
  * Fix issue attachment handling (#24202) (#24221)
  * Fix incorrect CORS default values (#24206) (#24217)
  * Fix template error in pull request with deleted head repo (#24192) (#24216)
  * Don't list root repository on compare page if pulls not allowed (#24183) (#24210)
  * Fix calReleaseNumCommitsBehind (#24148) (#24197)
  * Fix Org edit page bugs: renaming detection, maxlength (#24161) (#24171)
  * Update redis library to support redis v7 (#24114) (#24156)
  * Use 1.18's aria role for dropdown menus (#24144) (#24155)
  * Fix 2-dot direct compare to use the right base commit (#24133) (#24150)
  * Fix incorrect server error content in RunnersList (#24118) (#24121)
  * Fix mismatch between hook events and github event types (#24048) (#24091)
* BUILD
  * Support converting varchar to nvarchar for mssql database (#24105) (#24168)

* BREAKING
  * Rename actions unit to `repo.actions` and add docs for it (#23733) (#23881)
* ENHANCEMENTS
  * Add card type to org/user level project on creation, edit and view (#24043) (#24066)
  * Refactor commit status for Actions jobs (#23786) (#24060)
  * Show errors for KaTeX and mermaid on the preview tab (#24009) (#24019)
  * Show protected branch rule names again (#23907) (#24018)
  * Adjust sticky PR header to cover background (#23956) (#23999)
  * Discolor pull request tab labels (#23950) (#23987)
  * Treat PRs with agit flow as fork PRs when triggering actions. (#23884) (#23967)
  * Left-align review comments (#23937)
  * Fix image border-radius (#23886) (#23930)
  * Scroll collapsed file into view (#23702) (#23929)
  * Fix code view (diff) broken layout (#23096) (#23918)
  * Org pages style fixes (#23901) (#23914)
  * Fix user profile description rendering (#23882) (#23902)
  * Fix review box viewport overflow issue (#23800) (#23898)
  * Prefill input values in OAuth settings as intended (#23829) (#23871)
  * CSS color tweaks (#23828) (#23842)
  * Fix incorrect visibility dropdown list in add/edit user page (#23804) (#23833)
  * Add CSS rules for basic colored labels (#23774) (#23777)
  * Add creation time in tag list page (#23693) (#23773)
  * Fix br display for packages curls (#23737) (#23764)
  * Fix issue due date edit toggle bug (#23723) (#23758)
  * Improve commit graph page UI alignment (#23751) (#23754)
  * Use GitHub Actions compatible globbing for `branches`, `tag`, `path` filter (#22804) (#23740)
  * Redirect to project again after editing it (#23326) (#23739)
  * Remove row clicking from notification table (#22695) (#23706)
  * Remove conflicting CSS rules on notifications, improve notifications table (#23565) (#23621)
  * Fix diff tree height and adjust target file style (#23616)
* BUGFIXES
  * Improve error logging for LFS (#24072) (#24082)
  * Fix custom mailer template on Windows platform (#24081)
  * Update the value of `diffEnd` when clicking the `Show More` button in the DiffFileTree (#24069) (#24078)
  * Make label templates have consistent behavior and priority (#23749)
  * Fix accidental overwriting of LDAP team memberships (#24050) (#24065)
  * Fix branch protection priority (#24045) (#24061)
  * Use actions job link as commit status URL instead of run link (#24023) (#24032)
  * Add actions support to package auth verification (#23729) (#24028)
  * Fix protected branch for API (#24013) (#24027)
  * Do not escape space between PyPI repository URL and package name… (#23981) (#24008)
  * Fix redirect bug when creating issue from a project (#23971) (#23997)
  * Set `ref` to fully-formed of the tag when trigger event is `release` (#23944) (#23989)
  * Use Get/Set instead of Rename when regenerating session ID (#23975) (#23983)
  * Ensure RSS icon is present on all repo tabs (#23904) (#23973)
  * Remove `Repository.getFilesChanged` to fix Actions `paths` and `paths-ignore` filter (#23920) (#23969)
  * Delete deleted release attachments immediately from storage (#23913) (#23958)
  * Use ghost user if package creator does not exist (#23822) (#23915)
  * User/Org Feed render description as per web (#23887) (#23906)
  * Fix `cases.Title` crash for concurrency (#23885) (#23903)
  * Convert .Source.SkipVerify to $cfg.SkipVerify (#23839) (#23899)
  * Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path ... (#23874) (#23878)
  * Fix JS error when changing PR's target branch (#23862) (#23864)
  * Fix 500 error if there is a name conflict when editing authentication source (#23832) (#23852)
  * Fix closed PR also triggers Webhooks and actions (#23782) (#23834)
  * Fix checks for `needs` in Actions (#23789) (#23831)
  * Fix "Updating branch by merge" bug in "update_branch_by_merge.tmpl" (#23790) (#23825)
  * Fix cancel button in the page of project edit not work (#23655) (#23813)
  * Don't apply the group filter when listing LDAP group membership if it is empty (#23745) (#23788)
  * Fix profile page email display, respect settings (#23747) (#23756)
  * Fix project card preview select and template select (#23684) (#23731)
  * Check LFS/Packages settings in dump and doctor command (#23631) (#23730)
  * Add git dashes separator to some "log" and "diff" commands (#23606) (#23720)
  * Create commit status when event is `pull_request_sync` (#23683) (#23691)
  * Fix incorrect `HookEventType` of pull request review comments (#23650) (#23678)
  * Fix incorrect `show-modal` and `show-panel` class (#23660) (#23663)
  * Improve workflow event triggers (#23613) (#23648)
  * Introduce path Clean/Join helper functions, partially backport&refactor (#23495) (#23607)
  * Fix pagination on `/notifications/watching` (#23564) (#23603)
  * Fix submodule is nil panic (#23588) (#23601)
  * Polyfill the window.customElements (#23592) (#23595)
  * Avoid too long names for actions (#23162) (#23190)
* TRANSLATION
  * Backport locales (with manual fixes) (#23808, #23634, #24083)
* BUILD
  * Hardcode the path to docker images (#23955) (#23968)
* DOCS
  * Update documentation to explain which projects allow Gitea to host static pages (#23993) (#24058)
  * Merge `push to create`, `open PR from push`, and `push options` docs articles into one (#23744) (#23959)
  * Fix code blocks in the cheat sheet (#23664) (#23669)
* MISC
  * Do not crash when parsing an invalid workflow file (#23972) (#23976)
  * Remove assertion debug code for show/hide refactoring (#23576) (#23868)
  * Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766) (#23791)
  * Make minio package support legacy MD5 checksum (#23768) (#23770)
  * Improve template error reporting (#23396) (#23600)

* BREAKING
  * Add loading yaml label template files (#22976) (#23232)
  * Make issue and code search support camel case for Bleve (#22829)
  * Repositories: by default disable all units except code and pulls on forks (#22541)
  * Support template for merge message description (#22248)
  * Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
  * Implement actions (#21937)
  * Remove deprecated DSA host key from Docker Container (#21522)
  * Improve valid user name check (#20136)
* SECURITY
  * Return 404 instead of 403 if user can not access the repo (#23155) (#23158)
  * Support scoped access tokens (#20908)
* FEATURES
  * Add support for commit cross references (#22645)
  * Scoped labels (#22585)
  * Add Chef package registry (#22554)
  * Support asciicast files as new markup (#22448)
  * cgo cross-compile for freebsd (#22397)
  * Add cron method to gc LFS MetaObjects (#22385)
  * Add new captcha: cloudflare turnstile (#22369)
  * Enable `@<user>`- completion popup on the release description textarea (#22359)
  * make /{username}.png redirect to user/org avatar (#22356)
  * Add Conda package registry (#22262)
  * Support org/user level projects (#22235)
  * Add Mermaid copy button (#22225)
  * Add user secrets (#22191)
  * Secrets storage with SecretKey encrypted (#22142)
  * Preview images for Issue cards in Project Board view (#22112)
  * Add support for incoming emails (#22056)
  * Add Cargo package registry (#21888)
  * Add option to prohibit fork if user reached maximum limit of repositories (#21848)
  * Add attention blocks within quote blocks for `Note` and `Warning` (#21711)
  * Add Feed for Releases and Tags (#21696)
  * Add package registry cleanup rules (#21658)
  * Add "Copy" button to file view of raw text (#21629)
  * Allow disable sitemap (#21617)
  * Add package registry quota limits (#21584)
  * Map OIDC groups to Orgs/Teams (#21441)
  * Keep languages defined in .gitattributes (#21403)
  * Add Webhook authorization header (#20926)
  * Supports wildcard protected branch (#20825)
  * Copy citation file content, in APA and BibTex format, on repo home page (#19999)
* API
  * Match api migration behavior to web behavior (#23552) (#23573)
  * Purge API comment (#23451) (#23452)
  * User creation API: allow custom "created" timestamps (#22549)
  * Add `updated_at` field to PullReview API object (#21812)
  * Add API management for issue/pull and comment attachments (#21783)
  * Add API endpoint to get latest release (#21267)
  * Support system hook API (#14537)
* ENHANCEMENTS
  * Add `.patch` to `attachment.ALLOWED_TYPES` (#23580) (#23582)
  * Fix sticky header in diff view (#23554) (#23568)
  * Refactor merge/update git command calls (#23366) (#23544)
  * Fix review comment context menu clipped bug (#23523) (#23543)
  * Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) (#23513) (#23540)
  * Increase horizontal page padding (#23507) (#23537)
  * Use octicon-verified for gpg signatures (#23529) (#23536)
  * Make time tooltips interactive (#23526) (#23527)
  * Replace Less with CSS (#23508)
  * Fix 'View File' button in code search (#23478) (#23483)
  * Convert GitHub event on actions and fix some pull_request events. (#23037) (#23471)
  * Support reflogs (#22451) (#23438)
  * Fix actions frontend bugs (pagination, long name alignment) and small simplify (#23370) (#23436)
  * Scoped label display and documentation tweaks (#23430) (#23433)
  * Add missing tabs to org projects page (#22705) (#23412)
  * Fix and move "Use this template" button (#23398) (#23408)
  * Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397) (#23403)
  * Rename `canWriteUnit` to `canWriteProjects` (#23386) (#23399)
  * Refactor and tidy-up the merge/update branch code (#22568) (#23365)
  * Refactor `setting.Database.UseXXX` to methods (#23354) (#23356)
  * Fix incorrect project links and use symlink icon for org-wide projects (#23325) (#23336)
  * Fix PR view misalignment caused by long name file (#23321) (#23335)
  * Scoped labels: don't require holding alt key to remove (#23303) (#23331)
  * Add context when rendering labels or emojis (#23281) (#23319)
  * Change interactiveBorder to fix popup preview  (#23169) (#23314)
  * Scoped labels: set aria-disabled on muted Exclusive option for a11y (#23306) (#23311)
  * update to mermaid v10 (#23178) (#23299)
  * Fix code wrap for unbroken lines (#23268) (#23293)
  * Use async await to fix empty quote reply at first time (#23168) (#23256)
  * Fix switched citation format (#23250) (#23253)
  * Allow `<video>` in MarkDown (#22892) (#23236)
  * Order pull request conflict checking by recently updated, for each push (#23220) (#23225)
  * Fix Fomantic UI's `touchstart` fastclick, always use `click` for click events (#23065) (#23195)
  * Add word-break to sidebar-item-link (#23146) (#23180)
  * Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177)
  * Fix height for sticky head on large screen on PR page (#23111) (#23123)
  * Change style to improve whitespaces trimming inside inline markdown code (#23093) (#23120)
  * Avoid warning for system setting when start up (#23054) (#23116)
  * Add accessibility to the menu on the navbar (#23059) (#23095)
  * Improve accessibility for issue comments (#22612) (#23083)
  * Remove delete button for review comment (#23036)
  * Remove dashes between organization member avatars on hover (#23034)
  * Use `gt-relative` class instead of the ambiguous `gt-pr` class  (#23008)
  * handle deprecated settings (#22992)
  * Add scopes to API to create token and display them (#22989)
  * Improve PR Review Box UI (#22986)
  * Improve issues.LoadProject (#22982)
  * Add all units to the units permission list in org team members sidebar (#22971)
  * Rename `GetUnits` to `LoadUnits` (#22970)
  * Rename `repo.GetOwner` to `repo.LoadOwner` (#22967)
  * Rename "People" to "Members" in organization page and use a better icon (#22960)
  * Fix avatar misalignment (#22955)
  * Sort issues and pulls by recently updated in user and organization home (#22925)
  * Add `title` to PR file tree items (#22918)
  * First step to refactor the `.hide` to `.gt-hidden` (#22916)
  * Add tooltip to issue reference (#22913)
  * Always show the `command line instructions` button even if there are conflicts (#22909)
  * Fix dark-colored description text in arc-green theme (#22908)
  * Remove Fomantic-UI's `.hidden` CSS class for menu elements (#22895)
  * Move helpers to be prefixed with `gt-` (#22879)
  * Move `IsReadmeFile*` from `modules/markup/` to `modules/util` (#22877)
  * Highlight focused diff file (#22870)
  * Add some headings to repo views (#22869)
  * Fix milestone title font problem (#22863)
  * Pull Requests: setting to allow edits by maintainers by default, tweak UI (#22862)
  * Introduce customized HTML elements, fix incorrect AppUrl usages in templates (#22861)
  * Add `/$count` endpoints for NuGet v2 (#22855)
  * Remove Fomantic-UI's `.hidden` CSS class for checkbox elements (#22851)
  * Fix notification and stopwatch empty states (#22845)
  * Always go full width in PR view (#22844)
  * Improve AppUrl/ROOT_URL checking (#22836)
  * Fix style of actions rerun button (#22835)
  * Fix more HTMLURL in templates (#22831)
  * Fix inconsistent Filter Project name in issue list (#22827)
  * include build info in Prometheus metrics (#22819)
  * Make clone URL use current page's host (#22808)
  * Refactor legacy strange git operations (#22756)
  * Improve error report when user passes a private key (#22726)
  * set user dashboard org visibility to basic (#22706)
  * Fix diff UI for unexpandable items (#22700)
  * Remove 'primary' class from tab counter labels (#22687)
  * Add more events details supports for actions (#22680)
  * Refactor git command package to improve security and maintainability (#22678)
  * Use relative url in actions view (#22675)
  * set user visibility class to basic (#22674)
  * Add repository setting to enable/disable releases unit (#22671)
  * Remove label color from global issue filters (#22660)
  * Fix poor alignment of organization description on organization home page (#22656)
  * Small refactor for loading PRs (#22652)
  * Allow setting access token scope by CLI (#22648)
  * Improve accessibility of navigation bar and footer (#22635)
  * Fixes accessibility behavior of Watching, Staring and Fork buttons (#22634)
  * Fixes accessibility of empty repository commit status (#22632)
  * Pull request yaml template support for including commit body in a field (#22629)
  * Show migration validation error (#22619)
  * set org visibility class to basic in header (#22605)
  * Fix cache-control header clearing comment text when editing issue (#22604)
  * Add ARIA support for Fomantic UI checkboxes (#22599)
  * Add templates to customize text when creating and migrating repositories (#22597)
  * Allow setting `redirect_to` cookie on OAuth login (#22594)
  * Improve checkbox accessibility a bit by adding the title attribute (#22593)
  * Allow issue templates to not render title (#22589)
  * Webhooks: for issue close/reopen action, add commit ID that caused it (#22583)
  * Fix missing title and filter in issue sidebar project menu (#22557)
  * Issues: support setting issue template field values with query (#22545)
  * Issues: add Project filter to issues list and search (#22544)
  * Pull Requests: add color to approved/reject icon in pull requests list (#22543)
  * Mute all links in issue timeline (#22533)
  * Dropzone: Add "Copy link" button for new uploads (#22517)
  * Support importing comment types (#22510)
  * Load asciicast css async (#22502)
  * Move delete user to service (#22478)
  * Change use of Walk to WalkDir to improve disk performance (#22462)
  * Add reply hint to mail text (#22459)
  * fix wrong theme class when logged out if default theme is changed (#22408)
  * Refactor the setting to make unit test easier (#22405)
  * Improve utils of slices (#22379)
  * Use context parameter in models/git (#22367)
  * Always reuse transaction (#22362)
  * Fix unstable emoji sort (#22346)
  * Add context cache as a request level cache (#22294)
  * Reminder for no more logs to console (#22282)
  * Support estimated count with multiple schemas (#22276)
  * Move `convert` package to services (#22264)
  * Use dynamic package type list (#22263)
  * Hide file borders on sticky diff box (#22217)
  * Improve notification and stopwatch styles (#22169)
  * Fixed Project view .board-column height for tall screens. (#22108)
  * Use multi reader instead to concat strings (#22099)
  * Use git command instead of exec.Cmd in blame (#22098)
  * Fix autofilled text visibility in dark mode (#22088)
  * Rename almost all Ctx functions (#22071)
  * Rename actions to operations on UI (#22067)
  * refactor bind functions based on generics (#22055)
  * Support disabling database auto migration (#22053)
  * remove duplicated read file code (#22042)
  * Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986)
  * Skip initing disabled storages (#21985)
  * Add doctor command for full GC of LFS (#21978)
  * Util type to parse ref name (#21969)
  * Replace fmt.Sprintf with hex.EncodeToString (#21960)
  * Use random bytes to generate access token (#21959)
  * Add index for access_token (#21908)
  * Move all remaining colors into CSS variables (#21903)
  * Webhook list enhancements (#21893)
  * Embed Matrix icon as SVG (#21890)
  * Remove useless "Cancel" buttons (#21872)
  * fix(web): keep the pages of the navigation in the center (#21867)
  * fix(web): reduce page jitter on browsers that support overlay scrollbar (#21850)
  * Improvements for Content Copy (#21842)
  * Tweak katex options (#21828)
  * Show syntax lexer name in file view/blame (#21814)
  * Remove `href="javascript:;"` in "save topics (Done)" button (#21813)
  * Render number of commits in repo page in a user friendly way (#21786)
  * Adjust clone timeout error to suggest increasing timeout (#21769)
  * Update message of reach_limit_of_creation (#21757)
  * Allow detect whether it's in a database transaction for a context.Context (#21756)
  * Add configuration for CORS allowed headers (#21747)
  * Move svg html render to modules/svg (#21716)
  * Release and Tag List tweaks (#21712)
  * Remove template previewer (#21701)
  * Clean up formatting on install page (#21668)
  * Configure update checker on installation page (#21655)
  * Merge db.Iterate and IterateObjects (#21641)
  * Add option to enable CAPTCHA validation for login (#21638)
  * Allow disable RSS/Atom feed (#21622)
  * Use CSS color-scheme instead of invert (#21616)
  * Localize time units on activity heatmap (#21570)
  * Fix UI column width, button overflow Fomantic's grid (#21559)
  * feat: notify doers of a merge when automerging (#21553)
  * Split migrations folder (#21549)
  * feat: add button to quickly clear merge message (#21548)
  * Add `context.Context` to more methods (#21546)
  * Add index for hook_task table (#21545)
  * Allow disable code tab (#20805)
* BUGFIXES
  * Fix template error when reference Project (#23584)
  * Fix dropdown icon misalignment when using fomantic icon (#23558) (#23577)
  * Fix diff detail buttons wrapping, use tippy for review box (#23271) (#23546)
  * Handle missing `README` in create repos API (#23387) (#23510)
  * Disable sending email after push a commit to a closed PR (#23462) (#23492)
  * Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem (#23450) (#23486)
  * Fix due date being wrong on issue list (#23475) (#23477)
  * Remove wrongly added column on migration test fixtures (#23456) (#23470)
  * Make branches list page operations remember current page (#23420) (#23460)
  * Fix missing commit status in PR which from forked repo (#23351) (#23453)
  * Show edit/close/delete button on organization wide repositories (#23388) (#23429)
  * Preserve file size when creating attachments (#23406) (#23426)
  * Fix broken Chroma CSS styles (#23174) (#23402)
  * Fix incorrect NotFound conditions in org/projects.go (#23384) (#23395)
  * Set `X-Gitea-Debug` header once (#23361) (#23381)
  * Pass context to avatar for projects view (#23359) (#23378)
  * Fix panic when getting notes by ref (#23372) (#23377)
  * Do not recognize text files as audio (#23355) (#23368)
  * Fix adding of empty class name (#23352) (#23360)
  * Fix various ImageDiff/SVG bugs (#23312) (#23358)
  * Fix incorrect display for comment context menu (#23343) (#23344)
  * Remove unnecessary space on link (#23334) (#23340)
  * Fix incorrect redirect link of delete org project (#23327) (#23339)
  * Fix cannot reopen after pushing commits to a closed PR (#23189) (#23324)
  * Fix broken code editor diff preview (#23307) (#23320)
  * Support sanitising the URL by removing extra slashes in the URL (#21333) (#23300)
  * Avoid panic caused by broken payload when creating commit status (#23216) (#23294)
  * Fill head commit to in payload when notifying push commits for mirroring (#23215) (#23292)
  * Fix various bugs for "install" page (#23194) (#23286)
  * Fix GetFilesChangedBetween if the file name may be escaped (#23272) (#23279)
  * Revert relative links to absolute links in mail templates (#23267) (#23269)
  * Fix commit retrieval by tag (#21804) (#23266)
  * Use correct README link to render the README (#23152) (#23264)
  * Close the temp file when dumping database to make the temp file can be deleted on Windows (#23249) (#23251)
  * Use the correct selector to hide the checkmark of selected labels on clear (#23224) (#23228)
  * Fix incorrect checkbox behaviors in the dashboard repolist's filter (#23147) (#23205)
  * Properly flush unique queues on startup (#23154) (#23201)
  * Pass `--global` when calling `git config --get`, for consistency with `git config --set` (#23157) (#23199)
  * Make `gitea serv` respect git binary home (#23138) (#23197)
  * Change button text for commenting and closing an issue at the same time (#23135) (#23182)
  * Fix DBConsistency checks on MSSQL (#23132) (#23134)
  * Show empty repos in Admin Repository Management page (#23114) (#23130)
  * Redirect to the commit page after applying patch (#23056) (#23127)
  * Fix nil context in RenderMarkdownToHtml (#23092) (#23108)
  * Make issue meta dropdown support Enter, confirm before reloading (#23014) (#23102)
  * Fix SyncOnCommit always return false in API of push_mirrors (#23088) (#23100)
  * Fix commit name in Apply Patch page (#23086) (#23099)
  * Fix some more hidden problems (#23074) (#23075)
  * Bump golang.org/x/net from 0.4.0 to 0.7.0 (#22980)
  * Get rules by id when editing branch protection rule (#22932)
  * Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) (#22921)
  * Increase Content field size of gpg_import_key to MEDIUMTEXT (#22897)
  * Fix hidden commit status on multiple checks (#22889)
  * Fix update by rebase being wrongly disabled by protected base branch (#22825)
  * Make issue title edit buttons focusable and fix incorrect ajax requests (#22807)
  * Fix rerun button of Actions (#22798)
  * remove update language in ProfilePost (#22748)
  * Do not overwrite empty DefaultBranch (#22708)
  * Fix ref to trigger Actions (#22679)
  * Fix time to NotifyPullRequestSynchronized (#22650)
  * Show all projects, not just repo projects and open/closed projects  (#22640)
  * Project links should use parent link methods (#22587)
  * Fix group filter for ldap source sync (#22506)
  * Check quota limits for container uploads (#22450)
  * Fix halfCommitter and WithTx (#22366)
  * Attempt to fix TestExportUserGPGKeys (#22159)
  * Fix heatmap first color being unused (#22157)
  * Fix scroll over mermaid frame (#21925)
  * Move migration test fixtures to the correct directories (#21901)
  * fix(web): add `alt` for logo in home page (#21887)
  * Fix webhook attachment text is not set in review comment (#21763)
  * Alter package_version.metadata_json to LONGTEXT (#21667)
  * Ensure that Webhook tasks are not double delivered (#21558)
* TESTING
  * Make CI use a dummy password hasher for all tests (#22983)
  * Disable test for incoming email (#22686)
  * Move fuzz tests into tests/fuzz (#22376)
  * Test views of LFS files (#22196)
  * Specify ID in `TestAPITeam` (#22192)
  * verify nodeinfo response by schema  (#22137)
  * Skip GitHub migration tests if the API token is undefined (#21824)
  * Add a simple test for external renderer (#20033)
* TRANSLATION
  * Use "Title Case" for text "Reference in new issue" (#22936)
* BUILD
  * Wrap unless-check in docker manifests (#23079) (#23081)
  * Adjust manifest to prevent tagging latest on rcs (#22811)
  * update to build with go1.20 (#22732)
  * Add Bash and Zsh completion scripts (#22646)
  * Add Contributed backport command (#22643)
  * Remove deprecated packages & staticcheck fixes (#22012)
  * Update to Alpine 3.17 (#21904)
  * Fix webpack license warning (#21815)
* DOCS
  * Update documentation for the new YAML label file format  (#23020) (#23341)
  * Update hacking-on-gitea-zh_cn documentation (#23315) (#23323)
  * Add basic documentation for labels, including scoped labels (#23304) (#23309)
  * Re-add accidentally removed `hacking-on-gitea.zh-cn.md` (#23297) (#23305)
  * Fix secrets overview page missing from docs sidebar (#23143) (#23145)
  * Add some guidelines for refactoring (#22880)
  * Explain that the no-access team unit does not affect public repositories (#22661)
  * Fix incorrect Redis URL snippets in the example app.ini (#22573)
  * docs: add swagger.json file location to FAQ (#22489)
  * Update index.de-de.md (#22363)
  * Update Gmail mailer configuration (#22291)
  * Add missed reverse proxy authentication documentation (#22250)
  * Add plural definitions for German translations (#21802)
  * Attempt clarify AppWorkPath etc. (#21656)
  * Add some documentation to packages (#21648)
* MISC
  * Use `<nav>` instead of `<div>` in the global navbar (#23125) (#23533)
  * Do not create commit graph for temporary repos (#23219) (#23229)
  * Update button is shown when a Pull Request is marked WIP - Issue #21740 (#22683)
  * Add main landmark to templates and adjust titles (#22670)
  * Fix error on account activation with wrong passwd (#22609)
  * Update JS dependencies (#22538)
  * Display unreferenced packages total size in package admin panel (#22498)
  * Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. (#22152)
  * Update chroma to v2.4.0 (#22000)
  * Hide collapse icon in diff with no lines (#21094)

Revision 1.101: download - view: text, markup, annotated - select for diffs
Wed Feb 7 14:51:02 2024 UTC (10 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.100: preferred, colored
Changes since revision 1.100: +2 -2 lines
Revbump all Go packages after go121 update

Revision 1.100: download - view: text, markup, annotated - select for diffs
Wed Jan 10 19:14:42 2024 UTC (11 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.99: preferred, colored
Changes since revision 1.99: +2 -2 lines
Revbump all Go packages after go121 update

Revision 1.94.2.2: download - view: text, markup, annotated - select for diffs
Wed Dec 6 12:08:54 2023 UTC (12 months ago) by spz
Branches: pkgsrc-2023Q3
Diff to: previous 1.94.2.1: preferred, colored; branchpoint 1.94: preferred, colored; next MAIN 1.95: preferred, colored
Changes since revision 1.94.2.1: +2 -2 lines
Pullup ticket #6822 - requested by bsiegert
lang/go120: security update
lang/go121: security update
lang/go: metadata update
audio/gospt: revision bump
audio/ymuse: revision bump
chat/coyim: revision bump
chat/gomuks: revision bump
chat/matterircd: revision bump
chat/senpai: revision bump
chat/ssh-chat: revision bump
databases/go-ldap: revision bump
databases/influxdb: revision bump
databases/mongo-tools: revision bump
databases/mysqld_exporter: revision bump
databases/postgres_exporter: revision bump
databases/prometheus: revision bump
databases/promscale: revision bump
databases/sqlc: revision bump
databases/timescaledb-tune: revision bump
devel/asmfmt: revision bump
devel/conftest: revision bump
devel/errcheck: revision bump
devel/fq: revision bump
devel/git-lfs: revision bump
devel/go-ed25519: revision bump
devel/go-gocode: revision bump
devel/go-golang-lru: revision bump
devel/go-gopkgs: revision bump
devel/go-goptlib: revision bump
devel/go-goreturns: revision bump
devel/go-gox: revision bump
devel/go-impl: revision bump
devel/go-logrus: revision bump
devel/go-nbreader: revision bump
devel/go-pty: revision bump
devel/go-review: revision bump
devel/go-siphash: revision bump
devel/go-staticcheck: revision bump
devel/go-swagger: revision bump
devel/go-sys: revision bump
devel/go-tools: revision bump
devel/go-wire: revision bump
devel/go-xerrors: revision bump
devel/golangci-lint: revision bump
devel/golint: revision bump
devel/gomodifytags: revision bump
devel/gopls: revision bump
devel/goredo: revision bump
devel/gotags: revision bump
devel/gotests: revision bump
devel/govulncheck: revision bump
devel/lazygit: revision bump
devel/mob: revision bump
devel/nancy: revision bump
devel/opa: revision bump
devel/packr: revision bump
devel/reftools: revision bump
devel/regal: revision bump
devel/revive: revision bump
devel/shfmt: revision bump
devel/syft: revision bump
editors/micro: revision bump
filesystems/kubo: revision bump
graphics/gif2png: revision bump
lang/joker: revision bump
mail/opensmtpd-filter-rspamd: revision bump
mail/opensmtpd-filter-senderscore: revision bump
mail/postforward: revision bump
misc/exercism: revision bump
net/amazon-ecs-cli: revision bump
net/amfora: revision bump
net/bombadillo: revision bump
net/croc: revision bump
net/czds: revision bump
net/dnscontrol: revision bump
net/dnscrypt-proxy2: revision bump
net/gh: revision bump
net/go-dnstap: revision bump
net/go-net: revision bump
net/go-websocket: revision bump
net/gunison: revision bump
net/gvproxy: revision bump
net/hub: revision bump
net/ipget: revision bump
net/kubectl: revision bump
net/libquic: revision bump
net/mangos: revision bump
net/nats-server: revision bump
net/obfs4proxy: revision bump
net/rclone: revision bump
net/stern: revision bump
net/syncthing: revision bump
net/terraform-provider-archive: revision bump
net/terraform-provider-aws: revision bump
net/terraform-provider-kubernetes: revision bump
net/terraform-provider-local: revision bump
net/terraform-provider-null: revision bump
net/terraform-provider-random: revision bump
net/terraform-provider-template: revision bump
net/terraform-provider-vultr: revision bump
net/terraform: revision bump
net/tut: revision bump
net/vultr-cli: revision bump
pkgtools/pkglint: revision bump
security/2fa: revision bump
security/age: revision bump
security/amass: revision bump
security/authelia: revision bump
security/cfssl: revision bump
security/dnsx: revision bump
security/go-asn1-ber: revision bump
security/go-crypto: revision bump
security/go-getpass: revision bump
security/go-mkcert: revision bump
security/gopass: revision bump
security/httpx: revision bump
security/nuclei: revision bump
security/oauth2c: revision bump
security/osv-scanner: revision bump
security/subfinder: revision bump
security/tlsx: revision bump
security/trufflehog: revision bump
security/vault: revision bump
shells/elvish: revision bump
shells/oh-my-posh: revision bump
sysutils/beats: revision bump
sysutils/consul: revision bump
sysutils/direnv: revision bump
sysutils/fzf: revision bump
sysutils/goreman: revision bump
sysutils/lf: revision bump
sysutils/node_exporter: revision bump
sysutils/packer: revision bump
sysutils/podman: revision bump
sysutils/restic: revision bump
sysutils/vultr: revision bump
textproc/glow: revision bump
textproc/go-kr-text: revision bump
textproc/go-md2man: revision bump
textproc/go-mmark: revision bump
textproc/go-text: revision bump
textproc/miller: revision bump
textproc/sift: revision bump
www/apisprout: revision bump
www/caddy: revision bump
www/gitea: revision bump
www/go-ffuf: revision bump
www/go-minify: revision bump
www/gotosocial: revision bump
www/grafana: revision bump
www/hugo: revision bump
www/jira-cli: revision bump
www/mycorrhiza: revision bump
www/pup: revision bump
www/restish: revision bump
www/shoutrrr: revision bump

Revisions pulled up:
- lang/go/version.mk                                            1.194
- lang/go120/PLIST                                              1.10
- lang/go120/distinfo                                           1.12
- lang/go121/PLIST                                              1.4
- lang/go121/distinfo                                           1.4
- audio/gospt/Makefile                       by patch
- audio/ymuse/Makefile                       by patch
- chat/coyim/Makefile                        by patch
- chat/gomuks/Makefile                       by patch
- chat/matterircd/Makefile                   by patch
- chat/senpai/Makefile                       by patch
- chat/ssh-chat/Makefile                     by patch
- databases/go-ldap/Makefile                 by patch
- databases/influxdb/Makefile                by patch
- databases/mongo-tools/Makefile             by patch
- databases/mysqld_exporter/Makefile         by patch
- databases/postgres_exporter/Makefile       by patch
- databases/prometheus/Makefile              by patch
- databases/promscale/Makefile               by patch
- databases/sqlc/Makefile                    by patch
- databases/timescaledb-tune/Makefile        by patch
- devel/asmfmt/Makefile                      by patch
- devel/conftest/Makefile                    by patch
- devel/errcheck/Makefile                    by patch
- devel/fq/Makefile                          by patch
- devel/git-lfs/Makefile                     by patch
- devel/go-ed25519/Makefile                  by patch
- devel/go-gocode/Makefile                   by patch
- devel/go-golang-lru/Makefile               by patch
- devel/go-gopkgs/Makefile                   by patch
- devel/go-goptlib/Makefile                  by patch
- devel/go-goreturns/Makefile                by patch
- devel/go-gox/Makefile                      by patch
- devel/go-impl/Makefile                     by patch
- devel/go-logrus/Makefile                   by patch
- devel/go-nbreader/Makefile                 by patch
- devel/go-pty/Makefile                      by patch
- devel/go-review/Makefile                   by patch
- devel/go-siphash/Makefile                  by patch
- devel/go-staticcheck/Makefile              by patch
- devel/go-swagger/Makefile                  by patch
- devel/go-sys/Makefile                      by patch
- devel/go-tools/Makefile                    by patch
- devel/go-wire/Makefile                     by patch
- devel/go-xerrors/Makefile                  by patch
- devel/golangci-lint/Makefile               by patch
- devel/golint/Makefile                      by patch
- devel/gomodifytags/Makefile                by patch
- devel/gopls/Makefile                       by patch
- devel/goredo/Makefile                      by patch
- devel/gotags/Makefile                      by patch
- devel/gotests/Makefile                     by patch
- devel/govulncheck/Makefile                 by patch
- devel/lazygit/Makefile                     by patch
- devel/mob/Makefile                         by patch
- devel/nancy/Makefile                       by patch
- devel/opa/Makefile                         by patch
- devel/packr/Makefile                       by patch
- devel/reftools/Makefile                    by patch
- devel/regal/Makefile                       by patch
- devel/revive/Makefile                      by patch
- devel/shfmt/Makefile                       by patch
- devel/syft/Makefile                        by patch
- editors/micro/Makefile                     by patch
- filesystems/kubo/Makefile                  by patch
- graphics/gif2png/Makefile                  by patch
- lang/joker/Makefile                        by patch
- mail/opensmtpd-filter-rspamd/Makefile      by patch
- mail/opensmtpd-filter-senderscore/Makefile by patch
- mail/postforward/Makefile                  by patch
- misc/exercism/Makefile                     by patch
- net/amazon-ecs-cli/Makefile                by patch
- net/amfora/Makefile                        by patch
- net/bombadillo/Makefile                    by patch
- net/croc/Makefile                          by patch
- net/czds/Makefile                          by patch
- net/dnscontrol/Makefile                    by patch
- net/dnscrypt-proxy2/Makefile               by patch
- net/gh/Makefile                            by patch
- net/go-dnstap/Makefile                     by patch
- net/go-net/Makefile                        by patch
- net/go-websocket/Makefile                  by patch
- net/gunison/Makefile                       by patch
- net/gvproxy/Makefile                       by patch
- net/hub/Makefile                           by patch
- net/ipget/Makefile                         by patch
- net/kubectl/Makefile                       by patch
- net/libquic/Makefile                       by patch
- net/mangos/Makefile                        by patch
- net/nats-server/Makefile                   by patch
- net/obfs4proxy/Makefile                    by patch
- net/rclone/Makefile                        by patch
- net/stern/Makefile                         by patch
- net/syncthing/Makefile                     by patch
- net/terraform-provider-archive/Makefile    by patch
- net/terraform-provider-aws/Makefile        by patch
- net/terraform-provider-kubernetes/Makefile by patch
- net/terraform-provider-local/Makefile      by patch
- net/terraform-provider-null/Makefile       by patch
- net/terraform-provider-random/Makefile     by patch
- net/terraform-provider-template/Makefile   by patch
- net/terraform-provider-vultr/Makefile      by patch
- net/terraform/Makefile                     by patch
- net/tut/Makefile                           by patch
- net/vultr-cli/Makefile                     by patch
- pkgtools/pkglint/Makefile                  by patch
- security/2fa/Makefile                      by patch
- security/age/Makefile                      by patch
- security/amass/Makefile                    by patch
- security/authelia/Makefile                 by patch
- security/cfssl/Makefile                    by patch
- security/dnsx/Makefile                     by patch
- security/go-asn1-ber/Makefile              by patch
- security/go-crypto/Makefile                by patch
- security/go-getpass/Makefile               by patch
- security/go-mkcert/Makefile                by patch
- security/gopass/Makefile                   by patch
- security/httpx/Makefile                    by patch
- security/nuclei/Makefile                   by patch
- security/oauth2c/Makefile                  by patch
- security/osv-scanner/Makefile              by patch
- security/subfinder/Makefile                by patch
- security/tlsx/Makefile                     by patch
- security/trufflehog/Makefile               by patch
- security/vault/Makefile                    by patch
- shells/elvish/Makefile                     by patch
- shells/oh-my-posh/Makefile                 by patch
- sysutils/beats/Makefile                    by patch
- sysutils/consul/Makefile                   by patch
- sysutils/direnv/Makefile                   by patch
- sysutils/fzf/Makefile                      by patch
- sysutils/goreman/Makefile                  by patch
- sysutils/lf/Makefile                       by patch
- sysutils/node_exporter/Makefile            by patch
- sysutils/packer/Makefile                   by patch
- sysutils/podman/Makefile                   by patch
- sysutils/restic/Makefile                   by patch
- sysutils/vultr/Makefile                    by patch
- textproc/glow/Makefile                     by patch
- textproc/go-kr-text/Makefile               by patch
- textproc/go-md2man/Makefile                by patch
- textproc/go-mmark/Makefile                 by patch
- textproc/go-text/Makefile                  by patch
- textproc/miller/Makefile                   by patch
- textproc/sift/Makefile                     by patch
- www/apisprout/Makefile                     by patch
- www/caddy/Makefile                         by patch
- www/gitea/Makefile                         by patch
- www/go-ffuf/Makefile                       by patch
- www/go-minify/Makefile                     by patch
- www/gotosocial/Makefile                    by patch
- www/grafana/Makefile                       by patch
- www/hugo/Makefile                          by patch
- www/jira-cli/Makefile                      by patch
- www/mycorrhiza/Makefile                    by patch
- www/pup/Makefile                           by patch
- www/restish/Makefile                       by patch
- www/shoutrrr/Makefile                      by patch

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	bsiegert
   Date:		Fri Nov 10 15:39:34 UTC 2023

   Modified Files:
   	pkgsrc/lang/go: version.mk
   	pkgsrc/lang/go120: PLIST distinfo
   	pkgsrc/lang/go121: PLIST distinfo

   Log Message:
   Update go120 to 1.20.11 and go121 to 1.21.4 (security).

   These minor releases include 2 security fixes following the security policy:

   - path/filepath: recognize \??\ as a Root Local Device path prefix.

    On Windows, a path beginning with \??\ is a Root Local Device path equivalent
    to a path beginning with \\?\. Paths with a \??\ prefix may be used to access
    arbitrary locations on the system. For example, the path \??\c:\x is
    equivalent to the more common path c:\x.

    The filepath package did not recognize paths with a \??\ prefix as special.

    Clean could convert a rooted path such as \a\..\??\b into
    the root local device path \??\b. It will now convert this
    path into .\??\b.

    IsAbs did not report paths beginning with \??\ as absolute.
    It now does so.

    VolumeName now reports the \??\ prefix as a volume name.

    Join(`\`, `??`, `b`) could convert a seemingly innocent
    sequence of path elements into the root local device path
    \??\b. It will now convert this to \.\??\b.

    This is CVE-2023-45283 and https://go.dev/issue/63713.

   - path/filepath: recognize device names with trailing spaces and superscripts

    The IsLocal function did not correctly detect reserved names in some cases:

    reserved names followed by spaces, such as "COM1 ".
    "COM" or "LPT" followed by a superscript 1, 2, or 3.
    IsLocal now correctly reports these names as non-local.

    This is CVE-2023-45284 and https://go.dev/issue/63713.


   To generate a diff of this commit:
   cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/PLIST
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/go120/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go121/PLIST pkgsrc/lang/go121/distinfo

Revision 1.99: download - view: text, markup, annotated - select for diffs
Tue Dec 5 19:46:17 2023 UTC (12 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4
Diff to: previous 1.98: preferred, colored
Changes since revision 1.98: +2 -2 lines
Revbump all Go packages after go121 update

Revision 1.98: download - view: text, markup, annotated - select for diffs
Fri Nov 10 15:45:23 2023 UTC (13 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.97: preferred, colored
Changes since revision 1.97: +2 -2 lines
Revbump all Go packages after go121 update

Revision 1.97: download - view: text, markup, annotated - select for diffs
Wed Nov 8 13:21:18 2023 UTC (13 months ago) by wiz
Branches: MAIN
Diff to: previous 1.96: preferred, colored
Changes since revision 1.96: +2 -2 lines
*: recursive bump for icu 74.1

Revision 1.96: download - view: text, markup, annotated - select for diffs
Sun Oct 29 14:48:23 2023 UTC (13 months, 1 week ago) by bsiegert
Branches: MAIN
Diff to: previous 1.95: preferred, colored
Changes since revision 1.95: +2 -2 lines
Revbump all Go packages because go121 is now the default

Revision 1.94.2.1: download - view: text, markup, annotated - select for diffs
Sun Oct 22 18:44:20 2023 UTC (13 months, 2 weeks ago) by spz
Branches: pkgsrc-2023Q3
Diff to: previous 1.94: preferred, colored
Changes since revision 1.94: +2 -2 lines
Pullup ticket #6812 - requested by bsiegert
lang/go120: security update
lang/go: version info update
audio/gospt: RevBump
audio/ymuse: RevBump
chat/coyim: RevBump
chat/gomuks: RevBump
chat/matterircd: RevBump
chat/senpai: RevBump
chat/ssh-chat: RevBump
databases/go-ldap: RevBump
databases/influxdb: RevBump
databases/mongo-tools: RevBump
databases/mysqld_exporter: RevBump
databases/postgres_exporter: RevBump
databases/prometheus: RevBump
databases/promscale: RevBump
databases/sqlc: RevBump
databases/timescaledb-tune: RevBump
devel/asmfmt: RevBump
devel/conftest: RevBump
devel/errcheck: RevBump
devel/fq: RevBump
devel/git-lfs: RevBump
devel/go-ed25519: RevBump
devel/go-gocode: RevBump
devel/go-golang-lru: RevBump
devel/go-gopkgs: RevBump
devel/go-goptlib: RevBump
devel/go-goreturns: RevBump
devel/go-gox: RevBump
devel/go-impl: RevBump
devel/go-logrus: RevBump
devel/go-nbreader: RevBump
devel/go-pty: RevBump
devel/go-review: RevBump
devel/go-siphash: RevBump
devel/go-staticcheck: RevBump
devel/go-swagger: RevBump
devel/go-sys: RevBump
devel/go-tools: RevBump
devel/go-wire: RevBump
devel/go-xerrors: RevBump
devel/golangci-lint: RevBump
devel/golint: RevBump
devel/gomodifytags: RevBump
devel/gopls: RevBump
devel/goredo: RevBump
devel/gotags: RevBump
devel/gotests: RevBump
devel/govulncheck: RevBump
devel/lazygit: RevBump
devel/mob: RevBump
devel/nancy: RevBump
devel/opa: RevBump
devel/packr: RevBump
devel/reftools: RevBump
devel/regal: RevBump
devel/revive: RevBump
devel/shfmt: RevBump
devel/syft: RevBump
editors/micro: RevBump
filesystems/kubo: RevBump
graphics/gif2png: RevBump
lang/joker: RevBump
mail/opensmtpd-filter-rspamd: RevBump
mail/opensmtpd-filter-senderscore: RevBump
mail/postforward: RevBump
meta-pkgs/bulk-test-essential: RevBump
misc/exercism: RevBump
net/amazon-ecs-cli: RevBump
net/amfora: RevBump
net/bombadillo: RevBump
net/croc: RevBump
net/czds: RevBump
net/dnscontrol: RevBump
net/dnscrypt-proxy2: RevBump
net/gh: RevBump
net/go-dnstap: RevBump
net/go-net: RevBump
net/go-websocket: RevBump
net/gunison: RevBump
net/gvproxy: RevBump
net/hub: RevBump
net/ipget: RevBump
net/kubectl: RevBump
net/libquic: RevBump
net/mangos: RevBump
net/nats-server: RevBump
net/obfs4proxy: RevBump
net/rclone: RevBump
net/stern: RevBump
net/syncthing: RevBump
net/terraform-provider-archive: RevBump
net/terraform-provider-aws: RevBump
net/terraform-provider-kubernetes: RevBump
net/terraform-provider-local: RevBump
net/terraform-provider-null: RevBump
net/terraform-provider-random: RevBump
net/terraform-provider-template: RevBump
net/terraform-provider-vultr: RevBump
net/terraform: RevBump
net/tut: RevBump
net/vultr-cli: RevBump
pkgtools/pkglint: RevBump
security/2fa: RevBump
security/age: RevBump
security/amass: RevBump
security/authelia: RevBump
security/cfssl: RevBump
security/dnsx: RevBump
security/go-asn1-ber: RevBump
security/go-crypto: RevBump
security/go-getpass: RevBump
security/go-mkcert: RevBump
security/gopass: RevBump
security/httpx: RevBump
security/nuclei: RevBump
security/oauth2c: RevBump
security/osv-scanner: RevBump
security/subfinder: RevBump
security/tlsx: RevBump
security/trufflehog: RevBump
security/vault: RevBump
shells/elvish: RevBump
shells/oh-my-posh: RevBump
sysutils/beats: RevBump
sysutils/consul: RevBump
sysutils/direnv: RevBump
sysutils/fzf: RevBump
sysutils/goreman: RevBump
sysutils/lf: RevBump
sysutils/node_exporter: RevBump
sysutils/packer: RevBump
sysutils/podman: RevBump
sysutils/restic: RevBump
sysutils/vultr: RevBump
textproc/glow: RevBump
textproc/go-kr-text: RevBump
textproc/go-md2man: RevBump
textproc/go-mmark: RevBump
textproc/go-text: RevBump
textproc/miller: RevBump
textproc/sift: RevBump
www/apisprout: RevBump
www/caddy: RevBump
www/gitea: RevBump
www/go-ffuf: RevBump
www/go-minify: RevBump
www/gotosocial: RevBump
www/grafana: RevBump
www/hugo: RevBump
www/jira-cli: RevBump
www/mycorrhiza: RevBump
www/pup: RevBump
www/restish: RevBump
www/shoutrrr: RevBump

Revisions pulled up:
- lang/go/version.mk                                            1.190,1.192
- lang/go120/PLIST                                              1.9
- lang/go120/distinfo                                           1.10-1.11

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sat Oct  7 18:09:35 UTC 2023

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go120: PLIST distinfo

   Log Message:
   go120: update to 1.20.9 (security).

   cmd/go: line directives allows arbitrary execution during build

   "//line" directives can be used to bypass the restrictions on "//go:cgo_"
   directives, allowing blocked linker and compiler flags to be passed during
   compliation. This can result in unexpected execution of arbitrary code when
   running "go build". The line directive requires the absolute path of the file in
   which the directive lives, which makes exploting this issue significantly more
   complex.

   This is CVE-2023-39323 and Go issue https://go.dev/issue/63211.

   View the release notes for more information:
   https://go.dev/doc/devel/release#go1.20.9

   To generate a diff of this commit:
   cvs rdiff -u -r1.189 -r1.190 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go120/PLIST
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sun Oct 15 11:02:08 UTC 2023

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go120: distinfo

   Log Message:
   go120: update to 1.20.10 (security)

   net/http: rapid stream resets can cause excessive work

   A malicious HTTP/2 client which rapidly creates requests and
   immediately resets them can cause excessive server resource consumption.
   While the total number of requests is bounded to the
   http2.Server.MaxConcurrentStreams setting, resetting an in-progress
   request allows the attacker to create a new request while the existing
   one is still executing.

   HTTP/2 servers now bound the number of simultaneously executing
   handler goroutines to the stream concurrency limit. New requests
   arriving when at the limit (which can only happen after the client
   has reset an existing, in-flight request) will be queued until a
   handler exits. If the request queue grows too large, the server
   will terminate the connection.

   This issue is also fixed in golang.org/x/net/http2 v0.17.0,
   for users manually configuring HTTP/2.

   The default stream concurrency limit is 250 streams (requests)
   per HTTP/2 connection. This value may be adjusted using the
   golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
   setting and the ConfigureServer function.

   This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
   This is also tracked by CVE-2023-44487.

   To generate a diff of this commit:
   cvs rdiff -u -r1.191 -r1.192 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go120/distinfo

Revision 1.95: download - view: text, markup, annotated - select for diffs
Sun Oct 15 12:04:34 2023 UTC (13 months, 3 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.94: preferred, colored
Changes since revision 1.94: +2 -2 lines
Revbump all Go packages after go120 security update

Revision 1.94: download - view: text, markup, annotated - select for diffs
Fri Sep 8 19:06:13 2023 UTC (15 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2023Q3-base
Branch point for: pkgsrc-2023Q3
Diff to: previous 1.93: preferred, colored
Changes since revision 1.93: +2 -1 lines
Revbump all Go packages after go120 update

Revision 1.93: download - view: text, markup, annotated - select for diffs
Wed Sep 6 23:45:20 2023 UTC (15 months ago) by khorben
Branches: MAIN
Diff to: previous 1.92: preferred, colored
Changes since revision 1.92: +2 -3 lines
gitea: update to 1.18.5

There have been a few security-related fixes between 1.18.0 and this
version. (XXX pull-up to pkgsrc-2023Q2)

This also includes a trivial fix in a comment for the default app.ini
configuration file.

Changes in 1.18.5:

* ENHANCEMENTS
  * Hide 2FA status from other members in organization members list
* BUGFIXES
  * Add force_merge to merge request and fix checking mergable
  * Use --message=%s for git commit message
  * Render access log template as text instead of HTML
  * Fix the Manually Merged form
  * Use beforeCommit instead of baseCommit
  * Display attachments of review comment when comment content is blank
  * Return empty url for submodule tree entries

Changes in 1.18.4:

* SECURITY
  * Provide the ability to set password hash algorithm parameters
  * Add command to bulk set must-change-password
* ENHANCEMENTS
  * Use import of OCI structs
  * Fix color of tertiary button on dark theme
  * Link issue and pull requests status change in UI notifications
    directly to their event in the timelined view.
* BUGFIXES
  * Notify on container image create
  * Fix blame view missing lines
  * Fix incorrect role labels for migrated issues and comments
  * Fix PR file tree folders no longer collapsing
  * Escape filename when assemble URL
  * Fix isAllowed of escapeStreamer
  * Load issue before accessing index in merge message
  * Improve trace logging for pulls and processes
  * Fix restore repo bug, clarify the problem of ForeignIndex
  * Add default user visibility to cli command "admin user create"
  * Escape path for the file list
  * Fix bugs with WebAuthn preventing sign in and registration.
  * Add missing close bracket in imagediff
  * Move code comments to a standalone file and fix the bug when adding
    a reply to an outdated review appears to not post(#20821)
  * Fix line spacing for plaintext previews
  * Fix wrong hint when deleting a branch successfully from pull request
    UI
  * Fix README TOC links
  * Fix missing message in git hook when pull requests disabled on fork
  * Improve checkIfPRContentChanged
  * Prevent duplicate labels when importing more than 99
  * Don't return duplicated users who can create org repo
* BUILD
  * Upgrade golangcilint to v1.51.0
* MISC
  * Use proxy for pull mirror
  * Use --index-url in PyPi description

Changes in 1.18.3:

* SECURITY
  * Prevent multiple To recipients
* BUGFIXES
  * Truncate commit summary on repo files table.
  * Mute all links in issue timeline

Changes in 1.18.2:

* BUGFIXES
  * When updating by rebase we need to set the environment for head repo
  * Fix issue not auto-closing when it includes a reference to a branch
  * Fix invalid issue branch reference if not specified in template
  * Fix 500 error viewing pull request when fork has pull requests
    disabled
  * Reliable selection of admin user
  * Set disable_gravatar/enable_federated_avatar when offline mode is
    true
* BUILD
  * cgo cross-compile for freebsd

Changes in 1.18.1:

* API
  * Add sync_on_commit option for push mirrors api
* BUGFIXES
  * Update github.com/zeripath/zapx/v15
  * Fix pull request API field closed_at always being null
  * Fix container blob mount
  * Fix error when calculating repository size
  * Fix Operator does not exist bug on explore page with
    ONLY_SHOW_RELEVANT_REPOS
  * Fix environments for KaTeX and error reporting
  * Remove the netgo tag for Windows build
  * Fix migration from GitBucket
  * Prevent panic on looking at api "git" endpoints for empty repos
  * Fix PR status layout on mobile
  * Fix wechatwork webhook sends empty content in PR review
  * Remove duplicate "Actions" label in mobile view
  * Fix leaving organization bug on user settings -> orgs
  * Fixed colour transparency regex matching in project board sorting
  * Correctly handle select on multiple channels in Queues
  * Prepend refs/heads/ to issue template refs
  * Restore function to "Show more" buttons
  * Continue GCing other repos on error in one repo
  * Allow HOST has no port
  * Fix omit avatar_url in discord payload when empty
  * Don't display stop watch top bar icon when disabled and hidden when
    click other place
  * Don't lookup mail server when using sendmail
  * Fix gravatar disable bug
  * Fix update settings table on install
  * Fix sitemap
  * Fix code search title translation
  * Fix due date rendering the wrong date in issue
  * Fix get system setting bug when enabled redis cache
  * Fix bug of DisableGravatar default value
  * Fix key signature error page
* TESTING
  * Remove test session cache to reduce possible concurrent problem
* MISC
  * Restore previous official review when an official review is deleted
  * Log STDERR of external renderer when it fails

Revision 1.92: download - view: text, markup, annotated - select for diffs
Sat Aug 26 16:31:39 2023 UTC (15 months, 2 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.91: preferred, colored
Changes since revision 1.91: +2 -2 lines
Revbump all Go packages after go120 update

Revision 1.91: download - view: text, markup, annotated - select for diffs
Sat Jul 15 10:53:08 2023 UTC (16 months, 3 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.90: preferred, colored
Changes since revision 1.90: +2 -2 lines
Revbump all Go packages after go120 update

Revision 1.90: download - view: text, markup, annotated - select for diffs
Fri May 5 19:37:37 2023 UTC (19 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Diff to: previous 1.89: preferred, colored
Changes since revision 1.89: +2 -2 lines
Revbump all Go packages after go120 security update

Revision 1.89: download - view: text, markup, annotated - select for diffs
Wed Apr 19 08:11:47 2023 UTC (19 months, 3 weeks ago) by adam
Branches: MAIN
Diff to: previous 1.88: preferred, colored
Changes since revision 1.88: +2 -2 lines
revbump after textproc/icu update

Revision 1.88: download - view: text, markup, annotated - select for diffs
Wed Apr 5 20:47:52 2023 UTC (20 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.87: preferred, colored
Changes since revision 1.87: +2 -2 lines
Revbump all Go packages after yesterday's go120 security update

Revision 1.87: download - view: text, markup, annotated - select for diffs
Wed Mar 8 13:38:50 2023 UTC (21 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Diff to: previous 1.86: preferred, colored
Changes since revision 1.86: +2 -2 lines
Revbump all Go packages after go119 security update

Revision 1.86: download - view: text, markup, annotated - select for diffs
Thu Feb 16 15:02:01 2023 UTC (21 months, 3 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.85: preferred, colored
Changes since revision 1.85: +2 -2 lines
Revbump all Go packages after go119 update

Revision 1.85: download - view: text, markup, annotated - select for diffs
Wed Jan 11 17:28:37 2023 UTC (22 months, 4 weeks ago) by bsiegert
Branches: MAIN
Diff to: previous 1.84: preferred, colored
Changes since revision 1.84: +2 -1 lines
Revbump all Go packages after go119 update

Revision 1.84: download - view: text, markup, annotated - select for diffs
Fri Jan 6 17:42:00 2023 UTC (23 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.83: preferred, colored
Changes since revision 1.83: +3 -4 lines
gitea: Update to 1.18.0.

The list of changes since 1.16.9 is nearly 600 lines long, so please
see the following URLs for a curated list of changes:

  https://blog.gitea.io/2022/12/gitea-1.18.0-is-released/
  https://blog.gitea.io/2022/12/gitea-1.17.4-is-released/
  https://blog.gitea.io/2022/10/gitea-1.17.3-is-released/
  https://blog.gitea.io/2022/09/gitea-1.17.2-is-released/
  https://blog.gitea.io/2022/08/gitea-1.17.1-is-released/
  https://blog.gitea.io/2022/07/gitea-1.17.0-is-released/

Revision 1.83: download - view: text, markup, annotated - select for diffs
Thu Dec 8 16:14:18 2022 UTC (2 years ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4
Diff to: previous 1.82: preferred, colored
Changes since revision 1.82: +2 -2 lines
Revbump all Go packages after go119 security update

Revision 1.82: download - view: text, markup, annotated - select for diffs
Wed Nov 23 16:21:19 2022 UTC (2 years ago) by adam
Branches: MAIN
Diff to: previous 1.81: preferred, colored
Changes since revision 1.81: +2 -1 lines
massive revision bump after textproc/icu update

Revision 1.77.2.1: download - view: text, markup, annotated - select for diffs
Wed Nov 16 19:14:36 2022 UTC (2 years ago) by bsiegert
Branches: pkgsrc-2022Q3
Diff to: previous 1.77: preferred, colored; next MAIN 1.78: preferred, colored
Changes since revision 1.77: +2 -6 lines
Pullup ticket #6704 - requested by khorben
www/gitea: security fix, build fix

Revisions pulled up:
- www/gitea/Makefile                                            1.81
- www/gitea/distinfo                                            1.32-1.33
- www/gitea/patches/patch-Makefile                              1.4

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Wed Nov  9 23:26:15 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: Makefile distinfo

   Log Message:
   gitea: update to 1.16.9

   Changes since 1.16.8:

   SECURITY

   * Add write check for creating Commit status (#20332) (#20334)
   * Check for permission when fetching user controlled issues (#20133) (#20196)

   BUGFIXES

   * Hide notify mail setting ui if not enabled (#20138) (#20337)
   * Add write check for creating Commit status (#20332) (#20334)
   * Only show Followers that current user can access (#20220) (#20253)
   * Release page show all tags in compare dropdown (#20070) (#20071)
   * Fix permission check for delete tag (#19985) (#20001)
   * Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
   * Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
   * Set Setpgid on child git processes (#19865) (#19881)
   * Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
   * Ensure responses are context.ResponseWriters (#19843) (#19859)
   * Fix incorrect usage of Count function (#19850)
   * Fix raw endpoint PDF file headers (#19825) (#19826)
   * Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
   * Don’t return 500 on NotificationUnreadCount (#19802)
   * Prevent NPE when cache service is disabled (#19703) (#19783)
   * Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
   * Fix doctor pq: syntax error at or near “.” quote user table name (#19765) (#19770)
   * Fix bug with assigneees (#19757)

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Thu Nov 10 21:12:54 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: distinfo
           pkgsrc/www/gitea/patches: patch-Makefile

   Log Message:
   gitea: use find(1) in a more portable way

   Verified on NetBSD, Linux (Debian 10.13), and macOS (all amd64).

   No changes to the package observed, so no revision bump.

Revision 1.81: download - view: text, markup, annotated - select for diffs
Wed Nov 9 23:26:15 2022 UTC (2 years, 1 month ago) by khorben
Branches: MAIN
Diff to: previous 1.80: preferred, colored
Changes since revision 1.80: +2 -6 lines
gitea: update to 1.16.9

Changes since 1.16.8:

SECURITY

* Add write check for creating Commit status (#20332) (#20334)
* Check for permission when fetching user controlled issues (#20133) (#20196)

BUGFIXES

* Hide notify mail setting ui if not enabled (#20138) (#20337)
* Add write check for creating Commit status (#20332) (#20334)
* Only show Followers that current user can access (#20220) (#20253)
* Release page show all tags in compare dropdown (#20070) (#20071)
* Fix permission check for delete tag (#19985) (#20001)
* Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
* Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
* Set Setpgid on child git processes (#19865) (#19881)
* Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
* Ensure responses are context.ResponseWriters (#19843) (#19859)
* Fix incorrect usage of Count function (#19850)
* Fix raw endpoint PDF file headers (#19825) (#19826)
* Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
* Don’t return 500 on NotificationUnreadCount (#19802)
* Prevent NPE when cache service is disabled (#19703) (#19783)
* Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
* Fix doctor pq: syntax error at or near “.” quote user table name (#19765) (#19770)
* Fix bug with assigneees (#19757)

Revision 1.80: download - view: text, markup, annotated - select for diffs
Wed Nov 2 19:39:50 2022 UTC (2 years, 1 month ago) by bsiegert
Branches: MAIN
Diff to: previous 1.79: preferred, colored
Changes since revision 1.79: +2 -2 lines
Revbump all Go packages after go119 security update

Revision 1.79: download - view: text, markup, annotated - select for diffs
Wed Oct 5 11:33:08 2022 UTC (2 years, 2 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.78: preferred, colored
Changes since revision 1.78: +2 -2 lines
Revbump all Go packages after go119 security update

Revision 1.78: download - view: text, markup, annotated - select for diffs
Mon Sep 26 18:40:15 2022 UTC (2 years, 2 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.77: preferred, colored
Changes since revision 1.77: +2 -2 lines
Revbump all Go packages after 1.19 became default

Revision 1.77: download - view: text, markup, annotated - select for diffs
Wed Sep 7 09:32:20 2022 UTC (2 years, 3 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2022Q3-base
Branch point for: pkgsrc-2022Q3
Diff to: previous 1.76: preferred, colored
Changes since revision 1.76: +2 -2 lines
Revbump all Go packages after go118 security update

Revision 1.76: download - view: text, markup, annotated - select for diffs
Fri Aug 12 20:38:04 2022 UTC (2 years, 3 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.75: preferred, colored
Changes since revision 1.75: +2 -2 lines
Revbump all Go packages after go118 security update

Revision 1.75: download - view: text, markup, annotated - select for diffs
Wed Jul 13 16:03:02 2022 UTC (2 years, 4 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.74: preferred, colored
Changes since revision 1.74: +2 -2 lines
Revbump all Go packages after go118 update

Revision 1.74: download - view: text, markup, annotated - select for diffs
Thu Jun 2 18:52:08 2022 UTC (2 years, 6 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Diff to: previous 1.73: preferred, colored
Changes since revision 1.73: +2 -1 lines
Revbump all Go packages after go118 update

Revision 1.68.2.2: download - view: text, markup, annotated - select for diffs
Mon May 30 18:59:42 2022 UTC (2 years, 6 months ago) by bsiegert
Branches: pkgsrc-2022Q1
Diff to: previous 1.68.2.1: preferred, colored; branchpoint 1.68: preferred, colored; next MAIN 1.69: preferred, colored
Changes since revision 1.68.2.1: +2 -3 lines
Pullup ticket #6638 - requested by khorben
www/gitea: security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.73
- www/gitea/distinfo                                            1.31
- www/gitea/go-modules.mk                                       1.2

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Wed May 18 18:38:34 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: Makefile distinfo go-modules.mk

   Log Message:
   gitea: update to 1.16.8

   This is a security update:

   * CVE-2022-30781
   * CVE-2022-27313
   * and more security issues fixed but without CVEs - see below

   XXX pull-up to pkgsrc-2022Q1

   Tested on NetBSD/amd64.

   Changes in 1.16.8:

   ENHANCEMENTS

   * Add doctor check/fix for bogus action rows (#19656) (#19669)
   * Make .cs highlighting legible on dark themes (#19604) (#19605)

   BUGFIXES

   * Fix oauth setting list bug (#19681)
   * Delete user related oauth stuff on user deletion too (#19677) (#19680)
   * Fix new release from tags list UI (#19670) (#19673)
   * Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
   * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
   * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
   * Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
   * Fix sending empty notifications (#19589) (#19590)
   * Ignore DNS error when doing migration allow/block check (#19566) (#19567)
   * Fix issue overview for teams (#19652) (#19653)

   Changes in 1.16.7:

   SECURITY

   * Escape git fetch remote (#19487) (#19490) CVE-2022-30781

   BUGFIXES

   * Don't overwrite err with nil (#19572) (#19574)
   * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
   * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
   * Don't error when branch's commit doesn't exist (#19547) (#19548)
   * Support hostname:port to pass host matcher's check (#19543) (#19544)
   * Prevent intermittent race in attribute reader close (#19537) (#19539)
   * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
   * Prevent dangling archiver goroutine (#19516) (#19526)
   * Fix migrate release from github (#19510) (#19523)
   * When view _Siderbar or _Footer, just display once (#19501) (#19522)
   * Fix blame page select range error and some typos (#19503)
   * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
   * User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
   * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
   * RepoAssignment ensure to close before overwrite (#19449) (#19460)
   * Set correct PR status on 3way on conflict checking (#19457) (#19458)
   * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

   Changes in 1.16.6:

   ENHANCEMENTS

   * Only request write when necessary (#18657) (#19422)
   * Disable service worker by default (#18914) (#19342)

   BUGFIXES

   * When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
   * Fix DELETE request for non-existent public key (#19443) (#19444)
   * Don't panic on ErrEmailInvalid (#19441) (#19442)
   * Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
   * Warn on SSH connection for incorrect configuration (#19317) (#19437)
   * Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
   * When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
   * Fix nil error when some pages are rendered outside request context (#19427) (#19428)
   * Fix double blob-hunk on diff page (#19404) (#19405)
   * Don't allow merging PR's which are being conflict checked (#19357) (#19358)
   * Fix middleware function's placements (#19377) (#19378)
   * Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
   * Restore user autoregistration with email addresses (#19261) (#19312)
   * Move checks for pulls before merge into own function (#19271) (#19277)
   * Granular webhook events in editHook (#19251) (#19257)
   * Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
   * Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
   * Touch mirrors on even on fail to update (#19217) (#19233)
   * Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
   * Fix clone url JS error for the empty repo page (#19209)
   * Bump goldmark to v1.4.11 (#19201) (#19203)

   TESTING

   * Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)

   BUILD

   * Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)

   MISC

   * Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
   * Check go and nodejs version by go.mod and package.json (#19197) (#19254)

   Changes in 1.16.5:

   BREAKING

   * Bump to build with go1.18 (#19120 et al) (#19127)

   SECURITY

   * Prevent redirect to Host (2) (#19175) (#19186)
   * Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
   * Clean paths when looking in Storage (#19124) (#19179)
   * Do not send notification emails to inactive users (#19131) (#19139)
   * Do not send activation email if manual confirm is set (#19119) (#19122)

   ENHANCEMENTS

   * Use the new/choose link for New Issue on project page (#19172) (#19176)

   BUGFIXES

   * Fix showing issues in your repositories (#18916) (#19191)
   * Fix compare link in active feeds for new branch (#19149) (#19185)
   * Redirect .wiki/* ui link to /wiki (#18831) (#19184)
   * Ensure deploy keys with write access can push (#19010) (#19182)
   * Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
   * Cleanup protected branches when deleting users & teams (#19158) (#19174)
   * Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
   * Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
   * Use custom favicon when viewing static files if it exists (#19130) (#19152)
   * Fix the editor height in review box (#19003) (#19147)
   * Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
   * Fix wrong scopes caused by empty scope input (#19029) (#19145)
   * Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
   * Handle email address not exist (#19089) (#19121)

   MISC

   * Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
   * Update golang.org/x/crypto (#19097) (#19098)

   Changes in 1.16.4:

   SECURITY

   * Restrict email address validation (#17688) (#19085)
   * Fix lfs bug (#19072) (#19080)

   ENHANCEMENTS

   * Improve SyncMirrors logging (#19045) (#19050)

   BUGFIXES

   * Refactor mirror code & fix StartToMirror (#18904) (#19075)
   * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
   * Prevent 500 when there is an error during new auth source post (#19041) (#19059)
   * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
   * Fix flag validation (#19046) (#19051)
   * Add pam account authorization check (#19040) (#19047)
   * Ignore missing comment for user notifications (#18954) (#19043)
   * Set rel="nofollow noindex" on new issue links (#19023) (#19042)
   * Upgrading binding package (#19034) (#19035)
   * Don't show context cancelled errors in attribute reader (#19006) (#19027)
   * Fix update hint bug (#18996) (#19002)

   MISC

   * Fix potential assignee query for repo (#18994) (#18999)

   Changes in 1.16.3:

   SECURITY

   * Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313

   ENHANCEMENTS

   * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)

   BUGFIXES

   * Set max text height to prevent overflow (#18862) (#18977)
   * Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
   * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
   * Send 404 on /{org}.gpg (#18959) (#18962)
   * Fix admin user list pagination (#18957) (#18960)
   * Fix lfs management setting (#18947) (#18946)
   * Fix login with email panic when email is not exist (#18942)
   * Update go-org to v1.6.1 (#18932) (#18933)
   * Fix <strong> html in translation (#18929) (#18931)
   * Fix page and missing return on unadopted repos API (#18848) (#18927)
   * Allow adminstrator teams members to see other teams (#18918) (#18919)
   * Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
   * Correctly link URLs to users/repos with dashes, dots or underscores (  (#18908)
   * Fix redirect when using lowercase repo name (#18775) (#18902)
   * Fix migration v210 (#18893) (#18892)
   * Fix team management UI (#18887) (18886)
   * BeforeSourcePath should point to base commit (#18880) (#18799)

   TRANSLATION

   * Backport locales from master (#18944)

   MISC

   * Don't update email for organisation (#18905) (#18906)

   Changes in 1.16.2:

   ENHANCEMENTS

   * Show fullname on issue edits and gpg/ssh signing info (#18828)
   * Immediately Hammer if second kill is sent (#18823) (#18826)
   * Allow mermaid render error to wrap (#18791)

   BUGFIXES

   * Fix ldap user sync missed email in email_address table (#18786) (#18876)
   * Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
   * Don't report signal: killed errors in serviceRPC (#18850) (#18865)
   * Fix bug where certain LDAP settings were reverted (#18859)
   * Update go-org to 1.6.0 (#18824) (#18839)
   * Fix login with email for ldap users (#18800) (#18836)
   * Fix bug for get user by email (#18834)
   * Fix panic in EscapeReader (#18820) (#18821)
   * Fix ldap loginname (#18789) (#18804)
   * Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
   * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
   * Fix template bug of LFS lock (#18784) (#18787)
   * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
   * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
   * Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
   * Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
   * Prevent dangling GetAttribute calls (#18754) (#18755)
   * Fix isempty detection of git repository (#18746) (#18750)
   * Fix source code line highlighting on external tracker (#18729) (#18740)
   * Prevent double encoding of branch names in delete branch (#18714) (#18738)
   * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
   * Fix forked repositories missed tags (#18719) (#18735)
   * Fix release typo (#18728) (#18731)
   * Separate the details links of commit-statuses in headers (#18661) (#18730)
   * Update object repo with the migrated repository (#18684) (#18726)
   * Fix bug for version update hint (#18701) (#18705)
   * Fix issue with docker-rootless shimming script (#18690) (#18699)
   * Let MinUnitAccessMode return correct perm (#18675) (#18689)
   * Prevent security failure due to bad APP_ID (#18678) (#18682)
   * Restart zero worker if there is still work to do (#18658) (#18672)
   * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

   TESTING

   * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)

   BUILD

   * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)

   MISC

   * Put buttons back in org dashboard (#18817) (#18825)
   * Various Mermaid improvements (#18776) (#18780)
   * C preprocessor colors improvement (#18671) (#18696)
   * Fix the missing i18n key for update checker (#18646) (#18665)

Revision 1.73: download - view: text, markup, annotated - select for diffs
Wed May 18 18:38:33 2022 UTC (2 years, 6 months ago) by khorben
Branches: MAIN
Diff to: previous 1.72: preferred, colored
Changes since revision 1.72: +2 -3 lines
gitea: update to 1.16.8

This is a security update:

* CVE-2022-30781
* CVE-2022-27313
* and more security issues fixed but without CVEs - see below

XXX pull-up to pkgsrc-2022Q1

Tested on NetBSD/amd64.

Changes in 1.16.8:

ENHANCEMENTS

* Add doctor check/fix for bogus action rows (#19656) (#19669)
* Make .cs highlighting legible on dark themes (#19604) (#19605)

BUGFIXES

* Fix oauth setting list bug (#19681)
* Delete user related oauth stuff on user deletion too (#19677) (#19680)
* Fix new release from tags list UI (#19670) (#19673)
* Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
* GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
* Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
* Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
* Fix sending empty notifications (#19589) (#19590)
* Ignore DNS error when doing migration allow/block check (#19566) (#19567)
* Fix issue overview for teams (#19652) (#19653)

Changes in 1.16.7:

SECURITY

* Escape git fetch remote (#19487) (#19490) CVE-2022-30781

BUGFIXES

* Don't overwrite err with nil (#19572) (#19574)
* On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
* Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
* Don't error when branch's commit doesn't exist (#19547) (#19548)
* Support hostname:port to pass host matcher's check (#19543) (#19544)
* Prevent intermittent race in attribute reader close (#19537) (#19539)
* Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
* Prevent dangling archiver goroutine (#19516) (#19526)
* Fix migrate release from github (#19510) (#19523)
* When view _Siderbar or _Footer, just display once (#19501) (#19522)
* Fix blame page select range error and some typos (#19503)
* Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
* User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
* Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
* RepoAssignment ensure to close before overwrite (#19449) (#19460)
* Set correct PR status on 3way on conflict checking (#19457) (#19458)
* Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

Changes in 1.16.6:

ENHANCEMENTS

* Only request write when necessary (#18657) (#19422)
* Disable service worker by default (#18914) (#19342)

BUGFIXES

* When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
* Fix DELETE request for non-existent public key (#19443) (#19444)
* Don't panic on ErrEmailInvalid (#19441) (#19442)
* Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
* Warn on SSH connection for incorrect configuration (#19317) (#19437)
* Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
* When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
* Fix nil error when some pages are rendered outside request context (#19427) (#19428)
* Fix double blob-hunk on diff page (#19404) (#19405)
* Don't allow merging PR's which are being conflict checked (#19357) (#19358)
* Fix middleware function's placements (#19377) (#19378)
* Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
* Restore user autoregistration with email addresses (#19261) (#19312)
* Move checks for pulls before merge into own function (#19271) (#19277)
* Granular webhook events in editHook (#19251) (#19257)
* Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
* Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
* Touch mirrors on even on fail to update (#19217) (#19233)
* Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
* Fix clone url JS error for the empty repo page (#19209)
* Bump goldmark to v1.4.11 (#19201) (#19203)

TESTING

* Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)

BUILD

* Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)

MISC

* Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
* Check go and nodejs version by go.mod and package.json (#19197) (#19254)

Changes in 1.16.5:

BREAKING

* Bump to build with go1.18 (#19120 et al) (#19127)

SECURITY

* Prevent redirect to Host (2) (#19175) (#19186)
* Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
* Clean paths when looking in Storage (#19124) (#19179)
* Do not send notification emails to inactive users (#19131) (#19139)
* Do not send activation email if manual confirm is set (#19119) (#19122)

ENHANCEMENTS

* Use the new/choose link for New Issue on project page (#19172) (#19176)

BUGFIXES

* Fix showing issues in your repositories (#18916) (#19191)
* Fix compare link in active feeds for new branch (#19149) (#19185)
* Redirect .wiki/* ui link to /wiki (#18831) (#19184)
* Ensure deploy keys with write access can push (#19010) (#19182)
* Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
* Cleanup protected branches when deleting users & teams (#19158) (#19174)
* Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
* Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
* Use custom favicon when viewing static files if it exists (#19130) (#19152)
* Fix the editor height in review box (#19003) (#19147)
* Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
* Fix wrong scopes caused by empty scope input (#19029) (#19145)
* Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
* Handle email address not exist (#19089) (#19121)

MISC

* Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
* Update golang.org/x/crypto (#19097) (#19098)

Changes in 1.16.4:

SECURITY

* Restrict email address validation (#17688) (#19085)
* Fix lfs bug (#19072) (#19080)

ENHANCEMENTS

* Improve SyncMirrors logging (#19045) (#19050)

BUGFIXES

* Refactor mirror code & fix StartToMirror (#18904) (#19075)
* Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
* Prevent 500 when there is an error during new auth source post (#19041) (#19059)
* If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
* Fix flag validation (#19046) (#19051)
* Add pam account authorization check (#19040) (#19047)
* Ignore missing comment for user notifications (#18954) (#19043)
* Set rel="nofollow noindex" on new issue links (#19023) (#19042)
* Upgrading binding package (#19034) (#19035)
* Don't show context cancelled errors in attribute reader (#19006) (#19027)
* Fix update hint bug (#18996) (#19002)

MISC

* Fix potential assignee query for repo (#18994) (#18999)

Changes in 1.16.3:

SECURITY

* Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313

ENHANCEMENTS

* Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)

BUGFIXES

* Set max text height to prevent overflow (#18862) (#18977)
* Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
* Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
* Send 404 on /{org}.gpg (#18959) (#18962)
* Fix admin user list pagination (#18957) (#18960)
* Fix lfs management setting (#18947) (#18946)
* Fix login with email panic when email is not exist (#18942)
* Update go-org to v1.6.1 (#18932) (#18933)
* Fix <strong> html in translation (#18929) (#18931)
* Fix page and missing return on unadopted repos API (#18848) (#18927)
* Allow adminstrator teams members to see other teams (#18918) (#18919)
* Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
* Correctly link URLs to users/repos with dashes, dots or underscores (
 (#18908)
* Fix redirect when using lowercase repo name (#18775) (#18902)
* Fix migration v210 (#18893) (#18892)
* Fix team management UI (#18887) (18886)
* BeforeSourcePath should point to base commit (#18880) (#18799)

TRANSLATION

* Backport locales from master (#18944)

MISC

* Don't update email for organisation (#18905) (#18906)

Changes in 1.16.2:

ENHANCEMENTS

* Show fullname on issue edits and gpg/ssh signing info (#18828)
* Immediately Hammer if second kill is sent (#18823) (#18826)
* Allow mermaid render error to wrap (#18791)

BUGFIXES

* Fix ldap user sync missed email in email_address table (#18786) (#18876)
* Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
* Don't report signal: killed errors in serviceRPC (#18850) (#18865)
* Fix bug where certain LDAP settings were reverted (#18859)
* Update go-org to 1.6.0 (#18824) (#18839)
* Fix login with email for ldap users (#18800) (#18836)
* Fix bug for get user by email (#18834)
* Fix panic in EscapeReader (#18820) (#18821)
* Fix ldap loginname (#18789) (#18804)
* Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
* In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
* Fix template bug of LFS lock (#18784) (#18787)
* Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
* Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
* Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
* Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
* Prevent dangling GetAttribute calls (#18754) (#18755)
* Fix isempty detection of git repository (#18746) (#18750)
* Fix source code line highlighting on external tracker (#18729) (#18740)
* Prevent double encoding of branch names in delete branch (#18714) (#18738)
* Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
* Fix forked repositories missed tags (#18719) (#18735)
* Fix release typo (#18728) (#18731)
* Separate the details links of commit-statuses in headers (#18661) (#18730)
* Update object repo with the migrated repository (#18684) (#18726)
* Fix bug for version update hint (#18701) (#18705)
* Fix issue with docker-rootless shimming script (#18690) (#18699)
* Let MinUnitAccessMode return correct perm (#18675) (#18689)
* Prevent security failure due to bad APP_ID (#18678) (#18682)
* Restart zero worker if there is still work to do (#18658) (#18672)
* If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

TESTING

* Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)

BUILD

* Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)

MISC

* Put buttons back in org dashboard (#18817) (#18825)
* Various Mermaid improvements (#18776) (#18780)
* C preprocessor colors improvement (#18671) (#18696)
* Fix the missing i18n key for update checker (#18646) (#18665)

Revision 1.72: download - view: text, markup, annotated - select for diffs
Wed May 11 19:26:22 2022 UTC (2 years, 7 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.71: preferred, colored
Changes since revision 1.71: +2 -2 lines
Revbump all Go packages after go118 update

Revision 1.71: download - view: text, markup, annotated - select for diffs
Mon Apr 18 19:12:17 2022 UTC (2 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.70: preferred, colored
Changes since revision 1.70: +2 -2 lines
revbump for textproc/icu update

Revision 1.70: download - view: text, markup, annotated - select for diffs
Wed Apr 13 07:50:55 2022 UTC (2 years, 7 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.68.2.1: download - view: text, markup, annotated - select for diffs
Sat Apr 2 09:12:22 2022 UTC (2 years, 8 months ago) by bsiegert
Branches: pkgsrc-2022Q1
Diff to: previous 1.68: preferred, colored
Changes since revision 1.68: +7 -5 lines
Pullup ticket #6609 - requested by tnn
www/gitea: build fix

Revisions pulled up:
- www/gitea/Makefile                                            1.69
- www/gitea/distinfo                                            1.30
- www/gitea/go-modules.mk                                       1.1

---
   Module Name:	pkgsrc
   Committed By:	tnn
   Date:		Mon Mar 28 15:59:22 UTC 2022

   Modified Files:
   	pkgsrc/www/gitea: Makefile distinfo
   Added Files:
   	pkgsrc/www/gitea: go-modules.mk

   Log Message:
   gitea: don't download distfiles during build phase (convert to go-module.mk)

Revision 1.69: download - view: text, markup, annotated - select for diffs
Mon Mar 28 15:59:22 2022 UTC (2 years, 8 months ago) by tnn
Branches: MAIN
Diff to: previous 1.68: preferred, colored
Changes since revision 1.68: +7 -5 lines
gitea: don't download distfiles during build phase (convert to go-module.mk)

Revision 1.68: download - view: text, markup, annotated - select for diffs
Wed Mar 23 23:41:14 2022 UTC (2 years, 8 months ago) by khorben
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base
Branch point for: pkgsrc-2022Q1
Diff to: previous 1.67: preferred, colored
Changes since revision 1.67: +2 -2 lines
gitea: minor fix to the RC script

This sets the working directory to / before issuing commands to Gitea.
Fix from the pgsql script; it addresses the following issue when
managing Gitea:

  # /etc/rc.d/gitea restart
  Stopping gitea.
  sh: Cannot determine current working directory
  Starting gitea.
  sh: Cannot determine current working directory

(and then Gitea not starting again)

Bumps PKGREVISION.

During freeze, but leaf package AFAICT.

Tested on NetBSD/amd64.

Revision 1.67: download - view: text, markup, annotated - select for diffs
Mon Mar 7 09:14:13 2022 UTC (2 years, 9 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.66: preferred, colored
Changes since revision 1.66: +2 -1 lines
Revbump all Go packages after go117 update

Revision 1.66: download - view: text, markup, annotated - select for diffs
Wed Feb 16 16:06:21 2022 UTC (2 years, 9 months ago) by tm
Branches: MAIN
Diff to: previous 1.65: preferred, colored
Changes since revision 1.65: +4 -5 lines
gitea: updated to 1.16.1

Changing the the maintainership and providing latest version including frontend.

Changes since 1.13.4:

* SECURITY
  * Update JS dependencies, fix lint (#18389) (#18540)
* ENHANCEMENTS
  * Add dropdown icon to label set template dropdown (#18564) (#18571)
* BUGFIXES
  * comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
  * Stop logging an error when notes are not found (#18626) (#18635)
  * Ensure that blob-excerpt links work for wiki (#18587) (#18624)
  * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
  * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
  * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
  * Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
  * Collaborator trust model should trust collaborators (#18539) (#18557)
  * Detect conflicts with 3way merge (#18536) (#18537)
  * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
  * Add `GetUserTeams` (#18499) (#18531)
  * Fix review excerpt (#18502) (#18530)
  * Fix for AvatarURL database type (#18487) (#18529)
  * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505)
  * Fix OAuth Source Edit Page (#18495) (#18503)
  * Use "read" value for General Access (#18496) (#18500)
  * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
* BUILD
  * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
* DOCS
  * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)

* BREAKING
  * Remove golang vendored directory (#18277)
  * Paginate releases page & set default page size to 10 (#16857)
  * Use shadowing script for docker (#17846)
  * Only allow webhook to send requests to allowed hosts (#17482)
* SECURITY
  * Disable content sniffing on `PlainTextBytes` (#18359) (#18365)
  * Only view milestones from current repo (#18414) (#18417)
  * Sanitize user-input on file name (#17666)
  * Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks (#17605)
* FEATURES
  * Add/update SMTP auth providers via cli (#18197)
  * Support webauthn (#17957)
  * Team permission allow different unit has different permission (#17811)
  * Implement Well-Known URL for password change (#17777)
  * Add support for ssh commit signing (#17743)
  * Allow Loading of Diffs that are too large (#17739)
  * Add copy button to markdown code blocks (#17638)
  * Add .gitattribute assisted language detection to blame, diff and render (#17590)
  * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568)
  * Add Reindex buttons to repository settings page (#17494)
  * Make SSL cipher suite configurable (#17440)
  * Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
  * Add simple update checker to Gitea (#17212)
  * Migrated Repository will show modifications when possible (#17191)
  * Create pub/priv keypair for federation (#17071)
  * Make LDAP be able to skip local 2FA (#16954)
  * Add nodeinfo endpoint for federation purposes (#16953)
  * Save and view issue/comment content history (#16909)
  * Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
  * Add migrate from Codebase (#16768)
  * Add migration from GitBucket (#16767)
  * Add OAuth2 introspection endpoint (#16752)
  * Add proxy settings and support for migration and webhook (#16704)
  * Add microsoft oauth2 providers (#16544)
  * Send registration email on user autoregistration (#16523)
  * Defer Last Commit Info (#16467)
  * Support unprotected file patterns (#16395)
  * Add migrate from OneDev (#16356)
  * Add option to update pull request by `rebase` (#16125)
  * Add RSS/Atom feed support for user actions (#16002)
  * Add support for corporate WeChat webhooks (#15910)
  * Add a simple way to rename branch like gh (#15870)
  * Add bundle download for repository (#14538)
  * Add agit flow support in gitea (#14295)
* API
  * Add MirrorUpdated field to Repository API type (#18267)
  * Adjust Fork API to allow setting a custom repository name (#18066)
  * Add API to manage repo tranfers (#17963)
  * Add API to get file commit history (#17652)
  * Add API to get issue/pull comments and events (timeline) (#17403)
  * Add API to get/edit wiki (#17278)
  * Add API for get user org permissions (#17232)
  * Add HTML urls to notification API (#17178)
  * Add API to get commit diff/patch (#17095)
  * Respond with updated notifications in API (#17064)
  * Add API to fetch git notes (#16649)
  * Generalize list header for API (#16551)
  * Add API Token Cache (#16547)
  * Allow Token API calls be authorized using the reverse-proxy header (#15119)
* ENHANCEMENTS
  * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
  * Return nicer error if trying to pull from non-existent user (#18288)
  * Show pull link for agit pull request also (#18235)
  * Enable partial clone by default (#18195)
  * Added replay of webhooks (#18191)
  * Show OAuth callback error message (#18185)
  * Increase Salt randomness (#18179)
  * Add MP4 as default allowed attachment type (#18170)
  * Include folders into size cost (#18158)
  * Remove `/email2user` endpoint (#18127)
  * Handle invalid issues (#18111)
  * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
  * Support open compare page directly (#17975)
  * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
  * Clean legacy SimpleMDE code (#17926)
  * Refactor install page (db type) (#17919)
  * Improve interface when comparing a branch which has created a pull request (#17911)
  * Allow default branch to be inferred on compare page (#17908)
  * Display issue/comment role even if repo archived (#17907)
  * Always set a message-id on mails (#17900)
  * Change `<a>` elements to underline on hover (#17898)
  * Render issue references in file table (#17897)
  * Handle relative unix socket paths (#17836)
  * Move accessmode into models/perm (#17828)
  * Fix some org style problems (#17807)
  * Add List-Unsubscribe header (#17804)
  * Create menus for organization pages (#17802)
  * Switch archive URL code back to href attributes (#17796)
  * Refactor "refs/*" string usage by using constants (#17784)
  * Allow forks to org if you can create repos (#17783)
  * Improve install code to avoid low-level mistakes. (#17779)
  * Improve ellipsis buttons (#17773)
  * Add restrict and no-user-rc to authorized_keys (#17772)
  * Add copy Commit ID button in commits list (#17759)
  * Make `bind` error more readable (#17750)
  * Fix navbar on project view (#17749)
  * More pleasantly handle broken or missing git repositories (#17747)
  * Use `*PushUpdateOptions` as receiver (#17724)
  * Remove unused `user` paramater (#17723)
  * Better builtin avatar generator (#17707)
  * Cleanup and use global style on popups (#17674)
  * Move user/org deletion to services (#17673)
  * Added comment for changing issue ref (#17672)
  * Allow admins to change user avatars (#17661)
  * Only set `data-path` once for each file in diff pages (#17657)
  * Add icon to vscode clone link (#17641)
  * Add download button for file viewer (#17640)
  * Add pagination to fork list (#17639)
  * Use a standalone struct name for Organization (#17632)
  * Minor readability patch. (#17627)
  * Add context support for GetUserByID (#17602)
  * Move merge-section to `> .content` (#17582)
  * Remove NewSession method from db.Engine interface (#17577)
  * Move unit into models/unit/ (#17576)
  * Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
  * Refactor commentTags functionality (#17558)
  * Make Repo Code Indexer an Unique Queue (#17515)
  * Simplify Gothic to use our session store instead of creating a different store (#17507)
  * Add settings to allow different SMTP envelope from address (#17479)
  * Properly determine CSV delimiter (#17459)
  * Hide label comments if labels were added and removed immediately (#17455)
  * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
  * Add appearance section in settings (#17433)
  * Move key forms before list and add cancel button (#17432)
  * When copying executables to the docker chmod them (#17423)
  * Remove deprecated `extendDefaultPlugins` method of svgo (#17399)
  * Fix the click behavior for <tr> and <td> with [data-href] (#17388)
  * Refactor update checker to use AppState (#17387)
  * Improve async/await usage, and sort init calls in `index.js` (#17386)
  * Use a variable but a function for IsProd because of a slight performance increment (#17368)
  * Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
  * Hide command line merge instructions when user can't push (#17339)
  * Move session to models/login (#17338)
  * Sync gitea app path for git hooks and authorized keys when starting (#17335)
  * Make the Mirror Queue a queue (#17326)
  * Add "Copy branch name" button to pull request page (#17323)
  * Fix repository summary on mobile (#17322)
  * Split `index.js` to separate files (#17315)
  * Show direct match on top for user search (#17303)
  * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301)
  * Upgrade chi to v5 (#17298)
  * Disable form autofill (#17291)
  * Improve behavior of "Fork" button (#17288)
  * Open markdown image links in new window (#17287)
  * Add hints for special Wiki pages (#17283)
  * Move add deploy key form before the list and add a cancel button (#17228)
  * Allow adding multiple issues to a project  (#17226)
  * Add metrics to get issues by repository (#17225)
  * Add specific event type to header (#17222)
  * Redirect on project after issue created (#17211)
  * Reference in new issue modal: dont pre-populate issue title (#17208)
  * Always set a unique Message-ID header (#17206)
  * Add projects and project boards in exposed metrics (#17202)
  * Add metrics to get issues by label (#17201)
  * Add protection to disable Gitea when run as root (#17168)
  * Don't return binary file changes in raw PR diffs by default (#17158)
  * Support sorting for project board issuses (#17152)
  * Force color-adjust for markdown checkboxes (#17146)
  * Add option to copy line permalink (#17145)
  * Move twofactor to models/login (#17143)
  * Multiple tokens support for migrating from github (#17134)
  * Unify issue and PR subtitles (#17133)
  * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
  * Fix problem when database id is not increment as expected (#17124)
  * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123)
  * Re-allow clipboard copy on non-https sites (#17118)
  * DBContext is just a Context (#17100)
  * Move login related structs and functions to models/login (#17093)
  * Add SkipLocal2FA option to pam and smtp sources (#17078)
  * Move db related basic functions to models/db (#17075)
  * Fixes username tagging in "Reference in new issue" (#17074)
  * Use light/dark theme based on system preference (#17051)
  * Always emit the configuration path (#17036)
  * Add `AbsoluteListOptions` (#17028)
  * Use common sessioner for API and Web (#17027)
  * Fix overflow label in small view (#17020)
  * Report the associated filter if there is an error in LDAP (#17014)
  * Add "new issue" btn on project (#17001)
  * Add doctor dbconsistency check for release and attachment (#16978)
  * Disable Fomantic's CSS tooltips (#16974)
  * Add Cache-Control to avatar redirects (#16973)
  * Make mirror feature more configurable (#16957)
  * Add skip and limit to git.GetTags (#16897)
  * Remove ParseQueueConnStr as it is unused (#16878)
  * Remove unused Fomantic sidebar module (#16853)
  * Allow LDAP Sources to provide Avatars (#16851)
  * Remove Dashboard/Home button from the navbar (#16844)
  * Use conditions but not repo ids as query condition (#16839)
  * Add user settings key/value DB table (#16834)
  * Add buttons to allow loading of incomplete diffs (#16829)
  * Add information for migrate failure (#16803)
  * Add EdDSA JWT signing algorithm (#16786)
  * Add user status filter to admin user management page (#16770)
  * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
  * Do not use thin scrollbars on Firefox (#16738)
  * Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731)
  * Compute proper foreground color for labels (#16729)
  * Add edit button to wiki sidebar and footer (#16719)
  * Fix migration svg color (#16715)
  * Add link to vscode to repo header (#16664)
  * Add filter by owner and team to issue/pulls search endpoint (#16662)
  * Kanban colored boards (#16647)
  * Allow setting X-FRAME-OPTIONS (#16643)
  * Separate open and closed issue in metrics (#16637)
  * Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635)
  * Add setting to OAuth handlers to skip local 2FA authentication (#16594)
  * Make PR merge options more intuitive (#16582)
  * Show correct text when comparing commits on empty pull request (#16569)
  * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556)
  * Add an abstract json layout to make it's easier to change json library (#16528)
  * Make Mermaid.js limit configurable (#16519)
  * Improve 2FA autofill (#16473)
  * Add modals to Organization and Team remove/leave (#16471)
  * Show tag name on dashboard items list (#16466)
  * Change default cron schedules from @every 24h to @midnight (#16431)
  * Prevent double sanitize (#16386)
  * Replace `list.List` with slices (#16311)
  * Add configuration option to restrict users by default (#16256)
  * Move login out of models (#16199)
  * Support pagination of organizations on user settings pages (#16083)
  * Switch migration icon to svg (#15954)
  * Add left padding for chunk header of split diff view (#13397)
  * Allow U2F 2FA without TOTP (#11573)
* BUGFIXES
  * GitLab reviews may not have the updated_at field set (#18450) (#18461)
  * Fix detection of no commits when the default branch is not master (#18422) (#18423)
  * Fix broken oauth2 authentication source edit page (#18412) (#18419)
  * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404)
  * Fix restore without topic failure (#18387) (#18400)
  * Fix commit's time (#18375) (#18392)
  * Fix partial cloning a repo (#18373) (#18377)
  * Stop trimming preceding and suffixing spaces from editor filenames (#18334)
  * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18386)
  * Fix mime-type detection for HTTP server (#18370) (#18371)
  * Stop trimming preceding and suffixing spaces from editor filenames (#18334)
  * Restore propagation of ErrDependenciesLeft (#18325)
  * Fix PR comments UI (#18323)
  * Use indirect comparison when showing pull requests (#18313)
  * Replace satori/go.uuid with gofrs/uuid (#18311)
  * Fix commit links on compare page (#18310)
  * Don't show double error response in git hook (#18292)
  * Handle missing default branch better in owner/repo/branches page (#18290)
  * Fix CheckRepoStats and reuse it during migration (#18264)
  * Prevent underline hover on cards (#18259)
  * Don't delete branch if other PRs with this branch are open (#18164)
  * Require codereview to have content (#18156)
  * Allow admin to associate missing LFS objects for repositories (#18143)
  * When attempting to subscribe other user to issue report why access denied (#18091)
  * Add option to convert CRLF to LF line endings for sendmail (#18075)
  * Only create pprof files for gitea serv if explicitly asked for (#18068)
  * Abort merge if head has been updated before pressing merge (#18032)
  * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
  * Use JSON module instead of stdlib json (#18003)
  * Fixed issue merged/closed wording (#17973)
  * Return nicer error for ForcePrivate (#17971)
  * Fix overflow in commit graph (#17947)
  * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941)
  * Use disable_form_autofill on Codebase and Gitbucket (#17936)
  * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)
  * Fix markdown URL parsing (#17924)
  * Apply CSS Variables to all message elements (#17920)
  * Improve checkBranchName (#17901)
  * Update chi/middleware to chi/v5/middleware (#17888)
  * Fix position of label color picker colors (#17866)
  * Fix ListUnadoptedRepositories incorrect total count (#17865)
  * Remove whitespace inside rendered code `<td>` (#17859)
  * Make Co-committed-by and co-authored-by trailers optional (#17848)
  * Fix value of User.IsRestricted when oauth2 user registration (#17839)
  * Use new OneDev /milestones endpoint (#17782)
  * Prevent deadlock in TestPersistableChannelQueue (#17717)
  * Simplify code for writing SHA to name-rev (#17696)
  * Fix database deadlock when update issue labels (#17649)
  * Add warning for BIDI characters in page renders and in diffs (#17562)
  * Fix ipv6 parsing for builtin ssh server (#17561)
  * Multiple Escaping Improvements (#17551)
  * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)
  * Show client-side error if wiki page is empty (#17415)
  * Fix context popup error (#17398)
  * Stop sanitizing full name in API (#17396)
  * Fix issue close/comment buttons on mobile (#17317)
  * Fix navbar UI (#17235)
  * Fix problem when database id is not increment as expected (#17229)
  * Open the DingTalk link in browser (#17084)
  * Remove heads pointing to missing old refs (#17076)
  * Fix commit status index problem (#17061)
  * Handle broken references in mirror sync (#17013)
  * Fix for create repo page layout (#17012)
  * Improve LDAP synchronization efficiency (#16994)
  * Add repo_id for attachment (#16958)
  * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705)
  * Remove duplicate csv import in modules/csv/csv.go (#16631)
  * Improve SMTP authentication and Fix user creation bugs  (#16612)
  * Fixed emoji alias not parsed in links (#16221)
  * Calculate label URL on API  (#16186)
* TRANSLATION
  * Fix mispelling of starred as stared (#17465)
  * Re-separate the color translation strings (#17390)
  * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)
* BUILD
  * Add lockfile-check (#18285)
  * Don't store assets modified time into generated files (#18193)
* MISC
  * Update JS dependencies (#17611)

* SECURITY
  * Only view milestones from current repo (#18414) (#18418)
* BUGFIXES
  * Fix broken when no commits and default branch is not master (#18422) (#18424)
  * Fix commit's time (#18375) (#18409)
  * Fix restore without topic failure (#18387) (#18401)
  * Fix mermaid import in 1.15 (it uses ESModule now) (#18382)
  * Update to go/text 0.3.7 (#18336)
* MISC
  * Upgrade EasyMDE to 2.16.1 (#18278) (#18279)

* BUGFIXES
  * Fix inconsistent PR comment counts (#18260) (#18261)
  * Fix release link broken (#18252) (#18253)
  * Fix update user from site administration page bug (#18250) (#18251)
  * Set HeadCommit when creating tags (#18116) (#18173)
  * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
  * Fix purple color in suggested label colors (#18241) (#18242)
* SECURITY
  * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

* BUGFIXES
  * Fix wrong redirect on org labels (#18128) (#18134)
  * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
  * Revert "Fix delete u2f keys bug (#18042)" (#18107)
  * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
  * Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
  * Reset locale on login (#17734) (#18100)
  * Correctly handle failed migrations (#17575) (#18099)
  * Instead of using routerCtx just escape the url before routing (#18086) (#18098)
  * Quote references to the user table in consistency checks (#18072) (#18073)
  * Add NotFound handler (#18062) (#18067)
  * Ensure that git repository is closed before transfer (#18049) (#18057)
  * Use common sessioner for API and web routes (#18114)
* TRANSLATION
  * Fix code search result hint on zh-CN (#18053)

* BUGFIXES
  * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
  * Fix delete u2f keys bug (#18040) (#18042)
  * Reset Session ID on login (#18018) (#18041)
  * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
  * Stop printing 03d after escaped characters in logs (#18030) (#18034)
  * Reset locale on login (#18023) (#18025)
  * Fix reset password email template (#17025) (#18022)
  * Fix outType on gitea dump (#18000) (#18016)
  * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
  * Fix rename notification bug (#18011)
  * Prevent double decoding of % in url params  (#17997) (#18001)
  * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
  * Prevent deadlock in create issue (#17970) (#17982)
* TESTING
  * Use non-expiring key. (#17984) (#17985)

* ENHANCEMENTS
  * Only allow webhook to send requests to allowed hosts (#17482) (#17510)
  * Fix login redirection links (#17451) (#17473)
* BUGFIXES
  * Fix database inconsistent when admin change user email (#17549) (#17840)
  * Use correct user on releases (#17806) (#17818)
  * Fix commit count in tag view (#17698) (#17790)
  * Fix close issue but time watcher still running (#17643) (#17761)
  * Fix Migrate Description (#17692) (#17727)
  * Fix bug when project board get open issue number (#17703) (#17726)
  * Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
  * Fix bug when read mysql database max lifetime (#17682) (#17690)
  * Fix database deadlock when update issue labels (#17649) (#17665)
  * Fix bug on detect issue/comment writer (#17592)
  * Remove appSubUrl from pasted images (#17572) (#17588)
  * Make `ParsePatch` more robust (#17573) (#17580)
  * Fix stats upon searching issues (#17566) (#17578)
  * Escape issue titles in comments list (#17555) (#17556)
  * Fix zero created time bug on commit api (#17546) (#17547)
  * Fix database keyword quote problem on migration v161 (#17522) (#17523)
  * Fix email with + when active (#17518) (#17520)
  * Stop double encoding blame commit messages (#17498) (#17500)
  * Quote the table name in CountOrphanedObjects (#17487) (#17488)
  * Run Migrate in Install rather than just SyncTables (#17475) (#17486)
* BUILD
  * Fix golangci-lint warnings (#17598 et al) (#17668)
* MISC
  * Preserve color when inverting emojis (#17797) (#17799)

* BUGFIXES
  * Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
  * Fix CSV render error (#17406) (#17431)
  * Read expected buffer size (#17409) (#17430)
  * Ensure that restricted users can access repos for which they are members (#17460) (#17464)
  * Make commit-statuses popup show correctly (#17447) (#17466)
* TESTING
  * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463)

* SECURITY
  * Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
  * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
* BUGFIXES
  * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
  * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
  * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
  * Ensure popup text is aligned left (backport for 1.15) (#17343)
  * Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
  * Disable core.protectNTFS (#17300) (#17302)
  * Use pointer for wrappedConn methods (#17295) (#17296)
  * AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
  * Handle duplicate keys on GPG key ring (#17242) (#17284)
  * Fix SVG side by side comparison link (#17375) (#17391)

* BUGFIXES
  * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
  * Don't allow merged PRs to be reopened (#17192) (#17271)
  * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
  * Fix unwanted team review request deletion (#17257) (#17264)
  * Fix broken Activities link in team dashboard (#17255) (#17258)
  * API pull's head/base have correct permission(#17214) (#17245)
  * Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227)
  * Upgrade xorm to v1.2.5 (#17177) (#17188)
  * Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
  * Fix bug of get context user (#17169) (#17172)
  * Nicely handle missing user in collaborations (#17049) (#17166)
  * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
  * Fix wrong i18n keys (#17150) (#17153)
  * Fix Archive Creation: correct transaction ending (#17151)
  * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
  * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
* ENHANCEMENT
  * Check user instead of organization when creating a repo from a template via API (#16346) (#17195)
* TRANSLATION
  * v1.15 fix Sprintf format 'verbs' in locale files (#17187)

* ENHANCEMENTS
  * Add fluid to ui container class to remove margin (#16396) (#16976)
  * Add caller to cat-file batch calls (#17082) (#17089)
* BUGFIXES
  * Render full plain readme. (#17083) (#17090)
  * Upgrade xorm to v1.2.4 (#17059)
  * Fix bug of migrate comments which only fetch one page (#17055) (#17058)
  * Do not show issue context popup on external issues (#17050) (#17054)
  * Decrement Fork Num when converting from Fork (#17035) (#17046)
  * Correctly rollback in ForkRepository (#17034) (#17045)
  * Fix missing close in WalkGitLog (#17008) (#17009)
  * Add prefix to SVG id/class attributes (#16997) (#17000)
  * Fix bug of migrated repository not index (#16991) (#16996)
  * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990)
  * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977)
  * Fix issue with issue default mail template (#16956) (#16975)
  * Ensure that rebase conflicts are handled in updates (#16952) (#16960)
  * Prevent panic on diff generation (#16950) (#16951)

* BUGFIXES
  * Add unique constraint back into issue_index (#16938)
  * Close storage objects before cleaning (#16934) (#16942)

* BUGFIXES
  * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923)
  * Prevent leave changes dialogs due to autofill fields (#16912) (#16920)
  * Ignore review comment when ref commit is missed (#16905) (#16919)
  * Fix wrong attachment removal (#16915) (#16917)
  * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)
  * Correctly return the number of Repositories for Organizations (#16807) (#16911)
  * Test if LFS object is accessible (#16865) (#16904)
  * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900)
  * Fix dump and restore respository (#16698) (#16898)
  * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895)
  * Fix wiki raw commit diff/patch view (#16891) (#16892)
  * Ensure wiki repos are all closed (#16886) (#16888)
  * List limited and private orgs if authenticated on API (#16866) (#16879)
  * Simplify split diff view generation and remove JS dependency (#16775) (#16863)
  * Ensure that the default visibility is set on the user create page (#16845) (#16862)
  * In Render tolerate not being passed a context (#16842) (#16858)
  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)
  * Report the correct number of pushes on the feeds (#16811) (#16822)
  * Add primary_key to issue_index (#16813) (#16820)
  * Prevent NPE on empty commit (#16812) (#16819)
  * Fix branch pagination error (#16805) (#16816)
  * Add missing return to handleSettingRemoteAddrError (#16794) (#16795)
  * Remove spurious / from issues.opened_by (#16793)
  * Ensure that template compilation panics are sent to the logs (#16788) (#16792)
  * Update caddyserver/certmagic (#16789) (#16790)

* BREAKING
  * Make app.ini permissions more restrictive (#16266)
  * Refactor Webhook + Add X-Hub-Signature (#16176)
  * Add asymmetric JWT signing (#16010)
  * Clean-up the settings hierarchy for issue_indexer queue (#16001)
  * Change default queue settings to be low go-routines (#15964)
  * Improve assets handler middleware (#15961)
  * Rename StaticUrlPrefix to AssetUrlPrefix (#15779)
  * Use a generic markup class to display externally rendered files and diffs (#15735)
  * Add frontend testing, require node 12 (#15315)
  * Move (custom) assets into subpath `/assets` (#15219)
  * Use level config in log section when sub log section not set level (#15176)
  * Links in markdown should be absolute to the repository not the server (#15088)
  * Upgrade to the latest version of golang-jwt (#16590) (#16606)
  * Set minimum supported version of go to 1.16 (#16710)
* SECURITY
  * Encrypt LDAP bind password in db with SECRET_KEY (#15547)
  * Remove random password in Dockerfiles (#15362)
  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
  * Don't show private user's repo in explore view (#16550) (#16554)
  * Update node tar dependency to 6.1.6 (#16622) (#16623)
* FEATURES
  * Update Go-Git to take advantage of LargeObjectThreshold (#16316)
  * Support custom mime type mapping for text files (#16304)
  * Link to previous blames in file blame page (#16259)
  * Add LRU mem cache implementation (#16226)
  * Localize Email Templates (#16200)
  * Make command in authorized keys a template (#16003)
  * Add possibility to make branch in branch page (#15960)
  * Add email headers (#15939)
  * Make tasklist checkboxes clickable (#15791)
  * Add selecting tags on the compare page (#15723)
  * Add cron job to delete old actions from database (#15688)
  * On open repository open common cat file batch and batch-check (#15667)
  * Add tag protection (#15629)
  * Add push to remote mirror repository (#15157)
  * Add Image Diff for SVG files (#14867)
  * Add dashboard milestone search and repo milestone search by name. (#14866)
  * Add LFS Migration and Mirror (#14726)
  * Improve notifications for WIP draft PR's (#14663)
  * Disable Stars config option (#14653)
  * GPG Key Ownership verification with Signed Token (#14054)
  * OAuth2 auto-register (#5123)
* API
  * Return updated repository when changing repository using API (#16420)
  * Let branch/tag name be a valid ref to get CI status (#16400)
  * Add endpoint to get commits of PR (#16300)
  * Allow COMMENT reviews to not specify a body (#16229)
  * Add subject-type filter to list notification API endpoints (#16177)
  * ListReleases add filter for draft and pre-releases (#16175)
  * ListIssues add more filters (#16174)
  * Issue Search Add filter for MilestoneNames (#16173)
  * GET / SET User Settings (#16169)
  * Expose repo.GetReviewers() & repo.GetAssignees() (#16168)
  * User expose counters (#16167)
  * Add repoGetTag (#16166)
  * Add repoCreateTag (#16165)
  * Creating a repo from a template repo via API (#15958)
  * Add Active and ProhibitLogin to API (#15689)
  * Add Location, Website and Description to API (#15675)
  * Expose resolver via API (#15167)
  * Swagger AccessToken fixes (#16574) (#16597)
  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
* ENHANCEMENTS
  * Support HTTP/2 in Let's Encrypt (#16371)
  * Introduce NotifySubjectType (#16320)
  * Add forge emojies (#16296)
  * Implemented head_commit for webhooks (#16282)
  * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)
  * Add previous/next buttons to review comments (#16273)
  * Review comments: break-word for long file names (#16272)
  * Add configuration to restrict allowed user visibility modes (#16271)
  * Add scroll-margin-top to account for sticky header (#16269)
  * Add --quiet and --verbose to gitea web to control initial logging (#16260)
  * Use gitea logging module for git module (#16243)
  * Add tests for all webhooks (#16214)
  * Add button to delete undeleted repositories from failed migrations (#16197)
  * Speed up git diff highlight generation (#16180)
  * Add OpenID claims "profile" and "email". (#16141)
  * Reintroduce squash merge default comment as a config setting (#16134)
  * Add sanitizer rules per renderer (#16110)
  * Improve performance of dashboard list orgs (#16099)
  * Refactor assert statements in tests (#16089)
  * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
  * Remove unnecessary goroutine (#16080)
  * Add attachments for PR reviews (#16075)
  * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070)
  * Add Visible modes function from Organisation to Users too (#16069)
  * Add checkbox to delete pull branch after successful merge (#16049)
  * Make commit info cancelable (#16032)
  * Make modules/context.Context a context.Context (#16031)
  * Unified custom config creation (#16012)
  * Make sshd_config more flexible regarding connections (#16009)
  * Append to existing trailers in generated squash commit message (#15980)
  * Always store primary email address into email_address table and also the state (#15956)
  * Load issue/PR context popup data only when needed (#15955)
  * Remove remaining fontawesome usage in templates (#15952)
  * Remove fomantic accordion module (#15951)
  * Small refactoring of modules/private (#15947)
  * Double the avatar size factor (#15941)
  * Add curl to rootless docker image (#15908)
  * Replace clipboard.js with async clipboard api (#15899)
  * Allow custom highlight mapping beyond file extensions (#15808)
  * Add trace logging to SSO methods (#15803)
  * Refactor routers directory (#15800)
  * Allow only internal registration (#15795)
  * Add a new internal hook to save ssh log (#15787)
  * Respect default merge message syntax when parsing item references (#15772)
  * OAuth2 login: Set account link to "login" as default behavior (#15768)
  * Use single shared random string generation function (#15741)
  * Hold the event source when there are no listeners (#15725)
  * Code comments improvements (#15722)
  * Provide OIDC compliant user info endpoint (#15721)
  * Fix webkit calendar icon color on arc-green (#15713)
  * Improve Light Chroma style (#15699)
  * Only use boost workers for leveldb shadow queues (#15696)
  * Add compare tag dropdown to releases page (#15695)
  * Add caret styling CSS (#15651)
  * Remove x-ua-compatible meta tag (#15640)
  * Refactor of link creation (#15619)
  * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
  * Rewrite of the LFS server (#15523)
  * Display more repository type on admin repository management (#15440)
  * Remove usage of some JS globals (#15378)
  * SHA in merged commit comment should be rendered ui sha (#15376)
  * Add well-known config for OIDC (#15355)
  * Use route rather than use thus reducing the number of stack frames (#15301)
  * Code Formats, Nits & Unused Func/Var deletions (#15286)
  * Let package git depend on setting but not opposite (#15241)
  * Fixed sanitize errors (#15240)
  * response simple text message for not html request when 404 (#15229)
  * Remove file-loader dependency (#15196)
  * Refactor renders (#15175)
  * Add mimetype mapping settings (#15133)
  * Add Status Updates whilst Gitea migrations are occurring (#15076)
  * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073)
  * Counterwork seemingly unclickable repo button labels (#15064)
  * Add DefaultMergeStyle option to repository (#14789)
  * Added support for gopher URLs. (#14749)
  * Rework repository archive (#14723)
  * Add links to toggle WIP status (#14677)
  * Add Tabular Diff for CSV files (#14661)
  * Use milestone deadline when sorting issues (#14551)
* BUGFIXES
  * Fix invalid params and typo of email templates (#16394)
  * Fix activation of primary email addresses (#16385)
  * Fix calculation for finalPage in repo-search component (#16382)
  * Specify user in rootless container numerically (#16361)
  * Detect encoding changes while parsing diff (#16330)
  * Fix U2F error reasons always hidden (#16327)
  * Prevent zombie processes (#16314)
  * Escape reference to `user` table in models.SearchEmails (#16313)
  * Fix default push instructions on empty repos (#16302)
  * Fix modified files list in webhooks when there is a space (#16288)
  * Fix webhook commits wrong hash on HEAD reset (#16283)
  * Fuzzer finds an NPE due to incorrect URLPrefix (#16249)
  * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238)
  * Do not show No match found for tribute (#16231)
  * Fix "Copy Link" for pull requests (#16230)
  * Fix diff expansion is missing final line in a file (#16222)
  * Fix private repo permission problem (#16142)
  * Fix not able to update local created non-urlencoded wiki pages (#16139)
  * More efficiently parse shas for shaPostProcessor (#16101)
  * Fix `doctor --run check-db-consistency --fix` with label fix (#16094)
  * Prevent webhook action buttons from shifting (#16087)
  * Change default TMPDIR path in rootless containers (#16077)
  * Fix typo and add TODO notice (#16064)
  * Use git log name-status in get last commit (#16059)
  * Fix 500 Error with branch and tag sharing the same name (#16040)
  * Fix get tag when migration (#16014)
  * Add custom emoji support (#16004)
  * Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
  * Add permission check for ``GenerateRepository`` (#15946)
  * Ensure settings for Service and Mailer are read on the install page (#15943)
  * Fix layout of milestone view (#15927)
  * Unregister non-matching serviceworkers (#15834)
  * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
  * Attachment support repository route (#15580)
  * Fix missing icons and colorpicker when mounted on suburl (#15501)
  * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
  * Prevent double-login for Git HTTP and LFS and simplify login (#15303)
  * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278)
  * Fix heatmap activity (#15252)
  * Remove vendored copy of fomantic-dropdown (#15193)
  * Update repository size on cron gc task (#15177)
  * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
  * Add code block highlight to orgmode back (#14222)
  * Remove User.GetOrganizations() (#14032)
  * Restore Accessibility for Dropdown (#16576) (#16617)
  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
  * Fix table alignment in markdown (#16596) (#16602)
  * Fix 500 on first wiki page (#16586) (#16598)
  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
  * Handle too long PR titles correctly (#16517) (#16549)
  * Fix data race in bleve indexer (#16474) (#16509)
  * Restore CORS on git smart http protocol (#16496) (#16506)
  * Fix race in log (#16490) (#16505)
  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
  * Update notification table with only latest data (#16445) (#16469)
  * Fix crash following ldap authentication update (#16447) (#16448)
  * Fix direct creation of external users on admin page (partial #16612) (#16613)
  * Prevent 500 on draft releases without tag (#16634) (#16636)
  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
  * Fix data race in bleve indexer (#16474) (#16509)
  * Restore CORS on git smart http protocol (#16496) (#16506)
  * Fix race in log (#16490) (#16505)
  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
  * Update notification table with only latest data (#16445) (#16469)
  * Fix crash following ldap authentication update (#16447) (#16448)
  * Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
  * Fix direct creation of external users on admin page (#16613)
  * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
  * Fix NPE in fuzzer (#16680) (#16682)
  * Set issue_index when finishing migration (#16685) (#16687)
  * Skip patch download when no patch file exists (#16356) (#16681)
  * Ensure empty lines are copiable and final new line too (#16678) (#16692)
  * Fix wrong user in OpenID response (#16736) (#16741)
  * Do not use thin scrollbars on Firefox (#16738) (#16745)
  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
  * Keep attachments on tasklist update (#16750) (#16757)
* TESTING
  * Bump `postgres` and `mysql` versions (#15710)
  * Add tests for clone from wiki (#15513)
  * Fix Benchmark tests, remove a broken one & add two new  (#15250)
  * Create Proper Migration tests (#15116)
* TRANSLATION
  * Use a special name for update default branch on repository setting (#15893)
  * Fix mirror_lfs source string in en-US locale (#15369)
* BUILD
  * Upgrade xorm to v1.1.1 (#16339)
  * Disable legal comments in esbuild (#15929)
  * Switch to Node 16 to build fronted  (#15804)
  * Use esbuild to minify CSS (#15756)
  * Use binary version of revive linter (#15739)
  * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465)
  * Stop packaging node_modules in release tarballs (#15273)
  * Introduce esbuild on webpack (#14578)
* DOCS
  * Update queue workers documentation (#15999)
  * Comment out app.example.ini (#15807)
  * Improve logo customization docs (#15754)
  * Add some response status on api docs (#15399)
  * Rework Token API comments (#15162)
  * Add better errors for disabled account recovery (#15117)
* MISC
  * Remove utf8 option from installation page (#16126)
  * Use Wants= over Requires= in systemd file (#15897)

* BUGFIXES
  * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896)
  * Fix wiki raw commit diff/patch view (#16891) (#16893)
  * Ensure wiki repos are all closed (#16886) (#16889)
  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849)
  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740)

* SECURITY
  * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
  * Switch to maintained JWT lib (#16532) (#16535)
  * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
* BUGFIXES
  * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)

* SECURITY
  * Hide mirror passwords on repo settings page (#16022) (#16355)
  * Update bluemonday to v1.0.15 (#16379) (#16380)
* BUGFIXES
  * Retry rename on lock induced failures (#16435) (#16439)
  * Validate issue index before querying DB (#16406) (#16410)
  * Fix crash following ldap authentication update (#16447) (#16449)
* ENHANCEMENTS
  * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)

* BUGFIXES
  * Fix relative links in postprocessed images (#16334) (#16340)
  * Fix list_options GetStartEnd (#16303) (#16305)
  * Fix API to use author for commits instead of committer (#16276) (#16277)
  * Handle misencoding of login_source cfg in mssql (#16268) (#16275)
  * Fixed issues not updated by commits (#16254) (#16261)
  * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
  * Use html.Parse rather than html.ParseFragment (#16223) (#16225)
  * Fix milestone counters on new issue (#16183) (#16224)
  * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)

* SECURITY
  * Encrypt migration credentials at rest (#15895) (#16187)
  * Only check access tokens if they are likely to be tokens (#16164) (#16171)
  * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
  * Fix setting of SameSite on cookies (#15989) (#15991)
* API
  * Repository object only count releases as releases (#16184) (#16190)
  * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190)
  * Fix overly strict edit pr permissions (#15900) (#16081)
* BUGFIXES
  * Run processors on whole of text (#16155) (#16185)
  * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172)
  * Fix language switch for install page (#16043) (#16128)
  * Fix bug on getIssueIDsByRepoID (#16119) (#16124)
  * Set self-adjusting deadline for connection writing (#16068) (#16123)
  * Fix http path bug (#16117) (#16120)
  * Fix data URI scramble (#16098) (#16118)
  * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097)
  * git migration: don't prompt interactively for clone credentials (#15902) (#16082)
  * Fix case change in ownernames (#16045) (#16050)
  * Don't manipulate input params in email notification (#16011) (#16033)
  * Remove branch URL before IssueRefURL (#15968) (#15970)
  * Fix layout of milestone view (#15927) (#15940)
  * GitHub Migration, migrate draft releases too (#15884) (#15888)
  * Close the gitrepo when deleting the repository (#15876) (#15887)
  * Upgrade xorm to v1.1.0 (#15869) (#15885)
  * Fix blame row height alignment (#15863) (#15883)
  * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882)
  * Backport Fix LFS commit finder not working (#15856) (#15874)
  * Stop calling WriteHeader in Write (#15862) (#15873)
  * Add timeout to writing to responses (#15831) (#15872)
  * Return go-get info on subdirs (#15642) (#15871)
  * Restore PAM user autocreation functionality (#15825) (#15867)
  * Fix truncate utf8 string (#15828) (#15854)
  * Fix bound address/port for caddy's certmagic library (#15758) (#15848)
  * Upgrade unrolled/render to v1.1.1 (#15845) (#15846)
  * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840)
  * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
  * Set autocomplete off on branches selector (#15809) (#15833)
  * Add missing error to Doctor log (#15813) (#15824)
  * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816)
* ENHANCEMENTS
  * Removable media support to snap package (#16136) (#16138)
  * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
* DOCKER
  * Only write config in environment-to-ini if there are changes (#15861) (#15868)
  * Only offer hostcertificates if they exist (#15849) (#15853)

* API
  * Make change repo settings work on empty repos (#15778) (#15789)
  * Add pull "merged" notification subject status to API (#15344) (#15654)
* BUGFIXES
  * Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798)
  * Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775)
  * Set GIT_DIR correctly if it is not set (#15751) (#15769)
  * Fix bug where repositories appear unadopted (#15757) (#15767)
  * Not show `ref-in-new-issue` pop when issue was disabled (#15761) (#15765)
  * Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762)
  * Fix setting version table in dump (#15753) (#15759)
  * Fix close button change on delete in simplemde area (#15737) (#15747)
  * Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746)
  * Fix some ui bug about draft release (#15137) (#15745)
  * Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715)
  * Move tooltip down to allow selection of Remove File on error (#15672) (#15714)
  * Fix setting redis db path (#15698) (#15708)
  * Fix DB session cleanup (#15697) (#15700)
  * Fixed several activation bugs (#15473) (#15685)
  * Delete references if repository gets deleted (#15681) (#15684)
  * Fix orphaned objects deletion bug (#15657) (#15683)
  * Delete protected branch if repository gets removed (#15658) (#15676)
  * Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652)
  * Not update updated uinx for `git gc` (#15637) (#15641)
  * Fix commit graph author link (#15627) (#15630)
  * Fix webhook timeout bug (#15613) (#15621)
  * Resolve panic on failed interface conversion in migration v156 (#15604) (#15610)
  * Fix missing storage init (#15589) (#15598)
  * If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594)
  * Fix lfs management find (#15537) (#15578)
  * Fix NPE on view commit with notes (#15561) (#15573)
  * Fix bug on commit graph (#15517) (#15530)
  * Send size to /avatars if requested (#15459) (#15528)
  * Prevent migration 156 failure if tag commit missing (#15519) (#15527)
* ENHANCEMENTS
  * Display conflict-free merge messages for pull requests (#15773) (#15796)
  * Exponential Backoff for ByteFIFO (#15724) (#15793)
  * Issue list alignment tweaks (#15483) (#15766)
  * Implement delete release attachments and update release attachments' name (#14130) (#15666)
  * Add placeholder text to deploy key textarea (#15575) (#15576)
  * Project board improvements (#15429) (#15560)
  * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
* MISC
  * Fix webkit calendar icon color on arc-green (#15713) (#15728)
  * Performance improvement for last commit cache and show-ref (#15455) (#15701)
  * Bump unrolled/render to v1.1.0 (#15581) (#15608)
  * Add ETag header (#15370) (#15552)

* BUGFIXES
  * Fix bug clone wiki (#15499) (#15502)
  * Github Migration ignore rate limit, if not enabled (#15490) (#15495)
  * Use subdir for URL (#15446) (#15493)
  * Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
  * Ensure review dismissal only dismisses the correct review (#15477) (#15489)
  * Use index of the supported tags to choose user lang (#15452) (#15488)
  * Fix wrong file link in code search page (#15466) (#15486)
  * Quick template fix for built-in SSH server in admin config (#15464) (#15481)
  * Prevent superfluous response.WriteHeader (#15456) (#15476)
  * Fix ambiguous argument error on tags (#15432) (#15474)
  * Add created_unix instead of expiry to migration (#15458) (#15463)
  * Fix repository search (#15428) (#15442)
  * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
  * Fix wiki clone urls (#15430) (#15431)
  * Fix dingtalk icon url at webhook (#15417) (#15426)
  * Standardise icon on projects PR page (#15387) (#15408)
* ENHANCEMENTS
  * Add option to skip LFS/attachment files for `dump` (#15407) (#15492)
  * Clone panel fixes (#15436)
  * Use semantic dropdown for code search query type (#15276) (#15364)
* BUILD
  * Build go-git variants for windows (#15482) (#15487)
  * Lock down build-images dependencies (Partial #15479) (#15480)
* MISC
  * Performance improvement for list pull requests (#15447) (#15500)
  * Fix potential copy lfs records failure when fork a repository (#15441) (#15485)

* SECURITY
  * Respect approved email domain list for externally validated user registration (#15014)
  * Add reverse proxy configuration support for remote IP address detection (#14959)
  * Ensure validation occurs on clone addresses too (#14994)
  * Fix several render issues highlighted during fuzzing (#14986)
* BREAKING
  * Fix double 'push tag' action feed (#15078) (#15083)
  * Remove possible resource leak (#15067) (#15082)
  * Handle unauthorized user events gracefully (#15071) (#15074)
  * Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475)
  * Migrate from Macaron to Chi framework (#14293)
  * Deprecate building for mips (#14174)
  * Consolidate Logos and update README header (#14136)
  * Inline manifest.json (#14038)
  * Store repository data in data path if not previously set (#13991)
  * Rename "gitea" png to "logo" (#13974)
  * Standardise logging of failed authentication attempts in internal SSH (#13962)
  * Add markdown support in organization description (#13549)
  * Improve users management through the CLI (#6001) (#10492)
* FEATURES
  * Create a new issue with reference to lines of code from file view (#14863)
  * Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
  * Allow blocking some email domains from registering an account (#14667)
  * Create a new issue based on reference to an issue comment (#14366)
  * Add support to migrate from gogs (#14342)
  * Add pager to the branches page (#14202)
  * Minimal OpenID Connect implementation (#14139)
  * Display current stopwatch in navbar (#14122)
  * Display SVG files as images instead of text (#14101)
  * Disable SSH key deletion of externally managed Keys (#13985)
  * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)
  * Add support for Mastodon OAuth2 provider (#13293)
  * Add gitea sendmail command (#13079)
  * Create DB session provider(based on xorm) (#13031)
  * Add dismiss review feature (#12674)
  * Make manual merge autodetection optional and add manual merge as merge method (#12543)
  * Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
  * Create Rootless Docker image (#10154)
* API
  * Speedup issue search (#15179) (#15192)
  * Get pull, return head branch sha, even if deleted (#14931)
  * Export LFS & TimeTracking function status (#14753)
  * Show Gitea version in swagger (#14654)
  * Fix PATCH /repos/{owner}/{repo} panic (#14637)
  * Add Restricted Field to User (#14630)
  * Add support for ref parameter to get raw file API (#14602)
  * Add affected files of commits to commit struct (#14579)
  * Fix CJK fonts again and misc. font issues (#14575)
  * Add delete release by tag & delete tag (#14563) & (#13358)
  * Add pagination to ListBranches (#14524)
  * Add signoff option in commit form (#14516)
  * GetRelease by tag only return release (#14397)
  * Add MirrorInterval to the API (#14163)
  * Make BasicAuth Prefix case insensitive (#14106)
  * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)
  * Add ref to create/edit issue options & deprecated assignee (#13992)
  * Add Ref to Issue (#13946)
  * Expose default theme in meta and API (#13809)
  * Send error message when CSRF token is missing (#13676)
  * List, Check, Add & delete endpoints for repository teams (#13630)
  * Admin EditUser: Make FullName, Email, Website & Location optional (#13562)
  * Add more filters to issues search (#13514)
  * Add review request api (#11355)
* BUGFIXES
  * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396)
  * Always set the merge base used to merge the commit (#15352) (#15385)
  * Upgrade to bluemonday 1.0.7 (#15379) (#15380)
  * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377)
  * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361)
  * Show diff on rename with diff changes (#15338) (#15339)
  * Fix handling of logout event (#15323) (#15337)
  * Fix CanCreateRepo check (#15311) (#15321)
  * Fix xorm log stack level (#15285) (#15316)
  * Fix bug in Wrap (#15302) (#15309)
  * Drop the event source if we are unauthorized (#15275) (#15280)
  * Backport Fix graph pagination (#15225)  (#15249)
  * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200)
  * should run RetrieveRepoMetas() for empty pr (#15187) (#15190)
  * Move setting to enable closing issue via commit in non default branch to repo settings (#14965)
  * Show correct issues for team dashboard (#14952)
  * Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932)
  * Only allow issue labels from owner repository or organization (#14928)
  * Fix alignment of People and Teams right arrow on org homepage (#14924)
  * Fix overdue marking of closed issues and milestones (#14923)
  * Prevent panic when empty MilestoneID in repo/issue/list (#14911)
  * Fix migration context data (#14910)
  * Handle URLs with trailing slash (#14852)
  * Add CORS config on to /login/oauth/access_token endpoint (#14850)
  * Make searching issues by keyword case insensitive on DB (#14848)
  * Prevent use of double sub-path and incorrect asset path in manifest (#14827)
  * Fix link account ui (#14763)
  * Fix preview status switch button on wiki editor (#14742)
  * Fix github download on migration (#14703)
  * Fix svg spacing (#14638)
  * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623)
  * Truncated organizations name (#14615)
  * Exclude the current dump file from the dump (#14606)
  * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
  * Ensure memcache caching works when TTL greater than 30 days (#14592)
  * Remove NULs byte arrays passed to PostProcess (#14587)
  * Restore detection of branches are equal on compare page (#14586)
  * Fix incorrect key name so registerManualConfirm works (#14455)
  * Fix close/reopen with comment (#14436)
  * Allow passcode invalid error to appear (#14371)
  * Escape branch names in compare url (#14364)
  * Label and milestone webhooks on issue/pull creation (#14363)
  * Handle NotifyCreateRef as create branch in feeds (#14245)
  * Prevent clipping input text in Chrome + Segoe UI Font (#14179)
  * Fix UI on edit auth source page (#14137)
  * Fix git.parseTagData (#14105)
  * Refactor get tag to remove unnecessary steps (#14058)
  * Fix integrations test error with space in CURDIR path (#14056)
  * Dropdown triangle fixes (#14028)
  * Fix label of --id in admin delete user (#14005)
  * Cause NotifyMigrateRepository to emit a repo create webhook (#14004)
  * Update HEAD to match defaultBranch in template generation (#13948)
  * Fix action avatar loading (#13909)
  * Fix issue participants (#13893)
  * Fix avatar template error (#13833)
  * Fix review request notification email links when external issue tracker is enabled (#13723)
  * Fix blame line alignment (#13542)
  * Include OriginalAuthor in Reaction constraint (#13505)
  * Comments on review should have the same sha (#13448)
  * Fix whitespace rendering in diff (#13415)
  * Fixed git args duplication (#13411)
  * Fix bug on release publisherid migrations (#13410)
  * Fix --port setting (#13288)
  * Keep database transactions not too big (#13254)
  * Git version check, ignore pre-releases constraints (#13234)
  * Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
  * Update Mirror IsEmpty status on synchronize (#13185)
  * Use GO variable in go-check target (#13146) (#13147)
* ENHANCEMENTS
  * UI style improvements
  * Dropzone styling improvements (#15291) (#15374)
  * Add size to Save function (#15264) (#15270)
  * Monaco improvements (#15333) (#15345)
  * Support .mailmap in code activity stats (#15009)
  * Sort release attachments by name (#15008)
  * Add ui.explore settings to control view of explore pages (#14094)
  * Make internal SSH server host key path configurable (#14918)
  * Hide resync all ssh principals when using internal ssh server (#14904)
  * Add SameSite setting for cookies (#14900)
  * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781)
  * Add environment-to-ini to docker image (#14762)
  * Add preview support for wiki editor when disable simpleMDE (#14757)
  * Add easyMDE(simpleMDE) support for release content editor (#14744)
  * Organization removal confirmation using name not password (#14738)
  * Make branch names in PR description clickable (#14716)
  * Add Password Algorithm option to install page (#14701)
  * Add fullTextSearch to dropdowns by default (#14694)
  * Fix truncated organization names (#14655)
  * Whitespace in commits (#14650)
  * Sort / move project boards (#14634)
  * Make fileheader sticky in diffs (#14616)
  * Add helper descriptions on new repo page (#14591)
  * Move the stopwatches to the eventsource stream (#14588)
  * Add Content-Length header to HEAD requests (#14542)
  * Add Image Diff options in Diff view (#14450)
  * Improve Description in new/ edit Project template (#14429)
  * Allow ssh-keygen on Windows to detect ssh key type (#14413)
  * Display error if twofaSecret cannot be retrieved (#14372)
  * Sort issue search results by revelance (#14353)
  * Implement ghost comment mitigation (#14349)
  * Upgrade blevesearch dependency to v2.0.1 (#14346)
  * Add edit, delete and reaction support to code review comments on issue page (#14339)
  * Merge default and system webhooks under one menu (#14244)
  * Add option for administrator to reset user 2FA (#14243)
  * Add option to change username to the admin panel (#14229)
  * Check for 'main' as potential default branch name (#14193)
  * Project: show referenced PRs in issue cards (#14183)
  * Use caddy's certmagic library for extensible/robust ACME handling (#14177)
  * CLI support for OAuth sources custom icons (#14166)
  * Custom icons for OAuth sources (#14161)
  * Team dashboards (#14159)
  * KanBan: be able to set default board (#14147)
  * Disable Fomantic's custom scrollbars (#14109)
  * Add UI to delete tracked times (#14100)
  * Rework heatmap permissions (#14080)
  * Issue and pull request filters on organization dashboard (#14072)
  * Fix webhook list styling (#14001)
  * Show dropdown with all statuses for commit (#13977)
  * Show status check for merged PRs (#13975)
  * Diff stat improvements (#13954)
  * Report permissions denied in internal SSH (#13953)
  * Markdown task list improvements (#13952)
  * Heatmap days clickable (#13935)
  * chore: use octicon-mirror for feeds display (#13928)
  * Move diff split code into own template file (#13919)
  * Markdown: Enable wrapping in code blocks and a color tweak (#13894)
  * Do not reload page after adding comments in Pull Request reviews (#13877)
  * Add pull request manually merge instruction (#13840)
  * add thumbnail preview section to issue attachments (#13826)
  * Move Repo APIFormat to convert package (#13787)
  * Move notification APIFormat (#13783)
  * Swap swagger-ui with swagger-ui-dist (#13777)
  * User Settings: Ignore empty language codes & validate (#13755)
  * Improve migrate page and add card CSS (#13751)
  * Add block on official review requests branch protection (#13705)
  * Add review requested filter on pull request overview (#13701)
  * Use chronological commit order in default squash message (#13696)
  * Clickable links in pull request (and issue) titles (#13695)
  * Support shortened commit SHAs in URLs (#13686)
  * Use native git variants by default with go-git variants as build tag (#13673)
  * Don't render dropdown when only 1 merge style is available (#13670)
  * Move webhook type from int to string (#13664)
  * Direct avatar rendering (#13649)
  * Verify password for local-account activation (#13631)
  * Prevent clone protocol button flash on page load (#13626)
  * Remove fetch request from heatmap (#13623)
  * Refactor combine label comments with tests (#13619)
  * Move metrics from macaron to chi (#13601)
  * Issue and Pulls lists rework (#13594)
  * HTTP cache rework and enable caching for storage assets (#13569)
  * Use mount but not register for chi routes (#13555)
  * Use monaco for the git hook editor (#13552)
  * Make heatmap colors more distinct (#13533)
  * Lazy-load issue reviewers and assignees avatars (#13526)
  * Change search and filter icons to SVG (#13473)
  * Create tag on ui (#13467)
  * updateSize when create a repo with init commit (#13441)
  * Added title and action buttons to Project view page (#13437)
  * Override fomantic monospace fonts and set size (#13435)
  * Rework focused comment styling (#13434)
  * Tags cleanup (#13428)
  * Various style tweaks (#13418)
  * Refactor push update (#13381)
  * Comment box tweaks and SVG dropdown triangles (#13376)
  * Various style fixes (#13372)
  * Change repo home page icons to SVG (#13364)
  * Use CSS Vars for primary color (#13361)
  * Refactor image paste code (#13354)
  * Switch from SimpleMDE to EasyMDE (#13333)
  * Group Label Changed Comments in timeline (#13304)
  * Make the logger an interface (#13294)
  * Fix PR/Issue titles on mobile (#13292)
  * Rearrange the order of the merged by etc. in locale (#13284)
  * Replace footer and modal icons with SVG (#13245)
  * Issues overview should not show issues from archived repos (#13220)
  * Show stale label for stale code comment which is marked as resolved (#13213)
  * Use CSS Variables for fonts, remove postcss-loader (#13204)
  * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198)
  * Move install pages out of main macaron routes (#13195)
  * Update outdated label to use Fomantic UI style (#13181)
  * Added option to disable webhooks (#13176)
  * Change order of possible-owner organizations to alphabetical (#13160)
  * Log IP on SSH authentication failure for Built-in SSH server (#13150)
  * Added option to disable migrations (#13114)
  * New "Add Mirror" Button in the Organization view (#13105)
  * Manually approve new registration (#13083)
  * Cron job to cleanup hook_task table (#13080)
  * Use the headline comment of pull-request as the squash commit's message (#13071)
  * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
  * Slightly simplify the queue settings code to help reduce the risk of problems (#12976)
  * Add precise search type for Elastic Search (#12869)
  * Move APIFormat functions into convert package (#12856)
  * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766)
  * Add TrN for repository limit (#12492)
  * Refactor doctor (#12264)
  * Add the tag list page to the release page (#12096)
  * Redirect on changed user and org name (#11649)
  * load U2F js only on pages which need it (#11585)
  * Make archival asynchronous (#11296)
  * Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420)
  * Improve vfsgen to not unzip bindata files but send to browser directly (#7109)
  * Enhance release list (#6025)
* DOCS
  * Swagger show models by default (#14880)
  * Add missing repo.projects unit into swagger (#14876)
  * Update docs and comments to remove macaron (#14491)
  * Issue template addition: Are you using Gitea behind CloudFlare? (#14098)
  * Generate man pages (#13901)
  * Reformat/fine-tune docs (#13897)
  * Added Table of Contents to long documentation pages (#13890)
  * Add docs command (#13429)
  * Update external-renderers.en-us.md (#13165)
* MISC
  * Add builds for apple M1 (darwin arm64) (#14951)
  * Migrate to use jsoniter instead of encoding/json (#14841)
  * Reduce make verbosity (#13803)
  * Add git command error directory on log (#13194)

* SECURITY
  * Update to bluemonday-1.0.6 (#15294) (#15298)
  * Clusterfuzz found another way (#15160) (#15169)
* API
  * Fix wrong user returned in API (#15139) (#15150)
* BUGFIXES
  * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
  * Speed up `enry.IsVendor` (#15213) (#15246)
  * Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
  * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
* MISC
  * Add size to Save function (#15264) (#15271)

* SECURITY
  * Fix bug on avatar middleware (#15124) (#15125)
  * Fix another clusterfuzz identified issue (#15096) (#15114)
* API
  * Fix nil exeption for get pull reviews API #15104 (#15106)
* BUGFIXES
  * Fix markdown rendering in milestone content (#15056) (#15092)

* SECURITY
  * Update to goldmark 1.3.3 (#15059) (#15061)
  * Another clusterfuzz spotted issue (#15032) (#15034)
* API
  * Fix set milestone on PR creation (#14981) (#15001)
  * Prevent panic when editing forked repos by API (#14960) (#14963)
* BUGFIXES
  * Fix bug when upload on web (#15042) (#15055)
  * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
  * Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
  * Fix several render issues (#14986) (#15013)
  * Make sure sibling images get a link too (#14979) (#14995)
  * Fix Anchor jumping with escaped query components (#14969) (#14977)
  * Fix release mail html template (#14976)
  * Fix excluding more than two labels on issues list (#14962) (#14973)
  * Don't mark each comment poster as OP (#14971) (#14972)
  * Add "captcha" to list of reserved usernames (#14930)
  * Re-enable import local paths after reversion from #13610 (#14925) (#14927)

Revision 1.65: download - view: text, markup, annotated - select for diffs
Sun Feb 13 19:24:25 2022 UTC (2 years, 9 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.64: preferred, colored
Changes since revision 1.64: +2 -2 lines
Revump all Go packages after go117 update

Revision 1.64: download - view: text, markup, annotated - select for diffs
Sun Jan 9 20:10:40 2022 UTC (2 years, 11 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.63: preferred, colored
Changes since revision 1.63: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.63: download - view: text, markup, annotated - select for diffs
Thu Dec 9 17:50:13 2021 UTC (3 years ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.62: preferred, colored
Changes since revision 1.62: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.62: download - view: text, markup, annotated - select for diffs
Wed Dec 8 16:06:56 2021 UTC (3 years ago) by adam
Branches: MAIN
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +2 -2 lines
revbump for icu and libffi

Revision 1.61: download - view: text, markup, annotated - select for diffs
Thu Nov 18 02:45:29 2021 UTC (3 years ago) by khorben
Branches: MAIN
Diff to: previous 1.60: preferred, colored
Changes since revision 1.60: +3 -3 lines
gitea: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.

While there, also fix a couple substitutions in the default configuration file
(app.ini).

Bumps PKGREVISION.

Revision 1.60: download - view: text, markup, annotated - select for diffs
Fri Nov 5 20:02:49 2021 UTC (3 years, 1 month ago) by bsiegert
Branches: MAIN
Diff to: previous 1.59: preferred, colored
Changes since revision 1.59: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.59: download - view: text, markup, annotated - select for diffs
Fri Oct 8 18:55:06 2021 UTC (3 years, 2 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.58: preferred, colored
Changes since revision 1.58: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.58: download - view: text, markup, annotated - select for diffs
Fri Sep 17 13:52:51 2021 UTC (3 years, 2 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Diff to: previous 1.57: preferred, colored
Changes since revision 1.57: +2 -2 lines
Revbump all Go packages after go117 update

Revision 1.57: download - view: text, markup, annotated - select for diffs
Wed Aug 11 19:35:08 2021 UTC (3 years, 4 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.56: preferred, colored
Changes since revision 1.56: +2 -2 lines
Revbump all Go packages after go116 update

Revision 1.56: download - view: text, markup, annotated - select for diffs
Tue Jul 13 11:36:35 2021 UTC (3 years, 4 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.55: preferred, colored
Changes since revision 1.55: +2 -2 lines
Revbump all Go packages after go116 update

Revision 1.55: download - view: text, markup, annotated - select for diffs
Sun Jun 6 12:19:02 2021 UTC (3 years, 6 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.54: preferred, colored
Changes since revision 1.54: +2 -2 lines
Revbump all Go packages after go116 update

Revision 1.54: download - view: text, markup, annotated - select for diffs
Sat May 8 15:02:31 2021 UTC (3 years, 7 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +2 -2 lines
Revbump all Go packages after go116 update

Revision 1.53: download - view: text, markup, annotated - select for diffs
Wed Apr 21 11:42:54 2021 UTC (3 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.52: preferred, colored
Changes since revision 1.52: +2 -2 lines
revbump for textproc/icu

Revision 1.52: download - view: text, markup, annotated - select for diffs
Fri Mar 19 17:37:08 2021 UTC (3 years, 8 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +2 -2 lines
Revbump all Go packages after go115 update

Revision 1.51: download - view: text, markup, annotated - select for diffs
Sun Mar 14 02:29:19 2021 UTC (3 years, 8 months ago) by khorben
Branches: MAIN
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +3 -4 lines
gitea: re-generate the frontend files

It turns out this new version of Gitea does need newer frontend files after
all. A copy has been uploaded to ftp.netbsd.org as documented.

Bumps PKGREVISION.

Revision 1.50: download - view: text, markup, annotated - select for diffs
Fri Mar 12 11:54:25 2021 UTC (3 years, 9 months ago) by khorben
Branches: MAIN
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +2 -3 lines
gitea: updated to 1.13.4

This includes the following security fixes; in 1.13.0:
 * Add Allow-/Block-List for Migrate & Mirrors
 * Prevent git operations for inactive users
 * Disallow urlencoded new lines in git protocol paths if there is a port
 * Mitigate Security vulnerability in the git hook feature
 * Disable DSA ssh keys by default
 * Set TLS minimum version to 1.2
 * Use argon as default password hash algorithm

In 1.13.1:
 * Hide private participation in Orgs
 * Fix escaping issue in diff

In 1.13.2:
 * Prevent panic on fuzzer provided string
 * Add secure/httpOnly attributes to the lang cookie

In 1.13.3:
 * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one

In 1.13.4:
 * Fix issue popups

Revision 1.49: download - view: text, markup, annotated - select for diffs
Mon Mar 1 23:47:09 2021 UTC (3 years, 9 months ago) by khorben
Branches: MAIN
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +2 -2 lines
gitea: do not log to the console

When started as a service, gitea logs directly to the console, in
addition to its own log files. This change redirects the standard output
to /dev/null.

Bumps PKGREVISION.

Revision 1.48: download - view: text, markup, annotated - select for diffs
Sat Jan 23 14:23:13 2021 UTC (3 years, 10 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +2 -1 lines
Revbump all Go packages after go115 update

Revision 1.42.2.1: download - view: text, markup, annotated - select for diffs
Fri Dec 11 08:36:23 2020 UTC (4 years ago) by bsiegert
Branches: pkgsrc-2020Q3
Diff to: previous 1.42: preferred, colored; next MAIN 1.43: preferred, colored
Changes since revision 1.42: +4 -5 lines
Pullup ticket #6378 - requested by riastradh
www/gitea: build fix, security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.47
- www/gitea/PLIST                                               1.9
- www/gitea/distinfo                                            1.24

---
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Wed Nov 18 11:29:27 UTC 2020

   Modified Files:
           pkgsrc/www/gitea: Makefile PLIST distinfo

   Log Message:
   gitea: Update to 1.12.6.

   Fixes pkgsrc handling of the frontend artefacts, various files were previously
   missing, leading to errors in the web interface.

   Changes since 1.12.1:

   ## [1.12.6](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) - 2020-11-11

   * SECURITY
     * Prevent git operations for inactive users (#13527) (#13537)
     * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
   * BUGFIXES
     * API should only return Json (#13511) (#13564)
     * Fix before and since query arguments at API (#13559) (#13560)
     * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
     * Fix link detection in repository description with tailing '_' (#13407) (#13408)
     * Remove obsolete change of email on profile page (#13341) (#13348)
     * Fix permission check on get Reactions API endpoints (#13344) (#13346)
     * Add migrated pulls to pull request task queue (#13331) (#13335)
     * API deny wrong pull creation options (#13308) (#13327)
     * Fix initial commit page & binary munching problem (#13249) (#13259)
     * Fix diff parsing (#13157) (#13136) (#13139)
     * Return error 404 not 500 from API if team does not exist (#13118) (#13119)
     * Prohibit automatic downgrades (#13108) (#13111)
     * Fix GitLab Migration Option AuthToken (#13101)
     * GitLab Label Color Normalizer (#12793) (#13100)
     * Log the underlying panic in runMigrateTask (#13096) (#13098)
     * Fix attachments list in edit comment (#13036) (#13097)
     * Fix deadlock when deleting team user (#13093)
     * Fix error create comment on outdated file (#13041) (#13042)
     * Fix repository create/delete event webhooks (#13008) (#13027)
     * Fix internal server error on README in submodule (#13006) (#13016)

   ## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01

   * BUGFIXES
     * Allow U2F with default settings for gitea in subpath (#12990) (#13001)
     * Prevent empty div when editing comment (#12404) (#12991)
     * On mirror update also update address in DB (#12964) (#12967)
     * Allow extended config on cron settings (#12939) (#12943)
     * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
     * Fix internal server error from ListUserOrgs API (#12910) (#12915)
     * Update only the repository columns that need updating (#12900) (#12912)
     * Fix panic when adding long comment (#12892) (#12894)
     * Add size limit for content of comment on action ui (#12881) (#12890)
     * Convert User expose ID each time (#12855) (#12883)
     * Support slashes in release tags (#12864) (#12882)
     * Add missing information to CreateRepo API endpoint (#12848) (#12867)
     * On Migration respect old DefaultBranch (#12843) (#12858)
     * Fix notifications page links (#12838) (#12853)
     * Stop cloning unnecessarily on PR update (#12839) (#12852)
     * Escape more things that are passed through str2html (#12622) (#12850)
     * Remove double escape on labels addition in comments (#12809) (#12810)
     * Fix "only mail on mention" bug (#12775) (#12789)
     * Fix yet another bug with diff file names (#12771) (#12776)
     * RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
     * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
   * ENHANCEMENTS
     * gitea dump: include version & Check InstallLock (#12760) (#12762)

   ## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02

   * SECURITY
     * Escape provider name in oauth2 provider redirect (#12648) (#12650)
     * Escape Email on password reset page (#12610) (#12612)
     * When reading expired sessions - expire them (#12686) (#12690)
   * ENHANCEMENTS
     * StaticRootPath configurable at compile time (#12371) (#12652)
   * BUGFIXES
     * Fix to show an issue that is related to a deleted issue (#12651) (#12692)
     * Expire time acknowledged for cache (#12605) (#12611)
     * Fix diff path unquoting (#12554) (#12575)
     * Improve HTML escaping helper (#12562)
     * models: break out of loop (#12386) (#12561)
     * Default empty merger list to those with write permissions (#12535) (#12560)
     * Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
     * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
     * Remove hardcoded ES indexername (#12521) (#12526)
     * Fix bug preventing transfer to private organization (#12497) (#12501)
     * Keys should not verify revoked email addresses (#12486) (#12495)
     * Do not add prefix on http/https submodule links (#12477) (#12479)
     * Fix ignored login on compare (#12476) (#12478)
     * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
     * Upgrade google/go-github to v32.1.0 (#12361) (#12390)
     * Render emoji's of Commit message on feed-page (#12373)
     * Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

   ## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28

   * BUGFIXES
     * Don't change creation date when updating Release (#12343) (#12351)
     * Show 404 page when release not found (#12328) (#12332)
     * Fix emoji detection in certain cases (#12320) (#12327)
     * Reduce emoji size (#12317) (#12327)
     * Fix double-indirection bug in logging IDs (#12294) (#12308)
     * Link to pull list page on sidebar when view pr (#12256) (#12263)
     * Extend Notifications API and return pinned notifications by default (#12164) (#12232)

   ## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11

   * BUGFIXES
     * When deleting repository decrese user repository count in cache (#11954) (#12188)
     * Return full commit message instead of summary in commits API (#12186) (#12187)
     * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182)
     * Ensure GPG Subkeys are verified (#12155) (#12168)
     * Fix failing to cache last commit with key being to long (#12151) (#12161)
     * Multiple small admin dashboard fixes (#12153) (#12156)
     * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148)
     * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147)
     * Move EventSource to SharedWorker (#12095) (#12130)
     * Fix ui bug in wiki commit page (#12089) (#12125)
     * Fix gitgraph branch continues after merge (#12044) (#12105)
     * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
     * Ensure BlameReaders close at end of request (#12102) (#12103)
     * Fix panic when adding review comment (#12058)
   * ENHANCEMENTS
     * Disable dropzone's timeout for file uploads (#12024) (#12032)

Revision 1.47: download - view: text, markup, annotated - select for diffs
Wed Nov 18 11:29:27 2020 UTC (4 years ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +4 -5 lines
gitea: Update to 1.12.6.

Fixes pkgsrc handling of the frontend artefacts, various files were previously
missing, leading to errors in the web interface.

Changes since 1.12.1:

## [1.12.6](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) - 2020-11-11

* SECURITY
  * Prevent git operations for inactive users (#13527) (#13537)
  * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
* BUGFIXES
  * API should only return Json (#13511) (#13564)
  * Fix before and since query arguments at API (#13559) (#13560)
  * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
  * Fix link detection in repository description with tailing '_' (#13407) (#13408)
  * Remove obsolete change of email on profile page (#13341) (#13348)
  * Fix permission check on get Reactions API endpoints (#13344) (#13346)
  * Add migrated pulls to pull request task queue (#13331) (#13335)
  * API deny wrong pull creation options (#13308) (#13327)
  * Fix initial commit page & binary munching problem (#13249) (#13259)
  * Fix diff parsing (#13157) (#13136) (#13139)
  * Return error 404 not 500 from API if team does not exist (#13118) (#13119)
  * Prohibit automatic downgrades (#13108) (#13111)
  * Fix GitLab Migration Option AuthToken (#13101)
  * GitLab Label Color Normalizer (#12793) (#13100)
  * Log the underlying panic in runMigrateTask (#13096) (#13098)
  * Fix attachments list in edit comment (#13036) (#13097)
  * Fix deadlock when deleting team user (#13093)
  * Fix error create comment on outdated file (#13041) (#13042)
  * Fix repository create/delete event webhooks (#13008) (#13027)
  * Fix internal server error on README in submodule (#13006) (#13016)

## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01

* BUGFIXES
  * Allow U2F with default settings for gitea in subpath (#12990) (#13001)
  * Prevent empty div when editing comment (#12404) (#12991)
  * On mirror update also update address in DB (#12964) (#12967)
  * Allow extended config on cron settings (#12939) (#12943)
  * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
  * Fix internal server error from ListUserOrgs API (#12910) (#12915)
  * Update only the repository columns that need updating (#12900) (#12912)
  * Fix panic when adding long comment (#12892) (#12894)
  * Add size limit for content of comment on action ui (#12881) (#12890)
  * Convert User expose ID each time (#12855) (#12883)
  * Support slashes in release tags (#12864) (#12882)
  * Add missing information to CreateRepo API endpoint (#12848) (#12867)
  * On Migration respect old DefaultBranch (#12843) (#12858)
  * Fix notifications page links (#12838) (#12853)
  * Stop cloning unnecessarily on PR update (#12839) (#12852)
  * Escape more things that are passed through str2html (#12622) (#12850)
  * Remove double escape on labels addition in comments (#12809) (#12810)
  * Fix "only mail on mention" bug (#12775) (#12789)
  * Fix yet another bug with diff file names (#12771) (#12776)
  * RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
  * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
* ENHANCEMENTS
  * gitea dump: include version & Check InstallLock (#12760) (#12762)

## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02

* SECURITY
  * Escape provider name in oauth2 provider redirect (#12648) (#12650)
  * Escape Email on password reset page (#12610) (#12612)
  * When reading expired sessions - expire them (#12686) (#12690)
* ENHANCEMENTS
  * StaticRootPath configurable at compile time (#12371) (#12652)
* BUGFIXES
  * Fix to show an issue that is related to a deleted issue (#12651) (#12692)
  * Expire time acknowledged for cache (#12605) (#12611)
  * Fix diff path unquoting (#12554) (#12575)
  * Improve HTML escaping helper (#12562)
  * models: break out of loop (#12386) (#12561)
  * Default empty merger list to those with write permissions (#12535) (#12560)
  * Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
  * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
  * Remove hardcoded ES indexername (#12521) (#12526)
  * Fix bug preventing transfer to private organization (#12497) (#12501)
  * Keys should not verify revoked email addresses (#12486) (#12495)
  * Do not add prefix on http/https submodule links (#12477) (#12479)
  * Fix ignored login on compare (#12476) (#12478)
  * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
  * Upgrade google/go-github to v32.1.0 (#12361) (#12390)
  * Render emoji's of Commit message on feed-page (#12373)
  * Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28

* BUGFIXES
  * Don't change creation date when updating Release (#12343) (#12351)
  * Show 404 page when release not found (#12328) (#12332)
  * Fix emoji detection in certain cases (#12320) (#12327)
  * Reduce emoji size (#12317) (#12327)
  * Fix double-indirection bug in logging IDs (#12294) (#12308)
  * Link to pull list page on sidebar when view pr (#12256) (#12263)
  * Extend Notifications API and return pinned notifications by default (#12164) (#12232)

## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11

* BUGFIXES
  * When deleting repository decrese user repository count in cache (#11954) (#12188)
  * Return full commit message instead of summary in commits API (#12186) (#12187)
  * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182)
  * Ensure GPG Subkeys are verified (#12155) (#12168)
  * Fix failing to cache last commit with key being to long (#12151) (#12161)
  * Multiple small admin dashboard fixes (#12153) (#12156)
  * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148)
  * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147)
  * Move EventSource to SharedWorker (#12095) (#12130)
  * Fix ui bug in wiki commit page (#12089) (#12125)
  * Fix gitgraph branch continues after merge (#12044) (#12105)
  * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
  * Ensure BlameReaders close at end of request (#12102) (#12103)
  * Fix panic when adding review comment (#12058)
* ENHANCEMENTS
  * Disable dropzone's timeout for file uploads (#12024) (#12032)

Revision 1.46: download - view: text, markup, annotated - select for diffs
Fri Nov 13 19:26:24 2020 UTC (4 years ago) by bsiegert
Branches: MAIN
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +2 -2 lines
Revbump all Go packages after go115 update

Revision 1.45: download - view: text, markup, annotated - select for diffs
Sun Nov 8 21:59:36 2020 UTC (4 years, 1 month ago) by bsiegert
Branches: MAIN
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +2 -2 lines
Revbump all Go packages after Go 1.15 update.

Revision 1.44: download - view: text, markup, annotated - select for diffs
Thu Nov 5 09:09:20 2020 UTC (4 years, 1 month ago) by ryoon
Branches: MAIN
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +2 -2 lines
*: Recursive revbump from textproc/icu-68.1

Revision 1.43: download - view: text, markup, annotated - select for diffs
Thu Oct 15 13:08:31 2020 UTC (4 years, 1 month ago) by bsiegert
Branches: MAIN
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +2 -2 lines
Revbump all Go packages after go115 update.

Revision 1.42: download - view: text, markup, annotated - select for diffs
Thu Sep 3 07:29:34 2020 UTC (4 years, 3 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +2 -2 lines
Revbump all Go packages after default Go version was changed to 1.15.1

Revision 1.41: download - view: text, markup, annotated - select for diffs
Fri Aug 14 20:01:21 2020 UTC (4 years, 3 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +2 -2 lines
Revbump all Go packages after go114 update

Revision 1.40: download - view: text, markup, annotated - select for diffs
Fri Jul 17 18:04:31 2020 UTC (4 years, 4 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +2 -1 lines
Revbump all Go packages after go114 update.

Revision 1.39: download - view: text, markup, annotated - select for diffs
Mon Jun 29 16:02:13 2020 UTC (4 years, 5 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +3 -4 lines
gitea: Update to 1.21.

Provided by teutat3s in joyent/pkgsrc#271, with fixes by me.

Changes since 1.11.6:

## [1.12.1](https://github.com/go-gitea/gitea/releases/tag/v1.12.1) - 2020-06-21

* BUGFIXES
  * Handle multiple merges in gitgraph.js (#11996) (#12000)
  * Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
  * For language detection do not try to analyze big files by content (#11971) (#11975)
* ENHANCEMENTS
  * Fix scrollable header on dropdowns (#11893) (#11965)

## [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) - 2020-06-17

* BREAKING
  * When using API CreateRelease set created_unix to the tag commit time (#11218)
  * Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162)
  * Fix sanitizer config - multiple rules (#11133)
  * Remove check on username when using AccessToken authentication for the API (#11015)
  * Return 404 from Contents API when items don't exist (#10323)
  * Notification API should always return a JSON object with the current count of notifications (#10059)
  * Remove migration support from versions earlier than 1.6.0 (#10026)
* SECURITY
  * Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)
* FEATURES
  * Improve config logging when WrappedQueue times out (#11174)
  * Add branch delete to API (#11112)
  * Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047)
  * Add a way to mark Conversation (code comment) resolved (#11037)
  * Handle yaml frontmatter in markdown (#11016)
  * Cache PullRequest Divergence (#10914)
  * Make `gitea admin auth list` formatting configurable (#10844)
  * Add Matrix webhook (#10831)
  * Add Organization Wide Labels (#10814)
  * Allow to set protected file patterns for files that can not be changed under no conditions (#10806)
  * Option to set default branch at repository creation (#10803)
  * Add request review from specific reviewers feature in pull request (#10756)
  * Add NextCloud oauth (#10562)
  * System-wide webhooks (#10546)
  * Relax sanitization as per https://github.com/jch/html-pipeline (#10527)
  * Use media links for img in post-process (#10515)
  * Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
  * Render READMEs in docs/ .gitea or .github from root (#10361)
  * Add feishu webhook support (#10229)
  * Cache last commit to accelerate the repository directory page visit (#10069)
  * Implement basic app.ini and path checks to doctor cmd (#10064)
  * Make WorkerPools and Queues flushable (#10001)
  * Implement "embedded" command to extract static resources (#9982)
  * Add API endpoint for repo transfer (#9947)
  * Make archive prefixing configurable with a global setting (#9943)
  * Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
  * Issue/PR Context Popups (#9822)
  * Add "Update Branch" button to Pull Requests (#9784)
  * Add require signed commit for protected branch (#9708)
  * Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
  * Add API notification endpoints (#9488)
  * Issue search support elasticsearch (#9428)
  * Add API branch protection endpoint (#9311)
  * Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
  * Add support for migrating from Gitlab (#9084)
  * Add support for database schema in PostgreSQL (#8819)
  * Add setting to set default and global disabled repository units. (#8788)
  * Language statistics bar for repositories (#8037)
  * Restricted users (#6274)
* BUGFIXES
  * Fix commenting on non-utf8 encoded files (#11916) (#11950)
  * Use google/uuid to instead satori/go.uuid (#11943) (#11946)
  * Align show/hide outdated button on code review block (#11932) (#11944)
  * Update to go-git v5.1.0 (#11936) (#11941)
  * Use ID or Where to instead directly use Get when load object from database (#11925) (#11934)
  * Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915)
  * Invalidate comments when file is shortened (#11882) (#11884)
  * Rework api/user/repos for pagination (#11827) (#11877)
  * Handle more pathological branch and tag names (#11843) (#11863)
  * Add doctor check to set IsArchived false if it is null (partial #11853) (#11859)
  * Prevent panic on empty HOST for mysql (#11850) (#11856)
  * Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836)
  * Fix reply octicon (#11821) (#11822)
  * Honor DEFAULT_PAGING_NUM for API (#11805) (#11813)
  * Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809)
  * In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
  * Fix doer of rename repo (#11789) (#11794)
  * Initialize SimpleMDE when making a code comment (#11749) (#11785)
  * Fix timezone on issue deadline (#11697) (#11784)
  * Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
  * Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
  * Add missing templates for Matrix system webhooks (#11729) (#11748)
  * Fix verification of subkeys of default gpg key (#11713) (#11747)
  * Fix styling for commiter on diff view (#11715) (#11744)
  * Properly truncate system notices (#11714) (#11742)
  * Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
  * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
  * Doctor check & fix db consistency (#11111) (#11676)
  * Exclude generated files from language statistics (#11653) (#11670)
  * Return json on 500 error from API (#11574) (#11659)
  * When must change password only show Signout (#11600) (#11637)
  * Backport various styling fixes (#11619)
  * Fix wrong milestone in webhook message (#11596) (#11611)
  * Fix serviceworker output file and misc improvements (#11562) (#11610)
  * When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
  * Prevent empty query parameter being set on dashboard (#11561) (#11604)
  * Fix images in wiki edit preview (#11546) (#11602)
  * Prevent (caught) panic on login (#11590) (#11597)
  * Prevent transferring repos to invisible orgs (#11517) (#11549)
  * Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
  * API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
  * Fix repo-list private and total count bugs (#11500) (#11532)
  * Fix form action template substitutions on admin pages (backport #11519) (#11531)
  * Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
  * TrimSpace when reading InternalToken from a file (#11502) (#11524)
  * Fix selected line color in arc-green (#11492) (#11520)
  * Make localstorage read ssh or https correctly (#11483) (#11490)
  * Check branch protection on IsUserAllowedToUpdate (#11448)
  * Fix margin on attached segment headers when they are separated by other element (#11425)
  * Fix webhook template when validation errors occur (#11421)
  * Fix NPE in template due to missing signing key on commit page (#11392)
  * Restore active background to Register button on Register page (#11390)
  * Fix hook failure due to relative LFS_CONTENT_PATH (#11362)
  * Correctly set the organization num repos (#11339)
  * Prevent 500 with badly formed task list (#11328)
  * Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327)
  * Handle panics that percolate up to the graceful module (#11291)
  * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248)
  * Patch fomantic-ui to workaround build issue (#11244)
  * Prevent panic during wrappedConn close at hammertime (#11219)
  * On logout force redirect to start page (#11202)
  * Fix creation of Organization repos by Users with max created personal repos (#11183)
  * Add option to increase provided OAuth2 token maximum size (#11180)
  * Log the indexer path on failure (#11172)
  * Ensure that relative paths in edit preview work (#11143)
  * Make API EditIssue and EditPullRequest issue notifications (#11123)
  * Send 404 immediately for known public requests (#11117)
  * Remove nil inserts in models (#11096)
  * Add GetReviews() to RetryDownloader (#11093)
  * Remove nonexistent serviceworker entries (#11091)
  * Simplify and fix GetApprovalCounts (#11086)
  * Fix wiki revision template and simplify some tmpl conditions (#11080)
  * Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067)
  * Align review-item svg octicons (#11065)
  * Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
  * Users should not be able to prohibit their own login (#10970)
  * Fix scrollbar issues in dropdowns (#10897)
  * Change the order of issues.closed_by to list opening user first (#10876)
  * Allow site admin to check /api/v1/orgs endpoints (#10867)
  * Avoid logging []byte in queue failures - convert to string first (#10865)
  * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
  * Fix assignees double load bug (#10856)
  * Handle push rejection in branch and upload (#10854)
  * In authorized_keys use double-quote for windows compatibility (#10841)
  * Fix milestone template (#10824)
  * log.Fatal on failure to listen to SSH port (#10795)
  * Fix forked repo has no icon and language stat. (#10791)
  * Fix tag/release deletion (#10663)
  * Fix webhook migration (#10641)
  * Migration for deleting orphaned dependencies (#10617)
  * Add migration to fix the old broken merge-bases (#10604)
  * Update templates for Go 1.14 (#10596)
  * Remove unnecessary parentheses in wiki/view template (#10583)
  * Change default value of DefaultCommandExecutionTimeout to match docs (#10581)
  * Handle panic in indexer initialisation better (#10534)
  * Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456)
  * Fixed wrong AppSubUrl in multiple templates (#10447)
  * Fix profile page CSS (#10406)
  * Inject SVG sprite via ajax (#10320)
  * Fix migration information update bug when linked github account (#10310)
  * Allow admin to check org membership by API for other users (#10201)
  * Fix topics dropdown (#10167)
  * Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
  * Fix IsErrPullClosed (#10093)
  * Accept punctuation after simple+cross repository issue references (#10091)
  * On merge of already closed PR redirect back to the pulls page (#10010)
  * Fix crowdin update script (#9969)
  * Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927)
  * Add option to prevent LDAP from deactivating everything on empty search (#9879)
  * Fix admin handling at merge of PR (#9749)
  * err_admin_name_pattern_not_allowed String Clarification (#9731)
  * Fix wrong original git service type on a migrated repository (#9693)
  * Fix ref links in issue overviews for tags (#8742)
* ENHANCEMENTS
  * Fix search form button overlap (#11840) (#11864)
  * Make tabular menu styling consistent for arc-green (#11570) (#11798)
  * Add option to API to update PullRequest base branch (#11666) (#11796)
  * Increase maximum SQLite variables count to 32766 (#11696) (#11783)
  * Update emoji dataset with skin tone variants (#11678) (#11763)
  * Add logging to long migrations (#11647) (#11691)
  * Change language statistics to save size instead of percentage (#11681) (#11690)
  * Allow different HardBreaks settings for documents and comments (#11515) (#11599)
  * Fix alignment for commits on dashboard (#11595) (#11680)
  * Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673)
  * Handle expected errors in AddGPGkey API  (#11644) (#11661)
  * Close EventSource before unloading the page (#11539) (#11557)
  * Ensure emoji render with regular font-weight (#11541) (#11545)
  * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542)
  * Tweak reaction buttons (#11516)
  * Use more toned colors for selected line (#11493) (#11511)
  * Increase width for authors on commit view (#11441)
  * Hide archived repos by default in repo-list (#11440)
  * Better styling for code review comment textarea (#11428)
  * Support view individual commit for wiki pages (#11415)
  * Fix yellow background on active elements in code review (#11414)
  * Better styling for code review comment form (#11413)
  * Change install description on homepage (#11395)
  * Ensure search action button is coalesced to adjacent input (#11385)
  * Switch code editor to Monaco (#11366)
  * Add paging and archive/private repository filtering to dashboard list (#11321)
  * Changed image of openid-connect logo for better look on arc-green theme (#11312)
  * Load Repo Topics on blame view too (#11307)
  * Change the style in admin notice content view from `<p>` to `<pre>` (#11301)
  * Allow log.xxx.default to set logging settings for the default logger only (#11292)
  * Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285)
  * Make sendmail a Process and have default timeout (#11256)
  * Check value of skip-repository flag in dump command (#11254)
  * Fix submit review form (#11252)
  * Allow unauthenticated users to compare (#11240)
  * Add EventSource support (#11235)
  * Refactor Milestone related (#11225)
  * Add pull review API endpoints (#11224)
  * Add a 'this' to issue close/reopened messages (#11204)
  * When migrating from Gitlab map Approvals to approving Reviews (#11147)
  * Improve representation of attachments in issues (#11141)
  * Protect default branch against deletion (#11115)
  * Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113)
  * Fix status label on branches list vertical alignment (#11109)
  * Add single release page and latest redirect (#11102)
  * Add missing commit states to PR checks template (#11085)
  * Change icon on title for merged PR to git-merge (#11064)
  * Add MergePull comment type instead of close for merge PR (#11058)
  * Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055)
  * Consolidate author name across timeline (#11053)
  * Refactor UpdateOAuth2Application (#11034)
  * Support unicode emojis and remove emojify.js (#11032)
  * Add git hook "warning" to admin panel (#11030)
  * Add flash notify for email preference setting success (#11027)
  * Remove package code.gitea.io/gitea/modules/git import out of models (#11025)
  * Match arc-green code tag color to code blocks (#11023)
  * Move syntax highlighting to web worker (#11017)
  * Prevent merge of outdated PRs on protected branches (#11012)
  * Add Get/Update for api/v1/user/applications/oauth2 (#11008)
  * Upgrade to most recent bluemonday (#11007)
  * Tweak code tags in markdown (#11000)
  * Reject duplicate AccessToken names (#10994)
  * Fix Ctrl-Enter shortcut for issues (#10986)
  * Provide `OwnerName` field for README template (#10981)
  * Prettify Timeline (#10972)
  * Add issue subscription check to API (#10967)
  * Use AJAX for notifications table (#10961)
  * Adjust label padding (#10957)
  * Avoiding directory execution on hook (#10954) (#10955)
  * Migrate ActivityHeatmap to Vue SFC (#10953)
  * Change merge strategy: do not check write access if user in merge white list (#10951)
  * Enable GO111MODULE=on globally in Makefile (#10939)
  * API endpoint to get single commit via SHA and Ref (#10915)
  * Add accordion to release list and hide non-latest (#10910)
  * Split dashboard elements into separate template files (#10885)
  * Add more message on sidebar menus (#10872)
  * Set MySQL rowtype to dynamic for new tables (#10833)
  * Completely fix task-list checkbox styling (#10798)
  * Hide gear icon for user who can't use them on sidebar (#10750)
  * Refactor Cron and merge dashboard tasks (#10745)
  * Change review status icons on pr view style to github style (#10737)
  * Make pagination optional for API list notification endpoints (#10714)
  * Fix tab indentation in code view (#10671)
  * Fix task-list checkbox styling (#10668)
  * Multiple LFS improvements (#10667)
  * Make PR message on pushes configurable (#10664)
  * Move dropzone.js to npm/webpack (#10645)
  * Ensure Update button is enabled even when CI has failed (#10640)
  * Add restricted user filter to LDAP authentication (#10600)
  * Add Yandex OAuth2 provider (#8335) (#10564)
  * Make avatar lookup occur at image request (#10540)
  * Prevent accidential selection of language stats bar (#10537)
  * Add fluid-icon (#10491)
  * Inform participants on UI too (#10473)
  * Build with go 1.14 (and raise minimum go version to 1.12) (#10467)
  * Add max-file-size to LFS (#10463)
  * Enable paggination for ListRepoTags API (#10454)
  * Update JS dependencies (#10450)
  * Show the username as a fallback on feeds if full name is blank (#10438)
  * Various dark theme fixes (#10416)
  * Display pull request head branch even the branch deleted or repository deleted (#10413)
  * Prevent Firefox from using apple-touch-icon (#10402)
  * Fix input[type=file] on dark theme (#10382)
  * Improve mobile review-box sizing (#10297)
  * Notification: queue ui.go notification-service (#10281)
  * Add detected file language to code search (#10256)
  * Index code and stats only for non-empty repositories (#10251)
  * Add Approval Counts to pulls list (#10238)
  * Limit label list height on edit issue page (#10216)
  * Improve 404 error message (#10214)
  * Tweak locale to respect singular conflicting file message in PR list (#10177)
  * Fix commit view (#10169)
  * Reorganize frontend files and tooling (#10168)
  * Allow emoji on popup label (#10166)
  * ListIssues add filter for milestones API (#10148)
  * Show if a PR has conflicting files on the PR lists (#10130)
  * Fix inconsistent label color format in API (#10129)
  * Show download count info in release list (#10124)
  * Add Octicon SVG spritemap (#10107)
  * Update aria-fixed semantic-dropdown to fomantic master (#10096)
  * Fix apple-touch-icon, regenerate images (#10065)(#10006)
  * Style blockquote for default issue mail template (#10024)
  * More expansions in template repositories (#10021)
  * Allow list collaborators for users with Read access to repo (#9995)
  * Add explicit dimensions to navbar avatar (#9986)
  * Remove loadCSS and preload woff2 icon fonts (#9976)
  * Fix commit view JS features, reimplement folding (#9968)
  * Fix review avatar image (#9962)
  * Improve notification pager (#9821)
  * Move jquery and jquery-migrate to npm/webpack (#9813)
  * Change font to Roboto to support more charsets (#9803)
  * Move mailer to use a queue (#9789)
  * Issue search on my related repositories (#9758)
  * Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685)
  * Move tracked time api convert to convert package (#9665)
  * Improve PR info in default merge message (#9635)
  * Granular webhook events (#9626)
  * Add Reviewed-on in commit message (#9623)
  * Add top author stats to activity page (#9615)
  * Allow repo admin to merge PR regardless of review status (#9611)
  * Migrate reactions when migrating repository from github (#9599)
  * API orgEditTeam make Fields optional (#9556)
  * Move create/fork repository from models to modules/repository (#9489)
  * Migrate reviews when migrating repository from github (#9463)
  * Times API add filters (#9373)
  * Move push commits from models to modules/repository (#9370)
  * Add API endpoint to check notifications [Extend #9488] (#9595)
  * Add GET /orgs API endpoint (#9560)
  * API add/generalize pagination (#9452)
  * Make create org repo API call same as github (#9186)
* BUILD
  * Turn off go modules for xgo and gxz (#10963)
  * Add gitea-vet (#10948)
  * Rename scripts to build and add revive command as a new build tool command (#10942)
  * Add 'make lint', restructure 'compliance' pipeline (#10861)
  * Move JS build dependencies to 'dependencies' (#10763)
  * Use whitelist to find go files, run find only once (#10594)
  * Move vue and vue-calendar-heatmap to npm/webpack (#10188)
  * Move jquery.are-you-sure to npm/webpack (#10063)
  * Move highlight.js to npm/webpack (#10011)
  * Generate Bindata if TAGS="bindata" and not up-to-date (#10004)
  * Move CSS build to webpack (#9983)
  * Move fomantic target, update 'make help' (#9945)
  * Add css extraction and minification to webpack (#9944)
  * Misc webpack tweaks (#9924)
  * Make node_modules a order-only prerequisite (#9923)
  * Update documentation for the go module era (#9751)
  * Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714)
  * Use npm to manage fomantic and only build needed components (#9561)
* MISC
  * Add gnupg to Dockerfile (#11365)
  * Update snapcraft.yaml for core18 and latest features (#11300)
  * Update JS dependencies, min Node.js version 10.13 (#11246)
  * Change default charset for MySQL on install to utf8mb4 (#10989)
  * Return issue subscription status from API subscribe (#10966)
  * Fix queue log param (#10733)
  * Add warning when using relative path to app.ini (#10104)

## [1.11.7](https://github.com/go-gitea/gitea/releases/tag/v1.11.7) - 2020-06-18

* BUGFIXES
  * Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
  * Fix __webpack_public_path__ for 1.11 (#11907)
  * Fix verification of subkeys of default gpg key (#11713) (#11902)
  * Remove unnecessary parentheses in wiki/view template (#11781)
  * Doctor fix xorm.Count nil on sqlite error (#11741)

Revision 1.38: download - view: text, markup, annotated - select for diffs
Wed Jun 17 09:54:18 2020 UTC (4 years, 5 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +2 -1 lines
Revbump Go packages after Go 1.14.4 update.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Wed Jun 3 18:30:28 2020 UTC (4 years, 6 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +14 -7 lines
gitea: Update to 1.11.6

Patch submitted by teutat3s.  Changes since 1.11.5:

## [1.11.6](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) - 2020-05-30

* SECURITY
  * Fix missing authorization check on pull for public repos of private/limited
    org (#11656) (#11683)
  * Use session for retrieving org teams (#11438) (#11439)
* BUGFIXES
  * Return json on 500 error from API (#11574) (#11660)
  * Fix wrong milestone in webhook message (#11596) (#11612)
  * Prevent (caught) panic on login (#11590) (#11598)
  * Fix commit page js error (#11527)
  * Use media links for img in post-process (#10515) (#11504)
  * Ensure public repositories in private organizations are visible and fix
    admin organizations list (#11465) (#11475)
  * Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456)
    (#11461)
  * Allow all members of private orgs to see public repos (#11442) (#11459)
  * Whenever the ctx.Session is updated, release it to save it before sending
    the redirect (#11456) (#11457)
  * Forcibly clean and destroy the session on logout (#11447) (#11451)
  * Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname
    (#11381)
  * Add tracked time fix to doctor (part of #11111) (#11138)
  * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
  * Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build
    on go1.14  (#11481)

Revision 1.36: download - view: text, markup, annotated - select for diffs
Tue Jun 2 08:24:57 2020 UTC (4 years, 6 months ago) by adam
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +2 -2 lines
Revbump for icu

Revision 1.35: download - view: text, markup, annotated - select for diffs
Thu May 21 13:37:09 2020 UTC (4 years, 6 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +2 -1 lines
gitea: Bump PKGREVISION for previous.

Apologies for the double commit, accidentally specified filename to cvs ci.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Thu May 21 13:35:12 2020 UTC (4 years, 6 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +37 -18 lines
gitea: Various fixes.

Add a target to generate the frontend artefacts that are required at
runtime, but do not build them by default as they require nodejs/npm which
will download node modules during the build.  Instead use a pre-built copy
stored in LOCAL_PORTS.  The web interface should now look correct.

Use the supplied Makefile to simplify some of the targets.

Remove unnecessary MAKE_DIRS (shadows an OWN_DIRS_PERMS), and fix
permissions on some of the installed files.

Based on joyent/pkgsrc#263 from GitHub user teutat3s.

Revision 1.33: download - view: text, markup, annotated - select for diffs
Sun May 17 14:50:40 2020 UTC (4 years, 6 months ago) by nia
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +2 -3 lines
gitea: Update to 1.11.5

## [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) - 2020-05-09

* BUGFIXES
  * Prevent timer leaks in Workerpool and others (#11333) (#11340)
  * Fix tracked time issues (#11349) (#11354)
  * Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
  * Allow X in addition to x in tasks (#10979) (#11335)
  * When delete tracked time through the API return 404 not 500 (#11319) (#11326)
  * Prevent duplicate records in organizations list when creating a repository (#11303) (#11325)
  * Manage port in submodule refurl (#11305) (#11323)
  * api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
  * Show pull request selection even when unrelated branches (#11239) (#11283)
  * Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
  * Fix GetContents(): Dont't ignore Executables (#11192) (#11209)
  * Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
  * Prevent clones and pushes to disabled wiki (#11131) (#11134)
  * Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
  * On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125)
  * Refresh codemirror on show pull comment tab (#11100) (#11122)
  * Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
  * Load pr Issue Poster on API too (#11033) (#11039)
  * Fix release counter on API repository info (#10968) (#10996)
  * Generate Diff and Patch direct from Pull head (#10936) (#10938)
  * Fix rebase conflict detection in git 2.26 (#10929) (#10930)
* ENHANCEMENT
  * Fix 404 and 500 image size in small size screen (#11043) (#11049)
  * Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)

Revision 1.32: download - view: text, markup, annotated - select for diffs
Fri May 1 21:27:49 2020 UTC (4 years, 7 months ago) by rillig
Branches: MAIN
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +6 -5 lines
www/gitea: fix the SUBST block for updating the version number

In the distfile gitea-1.11.4.tar.gz, the version number is written as
1.9.0-dev, which is probably a mistake. Make sure that this version
number is always fixed, until this inconsistency is fixed upstream.

Revision 1.31: download - view: text, markup, annotated - select for diffs
Sun Apr 12 11:01:50 2020 UTC (4 years, 7 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +2 -2 lines
Revbump all Go packages after default version switch to 1.14.

Revision 1.30: download - view: text, markup, annotated - select for diffs
Sun Apr 12 08:29:17 2020 UTC (4 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +2 -1 lines
Recursive revision bump after textproc/icu update

Revision 1.29: download - view: text, markup, annotated - select for diffs
Sun Apr 5 13:33:26 2020 UTC (4 years, 8 months ago) by nia
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +2 -3 lines
gitea: Update to 1.11.4

## [1.11.4](https://github.com/go-gitea/gitea/releases/tag/v1.11.4) - 2020-04-01

* BUGFIXES
  * Only update merge_base if not already merged (#10909)
  * Fix milestones too many SQL variables bug (#10880) (#10904)
  * Protect against NPEs in notifications list (#10879) (#10883)
  * Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
  * Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
  * Account for empty lines in receive-hook message (#10773) (#10784)
  * Fix bug on branch API (#10767) (#10775)
  * Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
  * Fix hiding of fields in authorization source page (#10734) (#10752)
  * Prevent default for linkAction (#10742) (#10743)

Revision 1.28: download - view: text, markup, annotated - select for diffs
Sat Mar 21 16:57:03 2020 UTC (4 years, 8 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +2 -1 lines
Revbump all Go packages after go113 update.

Revision 1.27: download - view: text, markup, annotated - select for diffs
Tue Mar 17 13:08:38 2020 UTC (4 years, 8 months ago) by nia
Branches: MAIN
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +2 -2 lines
gitea: Update to 1.11.3

## [1.11.3](https://github.com/go-gitea/gitea/releases/tag/v1.11.3) - 2020-03-10

* BUGFIXES
  * Prevent panic in stopwatch (#10670) (#10673)
  * Fix bug on pull view when required status check no ci result (#10648) (#10651)
  * Build explicitly with Go 1.13 (#10684)

Revision 1.26: download - view: text, markup, annotated - select for diffs
Mon Mar 9 11:06:16 2020 UTC (4 years, 9 months ago) by nia
Branches: MAIN
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +2 -2 lines
gitea: Update to 1.11.2

## [1.11.2](https://github.com/go-gitea/gitea/releases/tag/v1.11.2) - 2020-03-06

* BREAKING
  * Various fixes in login sources (#10428) (#10429)
* SECURITY
  * Ensure only own addresses are updated (#10397) (#10399)
  * Logout POST action (#10582) (#10585)
  * Org action fixes and form cleanup (#10512) (#10514)
  * Change action GETs to POST (#10462) (#10464)
  * Fix admin notices (#10480) (#10483)
  * Change admin dashboard to POST (#10465) (#10466)
  * Update markbates/goth (#10444) (#10445)
  * Update crypto vendors (#10385) (#10398)
* BUGFIXES
  * Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626)
  * Handle deleted base branch in PR (#10618) (#10619)
  * Delete dependencies when deleting a repository (#10608) (#10616)
  * Ensure executable bit is kept on the web editor (#10607) (#10614)
  * Update mergebase in pr checker (#10586) (#10605)
  * Fix release attachments being deleted while upgrading (#10572) (#10573)
  * Fix redirection path if Slack webhook channel is invalid (#10566)
  * Fix head.tmpl og:image picture location (#10531) (#10556)
  * Fix 404 after activating secondary email (#10547) (#10553)
  * Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524)
  * Fix potential bugs (#10513) (#10518)
  * Use \[:space:\] instead of \\s (#10508) (#10509)
  * Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500)
  * Handle push rejection message in Merge & Web Editor (#10373) (#10497)
  * Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493)
  * Fix double PR notification from API (#10482) (#10486)
  * Show the username as a fallback on feeds if full name is blank (#10461)
  * Trigger webhooks on issue label-change via API too (#10421) (#10439)
  * Fix git reference type in webhooks (#10427) (#10432)
  * Prevent panic on merge to PR (#10403) (#10408)
  * Fix wrong num closed issues on repository when close issue via commit… (#10364) (#10380)
  * Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354)
  * Set max-width on review-box comment box (#10348) (#10353)
  * Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344)
  * Fix protected branch status check settings (#10341) (#10343)
  * Truncate long commit message header (#10301) (#10319)
  * Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318)
  * Don't manually replace whitespace during render (#10291) (#10315)
* ENHANCEMENT
  * Admin page for managing user e-mail activation (#10557) (#10579)

Revision 1.25: download - view: text, markup, annotated - select for diffs
Tue Feb 18 13:35:07 2020 UTC (4 years, 9 months ago) by nia
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +2 -2 lines
gitea: Update to 1.11.1

## [1.11.1](https://github.com/go-gitea/gitea/releases/tag/v1.11.1) - 2020-02-15

* BUGFIXES
  * Repo name added to automatically generated commit message when merging (#9997) (#10285)
  * Fix Workerpool deadlock (#10283) (#10284)
  * Divide GetIssueStats query in smaller chunks (#10176) (#10282)
  * Fix reply on code review (#10257)
  * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
  * Fix filter label emoji width (#10241) (#10244)
  * Fix issue sidebar menus having an infinite height (#10239) (#10240)
  * Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
  * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
  * Blacklist manifest.json & milestones user (#10292) (#10293)

Revision 1.24: download - view: text, markup, annotated - select for diffs
Thu Feb 13 22:23:19 2020 UTC (4 years, 9 months ago) by nia
Branches: MAIN
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -3 lines
gitea: Update to 1.11.0

## [1.11.0](https://github.com/go-gitea/gitea/releases/tag/v1.11.0) - 2020-02-10
* BREAKING
  * Fix followers and following tabs in profile (#10202) (#10203)
  * Make CertFile and KeyFile relative to CustomPath (#9868) (#9874)
  * Remove unused endpoints (#9538)
  * Prefix all user-generated IDs in markup (#9477)
  * Enforce Gitea environment for pushes (#8982)
  * Hide some user information via API if user have not enough permissions (#8655)
  * Move startpage/homepage translation to crowdin (#8596)
* SECURITY
  * Never allow an empty password to validate (#9682) (#9683)
  * Prevent redirect to Host (#9678) (#9679)
  * Swagger hide search field (#9554)
  * Add "search" to reserved usernames (#9063)
  * Switch to fomantic-ui (#9374)
  * Only serve attachments when linked to issue/release and if accessible by user (#9340)
* FEATURES
  * Webhooks should only show sender if it makes sense (#9601)
  * Provide Default messages for merges (#9393)
  * Add description to labels on create issue (#9392)
  * Graceful Queues: Issue Indexing and Tasks (#9363)
  * Default NO_REPLY_ADDRESS to DOMAIN (#9325)
  * Allow FCGI over unix sockets (#9298)
  * Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
  * Add API for Reactions (#9220)
  * Graceful: Cancel Process on monitor pages & HammerTime (#9213)
  * Graceful: Allow graceful restart for unix sockets (#9113)
  * Graceful: Allow graceful restart for fcgi (#9112)
  * Sign protected branches (#8993)
  * Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
  * Add Gitea icon to Emojis (#8950)
  * Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924)
  * Allow Custom Reactions (#8886)
  * Close/reopen issues by keywords in titles and comments (#8866)
  * Allow incompletely specified Time Formats (#8816)
  * Prevent upload (overwrite) of lfs locked file (#8769)
  * Template Repositories (#8768)
  * Add /milestones endpoint (#8733)
  * Make repository management section handle lfs locks (#8726)
  * Respect LFS File Lock on UI (#8719)
  * Add team option to grant rights for all organization repositories (#8688)
  * Enabling and disabling the commit button to prevent empty commits (web editor) (#8590)
  * Add setting to disable BASIC authentication (#8586)
  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528)
  * Allow Protected Branches to Whitelist Deploy Keys (#8483)
  * Push to create repo (#8419)
  * Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
  * Add basic repository lfs management (#7199)
* BUGFIXES
  * Fix code-expansion arc-green theme bug (#10180) (#10185)
  * Prevent double wait-group decrement (#10170) (#10175)
  * Allow emoji on review head comments (#10159) (#10174)
  * Fix issue/pull link (#10158) (#10173)
  * Fix push-create SSH bugs (#10145) (#10151)
  * Prevent DeleteUser API abuse (#10125) (#10128)
  * Fix issues/pulls dashboard paging error (#10114) (#10115)
  * Add button to revert SimpleMDE to plain textarea (#10099) (#10102)
  * Fix branch page pull request title and link error (#10092) (#10097)
  * Fix PR API: Only try to get HeadBranch if HeadRepo exist (#10029) (#10088)
  * Update topics repo count when deleting repository (#10051) (#10081)
  * Show pull icon on pull requests (#10061) (#10062)
  * Fix milestone API state parameter unhandled (#10049) (#10052)
  * Move to using a temporary repo for pushing new PRs (#10009) (#10042)
  * Fix wiki raw view on sub path (#10002) (#10040)
  * Ensure that feeds are appropriately restricted (#10018) (#10019)
  * Sanitize credentials in mirror form (#9975) (#9991)
  * Close related pull requests when deleting head repository or head branch (#9927) (#9974)
  * Switch to use -f instead of -F for sendmail (#9961) (#9970)
  * Fix file rename/copy not supported by indexer (#9965) (#9967)
  * Fix repo indexer not updating upon push (#9957) (#9963)
  * Don't convert ellipsis in markdown (#9905) (#9937)
  * Fixed repo link in generated comment for cross repository dependency (#9863) (#9935)
  * Check if diff actually contains sections when rendering (#9926) (#9933)
  * Fix wrong hint when status checking is running on pull request view (#9886) (#9928)
  * Fix RocketChat (#9908) (#9921)
  * Do not try to recreate ldap user if they are already created (#9900) (#9919)
  * Create terminated channel in queue_redis (#9910) (#9911)
  * Prevent empty LDAP search result from deactivating all users (#9879) (#9896)
  * Fix wrong permissions check when issues/prs shared operations (#9885) (#9889)
  * Check user != nil before checking values (#9881) (#9883)
  * Allow hyphen in language name (#9873) (#9880)
  * Ensure that 2fa is checked on reset-password (#9857) (#9876)
  * Fix issues/pulls dependencies problems (#9842) (#9864)
  * Fix markdown anchor links (#9673) (#9840)
  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9837)
  * Fix download file wrong content-type (#9825) (#9834)
  * Fix wrong poster identity on a migrated pull request when submit review (#9827) (#9830)
  * Fix database dump when log directory is missing (#9818) (#9819)
  * Fix compare (#9808) (#9814)
  * Fix push-to-create (#9772) (#9797)
  * Fix missing msteam webhook on organization (#9781) (#9794)
  * Fix missing unlock in uniquequeue (#9790) (#9791)
  * Fix add team on collaborator page when same name as organization (#9778)
  * DeleteRepoFile incorrectly handles Delete to new branch (#9769) (#9775)
  * Fix milestones page (#9771)
  * Fix SimpleMDE quote reply (#9757) (#9768)
  * Fix missing updated time on migrated issues and comments (#9744) (#9764)
  * Move Errored PRs out of StatusChecking (#9675) (#9726)
  * Make hook status printing configurable with delay (#9641) (#9725)
  * ​Fix /repos​/issues​/search (#9698) (#9724)
  * Silence fomantic error regarding tabs (#9713) (#9718)
  * Remove unused lock (#9709) (#9710)
  * Remove q.lock.Unlock() in setInternal to prevent panic (#9705) (#9706)
  * Load milestone in API PR list (#9671) (#9700)
  * Don't attempt to close issue if already closed (#9696) (#9699)
  * Remove google font call (#9668) (#9681)
  * Eliminate horizontal scroll caused by footer (#9674)
  * Fix nil reference in repo generation (#9660) (#9666)
  * Add HTML URL to API Issues (#9654) (#9661)
  * Add PR review webhook to Telegram (#9653) (#9655)
  * Use filepath.IsAbs instead of path.IsAbs (#9651) (#9652)
  * Disable remove button on repository teams when have access to all (#9640)
  * Clean up old references on branch delete (#9614)
  * Hide public repos owned by private orgs (#9609)
  * Fix access issues on milestone and issue overview pages. (#9603)
  * Fix error logged when repos qs is empty (#9591)
  * Dont trigger notification twice on issue assignee change (#9582)
  * Fix mirror pushed commit actions (#9572)
  * Allow only specific columns to be updated on issue via API (#9189) (#9539)
  * Fix default avatar for ghost user (#9536)
  * Fix download of release attachments with same name (#9529)
  * Resolve deprecated INI conversion (#9525)
  * Ignore empty avatars during database migration (#9520)
  * Fix deleted branch isn't removed when push the branch again (#9516)
  * Fix repository issues pagination bug when there are more than one label filter (#9512)
  * Fix SetExpr failed (#9506)
  * Remove obsolete file private/push_update.go (#9503)
  * When recreating hooks, delete them first so they are recreated with the umask (#9502)
  * Properly enforce gitea environment for pushes (#9501)
  * Fix datarace on repo indexer queue (#9490)
  * Add call to load repo prior to redirect in add/remove dependency code (#9484)
  * Wrap the code indexer (#9476)
  * Use Req.URL.RequestURI() to cope with FCGI urls (#9473)
  * Set default ssh.minimum_key_sizes (#9466)
  * Fixed issue with paging in /repos/{owner}/{repo}/git/trees/{sha} api (#9459)
  * Fix wrong notification on merge (#9450)
  * Issue with Migration rule v111 (#9449)
  * Trigger webhook when deleting a branch after merging a PR (#9424)
  * Add migration to sanitize repository original_url (#9423)
  * Use OriginalURL instead of CloneAddr in migration logging (#9418)
  * Push update after branch is restored (#9416)
  * Fix wrong migration (#9381)
  * Fix show repositories filter (#9234) (#9379)
  * Fix Slack webhook payload title generation to work with Mattermost (#9378)
  * Fix double webhook for new PR (#9375)
  * AuthorizedKeysCommand should not query db directly (#9371)
  * Fix missed change to GetManager() (#9361)
  * Fix cache problem on dashboard (#9358)
  * RepoIndexer: DefaultBranch needs to be prefixed by BranchPrefix (#9356)
  * Fix protected branch using IssueID (#9348)
  * Fix nondeterministic behavior (#9341)
  * Fix PR/issue redirects when having external tracker (#9339)
  * Remove release attachments which repository has been deleted (#9334)
  * Fix issue indexer not triggered when migrating a repository (#9332)
  * Add SyncTags to uploader interface (#9326)
  * Fix bug that release attachment files not deleted when deleting repository (#9322)
  * Only sync tags after all migration release batches are completed (#9319)
  * File Edit: Author/Committer interchanged (#9297)
  * prebuild CSS/JS before xgo release binaries (#9293)
  * Log: Ensure FLAGS=none shows no flags (#9287)
  * Make Diff Detail on Pull Request Changed File UI always on Top (#9280)
  * Switch CSS minifier to cssnano (#9260)
  * Fix latest docker image haven't include static files. (#9252)
  * Don't link wiki revision to commit (#9244)
  * Change review content column to type text in db (#9229)
  * Fixed topic regex pattern and added search by topic links after save (#9219)
  * Add language to user API responce (#9215)
  * Correct tooltip message blocked by dependencies (#9211)
  * Add SimpleMDE and Fix Image Paste for Issue/Comment Editor (#9197)
  * Fix panic when diff (#9187)
  * Fix #9151 - smtp logger configuration sendTos should be an array (#9154)
  * Fix max length check and limit in multiple repo forms (#9148)
  * Always Show Password Field on Link Account Sign-in Page (#9147)
  * Properly fix displaying virtual session provider in admin panel (#9137)
  * Fix race condition on indexer (#9136)
  * Fix team links in HTML rendering (#9127)
  * Fix race condition in ReplaceSanitizer (#9123)
  * Fix what information is shown about user in API (#9115)
  * Fix nil context user for template repositories (#9099)
  * Hide given credentials for migrated repos. (#9097)
  * Fix reCAPTCHA API URL (#9083)
  * Fix password checks on admin create/edit user (#9076)
  * Update golang.org/x/crypto vendor to use acme v2 (#9056)
  * Ensure Written is set in GZIP ProxyResponseWriter (#9018)
  * Fix wrong system notice when repository is empty (#9010)
  * Fix broken link to branch from issue list (#9003)
  * Fix bug when pack js (#8992)
  * New review approvals shouldn't require a message (#8991)
  * Shadow password correctly for session config (#8984)
  * Don't send notification on pending reviews (#8943)
  * Fix Notify Create Ref Error on tag creation (#8936)
  * Convert EOL to UNIX-style to render MD properly (#8925)
  * Migrate temp_repo.go to use git.NewCommand  (#8918)
  * Fix issue with user.fullname (#8902)
  * Add Close() method to gogitRepository (#8901)
  * Enable punctuations ending mentions (#8889)
  * Fix password complexity check on registration (#8887)
  * Fix require external registration password (#8885)
  * Fix edit content button on migrated issue content (#8877)
  * Fix permission checks for close/reopen from commit (#8875)
  * Fix API Bug (fail on empty assignees) (#8873)
  * Stop using git count-objects and use raw directory size for repository (#8848)
  * Fix count for commit graph last page (#8843)
  * Fix to close opened io resources as soon as not needed (#8839)
  * Improve notification (#8835)
  * Fix new user form for non-local users (#8826)
  * Fix: remove duplicated signed commit icons (#8820)
  * Fix (open/closed) issue count when label excluded (#8815)
  * Fix SSH2 conditional in key parsing code (#8806)
  * Fix 500 when edit hook (#8782)
  * On windows set core.longpaths true (#8776)
  * Fix commit expand button to not go to commit link (#8745)
  * Avoid re-issuing redundant cross-references. (#8734)
  * Fix milestone close timestamp function (#8728)
  * Move webhook codes from service to webhook notification (#8712)
  * Show zero lines on the line counter if the file empty (#8700)
  * Fix deadline on update issue or PR via API (#8696)
  * make call createMilestoneComment on newIssue func (#8678)
  * Send tag create and push webhook when release created on UI (#8671)
  * Prevent chrome download page as html with alt + click (#8669)
  * Fix 500 when getting user as unauthenticated user (#8653)
  * Graceful fixes (#8645)
  * Add SubURL to redirect path (#8632) (#8634)
  * Fix extra columns from `label` table (#8633)
  * Add SubURL to redirect path for transferred/renamed repos (#8632)
  * Fix bug when migrate from API (#8631)
  * Allow to merge if file path contains " or \ (#8629)
  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609)
  * Ensure default gpg settings not nil and found commits have reference to repo (#8604)
  * Set webhook Content-Type for application/x-www-form-urlencoded (#8599)
  * Fix #8582 by handling empty repos (#8587)
  * Fix of the diff statistics view on pull request's (#8581)
  * Fix bug on pull requests when transfer head repository (#8564)
  * Fix template error on account page (#8562)
  * Allow externalID to be UUID (#8551)
  * Fix ignored error on editorconfig api (#8550)
  * Fix user avatar name (#8547)
  * Ensure that GitRepo is set on Empty repositories (#8539)
  * Add missed close in ServeBlobLFS (#8527)
  * Fix migrate mirror 500 bug (#8526)
  * Fix password complexity regex for special characters (on master) (#8525)
* ENHANCEMENTS
  * Explicitly refer to PR in squash-merge commit message in case of external tracker (#9844) (#9855)
  * Add a /user/login landing page option (#9622)
  * Some more e-mail notification fixes (#9596)
  * Add branch protection option to block merge on requested changes. (#9592)
  * Add footer extra links template (#9576)
  * Fix for a wrong URL in activity page of repository.  (#9571)
  * Update default issue template (#9568)
  * Change markdown rendering from blackfriday to goldmark  (#9533)
  * Extend file create api with dates (#9464)
  * Add ActionCommentPull action (#9456)
  * Response for context on retry database connection (#9444)
  * Refactor webhooks to reduce code duplication (#9422)
  * update couchbase deps for new license (#9419)
  * Add .ignore file for search tools (#9417)
  * Remove unsued struct (#9405)
  * Hide not allowed Reactions (#9387)
  * Remove text from action-only webhooks (#9377)
  * Move PushToBaseRepo from models to services/pull (#9352)
  * Site admin could view org's members (#9346)
  * Sleep longer if request speed is over github limitation (#9335)
  * Refactor comment (#9330)
  * Refactor code indexer (#9313)
  * Remove SavePatch and generate patches on the fly (#9302)
  * Move some pull request functions from models to services (#9266)
  * Update JS dependencies (#9255)
  * Show label list on label set (#9251)
  * Redirect issue if repo has configured external tracker. (#9247)
  * Allow kbd tags (#9245)
  * Remove unused comment actions (#9222)
  * Fixed errors logging in dump.go (#9218)
  * Expose release counter to repo API response (#9214)
  * Make consistent links to repository in the Slack/Mattermost notificiations (#9205)
  * Expose pull request counter to repo API response (#9202)
  * Extend TrackedTimes API (#9200)
  * Extend StopWatch API (#9196)
  * Move code indexer related code to a new package (#9191)
  * Docker: ask s6 to stop all service when gitea stop (#9171)
  * Variable expansion in repository templates (#9163)
  * Add avatar and issue labels to template repositories (#9149)
  * Show single review comments in the PR conversation tab (#9143)
  * Extract createComment (#9125)
  * Move PushUpdateOptions from models to repofiles (#9124)
  * Alternate syntax for cross references (#9116)
  * Add USE_SERVICE_WORKER setting (#9110)
  * Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092)
  * Explore page: Add topic param to pagination (#9077) (#9078)
  * Markdown: Sanitizier Configuration (#9075)
  * Add password requirement info on error (#9074)
  * Allow authors to use act keywords in PR content (#9059)
  * Move modules/gzip to gitea.com/macaron/gzip (#9058)
  * Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055)
  * Context menus for comments, add quote reply (#9043)
  * Update branch API endpoint to show effective branch protection. (#9031)
  * Move git graph from models to modules/graph (#9027)
  * Move merge actions to notification (#9024)
  * Move mirror sync actions to notification (#9022)
  * Add retry for migration http/https requests (#9019)
  * Rewrite delivery of issue and comment mails (#9009)
  * Add review comments to mail notifications (#8996)
  * Refactor pull request review (#8954)
  * Githook highlighter (#8932)
  * Add git hooks and webhooks to template repositories; move to services (#8926)
  * Only view branch or tag if it match refType requested. (#8899)
  * Drop Admin attribute based on LDAP when login (continue #1743) (#8849)
  * Add additional periods to activity page (#8829)
  * Update go-org to optimize code (#8824)
  * Move some actions to notification/action (#8779)
  * Webhook support custom proxy (#8760)
  * Fix API deadline removal (#8759)
  * Mark review comment as invalidated when file is deleted (#8751)
  * Move pull list code to a separate file (#8748)
  * Move webhook to a standalone package under modules (#8747)
  * Multi repo select on issue page (#8741)
  * apply exclude label on milestone issue list (#8739)
  * Move issue notifications and assignee man (#8713)
  * Move issue change content from models to service (#8711)
  * Move issue change status from models to service (#8691)
  * Move more issue assignee code from models to issue service (#8690)
  * Create PR on Current Repository by Default (#8670)
  * Improve Open Graph Protocol (#8637)
  * Batch hook pre- and post-receive calls (#8602)
  * Improve webhooks (#8583)
  * Move transfer repository and rename repository on a service package and start action notification (#8573)
  * Implement/Fix PR review webhooks (#8570)
  * Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
  * Move some repositories' operations to a standalone service package (#8557)
  * Allow more than 255 characters for tokens in external_login_user table (#8554)
  * Move issue label operations to issue service package (#8553)
  * Adjust error reporting from merge failures and use LC_ALL=C for git (#8548)
  * Mail assignee when issue/pull request is assigned (#8546)
  * Allow committing / adding empty files using the web ui (#8420) (#8532)
  * Move sync mirror actions to mirror service package (#8518)
  * Remove arrows on numeric inputs (#8516)
  * Support inline rendering of CUSTOM_URL_SCHEMES (#8496)
  * Recalculate repository access only for specific user (#8481)
  * Add download button for rull request diff- and patch-file (#8470)
  * Add single sign-on support via SSPI on Windows (#8463)
  * Move change issue title from models to issue service package (#8456)
  * Add included tag on  branch view (#8449)
  * Make static resouces web browser cache time customized on app.ini (#8442)
  * Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426)
  * Add pagination to commit graph page (#8360)
  * Use templates for issue e-mail subject and body (#8329)
  * Move clearlabels from models to issue service (#8326)
  * Move AddTestPullRequestTask to pull service package from models (#8324)
  * Team permission to create repository in organization (#8312)
  * Allows external rendering of other filetypes (#8300)
  * Add 'Alt + click' feature to exclude labels (#8199)
  * Configurable close and reopen keywords for PRs (#8120)
  * Configurable URL for static resources (#7911)
  * Unifies commit list in repository commit table and wiki revision page (#7907)
  * Allow cross-repository dependencies on issues (#7901)
  * Auto-subscribe user to repository when they commit/tag to it (#7657)
  * Restore Graceful Restarting & Socket Activation (#7274)
  * wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241)
  * Change target branch for pull request (#6488)
  * Display PR commits and diffs using base repo rather than forked (#3648)
* TESTING
  * Add debug option to serv to help debug problems (#9492)
  * Fix the intermittent TestGPGGit failures (#9360)
  * Testing: Update postgres sequences (#9304)
  * Missed defer prepareTestEnv (#9285)
  * Fix "data race" in testlogger (#9159)
  * Yet another attempt to fix the intermittent failure of gpg git test (#9146)
  * integrations: Fix Dropped Test Errors (#9040)
  * services/mirror: fix dropped test errors (#9007)
  * Fix intermittent GPG Git test failure (#8968)
  * Update Github Migration Tests (#8893) (#8938)
  * Update heatmap fixtures to restore tests (#8615)
* TRANSLATION
  * Fix Korean locales (#9761) (#9780)
  * Fix placeholders in the error message (#9060)
  * Fix spelling of admin.users.max_repo_creation (#8934)
  * Improve german translation of homepage (#8549)
* BUILD
  * Fix webpack polyfills (#9735) (#9738)
  * Update gitea.com/macaron to 1.4.0 (#9608)
  * Upgrade lato fonts to v16. (#9498)
  * Update alpine to 3.11 (#9440)
  * Upgrade blevesearch (#9177)
  * Remove built js/css files from git (#9114)
  * Move semantic.dropdown.custom.js to webpack (#9064)
  * Check compiled files during build (#9042)
  * Enable lazy-loading of gitgraph.js (#9036)
  * Pack web_src/js/draw.js to public/js/index.js (#8975)
  * Modernize js and use babel (#8973)
  * Move index.js to web_src and use webpack to pack them (#8598)
  * Restrict modules/graceful to non-windows build and shim IsChild (#8537)
  * Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
* DOCS
  * Swagger info corrections (#9441) (#9558)
  * Add ALLOW_ONLY_EXTERNAL_REGISTRATION to config cheat sheet (#8986)
  * Rephrase comment about RuntimeDirectory option in systemd config (#8912)
  * Explicitly indicate the socket unit to use the service unit "gitea.service" (#8804)
  * Adjust the must-change-password help (#8755)
  * Add notice to docs for migrating from more recent versions of Gogs (#8724)
  * Add explicit info about customization of homepage (#8694)
  * Change external asciidoctor tool to embedded mode (#8677)
  * Add Docker fail2ban configuration (#8642)
  * Correct some outdated statements in the contributing guidelines (#8612)
  * Basic Design guidelines (describing different parts of the code) (#8601)
  * Display Gitea logo in Readme (#8592)
  * Fix building from source docs to ref AppWorkPath (#8567)
  * Update the provided gitea.service to mention socket activation (#8531)
  * Doc added how to setup email (#8520)
* MISC
  * Backport Locales [2020-01-14] (#9773)
  * Add translatable Powered by Gitea text in footer (#9600)
  * Add contrib/environment-to-ini (#9519)
  * Remove unnecessary loading of settings in update hook (#9496)
  * Update gitignore list (#9437)
  * Update license list (#9436)
  * Fix background reactions in the arc-green theme (#9421)
  * Update and fix chardet import (#9351)
  * Ensure LF on checkouts and in editors (#9259)
  * Fixed topics margin (#9248)
  * Add comment to exported function WindowsServiceName (make revive) (#9241)
  * Remove empty lines on issues/pulls page (#9232)
  * Fix Add Comment Button's "+" Position (#9140)
  * Add first issue comment hashtag (#9052)
  * Change some label colors (#9051)
  * Fix double scroll in branch dropdown (#9048)
  * Add comment highlight when target from url (#9047)
  * Update display of reactions to issues and comments (#9038)
  * Button tooltip formatting under Branches (#9034)
  * Allow setting default branch via API (#9030)
  * Update dashboard context for PR reviews (#8995)
  * Show repository size in repo home page and settings (#8940)
  * Allow to add and remove all repositories to/from team. (#8867)
  * Show due date in dashboard issues list (#8860)
  * Theme arc-green: reverse heatmap colors (#8840)
  * Project files table style update (#8757)
  * gitignore debugging file from vscode (#8740)
  * Add API for Issue set Subscription (#8729)
  * Make 100% width search bar (#8710)
  * Update color theme for heatmap (#8709)
  * Add margin to title_wip_desc (#8705)
  * Improve visibility of "Pending" indicator (#8685)
  * Improve accessibility of dropdown menus (#8638)
  * Make /users/{username}/repos list private repos the current user has access to (#8621)
  * Prevent .code-view from overriding font on icon fonts (#8614)
  * Add id references on all issue events to allow internal linking (#8608)
  * Upgrade xorm to v0.8.0 (#8536)
  * Upgrade gopkg.in/ini.v1 (#8500)
  * Update CodeMirror to version 5.49.0 (#8381)
  * Wiki editor: enable side-by-side button (#7242)

Revision 1.23: download - view: text, markup, annotated - select for diffs
Sun Feb 2 14:19:12 2020 UTC (4 years, 10 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +2 -1 lines
Revbump all Go packages after go113 update.

Revision 1.22: download - view: text, markup, annotated - select for diffs
Sat Jan 18 15:33:09 2020 UTC (4 years, 10 months ago) by nia
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -3 lines
gitea: Update to 1.10.3

## [1.10.3](https://github.com/go-gitea/gitea/releases/tag/v1.10.3) - 2020-01-17
* SECURITY
  * Hide credentials when submitting migration (#9102) (#9704)
  * Never allow an empty password to validate (#9682) (#9684)
  * Prevent redirect to Host (#9678) (#9680)
  * Hide public repos owned by private orgs (#9609) (#9616)
* BUGFIXES
  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
  * Fix download file wrong content-type (#9825) (#9835)
  * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
  * Fix dump non-exist log directory (#9818) (#9820)
  * Fix compare (#9808) (#9815)
  * Fix missing msteam webhook on organization (#9781) (#9795)
  * Fix add team on collaborator page when same name as organization (#9783)
  * Fix cache problem on dashboard (#9358) (#9703)
  * Send tag create and push webhook when release created on UI (#8671) (#9702)
  * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)

Revision 1.21: download - view: text, markup, annotated - select for diffs
Fri Jan 10 13:32:15 2020 UTC (4 years, 11 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +2 -1 lines
Revbump Go packages after Go default version bump.

Revision 1.20: download - view: text, markup, annotated - select for diffs
Sat Jan 4 12:13:35 2020 UTC (4 years, 11 months ago) by nia
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -3 lines
gitea: Update to 1.10.2

## [1.10.2](https://github.com/go-gitea/gitea/releases/tag/v1.10.2) - 2020-01-02
* BUGFIXES
  * Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
  * Add ErrReactionAlreadyExist error (#9550) (#9564)
  * Fix bug when migrate from API (#8631) (#9563)
  * Use default avatar for ghost user (#9536) (#9537)
  * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
  * Fix deleted branch not removed when push the branch again (#9516) (#9524)
  * Fix missing repository status when migrating repository via API (#9511)
  * Trigger webhook when deleting a branch after merging a PR (#9510)
  * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
  * Fix NewCommitStatus (#9434) (#9435)
  * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
  * Fix Slack webhook payload title generation to work with Mattermost (#9404)
  * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
  * Fix issue indexer not triggered when migrating a repository (#9333)
  * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
  * Fix migration releases (#9319) (#9326) (#9328)
  * Fix File Edit: Author/Committer interchanged (#9297) (#9300)

Revision 1.19: download - view: text, markup, annotated - select for diffs
Fri Dec 13 07:44:05 2019 UTC (4 years, 11 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -1 lines
Revbump all Go packages after Go 1.12.14 update.

Revision 1.18: download - view: text, markup, annotated - select for diffs
Mon Dec 9 10:11:35 2019 UTC (5 years ago) by jperkin
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +2 -5 lines
*: Include go-vars.mk where appropriate.

Revision 1.17: download - view: text, markup, annotated - select for diffs
Sat Dec 7 19:23:37 2019 UTC (5 years ago) by nia
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +2 -2 lines
gitea: Update to 1.10.1

BUGFIXES

    Fix max length check and limit in multiple repo forms (#9148) (#9204)
    Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
    Upgrade levelqueue to 0.1.0 (#9192) (#9199)
    Fix panic when diff (#9187) (#9193)
    Smtp logger configuration sendTos should be an array (#9154) (#9157)
    Always Show Password Field on Link Account Sign-in Page (#9150)
    Create PR on Current Repository by Default (#8670) (#9141)
    Fix race on indexer (#9136) (#9139)
    Fix reCAPTCHA URL (#9119)
    Hide migrated credentials (#9098)
    Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
    Fix password checks on admin create/edit user (#9076) (#9081)
    Fix add search as a reserved username (#9063) (#9065)
    Fix permission checks for close/reopen from commit (#8875) (#9033)
    Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
    Fix broken link to branch from issue list (#9003) (#9021)
    Fix wrong system notice when repository is empty (#9020)
    Shadow password correctly for session config (#8984) (#9002)

Revision 1.12.2.1: download - view: text, markup, annotated - select for diffs
Sun Nov 17 08:30:20 2019 UTC (5 years ago) by spz
Branches: pkgsrc-2019Q3
Diff to: previous 1.12: preferred, colored; next MAIN 1.13: preferred, colored
Changes since revision 1.12: +2 -2 lines
Pullup ticket #6083 - requested by leot
lang/go112: security update
lang/go: update available version

Revisions pulled up:
- lang/go/version.mk                                            1.70
- lang/go112/PLIST                                              1.8
- lang/go112/distinfo                                           1.8

Revision bump for:
- archivers/go-xz/Makefile
- chat/coyim/Makefile
- chat/matterircd/Makefile
- databases/go-etcd/Makefile
- databases/go-ldap/Makefile
- databases/influxdb/Makefile
- databases/postgres_exporter/Makefile
- databases/prometheus/Makefile
- devel/git-lfs/Makefile
- devel/go-afero/Makefile
- devel/go-amber/Makefile
- devel/go-appengine/Makefile
- devel/go-assert/Makefile
- devel/go-blackfriday/Makefile
- devel/go-buffruneio/Makefile
- devel/go-cast/Makefile
- devel/go-check/Makefile
- devel/go-cli/Makefile
- devel/go-cobra/Makefile
- devel/go-colorable/Makefile
- devel/go-colortext/Makefile
- devel/go-colour/Makefile
- devel/go-consul-api/Makefile
- devel/go-debounce/Makefile
- devel/go-ed25519/Makefile
- devel/go-emoji/Makefile
- devel/go-errors/Makefile
- devel/go-flags-svent/Makefile
- devel/go-fnmatch/Makefile
- devel/go-fs/Makefile
- devel/go-fsnotify/Makefile
- devel/go-fsync/Makefile
- devel/go-gitmap/Makefile
- devel/go-glog/Makefile
- devel/go-gls/Makefile
- devel/go-gocode/Makefile
- devel/go-godef/Makefile
- devel/go-godirwalk/Makefile
- devel/go-godotenv/Makefile
- devel/go-golang-lru/Makefile
- devel/go-goorgeous/Makefile
- devel/go-gopkgs/Makefile
- devel/go-goptlib/Makefile
- devel/go-goreturns/Makefile
- devel/go-gox/Makefile
- devel/go-hashstructure/Makefile
- devel/go-homedir/Makefile
- devel/go-humanize/Makefile
- devel/go-i18n/Makefile
- devel/go-immutable-radix/Makefile
- devel/go-ini/Makefile
- devel/go-iochan/Makefile
- devel/go-isatty/Makefile
- devel/go-jwalterweatherman/Makefile
- devel/go-kingpin.v3-unstable/Makefile
- devel/go-locker/Makefile
- devel/go-logrus/Makefile
- devel/go-mapstructure/Makefile
- devel/go-mapstructure-bep/Makefile
- devel/go-mow-cli/Makefile
- devel/go-nbreader/Makefile
- devel/go-nitro/Makefile
- devel/go-osext/Makefile
- devel/go-pflag/Makefile
- devel/go-properties/Makefile
- devel/go-protobuf/Makefile
- devel/go-purell/Makefile
- devel/go-ratelimit/Makefile
- devel/go-repr/Makefile
- devel/go-review/Makefile
- devel/go-sanitized_anchor_name/Makefile
- devel/go-shellwords/Makefile
- devel/go-shuffle/Makefile
- devel/go-siphash/Makefile
- devel/go-sync/Makefile
- devel/go-sys/Makefile
- devel/go-termbox/Makefile
- devel/go-testify/Makefile
- devel/go-thrift/Makefile
- devel/go-tools/Makefile
- devel/go-try/Makefile
- devel/go-viper/Makefile
- devel/go-yaml/Makefile
- devel/golint/Makefile
- devel/google-api-go-client/Makefile
- graphics/go-image/Makefile
- graphics/go-imaging/Makefile
- graphics/go-resize/Makefile
- graphics/go-smartcrop/Makefile
- lang/go-hcl/Makefile
- mail/postforward/Makefile
- math/go-stats/Makefile
- math/go-units/Makefile
- misc/go-genproto/Makefile
- misc/go-genproto-googleapis-rpc/Makefile
- net/aws-sdk-go/Makefile
- net/dnscrypt-proxy2/Makefile
- net/gcloud-golang-metadata/Makefile
- net/go-dns/Makefile
- net/go-dnstap/Makefile
- net/go-framestream/Makefile
- net/go-grpc/Makefile
- net/go-net/Makefile
- net/go-ovh/Makefile
- net/go-websocket/Makefile
- net/hub/Makefile
- net/obfs4proxy/Makefile
- net/syncthing/Makefile
- pkgtools/pkglint/Makefile
- security/2fa/Makefile
- security/go-asn1-ber/Makefile
- security/go-crypt/Makefile
- security/go-crypto/Makefile
- security/go-mkcert/Makefile
- security/go-oauth2/Makefile
- security/go-sftp/Makefile
- security/vault/Makefile
- sysutils/beats/Makefile
- sysutils/consul/Makefile
- sysutils/fzf/Makefile
- sysutils/goreman/Makefile
- sysutils/lf/Makefile
- sysutils/node_exporter/Makefile
- sysutils/vultr/Makefile
- textproc/go-chroma/Makefile
- textproc/go-diff/Makefile
- textproc/go-glob/Makefile
- textproc/go-inflect/Makefile
- textproc/go-md2man/Makefile
- textproc/go-mmark/Makefile
- textproc/go-prose/Makefile
- textproc/go-regexp2/Makefile
- textproc/go-runewidth/Makefile
- textproc/go-sentences/Makefile
- textproc/go-tablewriter/Makefile
- textproc/go-text/Makefile
- textproc/sift/Makefile
- www/caddy/Makefile
- www/gitea/Makefile
- www/go-ace/Makefile
- www/go-cssmin/Makefile
- www/go-gogs-client/Makefile
- www/go-gohtml/Makefile
- www/go-libsass/Makefile
- www/go-minify/Makefile
- www/go-parse/Makefile
- www/go-spritewell/Makefile
- www/go-tocss/Makefile
- www/go-toml-burntsushi/Makefile
- www/go-toml-pelletier/Makefile
- www/go-urlesc/Makefile
- www/go-webhooks/Makefile
- www/grafana/Makefile
- www/hugo/Makefile
- www/pup/Makefile

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Fri Oct 18 14:48:29 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go112: PLIST distinfo

   Log Message:
   Update go112 to 1.12.12.

   qo1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
   package. See the Go 1.12.11 milestone on our issue tracker for details.

   go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
   syscall and net packages. See the Go 1.12.12 milestone on our issue tracker
   for details.


   To generate a diff of this commit:
   cvs rdiff -u -r1.69 -r1.70 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/go112/PLIST pkgsrc/lang/go112/distinfo

Revision 1.16: download - view: text, markup, annotated - select for diffs
Thu Nov 14 21:47:48 2019 UTC (5 years ago) by nia
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +2 -2 lines
gitea: Update to 1.10.0

Changes:

* BREAKING
  * Fix deadline on update issue or PR via API (#8698)
  * Hide some user information via API if user doesn't have enough permission (#8655) (#8657)
  * Remove legacy handling of drone token (#8191)
  * Change repo search to use exact match for topic search. (#7941)
  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742)
  * Implement the ability to change the ssh port to match what is in the gitea config (#7286)
* SECURITY
  * Fix issue with user.fullname (#8903)
  * Ignore mentions for users with no access (#8395)
  * Be more strict with git arguments (#7715)
  * Extract the username and password from the mirror url (#7651)
  * reserve .well-known username (#7637)
* FEATURE
  * Org/Members: display 2FA members states + optimize sql requests (#7621)
  * SetDefaultBranch on pushing to empty repository (#7610)
  * Adds side-by-side diff for images (#6784)
  * API method to list all commits of a repository (#6408)
  * Password Complexity Checks  (#6230)
  * Add option to initialize repository with labels (#6061)
  * Add additional password hash algorithms (#6023)
* BUGFIXES
  * Allow to merge if file path contains " or \ (#8629) (#8771)
  * On windows set core.longpaths true (#8776) (#8786)
  * Fix 500 when edit hook (#8782) (#8789)
  * Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801)
  * Fix SSH2 conditional in key parsing code (#8806) (#8810)
  * Fix commit expand button to not go to commit link (#8745) (#8825)
  * Fix new user form for non-local users (#8826) (#8828)
  * Fix to close opened io resources as soon as not needed (#8839) (#8846)
  * Fix edit content button on migrated issue content (#8877) (#8884)
  * Fix require external registration password (#8885) (#8890)
  * Fix password complexity check on registration (#8887) (#8888)
  * Update Github Migration Tests (#8896) (#8938) (#8945)
  * Enable punctuations ending mentions (#8889) (#8894)
  * Add Close() method to gogitRepository (#8901) (#8956)
  * Hotfix for review actions and notifications (#8965)
  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618)
  * Fix milestone close timestamp (#8728) (#8730)
  * Fix 500 when getting user as unauthenticated user (#8653) (#8663)
  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8681)
  * Use AppSubUrl for more redirections (#8647) (#8651)
  * Add SubURL to redirect path (#8632) (#8634)
  * Fix template error on account page (#8562) (#8622)
  * Allow externalID to be UUID (#8551) (#8624)
  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623)
  * Update heatmap fixtures to restore tests (#8615) (#8616)
  * Ensure that diff stats can scroll independently of the diff (#8581) (#8621)
  * Webhook: set Content-Type for application/x-www-form-urlencoded (#8600)
  * Fix #8582 by handling empty repos (#8587) (#8594)
  * Fix bug on pull requests when transfer head repository (#8564) (#8569)
  * Add missed close in ServeBlobLFS (#8527) (#8542)
  * Ensure that GitRepo is set on Empty repositories (#8539) (#8541)
  * Fix migrate mirror 500 bug (#8526) (#8530)
  * Fix password complexity regex for special characters (#8524)
  * Prevent .code-view from overriding font on icon fonts (#8614) (#8627)
  * Allow more than 255 characters for tokens in external_login_user table (#8554)
  * Fix errors in create org UI regarding team access permission (#8506)
  * Fix bug on FindExternalUsersByProvider (#8504)
  * Create .ssh dir as necessary (#8486)
  * IsBranchExist: return false if provided name is empty (#8485)
  * Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477)
  * Add check for empty set when dropping indexes during migration (#8471)
  * LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455)
  * Ensure Request Body Readers are closed in LFS server (#8454)
  * Fix template bug on mirror repository setting page (#8438)
  * Fix migration v96 to keep issue attachments (#8435)
  * Update strk.kbt.io/projects/go/libravatar to latest (#8429)
  * Singular form for files that has only one line (#8416)
  * Check for either escaped or unescaped wiki filenames (#8408)
  * Allow users with explicit read access to give approvals (#8382)
  * Fix editor commit to new branch if PR disabled (#8375)
  * readd .markdown class to all markup renderers (#8357)
  * Upgrade xorm to v0.7.9 to fix some bugs (#8354)
  * Fix column name ambiguity in GetUserIssueStats() (#8347)
  * Change general form binding to gogs form (#8334)
  * Fix pull request commit status in user dashboard list (#8321)
  * Fix repo_admin_change_team_access always checked in org settings (#8319)
  * Update to github.com/lafriks/xormstore@v1.3.0 (#8317)
  * Show correct commit status in PR list (#8316)
  * Bugfix for image compare and minor improvements to image compare (#8289)
  * Update xorm (#8286)
  * Fix API for edit and delete release attachment (#8285)
  * Fix nil object access in some conditions when parsing cross references (#8281)
  * Fix label count (#8267)
  * Only show teams access for organization repositories on collaboration setting page (#8265)
  * Test more reserved usernames (#8263)
  * Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
  * Fix assets key on release webhook (#8253)
  * Allow registration when button is hidden (#8237)
  * Fix release API URL generation (#8234)
  * Fix milestone num_issues (#8221)
  * MS Teams webhook misses commit messages (#8209)
  * Fix data race (#8204)
  * Fix team user api (#8172)
  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161)
  * Make show private icon when repo avatar set (#8144)
  * Add reviewers as participants (#8121)
  * Fix Go 1.13 private repository go get issue (#8112)
  * feat: highlight issue references with : (#8101)
  * Make AllowedUsers configurable in sshd_config (#8094)
  * Strict name matching for Repository.GetTagID() (#8074)
  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066)
  * Add change title notification for issues (#8061)
  * [ssh] fix the config specification in the authorized_keys template (#8031)
  * Fix reading git notes from nested trees (#8026)
  * Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990)
  * Fix adding default Telegram webhook (#7972)
  * Run CORS handler first for /api routes (#7967)
  * Abort synchronization from LDAP source if there is some error. (#7960)
  * Fix wrong sender when send slack webhook (#7918)
  * Fix bug when migrating a private repository (#7917)
  * Evaluate emojis in commit messages in list view (#7906)
  * Fix upload file type check (#7890)
  * lfs/lock: round locked_at timestamp to second (#7872)
  * fix non existent milestone with 500 error instead of 404 (#7867)
  * gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
  * Fix duplicate call of webhook (#7821)
  * Enable switching to a different source branch when PR already exists (#7819)
  * Convert files to utf-8 for indexing (#7814)
  * Do not fetch all refs in pull-request compare (#7797)
  * Fix multiple bugs with statuses endpoints at API (#7785)
  * Restore functionality for early gits (#7775)
  * Fix Slack webhook fork message (#7774)
  * Rewrite existing repo units if setting is not included in api body (#7763)
  * Fix rename failed when rewrite public keys (#7761)
  * Fix approvals counting (#7757)
  * Add migration step to remove old repo_indexer_status orphaned records (#7746)
  * Fix repo_index_status lingering when deleting a repository (#7734)
  * Remove camel case tokenization from repo indexer (#7733)
  * Fix milestone completness calculation when migrating (#7725)
  * Regression: Include "executable" files in the index, as they are not necessarily … (#7718)
  * Fixes indexed repos keeping outdated indexes when files grow too large (#7712)
  * Skip non-regular files (e.g. submodules) on repo indexing (#7711)
  * Fix dropTableColumns sqlite implementation (#7710)
  * Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705)
  * improve branches list performance and fix protected branch icon when no-login (#7695)
  * Correct wrong datetime format for git (#7689)
  * Move add to hook queue for created repo to outside xorm session. (#7675)
  * sugestion to use range .Branches (#7674)
  * Fix bug on migrating milestone from github (#7665)
  * hide delete/restore button on archived repos (#7658)
  * css: use flex to fix floating paginate (#7656)
  * Fix syntax highlight initialization (#7617)
  * Fix panic on push at - Merging pull request causes 500 error (#7615)
  * Make PKCS8, PEM and SSH2 keys work (#7600)
  * Fix mistake in arc-green.less split-diff css code. (#7587)
  * Handle ErrUserProhibitLogin in http git (#7586)
  * Fix bug create/edit wiki pages when code master branch protected (#7580)
  * Fixes Malformed URLs in API git/commits response (#7565)
  * Fix file header overflow in file and blame views (#7562)
  * Improve SSH key parser to handle newlines in keys (#7522)
  * Fix empty commits now showing in repo overview (#7521)
  * Fix repository's pull request count error (#7518)
  * Fix markdown invoke sequence (#7513)
  * Remove duplicated webhook trigger (#7511)
  * Update User.NumRepos atomically in createRepository (#7493)
  * Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482)
  * Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478)
  * cmd/serv: actually exit after fatal errors (#7458)
  * Fix an issue with some pages throwing 'not defined' js exceptions (#7450)
  * fix Dropzone.js integration (#7445)
  * Fix regex for issues in commit messages (#7444)
  * Diff: Fix indentation on unhighlighted code (#7435)
  * Only show "New Pull Request" button if repo allows pulls (#7426)
  * Upgrade macaron/captcha to fix random error problem (#7407)
  * create class for inline positioned lists (#7393)
  * Fetch refs for successful testing for tag (#7388)
  * add missing template variable on organisation settings (#7385)
  * fix post parameter - on issue list - unset assignee (#7380)
  * fix/define autochecked checkboxes on issue list in firefox (#7320)
  * only return head: null if source branch was deleted (#6705)
* ENHANCEMENT
  * Add nofollow to sign in links (#8509)
  * vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495)
  * Update milestone issues numbers when save milestone and other code improvements (#8411)
  * Add extra user information when migrating release (#8331)
  * Require overall success if no context is given for status check (#8318)
  * Transaction-aware retry create issue to cope with duplicate keys (#8307)
  * Change link on issue milestone (#8246)
  * Alwaywas return local url for users avatar (#8245)
  * Move some milestone functions to a standalone package (#8213)
  * Move create issue comment to comments package (#8212)
  * Disable max height property of comment textarea (#8203)
  * Add 'Mentioning you' group to /issues page (#8201)
  * oauth2 with remote Gitea (#8149)
  * Reference issues from pull requests and other issues (#8137)
  * Fix webhooks to use proxy from environment (#8116)
  * Add merged commit id on pull view when it's merged (#8062)
  * Add teams to repo on collaboration page. (#8045)
  * Update swagger to 0.20.1  (#8010)
  * Make link last commit massages in repository home page and commit tables (#8006)
  * Add API endpoint for accessing repo topics (#7963)
  * Include description in repository search (#7942)
  * Use gitea forked macaron (#7933)
  * Fix pull creation with empty changes (#7920)
  * Allow token as authorization for accessing attachments (#7909)
  * Retry create issue to cope with duplicate keys (#7898)
  * Move git diff codes from models to services/gitdiff (#7889)
  * migrate gplus to google oauth2 provider (#7885)
  * Remove unique filter from repo indexer analyzer. (#7878)
  * Detect delimiter in CSV rendering (#7869)
  * Import topics during migration (#7851)
  * Move CreateReview to modules/pull (#7841)
  * vendor: update pdf.js to v2.1.266 (#7834)
  * Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
  * Add Ability for User to Customize Email Notification Frequency (#7813)
  * Move database settings from models to setting (#7806)
  * Display ui time with customize time location (#7792)
  * Implement webhook branch filter (#7791)
  * Restrict repository indexing by glob match (#7767)
  * Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
  * Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
  * deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
  * Apply emoji on commit graph page (#7743)
  * Add a lot of extension to language mappings for syntax highlights (#7741)
  * Add SQL execution on log and indexes on table repository and comment (#7740)
  * Set DB connection error level to error (#7724)
  * Check commit message hashes before making links (#7713)
  * remove unnecessary fmt on generate bindata (#7706)
  * Fix specific highlighting (CMakeLists.txt ...) (#7686)
  * Add file status on API (#7671)
  * Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
  * Provide links in commit summaries in commits table/view list (#7659)
  * Change length of some repository's columns (#7652)
  * Move commit repo action from models to repofiles package (#7645)
  * fix wrong email when use gitea as OAuth2 provider (#7640)
  * [Branch View] add download button (#7604)
  * Update to xorm@v0.7.4 (#7596)
  * use 403 instead of 401 for ErrUserProhibitLogin (#7591)
  * Removed unnecessary conversions (#7557)
  * Un-lambda base.FileSize (#7556)
  * Added missing error checks in tests (#7554)
  * Move create release from models to a standalone package (#7539)
  * Make default branch name link to default branch (#7519)
  * Added total count of contributions to heatmap (#7517)
  * Move mirror to a standalone package from models (#7486)
  * Move models.PushUpdate to repofiles.PushUpdate (#7485)
  * Include thread related headers in issue/coment mail (#7484)
  * Refuse merge until all required status checks success (#7481)
  * convert all js var to let/const (#7464)
  * Only create branches for opened pull requestes when migrating from github (#7463)
  * jQuery 3 (#7425)
  * Add notification placeholder (#7409)
  * Search Commits via Commit Hash (#7400)
  * Move status table to cron package (#7370)
  * wiki - page revisions list  (#7369)
  * Display original author and URL information when showing migrated issues/comments (#7352)
  * Refactor filetype is not allowed errors (#7309)
  * switch to use gliderlabs/ssh for builtin server (#7250)
  * Remove settting dependency on modules/session (#7237)
  * Move all mail related codes from models to services/mailer (#7200)
  * Support git.PATH entry in app.ini (#6772)
  * Support setting cookie domain (#6288)
  * Move migrating repository from frontend to backend (#6200)
  * Delete releases attachments if release is deleted (#6068)
* TRANSLATION
  * Latvian translation for home page (#8468)
  * Add home template italian translation (#8352)
  * fix misprint (#7452)
* BUILD
  * use go 1.13 (#8088)
* MISC
  * add file line count info on UI (#8396)
  * Make issues page left menu 100% width and add reponame as title attribute (#8359)
  * [arc-green] white on hover for active menu items (#8344)
  * Move ref (branch or tag) location on issue list page (#8157)
  * apply emoji on dashboard issue list labels (#8156)
  * 1148: Take up the full width when viewing the diff in split view. (#8114)
  * Display description of 'make this repo private' as help text, not as tooltip (#8097)
  * Fixes deformed emoji in pull request reviews (#8047)
  * Add strike to old header on comment (#8046)
  * Add tooltip for the visibility checkbox in /repo/create (#8025)
  * Update github.com/lafriks/xormstore and tidy up mod.go (#8020)
  * keep blame view buttons sequence consistent with normal view when view a file (#8007)
  * Use "Pull Request" instead of "Merge Request" (#8003)
  * Move line number to :before attr to hide from search on browser (#8002)
  * Changed black color to white for (read) number label on issue list page (#8000)
  * [Branch View] show "New Pull Request" Button only if posible (#7977)
  * Fix hook problem by only setting the git environment variables if we are passed them (#7854)
  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800)
  * Fix global search result CSS, misc CSS tweaks (#7789)
  * Tweak label border CSS (#7739)
  * Fix create menu item widths (#7708)
  * [Branch View] Delete duplicate protection symbol (#7624)
  * [Branch View] Delete Table Header (#7622)
  * [Branch View] icons to buttons (#7602)
  * update js dependencies (#7462)
  * Add Extra Info to Branches Page (#7461)
  * Bump lodash from 4.17.11 to 4.17.14 (#7459)
  * wiki history improvements (#7391)
  * ui fixes - compare view and archieved repo issues (#7345)
  * dark theme scrollbars (#7269)
  * wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243)
  * Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141)

Revision 1.15: download - view: text, markup, annotated - select for diffs
Fri Nov 1 17:52:38 2019 UTC (5 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +2 -3 lines
gitea: Update to 1.9.5

Changes:

* BREAKING
  * Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
* BUGFIXES
  * Fix milestone close timestamp (#8728) (#8731)
  * Fix deadline on update issue or PR via API (#8699)
  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
  * Fix 500 when getting user as unauthenticated user (#8653) (#8662)
  * Use AppSubUrl for more redirections (#8647) (#8652)
  * Add SubURL to redirect path (#8632) (#8634) (#8640)
  * Fix #8582 by handling empty repos (#8587) (#8593)
  * Fix bug on pull requests when transfer head repository (#8571)
  * Add missed close in ServeBlobLFS (#8527) (#8543)
  * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
  * Create .ssh dir as necessary (#8369) (#8486) (#8489)
  * Restore functionality for early gits (#7775) (#8476)
  * Add check for empty set when dropping indexes during migration (#8475)
  * Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
  * Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
* SECURITY
  * Ignore mentions for users with no access (#8395) (#8484)
* TESTING
  * Update heatmap fixtures to restore tests (#8615) (#8617)

Revision 1.14: download - view: text, markup, annotated - select for diffs
Fri Oct 18 14:58:59 2019 UTC (5 years, 1 month ago) by bsiegert
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +2 -1 lines
Revbump all Go packages after lang/go112 update

Revision 1.13: download - view: text, markup, annotated - select for diffs
Wed Oct 16 12:13:23 2019 UTC (5 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -3 lines
gitea: Update to 1.9.4

* BUGFIXES
  * Highlight issue references (#8101) (#8404)
  * Fix bug when migrating a private repository #7917 (#8403)
  * Change general form binding to gogs form (#8334) (#8402)
  * Fix editor commit to new branch if PR disabled (#8375) (#8401)
  * Fix milestone num_issues (#8221) (#8400)
  * Allow users with explicit read access to give approvals (#8398)
  * Fix commit status in PR #8316 and PR #8321 (#8339)
  * Fix API for edit and delete release attachment (#8290)
  * Fix assets on release webhook (#8283)
  * Fix release API URL generation (#8239)
  * Allow registration when button is hidden (#8238)
  * MS Teams webhook misses commit messages (backport v1.9) (#8225)
  * Fix data race (#8206)
  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8194)
  * Fix the SSH config specification in the authorized_keys template (#8193)
  * Fix reading git notes from nested trees (#8189)
  * Fix team user api (#8172) (#8188)
  * Add reviewers as participants (#8124)
* BUILD
  * Use vendored go-swagger (#8087) (#8165)
  * Fix version-validation for GO 1.13 (go-macaron/cors) (#8389)
* MISC
  * Make show private icon when repo avatar set (#8144) (#8175)

Revision 1.12: download - view: text, markup, annotated - select for diffs
Thu Sep 26 20:10:56 2019 UTC (5 years, 2 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2019Q3-base
Branch point for: pkgsrc-2019Q3
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +2 -1 lines
Revbump all Go packages after 1.12.10 update.

ok wiz@ for PMC

Revision 1.11: download - view: text, markup, annotated - select for diffs
Tue Sep 10 08:46:37 2019 UTC (5 years, 3 months ago) by nia
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -2 lines
gitea: Update to 1.9.3

* BUGFIXES
  * Fix go get from a private repository with Go 1.13 (#8100)
  * Strict name matching for Repository.GetTagID() (#8082)
  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
  * Add change title notification for issues (#8064)
  * Run CORS handler first for /api routes (#7967) (#8053)
  * Evaluate emojis in commit messages in list view (#8044)
  * Fix failed to synchronize tags to releases for repository (#7990) (#7994)
  * Fix adding default Telegram webhook (#7972) (#7992)
  * Abort synchronization from LDAP source if there is some error (#7965)
  * Fix deformed emoji in commit message (#8071)
* ENHANCEMENT
  * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)

Revision 1.10: download - view: text, markup, annotated - select for diffs
Thu Sep 5 13:43:33 2019 UTC (5 years, 3 months ago) by nia
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -3 lines
gitea: Update to 1.9.2.

* BUGFIXES
  * Fix wrong sender when send slack webhook (#7918) (#7924)
  * Upload support text/plain; charset=utf8 (#7899)
  * Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
  * Fix non existent milestone with 500 error (#7867) (#7873)
* SECURITY
  * Fix No PGP signature on 1.9.1 tag (#7874)
  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
* ENHANCEMENT
  * Fix pull creation with empty changes (#7920) (#7926)
* BUILD
  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)

Revision 1.9: download - view: text, markup, annotated - select for diffs
Mon Aug 19 10:27:42 2019 UTC (5 years, 3 months ago) by nia
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +2 -3 lines
gitea: Update to 1.9.1

Changes:

* BREAKING
  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)
* SECURITY
  * Be more strict with git arguments (#7715) (#7762)
  * Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA
* BUGFIXES
  * Fix local runs of ssh-requiring integration tests (#7855) (#7857)
  * Fix hook problem (#7856) (#7754)
  * Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846)
  * Do not fetch all refs (#7797) (#7837)
  * Fix duplicate call of webhook (#7824) (#7821)
  * Enable switching to a different source branch when PR already exists (#7823)
  * Rewrite existing repo units if setting is not included in api body (#7811)
  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808)
  * API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807)
  * Fix Slack webhook fork message (1.9 release backport) (#7783)
  * Fix approvals counting (#7757) (#7777)
  * Fix rename failed when rewrite public keys (#7761) (#7769)
  * Fix dropTableColumns sqlite implementation (#7710) (#7765)
  * Fix repo_index_status lingering when deleting a repository (#7738)
  * Fix milestone completness calculation when migrating (#7725) (#7732)
  * Fixes indexed repos keeping outdated indexes when files grow too large (#7731)
  * Skip non-regular files (e.g. submodules) on repo indexing (#7717)
  * Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704)
  * Correct wrong datetime format for git (#7689) (#7690)

Revision 1.8: download - view: text, markup, annotated - select for diffs
Wed Aug 14 15:45:50 2019 UTC (5 years, 3 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -1 lines
Recursive bump of all packages using Go after Go 1.12.8 update.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Aug 4 12:26:59 2019 UTC (5 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +3 -2 lines
gitea: Fix config file handling.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sun Aug 4 11:39:53 2019 UTC (5 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -2 lines
gitea: Update to 1.9.0

BREAKING
* Better logging (#6038) (#6095)

SECURITY
* Shadow the password on cache and session config on admin panel (#7300)
* Fix markdown invoke sequence (#7513) (#7560)
* Reserve .well-known username (#7638)
* Do not leak secrets via timing side channel (#7364)
* Ensure that decryption of cookie actually suceeds (#7363)

FEATURE
* Content API for Creating, Updating, Deleting Files (#6314)
* Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229)
* Add command to convert mysql database from utf8 to utf8mb4 (#7144)
* Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Compare branches, commits and tags with each other (#6991)
* Show Pull Request button or status of latest PR in branch list (#6990)
* Repository avatars (#6986)
* Show git-notes (#6984)
* Add commit statuses reports on pull request view (#6845)
* Number of commits ahead/behind in branch overview (#6695)
* Add CLI commands to manage LDAP authentication source (#6681)
* Add support for MS Teams webhooks (#6632)
* OAuth2 Grant UI (#6625)
* Add SUBJECT_PREFIX mailer config option (#6605)
* Include custom configuration file in dump (#6516)
* Add API for manipulating Git hooks (#6436)
* Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* Add option to blame files (#5721)
* Implement Default Webhooks (#4299)
* Telegram webhook (#4227)

BUGFIXES
* Send webhook after commit when creating issue with assignees (#7681) (#7684)
* Upgrade macaron/captcha to fix random error problem (#7407) (#7683)
* Move add to hook queue for created repo to outside xorm session. (#7682) (#7675)
* Show protection symbol if needed on default branch (#7660) (#7668)
* Hide delete/restore button on archived repos (#7660)
* Fix bug on migrating milestone from github (#7665) (#7666)
* Use flex to fix floating paginate (#7656) (#7662)
* Change length of some repository's columns (#7652) (#7655)
* Fix wrong email when use gitea as OAuth2 provider (#7640) (#7647)
* Fix syntax highlight initialization (#7617) (#7626)
* Fix bug create/edit wiki pages when code master branch protected (#7580) (#7623)
* Fix panic on push at #7611 (#7615) (#7618)
* Handle ErrUserProhibitLogin in http git (#7586, #7591) (#7590)
* Fix color of split-diff view in dark theme (#7587) (#7589)
* Fix file header overflow in file and blame views (#7562) (#7579)
* Malformed URLs in API git/commits response (#7565) (#7567)
* Fix empty commits now showing in repo overview (#7521) (#7563)
* Fix repository's pull request count error (#7518) (#7524)
* Remove duplicated webhook trigger (#7511) (#7516)
* Handles all redirects for Web UI File CRUD (#7478) (#7507)
* Fix regex for issues in commit messages (#7444) (#7466)
* cmd/serv: actually exit after fatal errors (#7458) (#7460)
* Fix an issue with some pages throwing 'not defined' js exceptions #7450 (#7453)
* Fix Dropzone.js integration (#7445) (#7448)
* Create class for inline positioned lists (#7439) (#7393)
* Diff: Fix indentation on unhighlighted code (#7435) (#7443)
* jQuery 3 (#7442) (#7425)
* Only show "New Pull Request" button if repo allows pulls (#7426) (#7432)
* Fix vendor references (#7394) (#7396)
* Only return head: null if source branch was deleted (#6705) (#7376)
* Add missing template variable on organisation settings (#7386) (#7385)
* Fix post parameter on issue list which had unset assignee (#7380) (#7383)
* Fix migration tests due to issue 7 being resolved (#7375) (#7381)
* Correctly adjust mirror url (#6593)
* Handle early git version's lack of get-url (#7065)
* Fix icon position in issue view (#7354)
* Cut timeline length with last element on issue view (#7355)
* Fix mirror repository webhooks (#7366)
* Fix api route for hooks (#7346)
* Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337)
* Fix pull view ui merge section (#7335)
* Fix 7303 - remove unnessesary buttons on archived repos (#7326)
* Fix topic bar to allow prefixes (#7325)
* Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
* Fixes #7238 - Annotated tag commit ID incorrect (#7321)
* Dark theme fixes (#7319)
* Gitea own dark codemirror theme (#7317)
* Fixes #7292 - API File Contents bug (#7301)
* Fix API link header (#7298)
* Fix extra newlines when copying from diff in Firefox (#7288)
* Make diff line-marker non-selectable (#7279)
* Fix Submodule dection in subdir (#7275)
* Fix error log when loading issues caused by a xorm bug (#7271)
* Add .fa icon margin like .octicon (#7258)
* Fix hljs unintenionally highlighting commit links (#7244)
* Only check and config git on web subcommand but not others (#7236)
* Fix migration panic when Head.User is not exist (#7226)
* Only warn on errors in deleting LFS orphaned files during repo deletion (#7213)
* Fix duplicated file on pull request conflicted files (#7211)
* Allow colon between fixing word and issue (#7207)
* Fix overflow issues in repo (#7190)
* API error cleanup (#7186)
* Add error for fork already existing (#7185)
* Fixes diff on merged pull requests (#7171)
* If milestone id is zero don't get it from database (#7169)
* Fix pusher name via ssh push (#7167)
* Fix database lock when use random repository fallback image (#7166)
* Various fixes for issue mail notifications (#7165)
* Allow archived repos to be (un)starred and (un)watched (#7163)
* Fix GCArgs load from ini (#7156)
* Detect noreply email address as user (#7133)
* Avoid arbitrary format strings upon calling fail() function (#7112)
* Validate External Tracker URL Format (#7089)
* Repository avatar fallback configuration (#7087)
* Fix #732: Add LFS objects to base repository on merging (#7082)
* Install page - Handle invalid administrator username better (#7060)
* Workaround for posting single comments in split diff view (#7052)
* Fix possbile mysql invalid connnection error (#7051)
* Fix charset was not saved after installation finished (#7048)
* Handle insecure and ports in go get (#7041)
* Avoid bad database state after failed migration (#7040)
* Fix wrong init dependency on markup extensions (#7038)
* Fix default for allowing new organization creation for new users (#7017)
* Fix content download and /verify LFS handler expecting wrong content-type (#7015)
* Fix missing repo description when migrating (#7000)
* Fix LFS Locks over SSH (#6999)
* Do not attempt to return blob on submodule (#6996)
* Fix U2F for Chrome >= 74 (#6980)
* Fix index produces problem when issues/pulls deleted (#6973)
* Allow collaborators to view repo owned by private org (#6965)
* Stop running hooks on pr merge (#6963)
* Run hooks on merge/edit and cope with protected branches (#6961)
* Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
* Stop colorizing log files by default (#6949)
* Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935)
* Fix plain text overflow line wrap (#6915)
* Fix input size for dependency select (#6913)
* Change drone token name to let users know to use oauth2 (#6912)
* Fix syntax highlight in blame view #6895 (#6909)
* Use AppURL for Oauth user link (#6894)
* Fixes #6881 - API users search fix (#6882)
* Fix 404 when send pull request some situation (#6871)
* Enforce osusergo build tag for releases (#6862)
* Fix 500 when reviewer is deleted with integration tests (#6856)
* Fix v85.go (#6851)
* Make dropTableColumns drop columns on sqlite and constraints on all (#6849)
* Fix double-generation of scratch token (#6832) (#6833)
* When mirroring we should set the remote to mirror (#6824)
* Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823)
* Change verbose flag in dump command to avoid colliding with global version flag (#6822)
* Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
* Remove seen map from getLastCommitForPaths (#6807)
* Show scrollbar only when needed (#6802)
* Restore IsWindows variable assignment (#6722) (#6790)
* Service worker js is a missing comma (#6788)
* Fix team edit API panic (#6780)
* Set user search base field optional in LDAP (simple auth) edit page (#6779)
* Ignore already existing public keys after ldap sync (#6766)
* Fix pulls broken when fork repository deleted (#6754)
* Fix missing return (#6751)
* Fix new team 500 (#6749)
* OAuth2 token can be used in basic auth (#6747)
* Fix org visibility bug when git cloning (#6743)
* Fix bug when sort repos on org home page login with non-admin (#6741)
* Stricter domain name pattern in email regex (#6739)
* Fix admin template error (#6737)
* Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736)
* UI: Detect and restore encoding and BOM in content (#6727)
* Load issue attributes when editing an issue with API (#6723)
* Fix team members API (#6714)
* Unfortunately MemProvider Init does not actually Init properly (#6692)
* Fix partial reversion of #6657 caused by #6314 (#6685)
* Prevent creating empty sessions (#6677)
* Fixes #6659 - Swagger schemes selection default to page's protocol (#6660)
* Update highlight.js to 9.15.6 (#6658)
* Properly escape on the redirect from the web editor (#6657)
* Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656)
* Use ctx.metas for SHA hash links (#6645)
* Fix wrong GPG expire date (#6643)
* upgrade version of lib/pq to v1.1.0 (#6640)
* Fix forking an empty repository (#6637)
* Fix issuer of OTP URI should be URI-encoded. (#6634)
* Return a UserList from /api/v1/admin/users (#6629)
* Add json tags for oauth2 form (#6627)
* Remove extra slash from twitter card (#6619)
* remove bash requirement in makefile (#6617)
* Fix Open Graph og:image link (#6612)
* Fix cross-compile builds (#6609)
* Change commit summary to full message in API (#6591)
* Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579)
* Prevent server 500 on compare branches with no common history (#6555)
* Properly escape release attachment URL (#6512)
* Delete local branch when repo branch is deleted (#6497)
* Fix bug when user login and want to resend register confirmation email (#6482)
* Fix upload attachments (#6481)
* Avoid multi-clicks in oauth2 login (#6467)
* Hacky fix for alignment of the create-organization dialog (#6455)
* Change order that PostProcess Processors are run (#6445)
* Clean up ref name rules (#6437)
* Fix Hook & HookList in Swagger (#6432)
* Fixed unitTypeCode not being used in accessLevelUnit (#6419)
* Display correct error for invalid mirror interval (#6414)
* Don't Unescape redirect_to cookie value (#6399)
* Fix dump table name error and add some test for dump database (#6394)
* Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387)
* Make sure units of a team are returned (#6379)
* Fix bug manifest.json will not request with cookie so that session will created every request (#6372)
* Disable benchmarking during tag events on DroneIO (#6365)
* Comments list performance optimization (#5305)

ENHANCEMENT
* Update Drone docker generation to standard format (#7480) (#7496) (#7504)
* Add API Endpoint for Repo Edit (#7006)
* Add state param to milestone listing API (#7131)
* Make captcha and password optional for external accounts (#6606)
* Detect migrating batch size (#7353)
* Fix 7255 - wrap long texts on user profile info (#7333)
* Use commit graph files for listing pages (#7314)
* Add git command line commitgraph support global default true when git version >= 2.18 (#7313)
* Add LFS_START_SERVER option to control git-lfs support (#7281)
* Dark theme markdown fixes (#7260)
* Update go-git to v4.12.0 (#7249)
* Show lfs config on admin panel (#7220)
* Disable same user check for internal SSH (#7215)
* Add LastLogin to the User API (#7196)
* Add missing description of label on API (#7159)
* Use go method to calculate ssh key fingerprint (#7128)
* Enable Rust highlighting (#7125)
* Refactor submodule URL parsing (#7100)
* Change issue mail title. (#7064)
* Use batch insert on migrating repository to make the process faster (#7050)
* Improve github downloader on migrations (#7049)
* When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047)
* Fix Erlang and Elixir highlight mappings (#7044)
* API Org Visibility (#7028)
* Improve handling of non-square avatars (#7025)
* Bugfix: Align comment label and actions to the right (#7024)
* Change UpdateRepoIndex api to include watchers (#7012)
* Move serv hook functionality & drop GitLogger (#6993)
* Add support of utf8mb4 for mysql (#6992)
* Make webhook http connections resuable (#6976)
* Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
* Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* Remove macaron dependent on models (#6940)
* Add less linter via npx (#6936)
* Remove macaron dependent on modules/log (#6933)
* Remove macaron dependent on models/mail.go (#6931)
* Clean less files (#6921)
* Fix code overflow (#6914)
* Style orgs list in user profile (#6911)
* Improve description of branch protection (fix #6886) (#6906)
* Move sdk structs to modules/structs (#6905)
* update sdk to latest (#6903)
* Escape the commit message on issues update and title in telegram hook (#6901)
* SearchRepositoryByName improvements and unification (#6897)
* Change the color of issues/pulls list, merged is purple and closed is red (#6874)
* Refactor table width to have more info shown in file list (#6867)
* Monitor all git commands; move blame to git package and replace git as a variable (#6864)
* Fix config ui error about cache ttl (#6861)
* Improve localization of git activity stats (#6848)
* Generate access token in admin cli (#6847)
* Update github.com/urfave/cli to version 1.2.0 (#6838)
* Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826)
* internal/ssh: ignore env command totally (#6825)
* Allow Recaptcha service url to be configured (#6820)
* update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815)
* Use modules/git for git commands (#6775)
* Add GET requests to webhook (#6771)
* Move PushUpdate dependency from models to repofiles (#6763)
* Tweak tab text and icon colors (#6760)
* Ignore non-standard refs in git push (#6758)
* Disable web preview for telegram webhook (#6719)
* Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710)
* Reorder file actions (#6706)
* README WordPress the code is overflowing #6679 (#6696)
* Improve issue reference on commit (#6694)
* Handle redirects for git clone commands (#6688)
* Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
* API OTP Context (#6674)
* Remove local clones & make hooks run on merge/edit/upload (#6672)
* Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
* Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
* Fix dropdown icon padding (#6651)
* Add more title attributes on shortened names (#6647)
* Update UI for topics labels on projects (#6639)
* Trace Logging on Permission Denied & ColorFormat (#6618)
* Add .gpg url (match github behaviour) (#6610)
* Support for custom GITEA_CUSTOM env var in docker(#6608)
* Show "delete branch" button on closed pull requests (#6570) (#6601)
* Add option to disable refresh token invalidation (#6584)
* Fix new repo dropdown alignment (#6583)
* Fix mail notification when close/reopen issue (#6581)
* Pre-calculate the absolute path of git (#6575)
* Minor CSS cleanup for the navbar (#6553)
* Render SHA1 links as code blocks (#6546)
* Add username flag in create-user command (#6534)
* Unifies pagination template usage (#6531) (#6533)
* Fixes pagination width on mobile view (#5711) (#6532)
* Improve SHA1 link detection (#6526)
* Fixes #6446 - Sort team members and team's repositories (#6525)
* Use stricter boundaries for auto-link detection (#6522)
* Use regular line-height on frontpage entries (#6518)
* Fixes #6514 - New Pull Request on files and pulls pages the same (#6515)
* Make distinction between DisplayName and Username in email templates (#6495)
* Add X-Auto-Response-Suppress header to outgoing messages (#6492)
* Cleaned permission checks for API -> site admin can now do anything (#6483)
* Support search operators for commits search (#6479)
* Improve listing performance by using go-git (#6478)
* Fix repo sub_menu font color in arc-green (#6477)
* Show last commit status in pull request lists (#6465)
* Add signatures to webhooks (#6428)
* Optimize all images in public/img (#6427)
* Add golangci (#6418)
* Make "Ghost" not link to 404 page (#6410)
* Include more variables on admin/config page (#6378)
* Markdown: enable some more extensions (#6362)
* Include repo name in page title tag (#6343)
* Show locale string on timestamp (#6324)
* Handle CORS requests (#6289)
* Improve issue autolinks (#6273)
* Migration Tweaks (#6260)
* Add title attributes to all items in the repo list viewer (#6258)
* Issue indexer queue redis support (#6218)
* Add bio field for user (#6113)
* Make the version within makefile overwriteable (#6080)
* Updates to API 404 responses (#6077)
* Use Go1.11 module (#5743)
* UX + Security current user password reset (#5042)
* Refactor: append, build variable and type switch (#4940)
* Git statistics in Activity tab (#4724)
* Drop the bits argument when generating an ed25519 key (#6504)

TESTING
* Exclude pull_request from fetch-tags step, fixes #7108 (#7120)
* Refactor and improve git test (#7086)
* Fix TestSearchRepo by waiting till indexing is done (#7004)
* Add mssql migration tests (needs #6823) (#6852)
* Add tests for Org API (#6731)
* Context.ServerError and NotFound should log from their caller (#6550)

TRANSLATION
* Add french specific rule for translating plural texts (#6846)

BUILD
* Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306)
* Alpine 3.10 (#7256)
* Use vfsgen instead of go-bindata (#7080)
* remove and disable package-lock (#6969)
* add make targets for js and css, add js linter (#6952)
* Added tags pull step to drone config to show correct version hashes i… (#6836)
* Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631)
* chore: update drone format to 1.0 (#6602)
* Fix race in integration testlogger (#6556)
* Quieter Integration Tests (#6513)
* Drop the docker Makefile from the image (#6507)
* Add make version on gitea version (#6485)
* Fix #6468 - Uses space match and adds newline for all sed flavors (#6473)
* Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* Update npm dependencies and various tweaks (#7344)
* Fix updated drone file (#7336)
* Add 'npm' and 'npm-update' make targets and lockfile (#7246)

DOCS
* Add work path CLI option (#6922)
* Fix logging documentation (#6904)
* Some logging documentation (#6498)
* Fix link to Hacking on Gitea on From-Source doc page (#6471)
* Fix typos in docs command-line examples (#6466)
* Added docker example for backup (#5846)

Revision 1.5: download - view: text, markup, annotated - select for diffs
Wed Jun 19 10:04:10 2019 UTC (5 years, 5 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +2 -3 lines
gitea: Update to 1.8.3

Bugfixes

Always set userID on LFS authentication (#7224) (Part of #6993)
Fix LFS Locks over SSH (#6999) (#7223)
Fix duplicated file on pull request conflicted files (#7211) (#7214)
Detect noreply email address as user (#7133) (#7195)
Don't get milestone from DB if ID is zero (#7169) (#7174)
Allow archived repos to be (un)starred and (un)watched (#7163) (#7168)
Fix GCArgs load from ini (#7156) (#7157)
Fix possbile mysql invalid connnection error (#7051) (#7071)
Handle invalid administrator username on install page (#7060) (#7063)
Fix default for allowing new organization creation for new users (#7017) (#7034)
SearchRepositoryByName improvements and unification (#6897) (#7002)
Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
Allow collaborators to view repo owned by private org (#6965) (#6968)
Use AppURL for Oauth user link (#6894) (#6925)
Escape the commit message on issues update (#6901) (#6902)
Fix regression for API users search (#6882) (#6885)
Handle early git version's lack of get-url (#7065) (#7076)
Fix wrong init dependency on markup extensions (#7038) (#7074)

Revision 1.4: download - view: text, markup, annotated - select for diffs
Mon May 27 15:18:34 2019 UTC (5 years, 6 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +2 -1 lines
Revbump all Go packages after go112 update.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon May 13 10:48:58 2019 UTC (5 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -2 lines
gitea: Update to 1.8.1

BUGFIXES

    Fix 404 when sending pull requests in some situations (#6871) (#6873)
    Enforce osusergo build tag for releases (#6862) (#6869)
    Don't post process commit summary in templates (#6842) (#6868)
    Fix 500 when reviewer is deleted (#6856) (#6860)
    Fix v78 migration for MSSQL (#6823) (#6854)
    Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
    Fix double-generation of scratch token (#6833) (#6835)
    When mirroring we should set the remote to mirror (#6824) (#6834)
    Show scrollbar only when needed (#6802) (#6803)
    Service worker js is missing a comma (#6788) (#6795)
    Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
    Fix team edit API panic (#6780) (#6785)
    Minor CSS cleanup for the navbar (#6553) (#6781)
    Stricter domain name pattern in email regex (#6739) (#6768)
    Detect and restore encoding and BOM in content (#6727) (#6765)
    Fix org visibility bug when git cloning (#6743) (#6762)
    OAuth2 token can be used in basic auth (#6747) (#6761)
    Fix missing return (#6751) (#6756)
    Fix sorting repos on org home page with non-admin login (#6741) (#6746)
    Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
    Fix team members API (#6714) (#6729)
    Load issue attributes when editing an issue with API (#6723) (#6725)
    Fix config ui error about cache ttl (#6861) (#6865)

Revision 1.1.2.1: download - view: text, markup, annotated - select for diffs
Sun Apr 28 16:41:30 2019 UTC (5 years, 7 months ago) by bsiegert
Branches: pkgsrc-2019Q1
Diff to: previous 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1: +4 -4 lines
Pullup ticket #5947 - requested by nia
www/gitea: security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.2
- www/gitea/PLIST                                               1.2
- www/gitea/distinfo                                            1.2
- www/gitea/options.mk                                          1.2

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Apr 23 06:04:41 UTC 2019

   Modified Files:
   	pkgsrc/www/gitea: Makefile PLIST distinfo options.mk

   Log Message:
   gitea: Update to 1.8.0

   Changes from 1.7.5:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
           Resolve 2FA bypass on API (#6676) (#6674)
           Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
       BREAKING
           Add "ghost" and "notifications" to list of reserved user names. (#6208)
           Change sqlite DB path default to data directory (#6198)
           Adds MustChangePassword to user create/edit API (#6193)
           Disable redirect for i18n (#5910)
           Releases API paging (#5831)
           Allow Macaron to be set to log through to gitea.log (#5667)
           Don't close issues via commits on non-default branch (#5622)
       FEATURE
           Add regenerate secret feature for oauth2 (#6291)
           Expose issue stopwatch toggling via API (#5970)
           Add other session providers (#5963)
           Pull request conflict files detection (#5951)
           Integrate OAuth2 Provider (#5378)
           Implement "conversation lock" for issue comments (#5073)
           Feature: Archive repos (#5009)
           Discord Oauth2 support (#4476)
           Allow to set organization visibility (public, internal, private) (#1763)
           Added URL mapping for Release attachments like on github.com (#1707)
       ENHANCEMENT
           Add support for client basic auth for exchanging access tokens (#6293)
           Add ability to sort issues by due date (#6206) (#6244)
           Style tweaks to issue selection (#6196)
           Increase Username and Orgname MaxSize 35 -> 40 (#6178)
           Coverage profile with multiple packages (#6167)
           Split setting.go to multiple files (#6154)
           Allow labels to contain emoji (#6063)
           Disable git fsck for mirrored repos by default (#6018)
           Add default time out for git operations (#6015)
           Split setting.go as multiple files (#6014)
           Make dashboard navbar and footer full-width (#6013)
           Add lang specific font stacks for CJK (#6007)
           Fix header menu misalignment (#6002)
           Enhance closed PR and Issue status in the list (#6000)
           Make navbar full width (#5998)
           Add option to close issues via commit on a non master branch (#5992)
           Support n as a line highlight prefix (#5987)
           Search for org repos (#3031) (#5986)
           Minor UI tweaks (#5980)
           Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
           Dashboard tweaks (#5974)
           Fixes for repo topic editor (#5971)
           Display the branch name in the commit view (#5950)
           handle milestone events for issues and PR (#5947)
           Add label names as filter in issue search api (#5946)
           Repo header tweaks (#5945)
           Better support for long repo names (#5932)
           Fix wrapping long code lines (#5927)
           Change GPG Validation colors and remove inline CSS (#5404) (#5896)
           Fix "pulls.blocked_by_approvals" text (#5879)
           Rename reject to 'request changes' (#5858)
           Move input fields to add members to a team and repos to a team (#5853)
           Config option to disable automatic repo watching (#5852)
           New Issue ?body= query (#5851)
           Add API to list tags (#5850)
           Pagination for git tree API (#5838)
           Add InternalTokenURI to load InternalToken from an external file (#5812)
           Allow markdown files to read from the LFS (#5787)
           Add the ability to use multiple labels as filters (#5786)
           Adjust log settings when a user is not found. (#5771)
           Log IP of failed ssh connection (#5766)
           Moved defaults in defaults.go to setting.go (#5764)
           Make DB connect more robust (#5738)
           Add Default Pull Request Title (#5735)
           Refactor repo.isBare to repo.isEmpty #5629 (#5714)
           Add flag to skip repository dumping (#5695)
           Prioritize "readme.md" (#5691)
           Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
           Allow for user specific themes (#5668)
           Display branch name in delete branch confirmation modal. (#5654)
           New API routes added (#5594)
           Refactor notification for indexer (#5111)
           Refactor mail notification (#5110)
           Show email if the authenticated user owns the profile page being requested for (#4981)
           Optimize pulls merging (#4921)
           Sort Repositories widget by most recently updated (#3963) (#4599)
           Allow markdown table to scroll (#4401)
           Automatically clear stopwatch on merging a PR (#4327)
           Add the Owner Name to differentiate when merging (#3807)
           Add title attributes to all items in the repo list viewer (#6258) (#6650)
       BUGFIXES
           Fix dropdown icon padding (#6651) (#6654)
           Fix wrong GPG expire date (#6643) (#6644)
           Fix forking an empty repository (#6637) (#6653)
           Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
           Properly escape on the redirect from the web editor (#6657) (#6667)
           Allow resend of confirmation email when logged in (#6482) (#6486)
           Fix mail notification when close/reopen issue (#6581) (#6588)
           Change API commit summary to full message (#6591) (#6592)
           Add option to disable refresh token invalidation (#6584) (#6587)
           Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
           Fix new repo alignment (#6583) (#6585)
           Prevent server 500 on compare branches with no common history (#6555) (#6558)
           Properly escape release attachment URL (#6512) (#6523)
           Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
           Disable benchmarking during tag events on DroneIO (#6365) (#6366)
           Make sure units of a team are returned (#6379) (#6381)
           Don't Unescape redirect_to cookie value (#6399) (#6401)
           Fix dump table name error and add some test for dump database (#6394) (#6402)
           Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
           Display correct error for invalid mirror interval (#6414) (#6429)
           Clean up ref name rules (#6437) (#6439)
           Fix Hook & HookList in Swagger (#6432) (#6440)
           Change order that PostProcess Processors are run (#6445) (#6447)
           Clean up various use of escape/unescape functions for URL generation (#6334)
           Return 409 when creating repo if it already exists. (#6330)
           Add same changes from issues page to milestone->issues page (#6328)
           Fix ParsePatch function to work with quoted diff --git strings (#6323)
           Fix reported issue in repo description (#6306)
           Use url.PathEscape to escape the branchname (#6304)
           Add robots.txt as reserved username (#6272)
           Replace linkRegex with xurls library (#6261)
           Remove visitLinksForShortLinks features (#6257)
           Add unit types to repo action URL to correctly show 404 when archived (#6247)
           Check organization visibility before everything else (#6234) (#6235)
           Prevent double-close of issues (#6233)
           Override xorm type mapping for U2F counter (#6232)
           Add isAdmin to user API response (#6231)
           Update git vendor to fix wrong release commit id and add migrations (#6224)
           Fix fork button (#6223)
           Fix renames over redirects (#6216)
           Fix display dashboard even if require to change password (#6214)
           Create a repo redirect when transferring ownership (#6210) (#6211)
           Fix issue update race condition (#6194)
           Fix bug when migrate repository 500 when repo is existed (#6188)
           Fix scrollbar always present on page body (#6177)
           Fix bug when set indexer as db and add tests (#6173)
           Modify linkRegex to require http|https (#6171)
           Fix bug user could change private repository to public when force private enabled. (#6156)
           Fix admin list user/org API (#6143)
           Make repo creation for API similar to UI (#6142)
           Make document body a flexbox (#6139)
           Refactor issue indexer, add some testing and fix a bug (#6131)
           Load Issue attributes for API call (#6122)
           Fix bug when update owner team then visit team's repo return 404 (#6119)
           Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
           Show private organization for admin, fix #6111 (#6112)
           Fix prohibit login check on authorization (#6106)
           Move to ldap.v3 to fix #5928 (#6105)
           Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
           Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
           Make sure labels are actually returned (#6053)
           Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
           After deleting a repo on admin panel, UI should remember the last sort type (#6033)
           Default create repository on organisation on its dashboard (#6026)
           Swagger: Remove spaces in MergePullRequestOption enum (#6016)
           Fix metrics auth token detection (#6006)
           Fix repo header issues (#5995)
           Fix bug when deleting a linked account will removed all (#5989)
           Make organization dropdown scrollable when using mouse wheel (#5988)
           Fix empty ssh key importing in ldap (#5984)
           Admin config page mailertype setting option update (#5973)
           Fix redirect loop during forced password change (#5965)
           Show user who created the repository instead of the organisation in action feed (#5948)
           Remove all CommitStatus when a repo is deleted (#5940)
           Fix ssh deploy and user key constraints (#1357) (#5939)
           Fix log output (#5938)
           Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
           Fix compare button (#5929)
           Fix bug when read public repo lfs file (#5912)
           Only allow local login if password is non-empty (#5906)
           Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
           Provide better panic handling (#5902)
           Respect value of REQUIRE_SIGNIN_VIEW (#5901)
           Show a 404 not a 500 if a repo does not exist (#5900)
           Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
           Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
           Correct footer height if screen-width is to small (fixes #5878) (#5889)
           In gitea serv switch off console logger to fix #5866 (#5887)
           Don't allow pull requests to be created on an archived repository (#5883)
           Support reviews on a deleted file path (#5880)
           Fix compare button on upstream repo leading to 404 (#5877)
           Fix null pointer on not logged in attempt to Sudo (#5872)
           Fix new release creation API to allow empty target (#5870)
           Fix an error while adding a dependency via UI. (#5862)
           Fix failing migration v67 (#5849)
           Fix delete correct temp directory (#5839)
           Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
           Fix topics saving internal error and disable for archived repos (#5821)
           Fix TLS errors when using acme/autocert for local connections (#5820)
           When creating new repository fsck option should be enabled (#5817)
           Request for public keys only if LDAP attribute is set (#5816)
           Fix serving of raw wiki files other than .md (#5814)
           Fix migration 78 error mssql (#5791)
           Disallow empty titles (#5785)
           Fix the v78 migration script (#5776)
           Ensure valid git author names passed in signatures (#5774)
           Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
           Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
           Fixing PostgreSQL dump creation (#5747)
           Add proper CORS preflight origin validation (#5740)
           Disable auto-migrate in docker container (#5730)
           In basic auth check for tokens before call UserSignIn (#5725)
           Pooled and buffered gzip implementation (#5722)
           Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
           Keep file permissions during database migration (#5707)
           Use correct value for "MSpan Structures Obtained" #4742 (#5706)
           Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
           Update xorm to fix issue #5659 and #5651 (#5680)
           Fix public will not be reused as public key after deleting as deploy key (#5671)
           When redirecting, clean the path (#5669)
           Don't list an issue on its own dependency list UI. (#5658)
           Fix commit page showing status for current default branch (#5649) (#5650)
           Only count users own actions for heatmap contributions (#5647)
           Fix sqlite deadlock when assigning to a PR (#5640)
           Refactor issue indexer (#5363)
       TESTING
           Run benchmark at tag to track performances (#6035)
           Add test environment for MySQL8 (#5234)
       BUILD
           Use go 1.12 for tests and deprecate go 1.9 (#6186)
           Makefile changes for Windows and easier development (#6103)
           Update bleve dependency to latest master revision (#6100)
           Switch to more recent build of xgo (#6070)
           Add autoprefixer to css build (#6029)
           Update the version of less (#6010)
           Make log mailer for testing (#5893)
       DOCS
           Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
           update default value of --must-change-password cli flag (#6032)
           Update and expand information about building Gitea (#6019)
           Update U2F Section of app.ini.sample (#5994)
           Update swagger for release API pagination (#5841)
           Added docs for the tree api (#5834)
       MISC
           Add single commit API support (#5843)
           Add missing GET teams endpoints (#5382)
           Migrate database if app.ini found (#5290)

   Changes from 1.7.4:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
       BUGFIXES
           Allow resend of confirmation email when logged in (#6482) (#6487)

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Apr 23 06:04:41 2019 UTC (5 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +5 -5 lines
gitea: Update to 1.8.0

Changes from 1.7.5:

    SECURITY
        Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
        Resolve 2FA bypass on API (#6676) (#6674)
        Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
    BREAKING
        Add "ghost" and "notifications" to list of reserved user names. (#6208)
        Change sqlite DB path default to data directory (#6198)
        Adds MustChangePassword to user create/edit API (#6193)
        Disable redirect for i18n (#5910)
        Releases API paging (#5831)
        Allow Macaron to be set to log through to gitea.log (#5667)
        Don't close issues via commits on non-default branch (#5622)
    FEATURE
        Add regenerate secret feature for oauth2 (#6291)
        Expose issue stopwatch toggling via API (#5970)
        Add other session providers (#5963)
        Pull request conflict files detection (#5951)
        Integrate OAuth2 Provider (#5378)
        Implement "conversation lock" for issue comments (#5073)
        Feature: Archive repos (#5009)
        Discord Oauth2 support (#4476)
        Allow to set organization visibility (public, internal, private) (#1763)
        Added URL mapping for Release attachments like on github.com (#1707)
    ENHANCEMENT
        Add support for client basic auth for exchanging access tokens (#6293)
        Add ability to sort issues by due date (#6206) (#6244)
        Style tweaks to issue selection (#6196)
        Increase Username and Orgname MaxSize 35 -> 40 (#6178)
        Coverage profile with multiple packages (#6167)
        Split setting.go to multiple files (#6154)
        Allow labels to contain emoji (#6063)
        Disable git fsck for mirrored repos by default (#6018)
        Add default time out for git operations (#6015)
        Split setting.go as multiple files (#6014)
        Make dashboard navbar and footer full-width (#6013)
        Add lang specific font stacks for CJK (#6007)
        Fix header menu misalignment (#6002)
        Enhance closed PR and Issue status in the list (#6000)
        Make navbar full width (#5998)
        Add option to close issues via commit on a non master branch (#5992)
        Support n as a line highlight prefix (#5987)
        Search for org repos (#3031) (#5986)
        Minor UI tweaks (#5980)
        Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
        Dashboard tweaks (#5974)
        Fixes for repo topic editor (#5971)
        Display the branch name in the commit view (#5950)
        handle milestone events for issues and PR (#5947)
        Add label names as filter in issue search api (#5946)
        Repo header tweaks (#5945)
        Better support for long repo names (#5932)
        Fix wrapping long code lines (#5927)
        Change GPG Validation colors and remove inline CSS (#5404) (#5896)
        Fix "pulls.blocked_by_approvals" text (#5879)
        Rename reject to 'request changes' (#5858)
        Move input fields to add members to a team and repos to a team (#5853)
        Config option to disable automatic repo watching (#5852)
        New Issue ?body= query (#5851)
        Add API to list tags (#5850)
        Pagination for git tree API (#5838)
        Add InternalTokenURI to load InternalToken from an external file (#5812)
        Allow markdown files to read from the LFS (#5787)
        Add the ability to use multiple labels as filters (#5786)
        Adjust log settings when a user is not found. (#5771)
        Log IP of failed ssh connection (#5766)
        Moved defaults in defaults.go to setting.go (#5764)
        Make DB connect more robust (#5738)
        Add Default Pull Request Title (#5735)
        Refactor repo.isBare to repo.isEmpty #5629 (#5714)
        Add flag to skip repository dumping (#5695)
        Prioritize "readme.md" (#5691)
        Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
        Allow for user specific themes (#5668)
        Display branch name in delete branch confirmation modal. (#5654)
        New API routes added (#5594)
        Refactor notification for indexer (#5111)
        Refactor mail notification (#5110)
        Show email if the authenticated user owns the profile page being requested for (#4981)
        Optimize pulls merging (#4921)
        Sort Repositories widget by most recently updated (#3963) (#4599)
        Allow markdown table to scroll (#4401)
        Automatically clear stopwatch on merging a PR (#4327)
        Add the Owner Name to differentiate when merging (#3807)
        Add title attributes to all items in the repo list viewer (#6258) (#6650)
    BUGFIXES
        Fix dropdown icon padding (#6651) (#6654)
        Fix wrong GPG expire date (#6643) (#6644)
        Fix forking an empty repository (#6637) (#6653)
        Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
        Properly escape on the redirect from the web editor (#6657) (#6667)
        Allow resend of confirmation email when logged in (#6482) (#6486)
        Fix mail notification when close/reopen issue (#6581) (#6588)
        Change API commit summary to full message (#6591) (#6592)
        Add option to disable refresh token invalidation (#6584) (#6587)
        Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
        Fix new repo alignment (#6583) (#6585)
        Prevent server 500 on compare branches with no common history (#6555) (#6558)
        Properly escape release attachment URL (#6512) (#6523)
        Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
        Disable benchmarking during tag events on DroneIO (#6365) (#6366)
        Make sure units of a team are returned (#6379) (#6381)
        Don't Unescape redirect_to cookie value (#6399) (#6401)
        Fix dump table name error and add some test for dump database (#6394) (#6402)
        Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
        Display correct error for invalid mirror interval (#6414) (#6429)
        Clean up ref name rules (#6437) (#6439)
        Fix Hook & HookList in Swagger (#6432) (#6440)
        Change order that PostProcess Processors are run (#6445) (#6447)
        Clean up various use of escape/unescape functions for URL generation (#6334)
        Return 409 when creating repo if it already exists. (#6330)
        Add same changes from issues page to milestone->issues page (#6328)
        Fix ParsePatch function to work with quoted diff --git strings (#6323)
        Fix reported issue in repo description (#6306)
        Use url.PathEscape to escape the branchname (#6304)
        Add robots.txt as reserved username (#6272)
        Replace linkRegex with xurls library (#6261)
        Remove visitLinksForShortLinks features (#6257)
        Add unit types to repo action URL to correctly show 404 when archived (#6247)
        Check organization visibility before everything else (#6234) (#6235)
        Prevent double-close of issues (#6233)
        Override xorm type mapping for U2F counter (#6232)
        Add isAdmin to user API response (#6231)
        Update git vendor to fix wrong release commit id and add migrations (#6224)
        Fix fork button (#6223)
        Fix renames over redirects (#6216)
        Fix display dashboard even if require to change password (#6214)
        Create a repo redirect when transferring ownership (#6210) (#6211)
        Fix issue update race condition (#6194)
        Fix bug when migrate repository 500 when repo is existed (#6188)
        Fix scrollbar always present on page body (#6177)
        Fix bug when set indexer as db and add tests (#6173)
        Modify linkRegex to require http|https (#6171)
        Fix bug user could change private repository to public when force private enabled. (#6156)
        Fix admin list user/org API (#6143)
        Make repo creation for API similar to UI (#6142)
        Make document body a flexbox (#6139)
        Refactor issue indexer, add some testing and fix a bug (#6131)
        Load Issue attributes for API call (#6122)
        Fix bug when update owner team then visit team's repo return 404 (#6119)
        Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
        Show private organization for admin, fix #6111 (#6112)
        Fix prohibit login check on authorization (#6106)
        Move to ldap.v3 to fix #5928 (#6105)
        Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
        Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
        Make sure labels are actually returned (#6053)
        Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
        After deleting a repo on admin panel, UI should remember the last sort type (#6033)
        Default create repository on organisation on its dashboard (#6026)
        Swagger: Remove spaces in MergePullRequestOption enum (#6016)
        Fix metrics auth token detection (#6006)
        Fix repo header issues (#5995)
        Fix bug when deleting a linked account will removed all (#5989)
        Make organization dropdown scrollable when using mouse wheel (#5988)
        Fix empty ssh key importing in ldap (#5984)
        Admin config page mailertype setting option update (#5973)
        Fix redirect loop during forced password change (#5965)
        Show user who created the repository instead of the organisation in action feed (#5948)
        Remove all CommitStatus when a repo is deleted (#5940)
        Fix ssh deploy and user key constraints (#1357) (#5939)
        Fix log output (#5938)
        Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
        Fix compare button (#5929)
        Fix bug when read public repo lfs file (#5912)
        Only allow local login if password is non-empty (#5906)
        Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
        Provide better panic handling (#5902)
        Respect value of REQUIRE_SIGNIN_VIEW (#5901)
        Show a 404 not a 500 if a repo does not exist (#5900)
        Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
        Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
        Correct footer height if screen-width is to small (fixes #5878) (#5889)
        In gitea serv switch off console logger to fix #5866 (#5887)
        Don't allow pull requests to be created on an archived repository (#5883)
        Support reviews on a deleted file path (#5880)
        Fix compare button on upstream repo leading to 404 (#5877)
        Fix null pointer on not logged in attempt to Sudo (#5872)
        Fix new release creation API to allow empty target (#5870)
        Fix an error while adding a dependency via UI. (#5862)
        Fix failing migration v67 (#5849)
        Fix delete correct temp directory (#5839)
        Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
        Fix topics saving internal error and disable for archived repos (#5821)
        Fix TLS errors when using acme/autocert for local connections (#5820)
        When creating new repository fsck option should be enabled (#5817)
        Request for public keys only if LDAP attribute is set (#5816)
        Fix serving of raw wiki files other than .md (#5814)
        Fix migration 78 error mssql (#5791)
        Disallow empty titles (#5785)
        Fix the v78 migration script (#5776)
        Ensure valid git author names passed in signatures (#5774)
        Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
        Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
        Fixing PostgreSQL dump creation (#5747)
        Add proper CORS preflight origin validation (#5740)
        Disable auto-migrate in docker container (#5730)
        In basic auth check for tokens before call UserSignIn (#5725)
        Pooled and buffered gzip implementation (#5722)
        Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
        Keep file permissions during database migration (#5707)
        Use correct value for "MSpan Structures Obtained" #4742 (#5706)
        Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
        Update xorm to fix issue #5659 and #5651 (#5680)
        Fix public will not be reused as public key after deleting as deploy key (#5671)
        When redirecting, clean the path (#5669)
        Don't list an issue on its own dependency list UI. (#5658)
        Fix commit page showing status for current default branch (#5649) (#5650)
        Only count users own actions for heatmap contributions (#5647)
        Fix sqlite deadlock when assigning to a PR (#5640)
        Refactor issue indexer (#5363)
    TESTING
        Run benchmark at tag to track performances (#6035)
        Add test environment for MySQL8 (#5234)
    BUILD
        Use go 1.12 for tests and deprecate go 1.9 (#6186)
        Makefile changes for Windows and easier development (#6103)
        Update bleve dependency to latest master revision (#6100)
        Switch to more recent build of xgo (#6070)
        Add autoprefixer to css build (#6029)
        Update the version of less (#6010)
        Make log mailer for testing (#5893)
    DOCS
        Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
        update default value of --must-change-password cli flag (#6032)
        Update and expand information about building Gitea (#6019)
        Update U2F Section of app.ini.sample (#5994)
        Update swagger for release API pagination (#5841)
        Added docs for the tree api (#5834)
    MISC
        Add single commit API support (#5843)
        Add missing GET teams endpoints (#5382)
        Migrate database if app.ini found (#5290)

Changes from 1.7.4:

    SECURITY
        Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
    BUGFIXES
        Allow resend of confirmation email when logged in (#6482) (#6487)

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Mar 24 21:34:23 2019 UTC (5 years, 8 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2019Q1-base
Branch point for: pkgsrc-2019Q1
www/gitea: Add version 1.7.4

Mostly based on work by tuxillo in pkgsrc-wip with some changes and additions
by me.

Gitea is a community managed fork of Gogs, lightweight code hosting solution
written in Go and published under the MIT license.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>