The NetBSD Project

CVS log for pkgsrc/www/gitea/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / gitea

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.101 / (download) - annotate - [select for diffs], Wed Feb 7 14:51:02 2024 UTC (3 weeks, 2 days ago) by bsiegert
Branch: MAIN
CVS Tags: HEAD
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)

Revbump all Go packages after go121 update

Revision 1.100 / (download) - annotate - [select for diffs], Wed Jan 10 19:14:42 2024 UTC (7 weeks, 1 day ago) by bsiegert
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)

Revbump all Go packages after go121 update

Revision 1.94.2.2 / (download) - annotate - [select for diffs], Wed Dec 6 12:08:54 2023 UTC (2 months, 3 weeks ago) by spz
Branch: pkgsrc-2023Q3
Changes since 1.94.2.1: +2 -2 lines
Diff to previous 1.94.2.1 (colored) to branchpoint 1.94 (colored) next main 1.95 (colored)

Pullup ticket #6822 - requested by bsiegert
lang/go120: security update
lang/go121: security update
lang/go: metadata update
audio/gospt: revision bump
audio/ymuse: revision bump
chat/coyim: revision bump
chat/gomuks: revision bump
chat/matterircd: revision bump
chat/senpai: revision bump
chat/ssh-chat: revision bump
databases/go-ldap: revision bump
databases/influxdb: revision bump
databases/mongo-tools: revision bump
databases/mysqld_exporter: revision bump
databases/postgres_exporter: revision bump
databases/prometheus: revision bump
databases/promscale: revision bump
databases/sqlc: revision bump
databases/timescaledb-tune: revision bump
devel/asmfmt: revision bump
devel/conftest: revision bump
devel/errcheck: revision bump
devel/fq: revision bump
devel/git-lfs: revision bump
devel/go-ed25519: revision bump
devel/go-gocode: revision bump
devel/go-golang-lru: revision bump
devel/go-gopkgs: revision bump
devel/go-goptlib: revision bump
devel/go-goreturns: revision bump
devel/go-gox: revision bump
devel/go-impl: revision bump
devel/go-logrus: revision bump
devel/go-nbreader: revision bump
devel/go-pty: revision bump
devel/go-review: revision bump
devel/go-siphash: revision bump
devel/go-staticcheck: revision bump
devel/go-swagger: revision bump
devel/go-sys: revision bump
devel/go-tools: revision bump
devel/go-wire: revision bump
devel/go-xerrors: revision bump
devel/golangci-lint: revision bump
devel/golint: revision bump
devel/gomodifytags: revision bump
devel/gopls: revision bump
devel/goredo: revision bump
devel/gotags: revision bump
devel/gotests: revision bump
devel/govulncheck: revision bump
devel/lazygit: revision bump
devel/mob: revision bump
devel/nancy: revision bump
devel/opa: revision bump
devel/packr: revision bump
devel/reftools: revision bump
devel/regal: revision bump
devel/revive: revision bump
devel/shfmt: revision bump
devel/syft: revision bump
editors/micro: revision bump
filesystems/kubo: revision bump
graphics/gif2png: revision bump
lang/joker: revision bump
mail/opensmtpd-filter-rspamd: revision bump
mail/opensmtpd-filter-senderscore: revision bump
mail/postforward: revision bump
misc/exercism: revision bump
net/amazon-ecs-cli: revision bump
net/amfora: revision bump
net/bombadillo: revision bump
net/croc: revision bump
net/czds: revision bump
net/dnscontrol: revision bump
net/dnscrypt-proxy2: revision bump
net/gh: revision bump
net/go-dnstap: revision bump
net/go-net: revision bump
net/go-websocket: revision bump
net/gunison: revision bump
net/gvproxy: revision bump
net/hub: revision bump
net/ipget: revision bump
net/kubectl: revision bump
net/libquic: revision bump
net/mangos: revision bump
net/nats-server: revision bump
net/obfs4proxy: revision bump
net/rclone: revision bump
net/stern: revision bump
net/syncthing: revision bump
net/terraform-provider-archive: revision bump
net/terraform-provider-aws: revision bump
net/terraform-provider-kubernetes: revision bump
net/terraform-provider-local: revision bump
net/terraform-provider-null: revision bump
net/terraform-provider-random: revision bump
net/terraform-provider-template: revision bump
net/terraform-provider-vultr: revision bump
net/terraform: revision bump
net/tut: revision bump
net/vultr-cli: revision bump
pkgtools/pkglint: revision bump
security/2fa: revision bump
security/age: revision bump
security/amass: revision bump
security/authelia: revision bump
security/cfssl: revision bump
security/dnsx: revision bump
security/go-asn1-ber: revision bump
security/go-crypto: revision bump
security/go-getpass: revision bump
security/go-mkcert: revision bump
security/gopass: revision bump
security/httpx: revision bump
security/nuclei: revision bump
security/oauth2c: revision bump
security/osv-scanner: revision bump
security/subfinder: revision bump
security/tlsx: revision bump
security/trufflehog: revision bump
security/vault: revision bump
shells/elvish: revision bump
shells/oh-my-posh: revision bump
sysutils/beats: revision bump
sysutils/consul: revision bump
sysutils/direnv: revision bump
sysutils/fzf: revision bump
sysutils/goreman: revision bump
sysutils/lf: revision bump
sysutils/node_exporter: revision bump
sysutils/packer: revision bump
sysutils/podman: revision bump
sysutils/restic: revision bump
sysutils/vultr: revision bump
textproc/glow: revision bump
textproc/go-kr-text: revision bump
textproc/go-md2man: revision bump
textproc/go-mmark: revision bump
textproc/go-text: revision bump
textproc/miller: revision bump
textproc/sift: revision bump
www/apisprout: revision bump
www/caddy: revision bump
www/gitea: revision bump
www/go-ffuf: revision bump
www/go-minify: revision bump
www/gotosocial: revision bump
www/grafana: revision bump
www/hugo: revision bump
www/jira-cli: revision bump
www/mycorrhiza: revision bump
www/pup: revision bump
www/restish: revision bump
www/shoutrrr: revision bump

Revisions pulled up:
- lang/go/version.mk                                            1.194
- lang/go120/PLIST                                              1.10
- lang/go120/distinfo                                           1.12
- lang/go121/PLIST                                              1.4
- lang/go121/distinfo                                           1.4
- audio/gospt/Makefile                       by patch
- audio/ymuse/Makefile                       by patch
- chat/coyim/Makefile                        by patch
- chat/gomuks/Makefile                       by patch
- chat/matterircd/Makefile                   by patch
- chat/senpai/Makefile                       by patch
- chat/ssh-chat/Makefile                     by patch
- databases/go-ldap/Makefile                 by patch
- databases/influxdb/Makefile                by patch
- databases/mongo-tools/Makefile             by patch
- databases/mysqld_exporter/Makefile         by patch
- databases/postgres_exporter/Makefile       by patch
- databases/prometheus/Makefile              by patch
- databases/promscale/Makefile               by patch
- databases/sqlc/Makefile                    by patch
- databases/timescaledb-tune/Makefile        by patch
- devel/asmfmt/Makefile                      by patch
- devel/conftest/Makefile                    by patch
- devel/errcheck/Makefile                    by patch
- devel/fq/Makefile                          by patch
- devel/git-lfs/Makefile                     by patch
- devel/go-ed25519/Makefile                  by patch
- devel/go-gocode/Makefile                   by patch
- devel/go-golang-lru/Makefile               by patch
- devel/go-gopkgs/Makefile                   by patch
- devel/go-goptlib/Makefile                  by patch
- devel/go-goreturns/Makefile                by patch
- devel/go-gox/Makefile                      by patch
- devel/go-impl/Makefile                     by patch
- devel/go-logrus/Makefile                   by patch
- devel/go-nbreader/Makefile                 by patch
- devel/go-pty/Makefile                      by patch
- devel/go-review/Makefile                   by patch
- devel/go-siphash/Makefile                  by patch
- devel/go-staticcheck/Makefile              by patch
- devel/go-swagger/Makefile                  by patch
- devel/go-sys/Makefile                      by patch
- devel/go-tools/Makefile                    by patch
- devel/go-wire/Makefile                     by patch
- devel/go-xerrors/Makefile                  by patch
- devel/golangci-lint/Makefile               by patch
- devel/golint/Makefile                      by patch
- devel/gomodifytags/Makefile                by patch
- devel/gopls/Makefile                       by patch
- devel/goredo/Makefile                      by patch
- devel/gotags/Makefile                      by patch
- devel/gotests/Makefile                     by patch
- devel/govulncheck/Makefile                 by patch
- devel/lazygit/Makefile                     by patch
- devel/mob/Makefile                         by patch
- devel/nancy/Makefile                       by patch
- devel/opa/Makefile                         by patch
- devel/packr/Makefile                       by patch
- devel/reftools/Makefile                    by patch
- devel/regal/Makefile                       by patch
- devel/revive/Makefile                      by patch
- devel/shfmt/Makefile                       by patch
- devel/syft/Makefile                        by patch
- editors/micro/Makefile                     by patch
- filesystems/kubo/Makefile                  by patch
- graphics/gif2png/Makefile                  by patch
- lang/joker/Makefile                        by patch
- mail/opensmtpd-filter-rspamd/Makefile      by patch
- mail/opensmtpd-filter-senderscore/Makefile by patch
- mail/postforward/Makefile                  by patch
- misc/exercism/Makefile                     by patch
- net/amazon-ecs-cli/Makefile                by patch
- net/amfora/Makefile                        by patch
- net/bombadillo/Makefile                    by patch
- net/croc/Makefile                          by patch
- net/czds/Makefile                          by patch
- net/dnscontrol/Makefile                    by patch
- net/dnscrypt-proxy2/Makefile               by patch
- net/gh/Makefile                            by patch
- net/go-dnstap/Makefile                     by patch
- net/go-net/Makefile                        by patch
- net/go-websocket/Makefile                  by patch
- net/gunison/Makefile                       by patch
- net/gvproxy/Makefile                       by patch
- net/hub/Makefile                           by patch
- net/ipget/Makefile                         by patch
- net/kubectl/Makefile                       by patch
- net/libquic/Makefile                       by patch
- net/mangos/Makefile                        by patch
- net/nats-server/Makefile                   by patch
- net/obfs4proxy/Makefile                    by patch
- net/rclone/Makefile                        by patch
- net/stern/Makefile                         by patch
- net/syncthing/Makefile                     by patch
- net/terraform-provider-archive/Makefile    by patch
- net/terraform-provider-aws/Makefile        by patch
- net/terraform-provider-kubernetes/Makefile by patch
- net/terraform-provider-local/Makefile      by patch
- net/terraform-provider-null/Makefile       by patch
- net/terraform-provider-random/Makefile     by patch
- net/terraform-provider-template/Makefile   by patch
- net/terraform-provider-vultr/Makefile      by patch
- net/terraform/Makefile                     by patch
- net/tut/Makefile                           by patch
- net/vultr-cli/Makefile                     by patch
- pkgtools/pkglint/Makefile                  by patch
- security/2fa/Makefile                      by patch
- security/age/Makefile                      by patch
- security/amass/Makefile                    by patch
- security/authelia/Makefile                 by patch
- security/cfssl/Makefile                    by patch
- security/dnsx/Makefile                     by patch
- security/go-asn1-ber/Makefile              by patch
- security/go-crypto/Makefile                by patch
- security/go-getpass/Makefile               by patch
- security/go-mkcert/Makefile                by patch
- security/gopass/Makefile                   by patch
- security/httpx/Makefile                    by patch
- security/nuclei/Makefile                   by patch
- security/oauth2c/Makefile                  by patch
- security/osv-scanner/Makefile              by patch
- security/subfinder/Makefile                by patch
- security/tlsx/Makefile                     by patch
- security/trufflehog/Makefile               by patch
- security/vault/Makefile                    by patch
- shells/elvish/Makefile                     by patch
- shells/oh-my-posh/Makefile                 by patch
- sysutils/beats/Makefile                    by patch
- sysutils/consul/Makefile                   by patch
- sysutils/direnv/Makefile                   by patch
- sysutils/fzf/Makefile                      by patch
- sysutils/goreman/Makefile                  by patch
- sysutils/lf/Makefile                       by patch
- sysutils/node_exporter/Makefile            by patch
- sysutils/packer/Makefile                   by patch
- sysutils/podman/Makefile                   by patch
- sysutils/restic/Makefile                   by patch
- sysutils/vultr/Makefile                    by patch
- textproc/glow/Makefile                     by patch
- textproc/go-kr-text/Makefile               by patch
- textproc/go-md2man/Makefile                by patch
- textproc/go-mmark/Makefile                 by patch
- textproc/go-text/Makefile                  by patch
- textproc/miller/Makefile                   by patch
- textproc/sift/Makefile                     by patch
- www/apisprout/Makefile                     by patch
- www/caddy/Makefile                         by patch
- www/gitea/Makefile                         by patch
- www/go-ffuf/Makefile                       by patch
- www/go-minify/Makefile                     by patch
- www/gotosocial/Makefile                    by patch
- www/grafana/Makefile                       by patch
- www/hugo/Makefile                          by patch
- www/jira-cli/Makefile                      by patch
- www/mycorrhiza/Makefile                    by patch
- www/pup/Makefile                           by patch
- www/restish/Makefile                       by patch
- www/shoutrrr/Makefile                      by patch

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	bsiegert
   Date:		Fri Nov 10 15:39:34 UTC 2023

   Modified Files:
   	pkgsrc/lang/go: version.mk
   	pkgsrc/lang/go120: PLIST distinfo
   	pkgsrc/lang/go121: PLIST distinfo

   Log Message:
   Update go120 to 1.20.11 and go121 to 1.21.4 (security).

   These minor releases include 2 security fixes following the security policy:

   - path/filepath: recognize \??\ as a Root Local Device path prefix.

    On Windows, a path beginning with \??\ is a Root Local Device path equivalent
    to a path beginning with \\?\. Paths with a \??\ prefix may be used to access
    arbitrary locations on the system. For example, the path \??\c:\x is
    equivalent to the more common path c:\x.

    The filepath package did not recognize paths with a \??\ prefix as special.

    Clean could convert a rooted path such as \a\..\??\b into
    the root local device path \??\b. It will now convert this
    path into .\??\b.

    IsAbs did not report paths beginning with \??\ as absolute.
    It now does so.

    VolumeName now reports the \??\ prefix as a volume name.

    Join(`\`, `??`, `b`) could convert a seemingly innocent
    sequence of path elements into the root local device path
    \??\b. It will now convert this to \.\??\b.

    This is CVE-2023-45283 and https://go.dev/issue/63713.

   - path/filepath: recognize device names with trailing spaces and superscripts

    The IsLocal function did not correctly detect reserved names in some cases:

    reserved names followed by spaces, such as "COM1 ".
    "COM" or "LPT" followed by a superscript 1, 2, or 3.
    IsLocal now correctly reports these names as non-local.

    This is CVE-2023-45284 and https://go.dev/issue/63713.


   To generate a diff of this commit:
   cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/PLIST
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/go120/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go121/PLIST pkgsrc/lang/go121/distinfo

Revision 1.99 / (download) - annotate - [select for diffs], Tue Dec 5 19:46:17 2023 UTC (2 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)

Revbump all Go packages after go121 update

Revision 1.98 / (download) - annotate - [select for diffs], Fri Nov 10 15:45:23 2023 UTC (3 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)

Revbump all Go packages after go121 update

Revision 1.97 / (download) - annotate - [select for diffs], Wed Nov 8 13:21:18 2023 UTC (3 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.96: +2 -2 lines
Diff to previous 1.96 (colored)

*: recursive bump for icu 74.1

Revision 1.96 / (download) - annotate - [select for diffs], Sun Oct 29 14:48:23 2023 UTC (4 months ago) by bsiegert
Branch: MAIN
Changes since 1.95: +2 -2 lines
Diff to previous 1.95 (colored)

Revbump all Go packages because go121 is now the default

Revision 1.94.2.1 / (download) - annotate - [select for diffs], Sun Oct 22 18:44:20 2023 UTC (4 months, 1 week ago) by spz
Branch: pkgsrc-2023Q3
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

Pullup ticket #6812 - requested by bsiegert
lang/go120: security update
lang/go: version info update
audio/gospt: RevBump
audio/ymuse: RevBump
chat/coyim: RevBump
chat/gomuks: RevBump
chat/matterircd: RevBump
chat/senpai: RevBump
chat/ssh-chat: RevBump
databases/go-ldap: RevBump
databases/influxdb: RevBump
databases/mongo-tools: RevBump
databases/mysqld_exporter: RevBump
databases/postgres_exporter: RevBump
databases/prometheus: RevBump
databases/promscale: RevBump
databases/sqlc: RevBump
databases/timescaledb-tune: RevBump
devel/asmfmt: RevBump
devel/conftest: RevBump
devel/errcheck: RevBump
devel/fq: RevBump
devel/git-lfs: RevBump
devel/go-ed25519: RevBump
devel/go-gocode: RevBump
devel/go-golang-lru: RevBump
devel/go-gopkgs: RevBump
devel/go-goptlib: RevBump
devel/go-goreturns: RevBump
devel/go-gox: RevBump
devel/go-impl: RevBump
devel/go-logrus: RevBump
devel/go-nbreader: RevBump
devel/go-pty: RevBump
devel/go-review: RevBump
devel/go-siphash: RevBump
devel/go-staticcheck: RevBump
devel/go-swagger: RevBump
devel/go-sys: RevBump
devel/go-tools: RevBump
devel/go-wire: RevBump
devel/go-xerrors: RevBump
devel/golangci-lint: RevBump
devel/golint: RevBump
devel/gomodifytags: RevBump
devel/gopls: RevBump
devel/goredo: RevBump
devel/gotags: RevBump
devel/gotests: RevBump
devel/govulncheck: RevBump
devel/lazygit: RevBump
devel/mob: RevBump
devel/nancy: RevBump
devel/opa: RevBump
devel/packr: RevBump
devel/reftools: RevBump
devel/regal: RevBump
devel/revive: RevBump
devel/shfmt: RevBump
devel/syft: RevBump
editors/micro: RevBump
filesystems/kubo: RevBump
graphics/gif2png: RevBump
lang/joker: RevBump
mail/opensmtpd-filter-rspamd: RevBump
mail/opensmtpd-filter-senderscore: RevBump
mail/postforward: RevBump
meta-pkgs/bulk-test-essential: RevBump
misc/exercism: RevBump
net/amazon-ecs-cli: RevBump
net/amfora: RevBump
net/bombadillo: RevBump
net/croc: RevBump
net/czds: RevBump
net/dnscontrol: RevBump
net/dnscrypt-proxy2: RevBump
net/gh: RevBump
net/go-dnstap: RevBump
net/go-net: RevBump
net/go-websocket: RevBump
net/gunison: RevBump
net/gvproxy: RevBump
net/hub: RevBump
net/ipget: RevBump
net/kubectl: RevBump
net/libquic: RevBump
net/mangos: RevBump
net/nats-server: RevBump
net/obfs4proxy: RevBump
net/rclone: RevBump
net/stern: RevBump
net/syncthing: RevBump
net/terraform-provider-archive: RevBump
net/terraform-provider-aws: RevBump
net/terraform-provider-kubernetes: RevBump
net/terraform-provider-local: RevBump
net/terraform-provider-null: RevBump
net/terraform-provider-random: RevBump
net/terraform-provider-template: RevBump
net/terraform-provider-vultr: RevBump
net/terraform: RevBump
net/tut: RevBump
net/vultr-cli: RevBump
pkgtools/pkglint: RevBump
security/2fa: RevBump
security/age: RevBump
security/amass: RevBump
security/authelia: RevBump
security/cfssl: RevBump
security/dnsx: RevBump
security/go-asn1-ber: RevBump
security/go-crypto: RevBump
security/go-getpass: RevBump
security/go-mkcert: RevBump
security/gopass: RevBump
security/httpx: RevBump
security/nuclei: RevBump
security/oauth2c: RevBump
security/osv-scanner: RevBump
security/subfinder: RevBump
security/tlsx: RevBump
security/trufflehog: RevBump
security/vault: RevBump
shells/elvish: RevBump
shells/oh-my-posh: RevBump
sysutils/beats: RevBump
sysutils/consul: RevBump
sysutils/direnv: RevBump
sysutils/fzf: RevBump
sysutils/goreman: RevBump
sysutils/lf: RevBump
sysutils/node_exporter: RevBump
sysutils/packer: RevBump
sysutils/podman: RevBump
sysutils/restic: RevBump
sysutils/vultr: RevBump
textproc/glow: RevBump
textproc/go-kr-text: RevBump
textproc/go-md2man: RevBump
textproc/go-mmark: RevBump
textproc/go-text: RevBump
textproc/miller: RevBump
textproc/sift: RevBump
www/apisprout: RevBump
www/caddy: RevBump
www/gitea: RevBump
www/go-ffuf: RevBump
www/go-minify: RevBump
www/gotosocial: RevBump
www/grafana: RevBump
www/hugo: RevBump
www/jira-cli: RevBump
www/mycorrhiza: RevBump
www/pup: RevBump
www/restish: RevBump
www/shoutrrr: RevBump

Revisions pulled up:
- lang/go/version.mk                                            1.190,1.192
- lang/go120/PLIST                                              1.9
- lang/go120/distinfo                                           1.10-1.11

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sat Oct  7 18:09:35 UTC 2023

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go120: PLIST distinfo

   Log Message:
   go120: update to 1.20.9 (security).

   cmd/go: line directives allows arbitrary execution during build

   "//line" directives can be used to bypass the restrictions on "//go:cgo_"
   directives, allowing blocked linker and compiler flags to be passed during
   compliation. This can result in unexpected execution of arbitrary code when
   running "go build". The line directive requires the absolute path of the file in
   which the directive lives, which makes exploting this issue significantly more
   complex.

   This is CVE-2023-39323 and Go issue https://go.dev/issue/63211.

   View the release notes for more information:
   https://go.dev/doc/devel/release#go1.20.9

   To generate a diff of this commit:
   cvs rdiff -u -r1.189 -r1.190 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go120/PLIST
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sun Oct 15 11:02:08 UTC 2023

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go120: distinfo

   Log Message:
   go120: update to 1.20.10 (security)

   net/http: rapid stream resets can cause excessive work

   A malicious HTTP/2 client which rapidly creates requests and
   immediately resets them can cause excessive server resource consumption.
   While the total number of requests is bounded to the
   http2.Server.MaxConcurrentStreams setting, resetting an in-progress
   request allows the attacker to create a new request while the existing
   one is still executing.

   HTTP/2 servers now bound the number of simultaneously executing
   handler goroutines to the stream concurrency limit. New requests
   arriving when at the limit (which can only happen after the client
   has reset an existing, in-flight request) will be queued until a
   handler exits. If the request queue grows too large, the server
   will terminate the connection.

   This issue is also fixed in golang.org/x/net/http2 v0.17.0,
   for users manually configuring HTTP/2.

   The default stream concurrency limit is 250 streams (requests)
   per HTTP/2 connection. This value may be adjusted using the
   golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
   setting and the ConfigureServer function.

   This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
   This is also tracked by CVE-2023-44487.

   To generate a diff of this commit:
   cvs rdiff -u -r1.191 -r1.192 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go120/distinfo

Revision 1.95 / (download) - annotate - [select for diffs], Sun Oct 15 12:04:34 2023 UTC (4 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

Revbump all Go packages after go120 security update

Revision 1.94 / (download) - annotate - [select for diffs], Fri Sep 8 19:06:13 2023 UTC (5 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base
Branch point for: pkgsrc-2023Q3
Changes since 1.93: +2 -1 lines
Diff to previous 1.93 (colored)

Revbump all Go packages after go120 update

Revision 1.93 / (download) - annotate - [select for diffs], Wed Sep 6 23:45:20 2023 UTC (5 months, 3 weeks ago) by khorben
Branch: MAIN
Changes since 1.92: +2 -3 lines
Diff to previous 1.92 (colored)

gitea: update to 1.18.5

There have been a few security-related fixes between 1.18.0 and this
version. (XXX pull-up to pkgsrc-2023Q2)

This also includes a trivial fix in a comment for the default app.ini
configuration file.

Changes in 1.18.5:

* ENHANCEMENTS
  * Hide 2FA status from other members in organization members list
* BUGFIXES
  * Add force_merge to merge request and fix checking mergable
  * Use --message=%s for git commit message
  * Render access log template as text instead of HTML
  * Fix the Manually Merged form
  * Use beforeCommit instead of baseCommit
  * Display attachments of review comment when comment content is blank
  * Return empty url for submodule tree entries

Changes in 1.18.4:

* SECURITY
  * Provide the ability to set password hash algorithm parameters
  * Add command to bulk set must-change-password
* ENHANCEMENTS
  * Use import of OCI structs
  * Fix color of tertiary button on dark theme
  * Link issue and pull requests status change in UI notifications
    directly to their event in the timelined view.
* BUGFIXES
  * Notify on container image create
  * Fix blame view missing lines
  * Fix incorrect role labels for migrated issues and comments
  * Fix PR file tree folders no longer collapsing
  * Escape filename when assemble URL
  * Fix isAllowed of escapeStreamer
  * Load issue before accessing index in merge message
  * Improve trace logging for pulls and processes
  * Fix restore repo bug, clarify the problem of ForeignIndex
  * Add default user visibility to cli command "admin user create"
  * Escape path for the file list
  * Fix bugs with WebAuthn preventing sign in and registration.
  * Add missing close bracket in imagediff
  * Move code comments to a standalone file and fix the bug when adding
    a reply to an outdated review appears to not post(#20821)
  * Fix line spacing for plaintext previews
  * Fix wrong hint when deleting a branch successfully from pull request
    UI
  * Fix README TOC links
  * Fix missing message in git hook when pull requests disabled on fork
  * Improve checkIfPRContentChanged
  * Prevent duplicate labels when importing more than 99
  * Don't return duplicated users who can create org repo
* BUILD
  * Upgrade golangcilint to v1.51.0
* MISC
  * Use proxy for pull mirror
  * Use --index-url in PyPi description

Changes in 1.18.3:

* SECURITY
  * Prevent multiple To recipients
* BUGFIXES
  * Truncate commit summary on repo files table.
  * Mute all links in issue timeline

Changes in 1.18.2:

* BUGFIXES
  * When updating by rebase we need to set the environment for head repo
  * Fix issue not auto-closing when it includes a reference to a branch
  * Fix invalid issue branch reference if not specified in template
  * Fix 500 error viewing pull request when fork has pull requests
    disabled
  * Reliable selection of admin user
  * Set disable_gravatar/enable_federated_avatar when offline mode is
    true
* BUILD
  * cgo cross-compile for freebsd

Changes in 1.18.1:

* API
  * Add sync_on_commit option for push mirrors api
* BUGFIXES
  * Update github.com/zeripath/zapx/v15
  * Fix pull request API field closed_at always being null
  * Fix container blob mount
  * Fix error when calculating repository size
  * Fix Operator does not exist bug on explore page with
    ONLY_SHOW_RELEVANT_REPOS
  * Fix environments for KaTeX and error reporting
  * Remove the netgo tag for Windows build
  * Fix migration from GitBucket
  * Prevent panic on looking at api "git" endpoints for empty repos
  * Fix PR status layout on mobile
  * Fix wechatwork webhook sends empty content in PR review
  * Remove duplicate "Actions" label in mobile view
  * Fix leaving organization bug on user settings -> orgs
  * Fixed colour transparency regex matching in project board sorting
  * Correctly handle select on multiple channels in Queues
  * Prepend refs/heads/ to issue template refs
  * Restore function to "Show more" buttons
  * Continue GCing other repos on error in one repo
  * Allow HOST has no port
  * Fix omit avatar_url in discord payload when empty
  * Don't display stop watch top bar icon when disabled and hidden when
    click other place
  * Don't lookup mail server when using sendmail
  * Fix gravatar disable bug
  * Fix update settings table on install
  * Fix sitemap
  * Fix code search title translation
  * Fix due date rendering the wrong date in issue
  * Fix get system setting bug when enabled redis cache
  * Fix bug of DisableGravatar default value
  * Fix key signature error page
* TESTING
  * Remove test session cache to reduce possible concurrent problem
* MISC
  * Restore previous official review when an official review is deleted
  * Log STDERR of external renderer when it fails

Revision 1.92 / (download) - annotate - [select for diffs], Sat Aug 26 16:31:39 2023 UTC (6 months ago) by bsiegert
Branch: MAIN
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored)

Revbump all Go packages after go120 update

Revision 1.91 / (download) - annotate - [select for diffs], Sat Jul 15 10:53:08 2023 UTC (7 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored)

Revbump all Go packages after go120 update

Revision 1.90 / (download) - annotate - [select for diffs], Fri May 5 19:37:37 2023 UTC (9 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)

Revbump all Go packages after go120 security update

Revision 1.89 / (download) - annotate - [select for diffs], Wed Apr 19 08:11:47 2023 UTC (10 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)

revbump after textproc/icu update

Revision 1.88 / (download) - annotate - [select for diffs], Wed Apr 5 20:47:52 2023 UTC (10 months, 3 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)

Revbump all Go packages after yesterday's go120 security update

Revision 1.87 / (download) - annotate - [select for diffs], Wed Mar 8 13:38:50 2023 UTC (11 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)

Revbump all Go packages after go119 security update

Revision 1.86 / (download) - annotate - [select for diffs], Thu Feb 16 15:02:01 2023 UTC (12 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)

Revbump all Go packages after go119 update

Revision 1.85 / (download) - annotate - [select for diffs], Wed Jan 11 17:28:37 2023 UTC (13 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.84: +2 -1 lines
Diff to previous 1.84 (colored)

Revbump all Go packages after go119 update

Revision 1.84 / (download) - annotate - [select for diffs], Fri Jan 6 17:42:00 2023 UTC (13 months, 3 weeks ago) by jperkin
Branch: MAIN
Changes since 1.83: +3 -4 lines
Diff to previous 1.83 (colored)

gitea: Update to 1.18.0.

The list of changes since 1.16.9 is nearly 600 lines long, so please
see the following URLs for a curated list of changes:

  https://blog.gitea.io/2022/12/gitea-1.18.0-is-released/
  https://blog.gitea.io/2022/12/gitea-1.17.4-is-released/
  https://blog.gitea.io/2022/10/gitea-1.17.3-is-released/
  https://blog.gitea.io/2022/09/gitea-1.17.2-is-released/
  https://blog.gitea.io/2022/08/gitea-1.17.1-is-released/
  https://blog.gitea.io/2022/07/gitea-1.17.0-is-released/

Revision 1.83 / (download) - annotate - [select for diffs], Thu Dec 8 16:14:18 2022 UTC (14 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4
Changes since 1.82: +2 -2 lines
Diff to previous 1.82 (colored)

Revbump all Go packages after go119 security update

Revision 1.82 / (download) - annotate - [select for diffs], Wed Nov 23 16:21:19 2022 UTC (15 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored)

massive revision bump after textproc/icu update

Revision 1.77.2.1 / (download) - annotate - [select for diffs], Wed Nov 16 19:14:36 2022 UTC (15 months, 2 weeks ago) by bsiegert
Branch: pkgsrc-2022Q3
Changes since 1.77: +2 -6 lines
Diff to previous 1.77 (colored) next main 1.78 (colored)

Pullup ticket #6704 - requested by khorben
www/gitea: security fix, build fix

Revisions pulled up:
- www/gitea/Makefile                                            1.81
- www/gitea/distinfo                                            1.32-1.33
- www/gitea/patches/patch-Makefile                              1.4

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Wed Nov  9 23:26:15 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: Makefile distinfo

   Log Message:
   gitea: update to 1.16.9

   Changes since 1.16.8:

   SECURITY

   * Add write check for creating Commit status (#20332) (#20334)
   * Check for permission when fetching user controlled issues (#20133) (#20196)

   BUGFIXES

   * Hide notify mail setting ui if not enabled (#20138) (#20337)
   * Add write check for creating Commit status (#20332) (#20334)
   * Only show Followers that current user can access (#20220) (#20253)
   * Release page show all tags in compare dropdown (#20070) (#20071)
   * Fix permission check for delete tag (#19985) (#20001)
   * Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
   * Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
   * Set Setpgid on child git processes (#19865) (#19881)
   * Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
   * Ensure responses are context.ResponseWriters (#19843) (#19859)
   * Fix incorrect usage of Count function (#19850)
   * Fix raw endpoint PDF file headers (#19825) (#19826)
   * Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
   * Don return 500 on NotificationUnreadCount (#19802)
   * Prevent NPE when cache service is disabled (#19703) (#19783)
   * Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
   * Fix doctor pq: syntax error at or near quote user table name (#19765) (#19770)
   * Fix bug with assigneees (#19757)

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Thu Nov 10 21:12:54 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: distinfo
           pkgsrc/www/gitea/patches: patch-Makefile

   Log Message:
   gitea: use find(1) in a more portable way

   Verified on NetBSD, Linux (Debian 10.13), and macOS (all amd64).

   No changes to the package observed, so no revision bump.

Revision 1.81 / (download) - annotate - [select for diffs], Wed Nov 9 23:26:15 2022 UTC (15 months, 3 weeks ago) by khorben
Branch: MAIN
Changes since 1.80: +2 -6 lines
Diff to previous 1.80 (colored)

gitea: update to 1.16.9

Changes since 1.16.8:

SECURITY

* Add write check for creating Commit status (#20332) (#20334)
* Check for permission when fetching user controlled issues (#20133) (#20196)

BUGFIXES

* Hide notify mail setting ui if not enabled (#20138) (#20337)
* Add write check for creating Commit status (#20332) (#20334)
* Only show Followers that current user can access (#20220) (#20253)
* Release page show all tags in compare dropdown (#20070) (#20071)
* Fix permission check for delete tag (#19985) (#20001)
* Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
* Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
* Set Setpgid on child git processes (#19865) (#19881)
* Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
* Ensure responses are context.ResponseWriters (#19843) (#19859)
* Fix incorrect usage of Count function (#19850)
* Fix raw endpoint PDF file headers (#19825) (#19826)
* Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
* Don return 500 on NotificationUnreadCount (#19802)
* Prevent NPE when cache service is disabled (#19703) (#19783)
* Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
* Fix doctor pq: syntax error at or near quote user table name (#19765) (#19770)
* Fix bug with assigneees (#19757)

Revision 1.80 / (download) - annotate - [select for diffs], Wed Nov 2 19:39:50 2022 UTC (15 months, 4 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)

Revbump all Go packages after go119 security update

Revision 1.79 / (download) - annotate - [select for diffs], Wed Oct 5 11:33:08 2022 UTC (16 months, 3 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)

Revbump all Go packages after go119 security update

Revision 1.78 / (download) - annotate - [select for diffs], Mon Sep 26 18:40:15 2022 UTC (17 months ago) by bsiegert
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)

Revbump all Go packages after 1.19 became default

Revision 1.77 / (download) - annotate - [select for diffs], Wed Sep 7 09:32:20 2022 UTC (17 months, 3 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base
Branch point for: pkgsrc-2022Q3
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

Revbump all Go packages after go118 security update

Revision 1.76 / (download) - annotate - [select for diffs], Fri Aug 12 20:38:04 2022 UTC (18 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

Revbump all Go packages after go118 security update

Revision 1.75 / (download) - annotate - [select for diffs], Wed Jul 13 16:03:02 2022 UTC (19 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)

Revbump all Go packages after go118 update

Revision 1.74 / (download) - annotate - [select for diffs], Thu Jun 2 18:52:08 2022 UTC (20 months, 4 weeks ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)

Revbump all Go packages after go118 update

Revision 1.68.2.2 / (download) - annotate - [select for diffs], Mon May 30 18:59:42 2022 UTC (21 months ago) by bsiegert
Branch: pkgsrc-2022Q1
Changes since 1.68.2.1: +2 -3 lines
Diff to previous 1.68.2.1 (colored) to branchpoint 1.68 (colored) next main 1.69 (colored)

Pullup ticket #6638 - requested by khorben
www/gitea: security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.73
- www/gitea/distinfo                                            1.31
- www/gitea/go-modules.mk                                       1.2

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Wed May 18 18:38:34 UTC 2022

   Modified Files:
           pkgsrc/www/gitea: Makefile distinfo go-modules.mk

   Log Message:
   gitea: update to 1.16.8

   This is a security update:

   * CVE-2022-30781
   * CVE-2022-27313
   * and more security issues fixed but without CVEs - see below

   XXX pull-up to pkgsrc-2022Q1

   Tested on NetBSD/amd64.

   Changes in 1.16.8:

   ENHANCEMENTS

   * Add doctor check/fix for bogus action rows (#19656) (#19669)
   * Make .cs highlighting legible on dark themes (#19604) (#19605)

   BUGFIXES

   * Fix oauth setting list bug (#19681)
   * Delete user related oauth stuff on user deletion too (#19677) (#19680)
   * Fix new release from tags list UI (#19670) (#19673)
   * Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
   * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
   * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
   * Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
   * Fix sending empty notifications (#19589) (#19590)
   * Ignore DNS error when doing migration allow/block check (#19566) (#19567)
   * Fix issue overview for teams (#19652) (#19653)

   Changes in 1.16.7:

   SECURITY

   * Escape git fetch remote (#19487) (#19490) CVE-2022-30781

   BUGFIXES

   * Don't overwrite err with nil (#19572) (#19574)
   * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
   * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
   * Don't error when branch's commit doesn't exist (#19547) (#19548)
   * Support hostname:port to pass host matcher's check (#19543) (#19544)
   * Prevent intermittent race in attribute reader close (#19537) (#19539)
   * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
   * Prevent dangling archiver goroutine (#19516) (#19526)
   * Fix migrate release from github (#19510) (#19523)
   * When view _Siderbar or _Footer, just display once (#19501) (#19522)
   * Fix blame page select range error and some typos (#19503)
   * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
   * User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
   * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
   * RepoAssignment ensure to close before overwrite (#19449) (#19460)
   * Set correct PR status on 3way on conflict checking (#19457) (#19458)
   * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

   Changes in 1.16.6:

   ENHANCEMENTS

   * Only request write when necessary (#18657) (#19422)
   * Disable service worker by default (#18914) (#19342)

   BUGFIXES

   * When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
   * Fix DELETE request for non-existent public key (#19443) (#19444)
   * Don't panic on ErrEmailInvalid (#19441) (#19442)
   * Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
   * Warn on SSH connection for incorrect configuration (#19317) (#19437)
   * Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
   * When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
   * Fix nil error when some pages are rendered outside request context (#19427) (#19428)
   * Fix double blob-hunk on diff page (#19404) (#19405)
   * Don't allow merging PR's which are being conflict checked (#19357) (#19358)
   * Fix middleware function's placements (#19377) (#19378)
   * Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
   * Restore user autoregistration with email addresses (#19261) (#19312)
   * Move checks for pulls before merge into own function (#19271) (#19277)
   * Granular webhook events in editHook (#19251) (#19257)
   * Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
   * Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
   * Touch mirrors on even on fail to update (#19217) (#19233)
   * Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
   * Fix clone url JS error for the empty repo page (#19209)
   * Bump goldmark to v1.4.11 (#19201) (#19203)

   TESTING

   * Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)

   BUILD

   * Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)

   MISC

   * Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
   * Check go and nodejs version by go.mod and package.json (#19197) (#19254)

   Changes in 1.16.5:

   BREAKING

   * Bump to build with go1.18 (#19120 et al) (#19127)

   SECURITY

   * Prevent redirect to Host (2) (#19175) (#19186)
   * Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
   * Clean paths when looking in Storage (#19124) (#19179)
   * Do not send notification emails to inactive users (#19131) (#19139)
   * Do not send activation email if manual confirm is set (#19119) (#19122)

   ENHANCEMENTS

   * Use the new/choose link for New Issue on project page (#19172) (#19176)

   BUGFIXES

   * Fix showing issues in your repositories (#18916) (#19191)
   * Fix compare link in active feeds for new branch (#19149) (#19185)
   * Redirect .wiki/* ui link to /wiki (#18831) (#19184)
   * Ensure deploy keys with write access can push (#19010) (#19182)
   * Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
   * Cleanup protected branches when deleting users & teams (#19158) (#19174)
   * Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
   * Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
   * Use custom favicon when viewing static files if it exists (#19130) (#19152)
   * Fix the editor height in review box (#19003) (#19147)
   * Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
   * Fix wrong scopes caused by empty scope input (#19029) (#19145)
   * Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
   * Handle email address not exist (#19089) (#19121)

   MISC

   * Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
   * Update golang.org/x/crypto (#19097) (#19098)

   Changes in 1.16.4:

   SECURITY

   * Restrict email address validation (#17688) (#19085)
   * Fix lfs bug (#19072) (#19080)

   ENHANCEMENTS

   * Improve SyncMirrors logging (#19045) (#19050)

   BUGFIXES

   * Refactor mirror code & fix StartToMirror (#18904) (#19075)
   * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
   * Prevent 500 when there is an error during new auth source post (#19041) (#19059)
   * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
   * Fix flag validation (#19046) (#19051)
   * Add pam account authorization check (#19040) (#19047)
   * Ignore missing comment for user notifications (#18954) (#19043)
   * Set rel="nofollow noindex" on new issue links (#19023) (#19042)
   * Upgrading binding package (#19034) (#19035)
   * Don't show context cancelled errors in attribute reader (#19006) (#19027)
   * Fix update hint bug (#18996) (#19002)

   MISC

   * Fix potential assignee query for repo (#18994) (#18999)

   Changes in 1.16.3:

   SECURITY

   * Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313

   ENHANCEMENTS

   * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)

   BUGFIXES

   * Set max text height to prevent overflow (#18862) (#18977)
   * Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
   * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
   * Send 404 on /{org}.gpg (#18959) (#18962)
   * Fix admin user list pagination (#18957) (#18960)
   * Fix lfs management setting (#18947) (#18946)
   * Fix login with email panic when email is not exist (#18942)
   * Update go-org to v1.6.1 (#18932) (#18933)
   * Fix <strong> html in translation (#18929) (#18931)
   * Fix page and missing return on unadopted repos API (#18848) (#18927)
   * Allow adminstrator teams members to see other teams (#18918) (#18919)
   * Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
   * Correctly link URLs to users/repos with dashes, dots or underscores (â(#18908)
   * Fix redirect when using lowercase repo name (#18775) (#18902)
   * Fix migration v210 (#18893) (#18892)
   * Fix team management UI (#18887) (18886)
   * BeforeSourcePath should point to base commit (#18880) (#18799)

   TRANSLATION

   * Backport locales from master (#18944)

   MISC

   * Don't update email for organisation (#18905) (#18906)

   Changes in 1.16.2:

   ENHANCEMENTS

   * Show fullname on issue edits and gpg/ssh signing info (#18828)
   * Immediately Hammer if second kill is sent (#18823) (#18826)
   * Allow mermaid render error to wrap (#18791)

   BUGFIXES

   * Fix ldap user sync missed email in email_address table (#18786) (#18876)
   * Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
   * Don't report signal: killed errors in serviceRPC (#18850) (#18865)
   * Fix bug where certain LDAP settings were reverted (#18859)
   * Update go-org to 1.6.0 (#18824) (#18839)
   * Fix login with email for ldap users (#18800) (#18836)
   * Fix bug for get user by email (#18834)
   * Fix panic in EscapeReader (#18820) (#18821)
   * Fix ldap loginname (#18789) (#18804)
   * Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
   * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
   * Fix template bug of LFS lock (#18784) (#18787)
   * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
   * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
   * Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
   * Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
   * Prevent dangling GetAttribute calls (#18754) (#18755)
   * Fix isempty detection of git repository (#18746) (#18750)
   * Fix source code line highlighting on external tracker (#18729) (#18740)
   * Prevent double encoding of branch names in delete branch (#18714) (#18738)
   * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
   * Fix forked repositories missed tags (#18719) (#18735)
   * Fix release typo (#18728) (#18731)
   * Separate the details links of commit-statuses in headers (#18661) (#18730)
   * Update object repo with the migrated repository (#18684) (#18726)
   * Fix bug for version update hint (#18701) (#18705)
   * Fix issue with docker-rootless shimming script (#18690) (#18699)
   * Let MinUnitAccessMode return correct perm (#18675) (#18689)
   * Prevent security failure due to bad APP_ID (#18678) (#18682)
   * Restart zero worker if there is still work to do (#18658) (#18672)
   * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

   TESTING

   * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)

   BUILD

   * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)

   MISC

   * Put buttons back in org dashboard (#18817) (#18825)
   * Various Mermaid improvements (#18776) (#18780)
   * C preprocessor colors improvement (#18671) (#18696)
   * Fix the missing i18n key for update checker (#18646) (#18665)

Revision 1.73 / (download) - annotate - [select for diffs], Wed May 18 18:38:33 2022 UTC (21 months, 2 weeks ago) by khorben
Branch: MAIN
Changes since 1.72: +2 -3 lines
Diff to previous 1.72 (colored)

gitea: update to 1.16.8

This is a security update:

* CVE-2022-30781
* CVE-2022-27313
* and more security issues fixed but without CVEs - see below

XXX pull-up to pkgsrc-2022Q1

Tested on NetBSD/amd64.

Changes in 1.16.8:

ENHANCEMENTS

* Add doctor check/fix for bogus action rows (#19656) (#19669)
* Make .cs highlighting legible on dark themes (#19604) (#19605)

BUGFIXES

* Fix oauth setting list bug (#19681)
* Delete user related oauth stuff on user deletion too (#19677) (#19680)
* Fix new release from tags list UI (#19670) (#19673)
* Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
* GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
* Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
* Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
* Fix sending empty notifications (#19589) (#19590)
* Ignore DNS error when doing migration allow/block check (#19566) (#19567)
* Fix issue overview for teams (#19652) (#19653)

Changes in 1.16.7:

SECURITY

* Escape git fetch remote (#19487) (#19490) CVE-2022-30781

BUGFIXES

* Don't overwrite err with nil (#19572) (#19574)
* On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
* Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
* Don't error when branch's commit doesn't exist (#19547) (#19548)
* Support hostname:port to pass host matcher's check (#19543) (#19544)
* Prevent intermittent race in attribute reader close (#19537) (#19539)
* Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
* Prevent dangling archiver goroutine (#19516) (#19526)
* Fix migrate release from github (#19510) (#19523)
* When view _Siderbar or _Footer, just display once (#19501) (#19522)
* Fix blame page select range error and some typos (#19503)
* Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
* User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
* Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
* RepoAssignment ensure to close before overwrite (#19449) (#19460)
* Set correct PR status on 3way on conflict checking (#19457) (#19458)
* Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

Changes in 1.16.6:

ENHANCEMENTS

* Only request write when necessary (#18657) (#19422)
* Disable service worker by default (#18914) (#19342)

BUGFIXES

* When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
* Fix DELETE request for non-existent public key (#19443) (#19444)
* Don't panic on ErrEmailInvalid (#19441) (#19442)
* Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
* Warn on SSH connection for incorrect configuration (#19317) (#19437)
* Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
* When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
* Fix nil error when some pages are rendered outside request context (#19427) (#19428)
* Fix double blob-hunk on diff page (#19404) (#19405)
* Don't allow merging PR's which are being conflict checked (#19357) (#19358)
* Fix middleware function's placements (#19377) (#19378)
* Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
* Restore user autoregistration with email addresses (#19261) (#19312)
* Move checks for pulls before merge into own function (#19271) (#19277)
* Granular webhook events in editHook (#19251) (#19257)
* Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
* Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
* Touch mirrors on even on fail to update (#19217) (#19233)
* Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
* Fix clone url JS error for the empty repo page (#19209)
* Bump goldmark to v1.4.11 (#19201) (#19203)

TESTING

* Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)

BUILD

* Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)

MISC

* Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
* Check go and nodejs version by go.mod and package.json (#19197) (#19254)

Changes in 1.16.5:

BREAKING

* Bump to build with go1.18 (#19120 et al) (#19127)

SECURITY

* Prevent redirect to Host (2) (#19175) (#19186)
* Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
* Clean paths when looking in Storage (#19124) (#19179)
* Do not send notification emails to inactive users (#19131) (#19139)
* Do not send activation email if manual confirm is set (#19119) (#19122)

ENHANCEMENTS

* Use the new/choose link for New Issue on project page (#19172) (#19176)

BUGFIXES

* Fix showing issues in your repositories (#18916) (#19191)
* Fix compare link in active feeds for new branch (#19149) (#19185)
* Redirect .wiki/* ui link to /wiki (#18831) (#19184)
* Ensure deploy keys with write access can push (#19010) (#19182)
* Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
* Cleanup protected branches when deleting users & teams (#19158) (#19174)
* Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
* Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
* Use custom favicon when viewing static files if it exists (#19130) (#19152)
* Fix the editor height in review box (#19003) (#19147)
* Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
* Fix wrong scopes caused by empty scope input (#19029) (#19145)
* Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
* Handle email address not exist (#19089) (#19121)

MISC

* Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
* Update golang.org/x/crypto (#19097) (#19098)

Changes in 1.16.4:

SECURITY

* Restrict email address validation (#17688) (#19085)
* Fix lfs bug (#19072) (#19080)

ENHANCEMENTS

* Improve SyncMirrors logging (#19045) (#19050)

BUGFIXES

* Refactor mirror code & fix StartToMirror (#18904) (#19075)
* Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
* Prevent 500 when there is an error during new auth source post (#19041) (#19059)
* If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
* Fix flag validation (#19046) (#19051)
* Add pam account authorization check (#19040) (#19047)
* Ignore missing comment for user notifications (#18954) (#19043)
* Set rel="nofollow noindex" on new issue links (#19023) (#19042)
* Upgrading binding package (#19034) (#19035)
* Don't show context cancelled errors in attribute reader (#19006) (#19027)
* Fix update hint bug (#18996) (#19002)

MISC

* Fix potential assignee query for repo (#18994) (#18999)

Changes in 1.16.3:

SECURITY

* Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313

ENHANCEMENTS

* Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)

BUGFIXES

* Set max text height to prevent overflow (#18862) (#18977)
* Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
* Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
* Send 404 on /{org}.gpg (#18959) (#18962)
* Fix admin user list pagination (#18957) (#18960)
* Fix lfs management setting (#18947) (#18946)
* Fix login with email panic when email is not exist (#18942)
* Update go-org to v1.6.1 (#18932) (#18933)
* Fix <strong> html in translation (#18929) (#18931)
* Fix page and missing return on unadopted repos API (#18848) (#18927)
* Allow adminstrator teams members to see other teams (#18918) (#18919)
* Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
* Correctly link URLs to users/repos with dashes, dots or underscores (⊠(#18908)
* Fix redirect when using lowercase repo name (#18775) (#18902)
* Fix migration v210 (#18893) (#18892)
* Fix team management UI (#18887) (18886)
* BeforeSourcePath should point to base commit (#18880) (#18799)

TRANSLATION

* Backport locales from master (#18944)

MISC

* Don't update email for organisation (#18905) (#18906)

Changes in 1.16.2:

ENHANCEMENTS

* Show fullname on issue edits and gpg/ssh signing info (#18828)
* Immediately Hammer if second kill is sent (#18823) (#18826)
* Allow mermaid render error to wrap (#18791)

BUGFIXES

* Fix ldap user sync missed email in email_address table (#18786) (#18876)
* Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
* Don't report signal: killed errors in serviceRPC (#18850) (#18865)
* Fix bug where certain LDAP settings were reverted (#18859)
* Update go-org to 1.6.0 (#18824) (#18839)
* Fix login with email for ldap users (#18800) (#18836)
* Fix bug for get user by email (#18834)
* Fix panic in EscapeReader (#18820) (#18821)
* Fix ldap loginname (#18789) (#18804)
* Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
* In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
* Fix template bug of LFS lock (#18784) (#18787)
* Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
* Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
* Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
* Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
* Prevent dangling GetAttribute calls (#18754) (#18755)
* Fix isempty detection of git repository (#18746) (#18750)
* Fix source code line highlighting on external tracker (#18729) (#18740)
* Prevent double encoding of branch names in delete branch (#18714) (#18738)
* Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
* Fix forked repositories missed tags (#18719) (#18735)
* Fix release typo (#18728) (#18731)
* Separate the details links of commit-statuses in headers (#18661) (#18730)
* Update object repo with the migrated repository (#18684) (#18726)
* Fix bug for version update hint (#18701) (#18705)
* Fix issue with docker-rootless shimming script (#18690) (#18699)
* Let MinUnitAccessMode return correct perm (#18675) (#18689)
* Prevent security failure due to bad APP_ID (#18678) (#18682)
* Restart zero worker if there is still work to do (#18658) (#18672)
* If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

TESTING

* Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)

BUILD

* Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)

MISC

* Put buttons back in org dashboard (#18817) (#18825)
* Various Mermaid improvements (#18776) (#18780)
* C preprocessor colors improvement (#18671) (#18696)
* Fix the missing i18n key for update checker (#18646) (#18665)

Revision 1.72 / (download) - annotate - [select for diffs], Wed May 11 19:26:22 2022 UTC (21 months, 3 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Revbump all Go packages after go118 update

Revision 1.71 / (download) - annotate - [select for diffs], Mon Apr 18 19:12:17 2022 UTC (22 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)

revbump for textproc/icu update

Revision 1.70 / (download) - annotate - [select for diffs], Wed Apr 13 07:50:55 2022 UTC (22 months, 2 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

Revbump all Go packages after go117 update

Revision 1.68.2.1 / (download) - annotate - [select for diffs], Sat Apr 2 09:12:22 2022 UTC (22 months, 4 weeks ago) by bsiegert
Branch: pkgsrc-2022Q1
Changes since 1.68: +7 -5 lines
Diff to previous 1.68 (colored)

Pullup ticket #6609 - requested by tnn
www/gitea: build fix

Revisions pulled up:
- www/gitea/Makefile                                            1.69
- www/gitea/distinfo                                            1.30
- www/gitea/go-modules.mk                                       1.1

---
   Module Name:	pkgsrc
   Committed By:	tnn
   Date:		Mon Mar 28 15:59:22 UTC 2022

   Modified Files:
   	pkgsrc/www/gitea: Makefile distinfo
   Added Files:
   	pkgsrc/www/gitea: go-modules.mk

   Log Message:
   gitea: don't download distfiles during build phase (convert to go-module.mk)

Revision 1.69 / (download) - annotate - [select for diffs], Mon Mar 28 15:59:22 2022 UTC (23 months ago) by tnn
Branch: MAIN
Changes since 1.68: +7 -5 lines
Diff to previous 1.68 (colored)

gitea: don't download distfiles during build phase (convert to go-module.mk)

Revision 1.68 / (download) - annotate - [select for diffs], Wed Mar 23 23:41:14 2022 UTC (23 months, 1 week ago) by khorben
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base
Branch point for: pkgsrc-2022Q1
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)

gitea: minor fix to the RC script

This sets the working directory to / before issuing commands to Gitea.
Fix from the pgsql script; it addresses the following issue when
managing Gitea:

  # /etc/rc.d/gitea restart
  Stopping gitea.
  sh: Cannot determine current working directory
  Starting gitea.
  sh: Cannot determine current working directory

(and then Gitea not starting again)

Bumps PKGREVISION.

During freeze, but leaf package AFAICT.

Tested on NetBSD/amd64.

Revision 1.67 / (download) - annotate - [select for diffs], Mon Mar 7 09:14:13 2022 UTC (23 months, 3 weeks ago) by bsiegert
Branch: MAIN
Changes since 1.66: +2 -1 lines
Diff to previous 1.66 (colored)

Revbump all Go packages after go117 update

Revision 1.66 / (download) - annotate - [select for diffs], Wed Feb 16 16:06:21 2022 UTC (2 years ago) by tm
Branch: MAIN
Changes since 1.65: +4 -5 lines
Diff to previous 1.65 (colored)

gitea: updated to 1.16.1

Changing the the maintainership and providing latest version including frontend.

Changes since 1.13.4:

* SECURITY
  * Update JS dependencies, fix lint (#18389) (#18540)
* ENHANCEMENTS
  * Add dropdown icon to label set template dropdown (#18564) (#18571)
* BUGFIXES
  * comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
  * Stop logging an error when notes are not found (#18626) (#18635)
  * Ensure that blob-excerpt links work for wiki (#18587) (#18624)
  * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
  * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
  * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
  * Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
  * Collaborator trust model should trust collaborators (#18539) (#18557)
  * Detect conflicts with 3way merge (#18536) (#18537)
  * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
  * Add `GetUserTeams` (#18499) (#18531)
  * Fix review excerpt (#18502) (#18530)
  * Fix for AvatarURL database type (#18487) (#18529)
  * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505)
  * Fix OAuth Source Edit Page (#18495) (#18503)
  * Use "read" value for General Access (#18496) (#18500)
  * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
* BUILD
  * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
* DOCS
  * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)

* BREAKING
  * Remove golang vendored directory (#18277)
  * Paginate releases page & set default page size to 10 (#16857)
  * Use shadowing script for docker (#17846)
  * Only allow webhook to send requests to allowed hosts (#17482)
* SECURITY
  * Disable content sniffing on `PlainTextBytes` (#18359) (#18365)
  * Only view milestones from current repo (#18414) (#18417)
  * Sanitize user-input on file name (#17666)
  * Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks (#17605)
* FEATURES
  * Add/update SMTP auth providers via cli (#18197)
  * Support webauthn (#17957)
  * Team permission allow different unit has different permission (#17811)
  * Implement Well-Known URL for password change (#17777)
  * Add support for ssh commit signing (#17743)
  * Allow Loading of Diffs that are too large (#17739)
  * Add copy button to markdown code blocks (#17638)
  * Add .gitattribute assisted language detection to blame, diff and render (#17590)
  * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568)
  * Add Reindex buttons to repository settings page (#17494)
  * Make SSL cipher suite configurable (#17440)
  * Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
  * Add simple update checker to Gitea (#17212)
  * Migrated Repository will show modifications when possible (#17191)
  * Create pub/priv keypair for federation (#17071)
  * Make LDAP be able to skip local 2FA (#16954)
  * Add nodeinfo endpoint for federation purposes (#16953)
  * Save and view issue/comment content history (#16909)
  * Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
  * Add migrate from Codebase (#16768)
  * Add migration from GitBucket (#16767)
  * Add OAuth2 introspection endpoint (#16752)
  * Add proxy settings and support for migration and webhook (#16704)
  * Add microsoft oauth2 providers (#16544)
  * Send registration email on user autoregistration (#16523)
  * Defer Last Commit Info (#16467)
  * Support unprotected file patterns (#16395)
  * Add migrate from OneDev (#16356)
  * Add option to update pull request by `rebase` (#16125)
  * Add RSS/Atom feed support for user actions (#16002)
  * Add support for corporate WeChat webhooks (#15910)
  * Add a simple way to rename branch like gh (#15870)
  * Add bundle download for repository (#14538)
  * Add agit flow support in gitea (#14295)
* API
  * Add MirrorUpdated field to Repository API type (#18267)
  * Adjust Fork API to allow setting a custom repository name (#18066)
  * Add API to manage repo tranfers (#17963)
  * Add API to get file commit history (#17652)
  * Add API to get issue/pull comments and events (timeline) (#17403)
  * Add API to get/edit wiki (#17278)
  * Add API for get user org permissions (#17232)
  * Add HTML urls to notification API (#17178)
  * Add API to get commit diff/patch (#17095)
  * Respond with updated notifications in API (#17064)
  * Add API to fetch git notes (#16649)
  * Generalize list header for API (#16551)
  * Add API Token Cache (#16547)
  * Allow Token API calls be authorized using the reverse-proxy header (#15119)
* ENHANCEMENTS
  * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
  * Return nicer error if trying to pull from non-existent user (#18288)
  * Show pull link for agit pull request also (#18235)
  * Enable partial clone by default (#18195)
  * Added replay of webhooks (#18191)
  * Show OAuth callback error message (#18185)
  * Increase Salt randomness (#18179)
  * Add MP4 as default allowed attachment type (#18170)
  * Include folders into size cost (#18158)
  * Remove `/email2user` endpoint (#18127)
  * Handle invalid issues (#18111)
  * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
  * Support open compare page directly (#17975)
  * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
  * Clean legacy SimpleMDE code (#17926)
  * Refactor install page (db type) (#17919)
  * Improve interface when comparing a branch which has created a pull request (#17911)
  * Allow default branch to be inferred on compare page (#17908)
  * Display issue/comment role even if repo archived (#17907)
  * Always set a message-id on mails (#17900)
  * Change `<a>` elements to underline on hover (#17898)
  * Render issue references in file table (#17897)
  * Handle relative unix socket paths (#17836)
  * Move accessmode into models/perm (#17828)
  * Fix some org style problems (#17807)
  * Add List-Unsubscribe header (#17804)
  * Create menus for organization pages (#17802)
  * Switch archive URL code back to href attributes (#17796)
  * Refactor "refs/*" string usage by using constants (#17784)
  * Allow forks to org if you can create repos (#17783)
  * Improve install code to avoid low-level mistakes. (#17779)
  * Improve ellipsis buttons (#17773)
  * Add restrict and no-user-rc to authorized_keys (#17772)
  * Add copy Commit ID button in commits list (#17759)
  * Make `bind` error more readable (#17750)
  * Fix navbar on project view (#17749)
  * More pleasantly handle broken or missing git repositories (#17747)
  * Use `*PushUpdateOptions` as receiver (#17724)
  * Remove unused `user` paramater (#17723)
  * Better builtin avatar generator (#17707)
  * Cleanup and use global style on popups (#17674)
  * Move user/org deletion to services (#17673)
  * Added comment for changing issue ref (#17672)
  * Allow admins to change user avatars (#17661)
  * Only set `data-path` once for each file in diff pages (#17657)
  * Add icon to vscode clone link (#17641)
  * Add download button for file viewer (#17640)
  * Add pagination to fork list (#17639)
  * Use a standalone struct name for Organization (#17632)
  * Minor readability patch. (#17627)
  * Add context support for GetUserByID (#17602)
  * Move merge-section to `> .content` (#17582)
  * Remove NewSession method from db.Engine interface (#17577)
  * Move unit into models/unit/ (#17576)
  * Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
  * Refactor commentTags functionality (#17558)
  * Make Repo Code Indexer an Unique Queue (#17515)
  * Simplify Gothic to use our session store instead of creating a different store (#17507)
  * Add settings to allow different SMTP envelope from address (#17479)
  * Properly determine CSV delimiter (#17459)
  * Hide label comments if labels were added and removed immediately (#17455)
  * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
  * Add appearance section in settings (#17433)
  * Move key forms before list and add cancel button (#17432)
  * When copying executables to the docker chmod them (#17423)
  * Remove deprecated `extendDefaultPlugins` method of svgo (#17399)
  * Fix the click behavior for <tr> and <td> with [data-href] (#17388)
  * Refactor update checker to use AppState (#17387)
  * Improve async/await usage, and sort init calls in `index.js` (#17386)
  * Use a variable but a function for IsProd because of a slight performance increment (#17368)
  * Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
  * Hide command line merge instructions when user can't push (#17339)
  * Move session to models/login (#17338)
  * Sync gitea app path for git hooks and authorized keys when starting (#17335)
  * Make the Mirror Queue a queue (#17326)
  * Add "Copy branch name" button to pull request page (#17323)
  * Fix repository summary on mobile (#17322)
  * Split `index.js` to separate files (#17315)
  * Show direct match on top for user search (#17303)
  * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301)
  * Upgrade chi to v5 (#17298)
  * Disable form autofill (#17291)
  * Improve behavior of "Fork" button (#17288)
  * Open markdown image links in new window (#17287)
  * Add hints for special Wiki pages (#17283)
  * Move add deploy key form before the list and add a cancel button (#17228)
  * Allow adding multiple issues to a project  (#17226)
  * Add metrics to get issues by repository (#17225)
  * Add specific event type to header (#17222)
  * Redirect on project after issue created (#17211)
  * Reference in new issue modal: dont pre-populate issue title (#17208)
  * Always set a unique Message-ID header (#17206)
  * Add projects and project boards in exposed metrics (#17202)
  * Add metrics to get issues by label (#17201)
  * Add protection to disable Gitea when run as root (#17168)
  * Don't return binary file changes in raw PR diffs by default (#17158)
  * Support sorting for project board issuses (#17152)
  * Force color-adjust for markdown checkboxes (#17146)
  * Add option to copy line permalink (#17145)
  * Move twofactor to models/login (#17143)
  * Multiple tokens support for migrating from github (#17134)
  * Unify issue and PR subtitles (#17133)
  * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
  * Fix problem when database id is not increment as expected (#17124)
  * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123)
  * Re-allow clipboard copy on non-https sites (#17118)
  * DBContext is just a Context (#17100)
  * Move login related structs and functions to models/login (#17093)
  * Add SkipLocal2FA option to pam and smtp sources (#17078)
  * Move db related basic functions to models/db (#17075)
  * Fixes username tagging in "Reference in new issue" (#17074)
  * Use light/dark theme based on system preference (#17051)
  * Always emit the configuration path (#17036)
  * Add `AbsoluteListOptions` (#17028)
  * Use common sessioner for API and Web (#17027)
  * Fix overflow label in small view (#17020)
  * Report the associated filter if there is an error in LDAP (#17014)
  * Add "new issue" btn on project (#17001)
  * Add doctor dbconsistency check for release and attachment (#16978)
  * Disable Fomantic's CSS tooltips (#16974)
  * Add Cache-Control to avatar redirects (#16973)
  * Make mirror feature more configurable (#16957)
  * Add skip and limit to git.GetTags (#16897)
  * Remove ParseQueueConnStr as it is unused (#16878)
  * Remove unused Fomantic sidebar module (#16853)
  * Allow LDAP Sources to provide Avatars (#16851)
  * Remove Dashboard/Home button from the navbar (#16844)
  * Use conditions but not repo ids as query condition (#16839)
  * Add user settings key/value DB table (#16834)
  * Add buttons to allow loading of incomplete diffs (#16829)
  * Add information for migrate failure (#16803)
  * Add EdDSA JWT signing algorithm (#16786)
  * Add user status filter to admin user management page (#16770)
  * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
  * Do not use thin scrollbars on Firefox (#16738)
  * Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731)
  * Compute proper foreground color for labels (#16729)
  * Add edit button to wiki sidebar and footer (#16719)
  * Fix migration svg color (#16715)
  * Add link to vscode to repo header (#16664)
  * Add filter by owner and team to issue/pulls search endpoint (#16662)
  * Kanban colored boards (#16647)
  * Allow setting X-FRAME-OPTIONS (#16643)
  * Separate open and closed issue in metrics (#16637)
  * Support direct comparison (git diff a..b) as well merge comparison (a) (#16635)
  * Add setting to OAuth handlers to skip local 2FA authentication (#16594)
  * Make PR merge options more intuitive (#16582)
  * Show correct text when comparing commits on empty pull request (#16569)
  * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556)
  * Add an abstract json layout to make it's easier to change json library (#16528)
  * Make Mermaid.js limit configurable (#16519)
  * Improve 2FA autofill (#16473)
  * Add modals to Organization and Team remove/leave (#16471)
  * Show tag name on dashboard items list (#16466)
  * Change default cron schedules from @every 24h to @midnight (#16431)
  * Prevent double sanitize (#16386)
  * Replace `list.List` with slices (#16311)
  * Add configuration option to restrict users by default (#16256)
  * Move login out of models (#16199)
  * Support pagination of organizations on user settings pages (#16083)
  * Switch migration icon to svg (#15954)
  * Add left padding for chunk header of split diff view (#13397)
  * Allow U2F 2FA without TOTP (#11573)
* BUGFIXES
  * GitLab reviews may not have the updated_at field set (#18450) (#18461)
  * Fix detection of no commits when the default branch is not master (#18422) (#18423)
  * Fix broken oauth2 authentication source edit page (#18412) (#18419)
  * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404)
  * Fix restore without topic failure (#18387) (#18400)
  * Fix commit's time (#18375) (#18392)
  * Fix partial cloning a repo (#18373) (#18377)
  * Stop trimming preceding and suffixing spaces from editor filenames (#18334)
  * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18386)
  * Fix mime-type detection for HTTP server (#18370) (#18371)
  * Stop trimming preceding and suffixing spaces from editor filenames (#18334)
  * Restore propagation of ErrDependenciesLeft (#18325)
  * Fix PR comments UI (#18323)
  * Use indirect comparison when showing pull requests (#18313)
  * Replace satori/go.uuid with gofrs/uuid (#18311)
  * Fix commit links on compare page (#18310)
  * Don't show double error response in git hook (#18292)
  * Handle missing default branch better in owner/repo/branches page (#18290)
  * Fix CheckRepoStats and reuse it during migration (#18264)
  * Prevent underline hover on cards (#18259)
  * Don't delete branch if other PRs with this branch are open (#18164)
  * Require codereview to have content (#18156)
  * Allow admin to associate missing LFS objects for repositories (#18143)
  * When attempting to subscribe other user to issue report why access denied (#18091)
  * Add option to convert CRLF to LF line endings for sendmail (#18075)
  * Only create pprof files for gitea serv if explicitly asked for (#18068)
  * Abort merge if head has been updated before pressing merge (#18032)
  * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
  * Use JSON module instead of stdlib json (#18003)
  * Fixed issue merged/closed wording (#17973)
  * Return nicer error for ForcePrivate (#17971)
  * Fix overflow in commit graph (#17947)
  * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941)
  * Use disable_form_autofill on Codebase and Gitbucket (#17936)
  * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)
  * Fix markdown URL parsing (#17924)
  * Apply CSS Variables to all message elements (#17920)
  * Improve checkBranchName (#17901)
  * Update chi/middleware to chi/v5/middleware (#17888)
  * Fix position of label color picker colors (#17866)
  * Fix ListUnadoptedRepositories incorrect total count (#17865)
  * Remove whitespace inside rendered code `<td>` (#17859)
  * Make Co-committed-by and co-authored-by trailers optional (#17848)
  * Fix value of User.IsRestricted when oauth2 user registration (#17839)
  * Use new OneDev /milestones endpoint (#17782)
  * Prevent deadlock in TestPersistableChannelQueue (#17717)
  * Simplify code for writing SHA to name-rev (#17696)
  * Fix database deadlock when update issue labels (#17649)
  * Add warning for BIDI characters in page renders and in diffs (#17562)
  * Fix ipv6 parsing for builtin ssh server (#17561)
  * Multiple Escaping Improvements (#17551)
  * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)
  * Show client-side error if wiki page is empty (#17415)
  * Fix context popup error (#17398)
  * Stop sanitizing full name in API (#17396)
  * Fix issue close/comment buttons on mobile (#17317)
  * Fix navbar UI (#17235)
  * Fix problem when database id is not increment as expected (#17229)
  * Open the DingTalk link in browser (#17084)
  * Remove heads pointing to missing old refs (#17076)
  * Fix commit status index problem (#17061)
  * Handle broken references in mirror sync (#17013)
  * Fix for create repo page layout (#17012)
  * Improve LDAP synchronization efficiency (#16994)
  * Add repo_id for attachment (#16958)
  * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705)
  * Remove duplicate csv import in modules/csv/csv.go (#16631)
  * Improve SMTP authentication and Fix user creation bugs  (#16612)
  * Fixed emoji alias not parsed in links (#16221)
  * Calculate label URL on API  (#16186)
* TRANSLATION
  * Fix mispelling of starred as stared (#17465)
  * Re-separate the color translation strings (#17390)
  * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)
* BUILD
  * Add lockfile-check (#18285)
  * Don't store assets modified time into generated files (#18193)
* MISC
  * Update JS dependencies (#17611)

* SECURITY
  * Only view milestones from current repo (#18414) (#18418)
* BUGFIXES
  * Fix broken when no commits and default branch is not master (#18422) (#18424)
  * Fix commit's time (#18375) (#18409)
  * Fix restore without topic failure (#18387) (#18401)
  * Fix mermaid import in 1.15 (it uses ESModule now) (#18382)
  * Update to go/text 0.3.7 (#18336)
* MISC
  * Upgrade EasyMDE to 2.16.1 (#18278) (#18279)

* BUGFIXES
  * Fix inconsistent PR comment counts (#18260) (#18261)
  * Fix release link broken (#18252) (#18253)
  * Fix update user from site administration page bug (#18250) (#18251)
  * Set HeadCommit when creating tags (#18116) (#18173)
  * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
  * Fix purple color in suggested label colors (#18241) (#18242)
* SECURITY
  * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

* BUGFIXES
  * Fix wrong redirect on org labels (#18128) (#18134)
  * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
  * Revert "Fix delete u2f keys bug (#18042)" (#18107)
  * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
  * Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
  * Reset locale on login (#17734) (#18100)
  * Correctly handle failed migrations (#17575) (#18099)
  * Instead of using routerCtx just escape the url before routing (#18086) (#18098)
  * Quote references to the user table in consistency checks (#18072) (#18073)
  * Add NotFound handler (#18062) (#18067)
  * Ensure that git repository is closed before transfer (#18049) (#18057)
  * Use common sessioner for API and web routes (#18114)
* TRANSLATION
  * Fix code search result hint on zh-CN (#18053)

* BUGFIXES
  * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
  * Fix delete u2f keys bug (#18040) (#18042)
  * Reset Session ID on login (#18018) (#18041)
  * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
  * Stop printing 03d after escaped characters in logs (#18030) (#18034)
  * Reset locale on login (#18023) (#18025)
  * Fix reset password email template (#17025) (#18022)
  * Fix outType on gitea dump (#18000) (#18016)
  * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
  * Fix rename notification bug (#18011)
  * Prevent double decoding of % in url params  (#17997) (#18001)
  * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
  * Prevent deadlock in create issue (#17970) (#17982)
* TESTING
  * Use non-expiring key. (#17984) (#17985)

* ENHANCEMENTS
  * Only allow webhook to send requests to allowed hosts (#17482) (#17510)
  * Fix login redirection links (#17451) (#17473)
* BUGFIXES
  * Fix database inconsistent when admin change user email (#17549) (#17840)
  * Use correct user on releases (#17806) (#17818)
  * Fix commit count in tag view (#17698) (#17790)
  * Fix close issue but time watcher still running (#17643) (#17761)
  * Fix Migrate Description (#17692) (#17727)
  * Fix bug when project board get open issue number (#17703) (#17726)
  * Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
  * Fix bug when read mysql database max lifetime (#17682) (#17690)
  * Fix database deadlock when update issue labels (#17649) (#17665)
  * Fix bug on detect issue/comment writer (#17592)
  * Remove appSubUrl from pasted images (#17572) (#17588)
  * Make `ParsePatch` more robust (#17573) (#17580)
  * Fix stats upon searching issues (#17566) (#17578)
  * Escape issue titles in comments list (#17555) (#17556)
  * Fix zero created time bug on commit api (#17546) (#17547)
  * Fix database keyword quote problem on migration v161 (#17522) (#17523)
  * Fix email with + when active (#17518) (#17520)
  * Stop double encoding blame commit messages (#17498) (#17500)
  * Quote the table name in CountOrphanedObjects (#17487) (#17488)
  * Run Migrate in Install rather than just SyncTables (#17475) (#17486)
* BUILD
  * Fix golangci-lint warnings (#17598 et al) (#17668)
* MISC
  * Preserve color when inverting emojis (#17797) (#17799)

* BUGFIXES
  * Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
  * Fix CSV render error (#17406) (#17431)
  * Read expected buffer size (#17409) (#17430)
  * Ensure that restricted users can access repos for which they are members (#17460) (#17464)
  * Make commit-statuses popup show correctly (#17447) (#17466)
* TESTING
  * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463)

* SECURITY
  * Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
  * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
* BUGFIXES
  * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
  * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
  * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
  * Ensure popup text is aligned left (backport for 1.15) (#17343)
  * Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
  * Disable core.protectNTFS (#17300) (#17302)
  * Use pointer for wrappedConn methods (#17295) (#17296)
  * AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
  * Handle duplicate keys on GPG key ring (#17242) (#17284)
  * Fix SVG side by side comparison link (#17375) (#17391)

* BUGFIXES
  * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
  * Don't allow merged PRs to be reopened (#17192) (#17271)
  * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
  * Fix unwanted team review request deletion (#17257) (#17264)
  * Fix broken Activities link in team dashboard (#17255) (#17258)
  * API pull's head/base have correct permission(#17214) (#17245)
  * Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227)
  * Upgrade xorm to v1.2.5 (#17177) (#17188)
  * Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
  * Fix bug of get context user (#17169) (#17172)
  * Nicely handle missing user in collaborations (#17049) (#17166)
  * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
  * Fix wrong i18n keys (#17150) (#17153)
  * Fix Archive Creation: correct transaction ending (#17151)
  * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
  * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
* ENHANCEMENT
  * Check user instead of organization when creating a repo from a template via API (#16346) (#17195)
* TRANSLATION
  * v1.15 fix Sprintf format 'verbs' in locale files (#17187)

* ENHANCEMENTS
  * Add fluid to ui container class to remove margin (#16396) (#16976)
  * Add caller to cat-file batch calls (#17082) (#17089)
* BUGFIXES
  * Render full plain readme. (#17083) (#17090)
  * Upgrade xorm to v1.2.4 (#17059)
  * Fix bug of migrate comments which only fetch one page (#17055) (#17058)
  * Do not show issue context popup on external issues (#17050) (#17054)
  * Decrement Fork Num when converting from Fork (#17035) (#17046)
  * Correctly rollback in ForkRepository (#17034) (#17045)
  * Fix missing close in WalkGitLog (#17008) (#17009)
  * Add prefix to SVG id/class attributes (#16997) (#17000)
  * Fix bug of migrated repository not index (#16991) (#16996)
  * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990)
  * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977)
  * Fix issue with issue default mail template (#16956) (#16975)
  * Ensure that rebase conflicts are handled in updates (#16952) (#16960)
  * Prevent panic on diff generation (#16950) (#16951)

* BUGFIXES
  * Add unique constraint back into issue_index (#16938)
  * Close storage objects before cleaning (#16934) (#16942)

* BUGFIXES
  * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923)
  * Prevent leave changes dialogs due to autofill fields (#16912) (#16920)
  * Ignore review comment when ref commit is missed (#16905) (#16919)
  * Fix wrong attachment removal (#16915) (#16917)
  * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)
  * Correctly return the number of Repositories for Organizations (#16807) (#16911)
  * Test if LFS object is accessible (#16865) (#16904)
  * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900)
  * Fix dump and restore respository (#16698) (#16898)
  * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895)
  * Fix wiki raw commit diff/patch view (#16891) (#16892)
  * Ensure wiki repos are all closed (#16886) (#16888)
  * List limited and private orgs if authenticated on API (#16866) (#16879)
  * Simplify split diff view generation and remove JS dependency (#16775) (#16863)
  * Ensure that the default visibility is set on the user create page (#16845) (#16862)
  * In Render tolerate not being passed a context (#16842) (#16858)
  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)
  * Report the correct number of pushes on the feeds (#16811) (#16822)
  * Add primary_key to issue_index (#16813) (#16820)
  * Prevent NPE on empty commit (#16812) (#16819)
  * Fix branch pagination error (#16805) (#16816)
  * Add missing return to handleSettingRemoteAddrError (#16794) (#16795)
  * Remove spurious / from issues.opened_by (#16793)
  * Ensure that template compilation panics are sent to the logs (#16788) (#16792)
  * Update caddyserver/certmagic (#16789) (#16790)

* BREAKING
  * Make app.ini permissions more restrictive (#16266)
  * Refactor Webhook + Add X-Hub-Signature (#16176)
  * Add asymmetric JWT signing (#16010)
  * Clean-up the settings hierarchy for issue_indexer queue (#16001)
  * Change default queue settings to be low go-routines (#15964)
  * Improve assets handler middleware (#15961)
  * Rename StaticUrlPrefix to AssetUrlPrefix (#15779)
  * Use a generic markup class to display externally rendered files and diffs (#15735)
  * Add frontend testing, require node 12 (#15315)
  * Move (custom) assets into subpath `/assets` (#15219)
  * Use level config in log section when sub log section not set level (#15176)
  * Links in markdown should be absolute to the repository not the server (#15088)
  * Upgrade to the latest version of golang-jwt (#16590) (#16606)
  * Set minimum supported version of go to 1.16 (#16710)
* SECURITY
  * Encrypt LDAP bind password in db with SECRET_KEY (#15547)
  * Remove random password in Dockerfiles (#15362)
  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
  * Don't show private user's repo in explore view (#16550) (#16554)
  * Update node tar dependency to 6.1.6 (#16622) (#16623)
* FEATURES
  * Update Go-Git to take advantage of LargeObjectThreshold (#16316)
  * Support custom mime type mapping for text files (#16304)
  * Link to previous blames in file blame page (#16259)
  * Add LRU mem cache implementation (#16226)
  * Localize Email Templates (#16200)
  * Make command in authorized keys a template (#16003)
  * Add possibility to make branch in branch page (#15960)
  * Add email headers (#15939)
  * Make tasklist checkboxes clickable (#15791)
  * Add selecting tags on the compare page (#15723)
  * Add cron job to delete old actions from database (#15688)
  * On open repository open common cat file batch and batch-check (#15667)
  * Add tag protection (#15629)
  * Add push to remote mirror repository (#15157)
  * Add Image Diff for SVG files (#14867)
  * Add dashboard milestone search and repo milestone search by name. (#14866)
  * Add LFS Migration and Mirror (#14726)
  * Improve notifications for WIP draft PR's (#14663)
  * Disable Stars config option (#14653)
  * GPG Key Ownership verification with Signed Token (#14054)
  * OAuth2 auto-register (#5123)
* API
  * Return updated repository when changing repository using API (#16420)
  * Let branch/tag name be a valid ref to get CI status (#16400)
  * Add endpoint to get commits of PR (#16300)
  * Allow COMMENT reviews to not specify a body (#16229)
  * Add subject-type filter to list notification API endpoints (#16177)
  * ListReleases add filter for draft and pre-releases (#16175)
  * ListIssues add more filters (#16174)
  * Issue Search Add filter for MilestoneNames (#16173)
  * GET / SET User Settings (#16169)
  * Expose repo.GetReviewers() & repo.GetAssignees() (#16168)
  * User expose counters (#16167)
  * Add repoGetTag (#16166)
  * Add repoCreateTag (#16165)
  * Creating a repo from a template repo via API (#15958)
  * Add Active and ProhibitLogin to API (#15689)
  * Add Location, Website and Description to API (#15675)
  * Expose resolver via API (#15167)
  * Swagger AccessToken fixes (#16574) (#16597)
  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
* ENHANCEMENTS
  * Support HTTP/2 in Let's Encrypt (#16371)
  * Introduce NotifySubjectType (#16320)
  * Add forge emojies (#16296)
  * Implemented head_commit for webhooks (#16282)
  * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)
  * Add previous/next buttons to review comments (#16273)
  * Review comments: break-word for long file names (#16272)
  * Add configuration to restrict allowed user visibility modes (#16271)
  * Add scroll-margin-top to account for sticky header (#16269)
  * Add --quiet and --verbose to gitea web to control initial logging (#16260)
  * Use gitea logging module for git module (#16243)
  * Add tests for all webhooks (#16214)
  * Add button to delete undeleted repositories from failed migrations (#16197)
  * Speed up git diff highlight generation (#16180)
  * Add OpenID claims "profile" and "email". (#16141)
  * Reintroduce squash merge default comment as a config setting (#16134)
  * Add sanitizer rules per renderer (#16110)
  * Improve performance of dashboard list orgs (#16099)
  * Refactor assert statements in tests (#16089)
  * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
  * Remove unnecessary goroutine (#16080)
  * Add attachments for PR reviews (#16075)
  * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070)
  * Add Visible modes function from Organisation to Users too (#16069)
  * Add checkbox to delete pull branch after successful merge (#16049)
  * Make commit info cancelable (#16032)
  * Make modules/context.Context a context.Context (#16031)
  * Unified custom config creation (#16012)
  * Make sshd_config more flexible regarding connections (#16009)
  * Append to existing trailers in generated squash commit message (#15980)
  * Always store primary email address into email_address table and also the state (#15956)
  * Load issue/PR context popup data only when needed (#15955)
  * Remove remaining fontawesome usage in templates (#15952)
  * Remove fomantic accordion module (#15951)
  * Small refactoring of modules/private (#15947)
  * Double the avatar size factor (#15941)
  * Add curl to rootless docker image (#15908)
  * Replace clipboard.js with async clipboard api (#15899)
  * Allow custom highlight mapping beyond file extensions (#15808)
  * Add trace logging to SSO methods (#15803)
  * Refactor routers directory (#15800)
  * Allow only internal registration (#15795)
  * Add a new internal hook to save ssh log (#15787)
  * Respect default merge message syntax when parsing item references (#15772)
  * OAuth2 login: Set account link to "login" as default behavior (#15768)
  * Use single shared random string generation function (#15741)
  * Hold the event source when there are no listeners (#15725)
  * Code comments improvements (#15722)
  * Provide OIDC compliant user info endpoint (#15721)
  * Fix webkit calendar icon color on arc-green (#15713)
  * Improve Light Chroma style (#15699)
  * Only use boost workers for leveldb shadow queues (#15696)
  * Add compare tag dropdown to releases page (#15695)
  * Add caret styling CSS (#15651)
  * Remove x-ua-compatible meta tag (#15640)
  * Refactor of link creation (#15619)
  * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
  * Rewrite of the LFS server (#15523)
  * Display more repository type on admin repository management (#15440)
  * Remove usage of some JS globals (#15378)
  * SHA in merged commit comment should be rendered ui sha (#15376)
  * Add well-known config for OIDC (#15355)
  * Use route rather than use thus reducing the number of stack frames (#15301)
  * Code Formats, Nits & Unused Func/Var deletions (#15286)
  * Let package git depend on setting but not opposite (#15241)
  * Fixed sanitize errors (#15240)
  * response simple text message for not html request when 404 (#15229)
  * Remove file-loader dependency (#15196)
  * Refactor renders (#15175)
  * Add mimetype mapping settings (#15133)
  * Add Status Updates whilst Gitea migrations are occurring (#15076)
  * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073)
  * Counterwork seemingly unclickable repo button labels (#15064)
  * Add DefaultMergeStyle option to repository (#14789)
  * Added support for gopher URLs. (#14749)
  * Rework repository archive (#14723)
  * Add links to toggle WIP status (#14677)
  * Add Tabular Diff for CSV files (#14661)
  * Use milestone deadline when sorting issues (#14551)
* BUGFIXES
  * Fix invalid params and typo of email templates (#16394)
  * Fix activation of primary email addresses (#16385)
  * Fix calculation for finalPage in repo-search component (#16382)
  * Specify user in rootless container numerically (#16361)
  * Detect encoding changes while parsing diff (#16330)
  * Fix U2F error reasons always hidden (#16327)
  * Prevent zombie processes (#16314)
  * Escape reference to `user` table in models.SearchEmails (#16313)
  * Fix default push instructions on empty repos (#16302)
  * Fix modified files list in webhooks when there is a space (#16288)
  * Fix webhook commits wrong hash on HEAD reset (#16283)
  * Fuzzer finds an NPE due to incorrect URLPrefix (#16249)
  * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238)
  * Do not show No match found for tribute (#16231)
  * Fix "Copy Link" for pull requests (#16230)
  * Fix diff expansion is missing final line in a file (#16222)
  * Fix private repo permission problem (#16142)
  * Fix not able to update local created non-urlencoded wiki pages (#16139)
  * More efficiently parse shas for shaPostProcessor (#16101)
  * Fix `doctor --run check-db-consistency --fix` with label fix (#16094)
  * Prevent webhook action buttons from shifting (#16087)
  * Change default TMPDIR path in rootless containers (#16077)
  * Fix typo and add TODO notice (#16064)
  * Use git log name-status in get last commit (#16059)
  * Fix 500 Error with branch and tag sharing the same name (#16040)
  * Fix get tag when migration (#16014)
  * Add custom emoji support (#16004)
  * Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
  * Add permission check for ``GenerateRepository`` (#15946)
  * Ensure settings for Service and Mailer are read on the install page (#15943)
  * Fix layout of milestone view (#15927)
  * Unregister non-matching serviceworkers (#15834)
  * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
  * Attachment support repository route (#15580)
  * Fix missing icons and colorpicker when mounted on suburl (#15501)
  * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
  * Prevent double-login for Git HTTP and LFS and simplify login (#15303)
  * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278)
  * Fix heatmap activity (#15252)
  * Remove vendored copy of fomantic-dropdown (#15193)
  * Update repository size on cron gc task (#15177)
  * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
  * Add code block highlight to orgmode back (#14222)
  * Remove User.GetOrganizations() (#14032)
  * Restore Accessibility for Dropdown (#16576) (#16617)
  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
  * Fix table alignment in markdown (#16596) (#16602)
  * Fix 500 on first wiki page (#16586) (#16598)
  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
  * Handle too long PR titles correctly (#16517) (#16549)
  * Fix data race in bleve indexer (#16474) (#16509)
  * Restore CORS on git smart http protocol (#16496) (#16506)
  * Fix race in log (#16490) (#16505)
  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
  * Update notification table with only latest data (#16445) (#16469)
  * Fix crash following ldap authentication update (#16447) (#16448)
  * Fix direct creation of external users on admin page (partial #16612) (#16613)
  * Prevent 500 on draft releases without tag (#16634) (#16636)
  * Restore creation of git-daemon-export-ok files (#16508) (#16514)
  * Fix data race in bleve indexer (#16474) (#16509)
  * Restore CORS on git smart http protocol (#16496) (#16506)
  * Fix race in log (#16490) (#16505)
  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
  * Update notification table with only latest data (#16445) (#16469)
  * Fix crash following ldap authentication update (#16447) (#16448)
  * Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
  * Fix direct creation of external users on admin page (#16613)
  * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
  * Fix NPE in fuzzer (#16680) (#16682)
  * Set issue_index when finishing migration (#16685) (#16687)
  * Skip patch download when no patch file exists (#16356) (#16681)
  * Ensure empty lines are copiable and final new line too (#16678) (#16692)
  * Fix wrong user in OpenID response (#16736) (#16741)
  * Do not use thin scrollbars on Firefox (#16738) (#16745)
  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
  * Keep attachments on tasklist update (#16750) (#16757)
* TESTING
  * Bump `postgres` and `mysql` versions (#15710)
  * Add tests for clone from wiki (#15513)
  * Fix Benchmark tests, remove a broken one & add two new  (#15250)
  * Create Proper Migration tests (#15116)
* TRANSLATION
  * Use a special name for update default branch on repository setting (#15893)
  * Fix mirror_lfs source string in en-US locale (#15369)
* BUILD
  * Upgrade xorm to v1.1.1 (#16339)
  * Disable legal comments in esbuild (#15929)
  * Switch to Node 16 to build fronted  (#15804)
  * Use esbuild to minify CSS (#15756)
  * Use binary version of revive linter (#15739)
  * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -(#15465)
  * Stop packaging node_modules in release tarballs (#15273)
  * Introduce esbuild on webpack (#14578)
* DOCS
  * Update queue workers documentation (#15999)
  * Comment out app.example.ini (#15807)
  * Improve logo customization docs (#15754)
  * Add some response status on api docs (#15399)
  * Rework Token API comments (#15162)
  * Add better errors for disabled account recovery (#15117)
* MISC
  * Remove utf8 option from installation page (#16126)
  * Use Wants= over Requires= in systemd file (#15897)

* BUGFIXES
  * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896)
  * Fix wiki raw commit diff/patch view (#16891) (#16893)
  * Ensure wiki repos are all closed (#16886) (#16889)
  * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849)
  * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740)

* SECURITY
  * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
  * Switch to maintained JWT lib (#16532) (#16535)
  * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
* BUGFIXES
  * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)

* SECURITY
  * Hide mirror passwords on repo settings page (#16022) (#16355)
  * Update bluemonday to v1.0.15 (#16379) (#16380)
* BUGFIXES
  * Retry rename on lock induced failures (#16435) (#16439)
  * Validate issue index before querying DB (#16406) (#16410)
  * Fix crash following ldap authentication update (#16447) (#16449)
* ENHANCEMENTS
  * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)

* BUGFIXES
  * Fix relative links in postprocessed images (#16334) (#16340)
  * Fix list_options GetStartEnd (#16303) (#16305)
  * Fix API to use author for commits instead of committer (#16276) (#16277)
  * Handle misencoding of login_source cfg in mssql (#16268) (#16275)
  * Fixed issues not updated by commits (#16254) (#16261)
  * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
  * Use html.Parse rather than html.ParseFragment (#16223) (#16225)
  * Fix milestone counters on new issue (#16183) (#16224)
  * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)

* SECURITY
  * Encrypt migration credentials at rest (#15895) (#16187)
  * Only check access tokens if they are likely to be tokens (#16164) (#16171)
  * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
  * Fix setting of SameSite on cookies (#15989) (#15991)
* API
  * Repository object only count releases as releases (#16184) (#16190)
  * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190)
  * Fix overly strict edit pr permissions (#15900) (#16081)
* BUGFIXES
  * Run processors on whole of text (#16155) (#16185)
  * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172)
  * Fix language switch for install page (#16043) (#16128)
  * Fix bug on getIssueIDsByRepoID (#16119) (#16124)
  * Set self-adjusting deadline for connection writing (#16068) (#16123)
  * Fix http path bug (#16117) (#16120)
  * Fix data URI scramble (#16098) (#16118)
  * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097)
  * git migration: don't prompt interactively for clone credentials (#15902) (#16082)
  * Fix case change in ownernames (#16045) (#16050)
  * Don't manipulate input params in email notification (#16011) (#16033)
  * Remove branch URL before IssueRefURL (#15968) (#15970)
  * Fix layout of milestone view (#15927) (#15940)
  * GitHub Migration, migrate draft releases too (#15884) (#15888)
  * Close the gitrepo when deleting the repository (#15876) (#15887)
  * Upgrade xorm to v1.1.0 (#15869) (#15885)
  * Fix blame row height alignment (#15863) (#15883)
  * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882)
  * Backport Fix LFS commit finder not working (#15856) (#15874)
  * Stop calling WriteHeader in Write (#15862) (#15873)
  * Add timeout to writing to responses (#15831) (#15872)
  * Return go-get info on subdirs (#15642) (#15871)
  * Restore PAM user autocreation functionality (#15825) (#15867)
  * Fix truncate utf8 string (#15828) (#15854)
  * Fix bound address/port for caddy's certmagic library (#15758) (#15848)
  * Upgrade unrolled/render to v1.1.1 (#15845) (#15846)
  * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840)
  * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
  * Set autocomplete off on branches selector (#15809) (#15833)
  * Add missing error to Doctor log (#15813) (#15824)
  * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816)
* ENHANCEMENTS
  * Removable media support to snap package (#16136) (#16138)
  * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
* DOCKER
  * Only write config in environment-to-ini if there are changes (#15861) (#15868)
  * Only offer hostcertificates if they exist (#15849) (#15853)

* API
  * Make change repo settings work on empty repos (#15778) (#15789)
  * Add pull "merged" notification subject status to API (#15344) (#15654)
* BUGFIXES
  * Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798)
  * Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775)
  * Set GIT_DIR correctly if it is not set (#15751) (#15769)
  * Fix bug where repositories appear unadopted (#15757) (#15767)
  * Not show `ref-in-new-issue` pop when issue was disabled (#15761) (#15765)
  * Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762)
  * Fix setting version table in dump (#15753) (#15759)
  * Fix close button change on delete in simplemde area (#15737) (#15747)
  * Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746)
  * Fix some ui bug about draft release (#15137) (#15745)
  * Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715)
  * Move tooltip down to allow selection of Remove File on error (#15672) (#15714)
  * Fix setting redis db path (#15698) (#15708)
  * Fix DB session cleanup (#15697) (#15700)
  * Fixed several activation bugs (#15473) (#15685)
  * Delete references if repository gets deleted (#15681) (#15684)
  * Fix orphaned objects deletion bug (#15657) (#15683)
  * Delete protected branch if repository gets removed (#15658) (#15676)
  * Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652)
  * Not update updated uinx for `git gc` (#15637) (#15641)
  * Fix commit graph author link (#15627) (#15630)
  * Fix webhook timeout bug (#15613) (#15621)
  * Resolve panic on failed interface conversion in migration v156 (#15604) (#15610)
  * Fix missing storage init (#15589) (#15598)
  * If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594)
  * Fix lfs management find (#15537) (#15578)
  * Fix NPE on view commit with notes (#15561) (#15573)
  * Fix bug on commit graph (#15517) (#15530)
  * Send size to /avatars if requested (#15459) (#15528)
  * Prevent migration 156 failure if tag commit missing (#15519) (#15527)
* ENHANCEMENTS
  * Display conflict-free merge messages for pull requests (#15773) (#15796)
  * Exponential Backoff for ByteFIFO (#15724) (#15793)
  * Issue list alignment tweaks (#15483) (#15766)
  * Implement delete release attachments and update release attachments' name (#14130) (#15666)
  * Add placeholder text to deploy key textarea (#15575) (#15576)
  * Project board improvements (#15429) (#15560)
  * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
* MISC
  * Fix webkit calendar icon color on arc-green (#15713) (#15728)
  * Performance improvement for last commit cache and show-ref (#15455) (#15701)
  * Bump unrolled/render to v1.1.0 (#15581) (#15608)
  * Add ETag header (#15370) (#15552)

* BUGFIXES
  * Fix bug clone wiki (#15499) (#15502)
  * Github Migration ignore rate limit, if not enabled (#15490) (#15495)
  * Use subdir for URL (#15446) (#15493)
  * Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
  * Ensure review dismissal only dismisses the correct review (#15477) (#15489)
  * Use index of the supported tags to choose user lang (#15452) (#15488)
  * Fix wrong file link in code search page (#15466) (#15486)
  * Quick template fix for built-in SSH server in admin config (#15464) (#15481)
  * Prevent superfluous response.WriteHeader (#15456) (#15476)
  * Fix ambiguous argument error on tags (#15432) (#15474)
  * Add created_unix instead of expiry to migration (#15458) (#15463)
  * Fix repository search (#15428) (#15442)
  * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
  * Fix wiki clone urls (#15430) (#15431)
  * Fix dingtalk icon url at webhook (#15417) (#15426)
  * Standardise icon on projects PR page (#15387) (#15408)
* ENHANCEMENTS
  * Add option to skip LFS/attachment files for `dump` (#15407) (#15492)
  * Clone panel fixes (#15436)
  * Use semantic dropdown for code search query type (#15276) (#15364)
* BUILD
  * Build go-git variants for windows (#15482) (#15487)
  * Lock down build-images dependencies (Partial #15479) (#15480)
* MISC
  * Performance improvement for list pull requests (#15447) (#15500)
  * Fix potential copy lfs records failure when fork a repository (#15441) (#15485)

* SECURITY
  * Respect approved email domain list for externally validated user registration (#15014)
  * Add reverse proxy configuration support for remote IP address detection (#14959)
  * Ensure validation occurs on clone addresses too (#14994)
  * Fix several render issues highlighted during fuzzing (#14986)
* BREAKING
  * Fix double 'push tag' action feed (#15078) (#15083)
  * Remove possible resource leak (#15067) (#15082)
  * Handle unauthorized user events gracefully (#15071) (#15074)
  * Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475)
  * Migrate from Macaron to Chi framework (#14293)
  * Deprecate building for mips (#14174)
  * Consolidate Logos and update README header (#14136)
  * Inline manifest.json (#14038)
  * Store repository data in data path if not previously set (#13991)
  * Rename "gitea" png to "logo" (#13974)
  * Standardise logging of failed authentication attempts in internal SSH (#13962)
  * Add markdown support in organization description (#13549)
  * Improve users management through the CLI (#6001) (#10492)
* FEATURES
  * Create a new issue with reference to lines of code from file view (#14863)
  * Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
  * Allow blocking some email domains from registering an account (#14667)
  * Create a new issue based on reference to an issue comment (#14366)
  * Add support to migrate from gogs (#14342)
  * Add pager to the branches page (#14202)
  * Minimal OpenID Connect implementation (#14139)
  * Display current stopwatch in navbar (#14122)
  * Display SVG files as images instead of text (#14101)
  * Disable SSH key deletion of externally managed Keys (#13985)
  * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)
  * Add support for Mastodon OAuth2 provider (#13293)
  * Add gitea sendmail command (#13079)
  * Create DB session provider(based on xorm) (#13031)
  * Add dismiss review feature (#12674)
  * Make manual merge autodetection optional and add manual merge as merge method (#12543)
  * Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
  * Create Rootless Docker image (#10154)
* API
  * Speedup issue search (#15179) (#15192)
  * Get pull, return head branch sha, even if deleted (#14931)
  * Export LFS & TimeTracking function status (#14753)
  * Show Gitea version in swagger (#14654)
  * Fix PATCH /repos/{owner}/{repo} panic (#14637)
  * Add Restricted Field to User (#14630)
  * Add support for ref parameter to get raw file API (#14602)
  * Add affected files of commits to commit struct (#14579)
  * Fix CJK fonts again and misc. font issues (#14575)
  * Add delete release by tag & delete tag (#14563) & (#13358)
  * Add pagination to ListBranches (#14524)
  * Add signoff option in commit form (#14516)
  * GetRelease by tag only return release (#14397)
  * Add MirrorInterval to the API (#14163)
  * Make BasicAuth Prefix case insensitive (#14106)
  * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)
  * Add ref to create/edit issue options & deprecated assignee (#13992)
  * Add Ref to Issue (#13946)
  * Expose default theme in meta and API (#13809)
  * Send error message when CSRF token is missing (#13676)
  * List, Check, Add & delete endpoints for repository teams (#13630)
  * Admin EditUser: Make FullName, Email, Website & Location optional (#13562)
  * Add more filters to issues search (#13514)
  * Add review request api (#11355)
* BUGFIXES
  * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396)
  * Always set the merge base used to merge the commit (#15352) (#15385)
  * Upgrade to bluemonday 1.0.7 (#15379) (#15380)
  * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377)
  * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361)
  * Show diff on rename with diff changes (#15338) (#15339)
  * Fix handling of logout event (#15323) (#15337)
  * Fix CanCreateRepo check (#15311) (#15321)
  * Fix xorm log stack level (#15285) (#15316)
  * Fix bug in Wrap (#15302) (#15309)
  * Drop the event source if we are unauthorized (#15275) (#15280)
  * Backport Fix graph pagination (#15225)  (#15249)
  * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200)
  * should run RetrieveRepoMetas() for empty pr (#15187) (#15190)
  * Move setting to enable closing issue via commit in non default branch to repo settings (#14965)
  * Show correct issues for team dashboard (#14952)
  * Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932)
  * Only allow issue labels from owner repository or organization (#14928)
  * Fix alignment of People and Teams right arrow on org homepage (#14924)
  * Fix overdue marking of closed issues and milestones (#14923)
  * Prevent panic when empty MilestoneID in repo/issue/list (#14911)
  * Fix migration context data (#14910)
  * Handle URLs with trailing slash (#14852)
  * Add CORS config on to /login/oauth/access_token endpoint (#14850)
  * Make searching issues by keyword case insensitive on DB (#14848)
  * Prevent use of double sub-path and incorrect asset path in manifest (#14827)
  * Fix link account ui (#14763)
  * Fix preview status switch button on wiki editor (#14742)
  * Fix github download on migration (#14703)
  * Fix svg spacing (#14638)
  * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623)
  * Truncated organizations name (#14615)
  * Exclude the current dump file from the dump (#14606)
  * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
  * Ensure memcache caching works when TTL greater than 30 days (#14592)
  * Remove NULs byte arrays passed to PostProcess (#14587)
  * Restore detection of branches are equal on compare page (#14586)
  * Fix incorrect key name so registerManualConfirm works (#14455)
  * Fix close/reopen with comment (#14436)
  * Allow passcode invalid error to appear (#14371)
  * Escape branch names in compare url (#14364)
  * Label and milestone webhooks on issue/pull creation (#14363)
  * Handle NotifyCreateRef as create branch in feeds (#14245)
  * Prevent clipping input text in Chrome + Segoe UI Font (#14179)
  * Fix UI on edit auth source page (#14137)
  * Fix git.parseTagData (#14105)
  * Refactor get tag to remove unnecessary steps (#14058)
  * Fix integrations test error with space in CURDIR path (#14056)
  * Dropdown triangle fixes (#14028)
  * Fix label of --id in admin delete user (#14005)
  * Cause NotifyMigrateRepository to emit a repo create webhook (#14004)
  * Update HEAD to match defaultBranch in template generation (#13948)
  * Fix action avatar loading (#13909)
  * Fix issue participants (#13893)
  * Fix avatar template error (#13833)
  * Fix review request notification email links when external issue tracker is enabled (#13723)
  * Fix blame line alignment (#13542)
  * Include OriginalAuthor in Reaction constraint (#13505)
  * Comments on review should have the same sha (#13448)
  * Fix whitespace rendering in diff (#13415)
  * Fixed git args duplication (#13411)
  * Fix bug on release publisherid migrations (#13410)
  * Fix --port setting (#13288)
  * Keep database transactions not too big (#13254)
  * Git version check, ignore pre-releases constraints (#13234)
  * Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
  * Update Mirror IsEmpty status on synchronize (#13185)
  * Use GO variable in go-check target (#13146) (#13147)
* ENHANCEMENTS
  * UI style improvements
  * Dropzone styling improvements (#15291) (#15374)
  * Add size to Save function (#15264) (#15270)
  * Monaco improvements (#15333) (#15345)
  * Support .mailmap in code activity stats (#15009)
  * Sort release attachments by name (#15008)
  * Add ui.explore settings to control view of explore pages (#14094)
  * Make internal SSH server host key path configurable (#14918)
  * Hide resync all ssh principals when using internal ssh server (#14904)
  * Add SameSite setting for cookies (#14900)
  * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781)
  * Add environment-to-ini to docker image (#14762)
  * Add preview support for wiki editor when disable simpleMDE (#14757)
  * Add easyMDE(simpleMDE) support for release content editor (#14744)
  * Organization removal confirmation using name not password (#14738)
  * Make branch names in PR description clickable (#14716)
  * Add Password Algorithm option to install page (#14701)
  * Add fullTextSearch to dropdowns by default (#14694)
  * Fix truncated organization names (#14655)
  * Whitespace in commits (#14650)
  * Sort / move project boards (#14634)
  * Make fileheader sticky in diffs (#14616)
  * Add helper descriptions on new repo page (#14591)
  * Move the stopwatches to the eventsource stream (#14588)
  * Add Content-Length header to HEAD requests (#14542)
  * Add Image Diff options in Diff view (#14450)
  * Improve Description in new/ edit Project template (#14429)
  * Allow ssh-keygen on Windows to detect ssh key type (#14413)
  * Display error if twofaSecret cannot be retrieved (#14372)
  * Sort issue search results by revelance (#14353)
  * Implement ghost comment mitigation (#14349)
  * Upgrade blevesearch dependency to v2.0.1 (#14346)
  * Add edit, delete and reaction support to code review comments on issue page (#14339)
  * Merge default and system webhooks under one menu (#14244)
  * Add option for administrator to reset user 2FA (#14243)
  * Add option to change username to the admin panel (#14229)
  * Check for 'main' as potential default branch name (#14193)
  * Project: show referenced PRs in issue cards (#14183)
  * Use caddy's certmagic library for extensible/robust ACME handling (#14177)
  * CLI support for OAuth sources custom icons (#14166)
  * Custom icons for OAuth sources (#14161)
  * Team dashboards (#14159)
  * KanBan: be able to set default board (#14147)
  * Disable Fomantic's custom scrollbars (#14109)
  * Add UI to delete tracked times (#14100)
  * Rework heatmap permissions (#14080)
  * Issue and pull request filters on organization dashboard (#14072)
  * Fix webhook list styling (#14001)
  * Show dropdown with all statuses for commit (#13977)
  * Show status check for merged PRs (#13975)
  * Diff stat improvements (#13954)
  * Report permissions denied in internal SSH (#13953)
  * Markdown task list improvements (#13952)
  * Heatmap days clickable (#13935)
  * chore: use octicon-mirror for feeds display (#13928)
  * Move diff split code into own template file (#13919)
  * Markdown: Enable wrapping in code blocks and a color tweak (#13894)
  * Do not reload page after adding comments in Pull Request reviews (#13877)
  * Add pull request manually merge instruction (#13840)
  * add thumbnail preview section to issue attachments (#13826)
  * Move Repo APIFormat to convert package (#13787)
  * Move notification APIFormat (#13783)
  * Swap swagger-ui with swagger-ui-dist (#13777)
  * User Settings: Ignore empty language codes & validate (#13755)
  * Improve migrate page and add card CSS (#13751)
  * Add block on official review requests branch protection (#13705)
  * Add review requested filter on pull request overview (#13701)
  * Use chronological commit order in default squash message (#13696)
  * Clickable links in pull request (and issue) titles (#13695)
  * Support shortened commit SHAs in URLs (#13686)
  * Use native git variants by default with go-git variants as build tag (#13673)
  * Don't render dropdown when only 1 merge style is available (#13670)
  * Move webhook type from int to string (#13664)
  * Direct avatar rendering (#13649)
  * Verify password for local-account activation (#13631)
  * Prevent clone protocol button flash on page load (#13626)
  * Remove fetch request from heatmap (#13623)
  * Refactor combine label comments with tests (#13619)
  * Move metrics from macaron to chi (#13601)
  * Issue and Pulls lists rework (#13594)
  * HTTP cache rework and enable caching for storage assets (#13569)
  * Use mount but not register for chi routes (#13555)
  * Use monaco for the git hook editor (#13552)
  * Make heatmap colors more distinct (#13533)
  * Lazy-load issue reviewers and assignees avatars (#13526)
  * Change search and filter icons to SVG (#13473)
  * Create tag on ui (#13467)
  * updateSize when create a repo with init commit (#13441)
  * Added title and action buttons to Project view page (#13437)
  * Override fomantic monospace fonts and set size (#13435)
  * Rework focused comment styling (#13434)
  * Tags cleanup (#13428)
  * Various style tweaks (#13418)
  * Refactor push update (#13381)
  * Comment box tweaks and SVG dropdown triangles (#13376)
  * Various style fixes (#13372)
  * Change repo home page icons to SVG (#13364)
  * Use CSS Vars for primary color (#13361)
  * Refactor image paste code (#13354)
  * Switch from SimpleMDE to EasyMDE (#13333)
  * Group Label Changed Comments in timeline (#13304)
  * Make the logger an interface (#13294)
  * Fix PR/Issue titles on mobile (#13292)
  * Rearrange the order of the merged by etc. in locale (#13284)
  * Replace footer and modal icons with SVG (#13245)
  * Issues overview should not show issues from archived repos (#13220)
  * Show stale label for stale code comment which is marked as resolved (#13213)
  * Use CSS Variables for fonts, remove postcss-loader (#13204)
  * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198)
  * Move install pages out of main macaron routes (#13195)
  * Update outdated label to use Fomantic UI style (#13181)
  * Added option to disable webhooks (#13176)
  * Change order of possible-owner organizations to alphabetical (#13160)
  * Log IP on SSH authentication failure for Built-in SSH server (#13150)
  * Added option to disable migrations (#13114)
  * New "Add Mirror" Button in the Organization view (#13105)
  * Manually approve new registration (#13083)
  * Cron job to cleanup hook_task table (#13080)
  * Use the headline comment of pull-request as the squash commit's message (#13071)
  * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
  * Slightly simplify the queue settings code to help reduce the risk of problems (#12976)
  * Add precise search type for Elastic Search (#12869)
  * Move APIFormat functions into convert package (#12856)
  * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766)
  * Add TrN for repository limit (#12492)
  * Refactor doctor (#12264)
  * Add the tag list page to the release page (#12096)
  * Redirect on changed user and org name (#11649)
  * load U2F js only on pages which need it (#11585)
  * Make archival asynchronous (#11296)
  * Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420)
  * Improve vfsgen to not unzip bindata files but send to browser directly (#7109)
  * Enhance release list (#6025)
* DOCS
  * Swagger show models by default (#14880)
  * Add missing repo.projects unit into swagger (#14876)
  * Update docs and comments to remove macaron (#14491)
  * Issue template addition: Are you using Gitea behind CloudFlare? (#14098)
  * Generate man pages (#13901)
  * Reformat/fine-tune docs (#13897)
  * Added Table of Contents to long documentation pages (#13890)
  * Add docs command (#13429)
  * Update external-renderers.en-us.md (#13165)
* MISC
  * Add builds for apple M1 (darwin arm64) (#14951)
  * Migrate to use jsoniter instead of encoding/json (#14841)
  * Reduce make verbosity (#13803)
  * Add git command error directory on log (#13194)

* SECURITY
  * Update to bluemonday-1.0.6 (#15294) (#15298)
  * Clusterfuzz found another way (#15160) (#15169)
* API
  * Fix wrong user returned in API (#15139) (#15150)
* BUGFIXES
  * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
  * Speed up `enry.IsVendor` (#15213) (#15246)
  * Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
  * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
* MISC
  * Add size to Save function (#15264) (#15271)

* SECURITY
  * Fix bug on avatar middleware (#15124) (#15125)
  * Fix another clusterfuzz identified issue (#15096) (#15114)
* API
  * Fix nil exeption for get pull reviews API #15104 (#15106)
* BUGFIXES
  * Fix markdown rendering in milestone content (#15056) (#15092)

* SECURITY
  * Update to goldmark 1.3.3 (#15059) (#15061)
  * Another clusterfuzz spotted issue (#15032) (#15034)
* API
  * Fix set milestone on PR creation (#14981) (#15001)
  * Prevent panic when editing forked repos by API (#14960) (#14963)
* BUGFIXES
  * Fix bug when upload on web (#15042) (#15055)
  * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
  * Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
  * Fix several render issues (#14986) (#15013)
  * Make sure sibling images get a link too (#14979) (#14995)
  * Fix Anchor jumping with escaped query components (#14969) (#14977)
  * Fix release mail html template (#14976)
  * Fix excluding more than two labels on issues list (#14962) (#14973)
  * Don't mark each comment poster as OP (#14971) (#14972)
  * Add "captcha" to list of reserved usernames (#14930)
  * Re-enable import local paths after reversion from #13610 (#14925) (#14927)

Revision 1.65 / (download) - annotate - [select for diffs], Sun Feb 13 19:24:25 2022 UTC (2 years ago) by bsiegert
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)

Revump all Go packages after go117 update

Revision 1.64 / (download) - annotate - [select for diffs], Sun Jan 9 20:10:40 2022 UTC (2 years, 1 month ago) by bsiegert
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Revbump all Go packages after go117 update

Revision 1.63 / (download) - annotate - [select for diffs], Thu Dec 9 17:50:13 2021 UTC (2 years, 2 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

Revbump all Go packages after go117 update

Revision 1.62 / (download) - annotate - [select for diffs], Wed Dec 8 16:06:56 2021 UTC (2 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)

revbump for icu and libffi

Revision 1.61 / (download) - annotate - [select for diffs], Thu Nov 18 02:45:29 2021 UTC (2 years, 3 months ago) by khorben
Branch: MAIN
Changes since 1.60: +3 -3 lines
Diff to previous 1.60 (colored)

gitea: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.

While there, also fix a couple substitutions in the default configuration file
(app.ini).

Bumps PKGREVISION.

Revision 1.60 / (download) - annotate - [select for diffs], Fri Nov 5 20:02:49 2021 UTC (2 years, 3 months ago) by bsiegert
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

Revbump all Go packages after go117 update

Revision 1.59 / (download) - annotate - [select for diffs], Fri Oct 8 18:55:06 2021 UTC (2 years, 4 months ago) by bsiegert
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

Revbump all Go packages after go117 update

Revision 1.58 / (download) - annotate - [select for diffs], Fri Sep 17 13:52:51 2021 UTC (2 years, 5 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)

Revbump all Go packages after go117 update

Revision 1.57 / (download) - annotate - [select for diffs], Wed Aug 11 19:35:08 2021 UTC (2 years, 6 months ago) by bsiegert
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)

Revbump all Go packages after go116 update

Revision 1.56 / (download) - annotate - [select for diffs], Tue Jul 13 11:36:35 2021 UTC (2 years, 7 months ago) by bsiegert
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Revbump all Go packages after go116 update

Revision 1.55 / (download) - annotate - [select for diffs], Sun Jun 6 12:19:02 2021 UTC (2 years, 8 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)

Revbump all Go packages after go116 update

Revision 1.54 / (download) - annotate - [select for diffs], Sat May 8 15:02:31 2021 UTC (2 years, 9 months ago) by bsiegert
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)

Revbump all Go packages after go116 update

Revision 1.53 / (download) - annotate - [select for diffs], Wed Apr 21 11:42:54 2021 UTC (2 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

revbump for textproc/icu

Revision 1.52 / (download) - annotate - [select for diffs], Fri Mar 19 17:37:08 2021 UTC (2 years, 11 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Revbump all Go packages after go115 update

Revision 1.51 / (download) - annotate - [select for diffs], Sun Mar 14 02:29:19 2021 UTC (2 years, 11 months ago) by khorben
Branch: MAIN
Changes since 1.50: +3 -4 lines
Diff to previous 1.50 (colored)

gitea: re-generate the frontend files

It turns out this new version of Gitea does need newer frontend files after
all. A copy has been uploaded to ftp.netbsd.org as documented.

Bumps PKGREVISION.

Revision 1.50 / (download) - annotate - [select for diffs], Fri Mar 12 11:54:25 2021 UTC (2 years, 11 months ago) by khorben
Branch: MAIN
Changes since 1.49: +2 -3 lines
Diff to previous 1.49 (colored)

gitea: updated to 1.13.4

This includes the following security fixes; in 1.13.0:
 * Add Allow-/Block-List for Migrate & Mirrors
 * Prevent git operations for inactive users
 * Disallow urlencoded new lines in git protocol paths if there is a port
 * Mitigate Security vulnerability in the git hook feature
 * Disable DSA ssh keys by default
 * Set TLS minimum version to 1.2
 * Use argon as default password hash algorithm

In 1.13.1:
 * Hide private participation in Orgs
 * Fix escaping issue in diff

In 1.13.2:
 * Prevent panic on fuzzer provided string
 * Add secure/httpOnly attributes to the lang cookie

In 1.13.3:
 * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one

In 1.13.4:
 * Fix issue popups

Revision 1.49 / (download) - annotate - [select for diffs], Mon Mar 1 23:47:09 2021 UTC (3 years ago) by khorben
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

gitea: do not log to the console

When started as a service, gitea logs directly to the console, in
addition to its own log files. This change redirects the standard output
to /dev/null.

Bumps PKGREVISION.

Revision 1.48 / (download) - annotate - [select for diffs], Sat Jan 23 14:23:13 2021 UTC (3 years, 1 month ago) by bsiegert
Branch: MAIN
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)

Revbump all Go packages after go115 update

Revision 1.42.2.1 / (download) - annotate - [select for diffs], Fri Dec 11 08:36:23 2020 UTC (3 years, 2 months ago) by bsiegert
Branch: pkgsrc-2020Q3
Changes since 1.42: +4 -5 lines
Diff to previous 1.42 (colored) next main 1.43 (colored)

Pullup ticket #6378 - requested by riastradh
www/gitea: build fix, security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.47
- www/gitea/PLIST                                               1.9
- www/gitea/distinfo                                            1.24

---
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Wed Nov 18 11:29:27 UTC 2020

   Modified Files:
           pkgsrc/www/gitea: Makefile PLIST distinfo

   Log Message:
   gitea: Update to 1.12.6.

   Fixes pkgsrc handling of the frontend artefacts, various files were previously
   missing, leading to errors in the web interface.

   Changes since 1.12.1:

   ## [1.12.6](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) - 2020-11-11

   * SECURITY
     * Prevent git operations for inactive users (#13527) (#13537)
     * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
   * BUGFIXES
     * API should only return Json (#13511) (#13564)
     * Fix before and since query arguments at API (#13559) (#13560)
     * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
     * Fix link detection in repository description with tailing '_' (#13407) (#13408)
     * Remove obsolete change of email on profile page (#13341) (#13348)
     * Fix permission check on get Reactions API endpoints (#13344) (#13346)
     * Add migrated pulls to pull request task queue (#13331) (#13335)
     * API deny wrong pull creation options (#13308) (#13327)
     * Fix initial commit page & binary munching problem (#13249) (#13259)
     * Fix diff parsing (#13157) (#13136) (#13139)
     * Return error 404 not 500 from API if team does not exist (#13118) (#13119)
     * Prohibit automatic downgrades (#13108) (#13111)
     * Fix GitLab Migration Option AuthToken (#13101)
     * GitLab Label Color Normalizer (#12793) (#13100)
     * Log the underlying panic in runMigrateTask (#13096) (#13098)
     * Fix attachments list in edit comment (#13036) (#13097)
     * Fix deadlock when deleting team user (#13093)
     * Fix error create comment on outdated file (#13041) (#13042)
     * Fix repository create/delete event webhooks (#13008) (#13027)
     * Fix internal server error on README in submodule (#13006) (#13016)

   ## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01

   * BUGFIXES
     * Allow U2F with default settings for gitea in subpath (#12990) (#13001)
     * Prevent empty div when editing comment (#12404) (#12991)
     * On mirror update also update address in DB (#12964) (#12967)
     * Allow extended config on cron settings (#12939) (#12943)
     * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
     * Fix internal server error from ListUserOrgs API (#12910) (#12915)
     * Update only the repository columns that need updating (#12900) (#12912)
     * Fix panic when adding long comment (#12892) (#12894)
     * Add size limit for content of comment on action ui (#12881) (#12890)
     * Convert User expose ID each time (#12855) (#12883)
     * Support slashes in release tags (#12864) (#12882)
     * Add missing information to CreateRepo API endpoint (#12848) (#12867)
     * On Migration respect old DefaultBranch (#12843) (#12858)
     * Fix notifications page links (#12838) (#12853)
     * Stop cloning unnecessarily on PR update (#12839) (#12852)
     * Escape more things that are passed through str2html (#12622) (#12850)
     * Remove double escape on labels addition in comments (#12809) (#12810)
     * Fix "only mail on mention" bug (#12775) (#12789)
     * Fix yet another bug with diff file names (#12771) (#12776)
     * RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
     * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
   * ENHANCEMENTS
     * gitea dump: include version & Check InstallLock (#12760) (#12762)

   ## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02

   * SECURITY
     * Escape provider name in oauth2 provider redirect (#12648) (#12650)
     * Escape Email on password reset page (#12610) (#12612)
     * When reading expired sessions - expire them (#12686) (#12690)
   * ENHANCEMENTS
     * StaticRootPath configurable at compile time (#12371) (#12652)
   * BUGFIXES
     * Fix to show an issue that is related to a deleted issue (#12651) (#12692)
     * Expire time acknowledged for cache (#12605) (#12611)
     * Fix diff path unquoting (#12554) (#12575)
     * Improve HTML escaping helper (#12562)
     * models: break out of loop (#12386) (#12561)
     * Default empty merger list to those with write permissions (#12535) (#12560)
     * Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
     * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
     * Remove hardcoded ES indexername (#12521) (#12526)
     * Fix bug preventing transfer to private organization (#12497) (#12501)
     * Keys should not verify revoked email addresses (#12486) (#12495)
     * Do not add prefix on http/https submodule links (#12477) (#12479)
     * Fix ignored login on compare (#12476) (#12478)
     * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
     * Upgrade google/go-github to v32.1.0 (#12361) (#12390)
     * Render emoji's of Commit message on feed-page (#12373)
     * Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

   ## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28

   * BUGFIXES
     * Don't change creation date when updating Release (#12343) (#12351)
     * Show 404 page when release not found (#12328) (#12332)
     * Fix emoji detection in certain cases (#12320) (#12327)
     * Reduce emoji size (#12317) (#12327)
     * Fix double-indirection bug in logging IDs (#12294) (#12308)
     * Link to pull list page on sidebar when view pr (#12256) (#12263)
     * Extend Notifications API and return pinned notifications by default (#12164) (#12232)

   ## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11

   * BUGFIXES
     * When deleting repository decrese user repository count in cache (#11954) (#12188)
     * Return full commit message instead of summary in commits API (#12186) (#12187)
     * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182)
     * Ensure GPG Subkeys are verified (#12155) (#12168)
     * Fix failing to cache last commit with key being to long (#12151) (#12161)
     * Multiple small admin dashboard fixes (#12153) (#12156)
     * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148)
     * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147)
     * Move EventSource to SharedWorker (#12095) (#12130)
     * Fix ui bug in wiki commit page (#12089) (#12125)
     * Fix gitgraph branch continues after merge (#12044) (#12105)
     * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
     * Ensure BlameReaders close at end of request (#12102) (#12103)
     * Fix panic when adding review comment (#12058)
   * ENHANCEMENTS
     * Disable dropzone's timeout for file uploads (#12024) (#12032)

Revision 1.47 / (download) - annotate - [select for diffs], Wed Nov 18 11:29:27 2020 UTC (3 years, 3 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.46: +4 -5 lines
Diff to previous 1.46 (colored)

gitea: Update to 1.12.6.

Fixes pkgsrc handling of the frontend artefacts, various files were previously
missing, leading to errors in the web interface.

Changes since 1.12.1:

## [1.12.6](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) - 2020-11-11

* SECURITY
  * Prevent git operations for inactive users (#13527) (#13537)
  * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
* BUGFIXES
  * API should only return Json (#13511) (#13564)
  * Fix before and since query arguments at API (#13559) (#13560)
  * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
  * Fix link detection in repository description with tailing '_' (#13407) (#13408)
  * Remove obsolete change of email on profile page (#13341) (#13348)
  * Fix permission check on get Reactions API endpoints (#13344) (#13346)
  * Add migrated pulls to pull request task queue (#13331) (#13335)
  * API deny wrong pull creation options (#13308) (#13327)
  * Fix initial commit page & binary munching problem (#13249) (#13259)
  * Fix diff parsing (#13157) (#13136) (#13139)
  * Return error 404 not 500 from API if team does not exist (#13118) (#13119)
  * Prohibit automatic downgrades (#13108) (#13111)
  * Fix GitLab Migration Option AuthToken (#13101)
  * GitLab Label Color Normalizer (#12793) (#13100)
  * Log the underlying panic in runMigrateTask (#13096) (#13098)
  * Fix attachments list in edit comment (#13036) (#13097)
  * Fix deadlock when deleting team user (#13093)
  * Fix error create comment on outdated file (#13041) (#13042)
  * Fix repository create/delete event webhooks (#13008) (#13027)
  * Fix internal server error on README in submodule (#13006) (#13016)

## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01

* BUGFIXES
  * Allow U2F with default settings for gitea in subpath (#12990) (#13001)
  * Prevent empty div when editing comment (#12404) (#12991)
  * On mirror update also update address in DB (#12964) (#12967)
  * Allow extended config on cron settings (#12939) (#12943)
  * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
  * Fix internal server error from ListUserOrgs API (#12910) (#12915)
  * Update only the repository columns that need updating (#12900) (#12912)
  * Fix panic when adding long comment (#12892) (#12894)
  * Add size limit for content of comment on action ui (#12881) (#12890)
  * Convert User expose ID each time (#12855) (#12883)
  * Support slashes in release tags (#12864) (#12882)
  * Add missing information to CreateRepo API endpoint (#12848) (#12867)
  * On Migration respect old DefaultBranch (#12843) (#12858)
  * Fix notifications page links (#12838) (#12853)
  * Stop cloning unnecessarily on PR update (#12839) (#12852)
  * Escape more things that are passed through str2html (#12622) (#12850)
  * Remove double escape on labels addition in comments (#12809) (#12810)
  * Fix "only mail on mention" bug (#12775) (#12789)
  * Fix yet another bug with diff file names (#12771) (#12776)
  * RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
  * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
* ENHANCEMENTS
  * gitea dump: include version & Check InstallLock (#12760) (#12762)

## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02

* SECURITY
  * Escape provider name in oauth2 provider redirect (#12648) (#12650)
  * Escape Email on password reset page (#12610) (#12612)
  * When reading expired sessions - expire them (#12686) (#12690)
* ENHANCEMENTS
  * StaticRootPath configurable at compile time (#12371) (#12652)
* BUGFIXES
  * Fix to show an issue that is related to a deleted issue (#12651) (#12692)
  * Expire time acknowledged for cache (#12605) (#12611)
  * Fix diff path unquoting (#12554) (#12575)
  * Improve HTML escaping helper (#12562)
  * models: break out of loop (#12386) (#12561)
  * Default empty merger list to those with write permissions (#12535) (#12560)
  * Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
  * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
  * Remove hardcoded ES indexername (#12521) (#12526)
  * Fix bug preventing transfer to private organization (#12497) (#12501)
  * Keys should not verify revoked email addresses (#12486) (#12495)
  * Do not add prefix on http/https submodule links (#12477) (#12479)
  * Fix ignored login on compare (#12476) (#12478)
  * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
  * Upgrade google/go-github to v32.1.0 (#12361) (#12390)
  * Render emoji's of Commit message on feed-page (#12373)
  * Fix handling of diff on unrelated branches when Git 2.28 used (#12370)

## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28

* BUGFIXES
  * Don't change creation date when updating Release (#12343) (#12351)
  * Show 404 page when release not found (#12328) (#12332)
  * Fix emoji detection in certain cases (#12320) (#12327)
  * Reduce emoji size (#12317) (#12327)
  * Fix double-indirection bug in logging IDs (#12294) (#12308)
  * Link to pull list page on sidebar when view pr (#12256) (#12263)
  * Extend Notifications API and return pinned notifications by default (#12164) (#12232)

## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11

* BUGFIXES
  * When deleting repository decrese user repository count in cache (#11954) (#12188)
  * Return full commit message instead of summary in commits API (#12186) (#12187)
  * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182)
  * Ensure GPG Subkeys are verified (#12155) (#12168)
  * Fix failing to cache last commit with key being to long (#12151) (#12161)
  * Multiple small admin dashboard fixes (#12153) (#12156)
  * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148)
  * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147)
  * Move EventSource to SharedWorker (#12095) (#12130)
  * Fix ui bug in wiki commit page (#12089) (#12125)
  * Fix gitgraph branch continues after merge (#12044) (#12105)
  * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
  * Ensure BlameReaders close at end of request (#12102) (#12103)
  * Fix panic when adding review comment (#12058)
* ENHANCEMENTS
  * Disable dropzone's timeout for file uploads (#12024) (#12032)

Revision 1.46 / (download) - annotate - [select for diffs], Fri Nov 13 19:26:24 2020 UTC (3 years, 3 months ago) by bsiegert
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Revbump all Go packages after go115 update

Revision 1.45 / (download) - annotate - [select for diffs], Sun Nov 8 21:59:36 2020 UTC (3 years, 3 months ago) by bsiegert
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

Revbump all Go packages after Go 1.15 update.

Revision 1.44 / (download) - annotate - [select for diffs], Thu Nov 5 09:09:20 2020 UTC (3 years, 3 months ago) by ryoon
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

*: Recursive revbump from textproc/icu-68.1

Revision 1.43 / (download) - annotate - [select for diffs], Thu Oct 15 13:08:31 2020 UTC (3 years, 4 months ago) by bsiegert
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Revbump all Go packages after go115 update.

Revision 1.42 / (download) - annotate - [select for diffs], Thu Sep 3 07:29:34 2020 UTC (3 years, 5 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

Revbump all Go packages after default Go version was changed to 1.15.1

Revision 1.41 / (download) - annotate - [select for diffs], Fri Aug 14 20:01:21 2020 UTC (3 years, 6 months ago) by bsiegert
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

Revbump all Go packages after go114 update

Revision 1.40 / (download) - annotate - [select for diffs], Fri Jul 17 18:04:31 2020 UTC (3 years, 7 months ago) by bsiegert
Branch: MAIN
Changes since 1.39: +2 -1 lines
Diff to previous 1.39 (colored)

Revbump all Go packages after go114 update.

Revision 1.39 / (download) - annotate - [select for diffs], Mon Jun 29 16:02:13 2020 UTC (3 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.38: +3 -4 lines
Diff to previous 1.38 (colored)

gitea: Update to 1.21.

Provided by teutat3s in joyent/pkgsrc#271, with fixes by me.

Changes since 1.11.6:

## [1.12.1](https://github.com/go-gitea/gitea/releases/tag/v1.12.1) - 2020-06-21

* BUGFIXES
  * Handle multiple merges in gitgraph.js (#11996) (#12000)
  * Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
  * For language detection do not try to analyze big files by content (#11971) (#11975)
* ENHANCEMENTS
  * Fix scrollable header on dropdowns (#11893) (#11965)

## [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) - 2020-06-17

* BREAKING
  * When using API CreateRelease set created_unix to the tag commit time (#11218)
  * Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162)
  * Fix sanitizer config - multiple rules (#11133)
  * Remove check on username when using AccessToken authentication for the API (#11015)
  * Return 404 from Contents API when items don't exist (#10323)
  * Notification API should always return a JSON object with the current count of notifications (#10059)
  * Remove migration support from versions earlier than 1.6.0 (#10026)
* SECURITY
  * Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)
* FEATURES
  * Improve config logging when WrappedQueue times out (#11174)
  * Add branch delete to API (#11112)
  * Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047)
  * Add a way to mark Conversation (code comment) resolved (#11037)
  * Handle yaml frontmatter in markdown (#11016)
  * Cache PullRequest Divergence (#10914)
  * Make `gitea admin auth list` formatting configurable (#10844)
  * Add Matrix webhook (#10831)
  * Add Organization Wide Labels (#10814)
  * Allow to set protected file patterns for files that can not be changed under no conditions (#10806)
  * Option to set default branch at repository creation (#10803)
  * Add request review from specific reviewers feature in pull request (#10756)
  * Add NextCloud oauth (#10562)
  * System-wide webhooks (#10546)
  * Relax sanitization as per https://github.com/jch/html-pipeline (#10527)
  * Use media links for img in post-process (#10515)
  * Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
  * Render READMEs in docs/ .gitea or .github from root (#10361)
  * Add feishu webhook support (#10229)
  * Cache last commit to accelerate the repository directory page visit (#10069)
  * Implement basic app.ini and path checks to doctor cmd (#10064)
  * Make WorkerPools and Queues flushable (#10001)
  * Implement "embedded" command to extract static resources (#9982)
  * Add API endpoint for repo transfer (#9947)
  * Make archive prefixing configurable with a global setting (#9943)
  * Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
  * Issue/PR Context Popups (#9822)
  * Add "Update Branch" button to Pull Requests (#9784)
  * Add require signed commit for protected branch (#9708)
  * Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
  * Add API notification endpoints (#9488)
  * Issue search support elasticsearch (#9428)
  * Add API branch protection endpoint (#9311)
  * Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
  * Add support for migrating from Gitlab (#9084)
  * Add support for database schema in PostgreSQL (#8819)
  * Add setting to set default and global disabled repository units. (#8788)
  * Language statistics bar for repositories (#8037)
  * Restricted users (#6274)
* BUGFIXES
  * Fix commenting on non-utf8 encoded files (#11916) (#11950)
  * Use google/uuid to instead satori/go.uuid (#11943) (#11946)
  * Align show/hide outdated button on code review block (#11932) (#11944)
  * Update to go-git v5.1.0 (#11936) (#11941)
  * Use ID or Where to instead directly use Get when load object from database (#11925) (#11934)
  * Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915)
  * Invalidate comments when file is shortened (#11882) (#11884)
  * Rework api/user/repos for pagination (#11827) (#11877)
  * Handle more pathological branch and tag names (#11843) (#11863)
  * Add doctor check to set IsArchived false if it is null (partial #11853) (#11859)
  * Prevent panic on empty HOST for mysql (#11850) (#11856)
  * Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836)
  * Fix reply octicon (#11821) (#11822)
  * Honor DEFAULT_PAGING_NUM for API (#11805) (#11813)
  * Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809)
  * In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
  * Fix doer of rename repo (#11789) (#11794)
  * Initialize SimpleMDE when making a code comment (#11749) (#11785)
  * Fix timezone on issue deadline (#11697) (#11784)
  * Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
  * Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
  * Add missing templates for Matrix system webhooks (#11729) (#11748)
  * Fix verification of subkeys of default gpg key (#11713) (#11747)
  * Fix styling for commiter on diff view (#11715) (#11744)
  * Properly truncate system notices (#11714) (#11742)
  * Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
  * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
  * Doctor check & fix db consistency (#11111) (#11676)
  * Exclude generated files from language statistics (#11653) (#11670)
  * Return json on 500 error from API (#11574) (#11659)
  * When must change password only show Signout (#11600) (#11637)
  * Backport various styling fixes (#11619)
  * Fix wrong milestone in webhook message (#11596) (#11611)
  * Fix serviceworker output file and misc improvements (#11562) (#11610)
  * When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
  * Prevent empty query parameter being set on dashboard (#11561) (#11604)
  * Fix images in wiki edit preview (#11546) (#11602)
  * Prevent (caught) panic on login (#11590) (#11597)
  * Prevent transferring repos to invisible orgs (#11517) (#11549)
  * Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
  * API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
  * Fix repo-list private and total count bugs (#11500) (#11532)
  * Fix form action template substitutions on admin pages (backport #11519) (#11531)
  * Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
  * TrimSpace when reading InternalToken from a file (#11502) (#11524)
  * Fix selected line color in arc-green (#11492) (#11520)
  * Make localstorage read ssh or https correctly (#11483) (#11490)
  * Check branch protection on IsUserAllowedToUpdate (#11448)
  * Fix margin on attached segment headers when they are separated by other element (#11425)
  * Fix webhook template when validation errors occur (#11421)
  * Fix NPE in template due to missing signing key on commit page (#11392)
  * Restore active background to Register button on Register page (#11390)
  * Fix hook failure due to relative LFS_CONTENT_PATH (#11362)
  * Correctly set the organization num repos (#11339)
  * Prevent 500 with badly formed task list (#11328)
  * Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327)
  * Handle panics that percolate up to the graceful module (#11291)
  * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248)
  * Patch fomantic-ui to workaround build issue (#11244)
  * Prevent panic during wrappedConn close at hammertime (#11219)
  * On logout force redirect to start page (#11202)
  * Fix creation of Organization repos by Users with max created personal repos (#11183)
  * Add option to increase provided OAuth2 token maximum size (#11180)
  * Log the indexer path on failure (#11172)
  * Ensure that relative paths in edit preview work (#11143)
  * Make API EditIssue and EditPullRequest issue notifications (#11123)
  * Send 404 immediately for known public requests (#11117)
  * Remove nil inserts in models (#11096)
  * Add GetReviews() to RetryDownloader (#11093)
  * Remove nonexistent serviceworker entries (#11091)
  * Simplify and fix GetApprovalCounts (#11086)
  * Fix wiki revision template and simplify some tmpl conditions (#11080)
  * Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067)
  * Align review-item svg octicons (#11065)
  * Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
  * Users should not be able to prohibit their own login (#10970)
  * Fix scrollbar issues in dropdowns (#10897)
  * Change the order of issues.closed_by to list opening user first (#10876)
  * Allow site admin to check /api/v1/orgs endpoints (#10867)
  * Avoid logging []byte in queue failures - convert to string first (#10865)
  * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
  * Fix assignees double load bug (#10856)
  * Handle push rejection in branch and upload (#10854)
  * In authorized_keys use double-quote for windows compatibility (#10841)
  * Fix milestone template (#10824)
  * log.Fatal on failure to listen to SSH port (#10795)
  * Fix forked repo has no icon and language stat. (#10791)
  * Fix tag/release deletion (#10663)
  * Fix webhook migration (#10641)
  * Migration for deleting orphaned dependencies (#10617)
  * Add migration to fix the old broken merge-bases (#10604)
  * Update templates for Go 1.14 (#10596)
  * Remove unnecessary parentheses in wiki/view template (#10583)
  * Change default value of DefaultCommandExecutionTimeout to match docs (#10581)
  * Handle panic in indexer initialisation better (#10534)
  * Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456)
  * Fixed wrong AppSubUrl in multiple templates (#10447)
  * Fix profile page CSS (#10406)
  * Inject SVG sprite via ajax (#10320)
  * Fix migration information update bug when linked github account (#10310)
  * Allow admin to check org membership by API for other users (#10201)
  * Fix topics dropdown (#10167)
  * Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
  * Fix IsErrPullClosed (#10093)
  * Accept punctuation after simple+cross repository issue references (#10091)
  * On merge of already closed PR redirect back to the pulls page (#10010)
  * Fix crowdin update script (#9969)
  * Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927)
  * Add option to prevent LDAP from deactivating everything on empty search (#9879)
  * Fix admin handling at merge of PR (#9749)
  * err_admin_name_pattern_not_allowed String Clarification (#9731)
  * Fix wrong original git service type on a migrated repository (#9693)
  * Fix ref links in issue overviews for tags (#8742)
* ENHANCEMENTS
  * Fix search form button overlap (#11840) (#11864)
  * Make tabular menu styling consistent for arc-green (#11570) (#11798)
  * Add option to API to update PullRequest base branch (#11666) (#11796)
  * Increase maximum SQLite variables count to 32766 (#11696) (#11783)
  * Update emoji dataset with skin tone variants (#11678) (#11763)
  * Add logging to long migrations (#11647) (#11691)
  * Change language statistics to save size instead of percentage (#11681) (#11690)
  * Allow different HardBreaks settings for documents and comments (#11515) (#11599)
  * Fix alignment for commits on dashboard (#11595) (#11680)
  * Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673)
  * Handle expected errors in AddGPGkey API  (#11644) (#11661)
  * Close EventSource before unloading the page (#11539) (#11557)
  * Ensure emoji render with regular font-weight (#11541) (#11545)
  * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542)
  * Tweak reaction buttons (#11516)
  * Use more toned colors for selected line (#11493) (#11511)
  * Increase width for authors on commit view (#11441)
  * Hide archived repos by default in repo-list (#11440)
  * Better styling for code review comment textarea (#11428)
  * Support view individual commit for wiki pages (#11415)
  * Fix yellow background on active elements in code review (#11414)
  * Better styling for code review comment form (#11413)
  * Change install description on homepage (#11395)
  * Ensure search action button is coalesced to adjacent input (#11385)
  * Switch code editor to Monaco (#11366)
  * Add paging and archive/private repository filtering to dashboard list (#11321)
  * Changed image of openid-connect logo for better look on arc-green theme (#11312)
  * Load Repo Topics on blame view too (#11307)
  * Change the style in admin notice content view from `<p>` to `<pre>` (#11301)
  * Allow log.xxx.default to set logging settings for the default logger only (#11292)
  * Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285)
  * Make sendmail a Process and have default timeout (#11256)
  * Check value of skip-repository flag in dump command (#11254)
  * Fix submit review form (#11252)
  * Allow unauthenticated users to compare (#11240)
  * Add EventSource support (#11235)
  * Refactor Milestone related (#11225)
  * Add pull review API endpoints (#11224)
  * Add a 'this' to issue close/reopened messages (#11204)
  * When migrating from Gitlab map Approvals to approving Reviews (#11147)
  * Improve representation of attachments in issues (#11141)
  * Protect default branch against deletion (#11115)
  * Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113)
  * Fix status label on branches list vertical alignment (#11109)
  * Add single release page and latest redirect (#11102)
  * Add missing commit states to PR checks template (#11085)
  * Change icon on title for merged PR to git-merge (#11064)
  * Add MergePull comment type instead of close for merge PR (#11058)
  * Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055)
  * Consolidate author name across timeline (#11053)
  * Refactor UpdateOAuth2Application (#11034)
  * Support unicode emojis and remove emojify.js (#11032)
  * Add git hook "warning" to admin panel (#11030)
  * Add flash notify for email preference setting success (#11027)
  * Remove package code.gitea.io/gitea/modules/git import out of models (#11025)
  * Match arc-green code tag color to code blocks (#11023)
  * Move syntax highlighting to web worker (#11017)
  * Prevent merge of outdated PRs on protected branches (#11012)
  * Add Get/Update for api/v1/user/applications/oauth2 (#11008)
  * Upgrade to most recent bluemonday (#11007)
  * Tweak code tags in markdown (#11000)
  * Reject duplicate AccessToken names (#10994)
  * Fix Ctrl-Enter shortcut for issues (#10986)
  * Provide `OwnerName` field for README template (#10981)
  * Prettify Timeline (#10972)
  * Add issue subscription check to API (#10967)
  * Use AJAX for notifications table (#10961)
  * Adjust label padding (#10957)
  * Avoiding directory execution on hook (#10954) (#10955)
  * Migrate ActivityHeatmap to Vue SFC (#10953)
  * Change merge strategydo not check write access if user in merge white list (#10951)
  * Enable GO111MODULE=on globally in Makefile (#10939)
  * API endpoint to get single commit via SHA and Ref (#10915)
  * Add accordion to release list and hide non-latest (#10910)
  * Split dashboard elements into separate template files (#10885)
  * Add more message on sidebar menus (#10872)
  * Set MySQL rowtype to dynamic for new tables (#10833)
  * Completely fix task-list checkbox styling (#10798)
  * Hide gear icon for user who can't use them on sidebar (#10750)
  * Refactor Cron and merge dashboard tasks (#10745)
  * Change review status icons on pr view style to github style (#10737)
  * Make pagination optional for API list notification endpoints (#10714)
  * Fix tab indentation in code view (#10671)
  * Fix task-list checkbox styling (#10668)
  * Multiple LFS improvements (#10667)
  * Make PR message on pushes configurable (#10664)
  * Move dropzone.js to npm/webpack (#10645)
  * Ensure Update button is enabled even when CI has failed (#10640)
  * Add restricted user filter to LDAP authentication (#10600)
  * Add Yandex OAuth2 provider (#8335) (#10564)
  * Make avatar lookup occur at image request (#10540)
  * Prevent accidential selection of language stats bar (#10537)
  * Add fluid-icon (#10491)
  * Inform participants on UI too (#10473)
  * Build with go 1.14 (and raise minimum go version to 1.12) (#10467)
  * Add max-file-size to LFS (#10463)
  * Enable paggination for ListRepoTags API (#10454)
  * Update JS dependencies (#10450)
  * Show the username as a fallback on feeds if full name is blank (#10438)
  * Various dark theme fixes (#10416)
  * Display pull request head branch even the branch deleted or repository deleted (#10413)
  * Prevent Firefox from using apple-touch-icon (#10402)
  * Fix input[type=file] on dark theme (#10382)
  * Improve mobile review-box sizing (#10297)
  * Notification: queue ui.go notification-service (#10281)
  * Add detected file language to code search (#10256)
  * Index code and stats only for non-empty repositories (#10251)
  * Add Approval Counts to pulls list (#10238)
  * Limit label list height on edit issue page (#10216)
  * Improve 404 error message (#10214)
  * Tweak locale to respect singular conflicting file message in PR list (#10177)
  * Fix commit view (#10169)
  * Reorganize frontend files and tooling (#10168)
  * Allow emoji on popup label (#10166)
  * ListIssues add filter for milestones API (#10148)
  * Show if a PR has conflicting files on the PR lists (#10130)
  * Fix inconsistent label color format in API (#10129)
  * Show download count info in release list (#10124)
  * Add Octicon SVG spritemap (#10107)
  * Update aria-fixed semantic-dropdown to fomantic master (#10096)
  * Fix apple-touch-icon, regenerate images (#10065)(#10006)
  * Style blockquote for default issue mail template (#10024)
  * More expansions in template repositories (#10021)
  * Allow list collaborators for users with Read access to repo (#9995)
  * Add explicit dimensions to navbar avatar (#9986)
  * Remove loadCSS and preload woff2 icon fonts (#9976)
  * Fix commit view JS features, reimplement folding (#9968)
  * Fix review avatar image (#9962)
  * Improve notification pager (#9821)
  * Move jquery and jquery-migrate to npm/webpack (#9813)
  * Change font to Roboto to support more charsets (#9803)
  * Move mailer to use a queue (#9789)
  * Issue search on my related repositories (#9758)
  * Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685)
  * Move tracked time api convert to convert package (#9665)
  * Improve PR info in default merge message (#9635)
  * Granular webhook events (#9626)
  * Add Reviewed-on in commit message (#9623)
  * Add top author stats to activity page (#9615)
  * Allow repo admin to merge PR regardless of review status (#9611)
  * Migrate reactions when migrating repository from github (#9599)
  * API orgEditTeam make Fields optional (#9556)
  * Move create/fork repository from models to modules/repository (#9489)
  * Migrate reviews when migrating repository from github (#9463)
  * Times API add filters (#9373)
  * Move push commits from models to modules/repository (#9370)
  * Add API endpoint to check notifications [Extend #9488] (#9595)
  * Add GET /orgs API endpoint (#9560)
  * API add/generalize pagination (#9452)
  * Make create org repo API call same as github (#9186)
* BUILD
  * Turn off go modules for xgo and gxz (#10963)
  * Add gitea-vet (#10948)
  * Rename scripts to build and add revive command as a new build tool command (#10942)
  * Add 'make lint', restructure 'compliance' pipeline (#10861)
  * Move JS build dependencies to 'dependencies' (#10763)
  * Use whitelist to find go files, run find only once (#10594)
  * Move vue and vue-calendar-heatmap to npm/webpack (#10188)
  * Move jquery.are-you-sure to npm/webpack (#10063)
  * Move highlight.js to npm/webpack (#10011)
  * Generate Bindata if TAGS="bindata" and not up-to-date (#10004)
  * Move CSS build to webpack (#9983)
  * Move fomantic target, update 'make help' (#9945)
  * Add css extraction and minification to webpack (#9944)
  * Misc webpack tweaks (#9924)
  * Make node_modules a order-only prerequisite (#9923)
  * Update documentation for the go module era (#9751)
  * Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714)
  * Use npm to manage fomantic and only build needed components (#9561)
* MISC
  * Add gnupg to Dockerfile (#11365)
  * Update snapcraft.yaml for core18 and latest features (#11300)
  * Update JS dependencies, min Node.js version 10.13 (#11246)
  * Change default charset for MySQL on install to utf8mb4 (#10989)
  * Return issue subscription status from API subscribe (#10966)
  * Fix queue log param (#10733)
  * Add warning when using relative path to app.ini (#10104)

## [1.11.7](https://github.com/go-gitea/gitea/releases/tag/v1.11.7) - 2020-06-18

* BUGFIXES
  * Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
  * Fix __webpack_public_path__ for 1.11 (#11907)
  * Fix verification of subkeys of default gpg key (#11713) (#11902)
  * Remove unnecessary parentheses in wiki/view template (#11781)
  * Doctor fix xorm.Count nil on sqlite error (#11741)

Revision 1.38 / (download) - annotate - [select for diffs], Wed Jun 17 09:54:18 2020 UTC (3 years, 8 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)

Revbump Go packages after Go 1.14.4 update.

Revision 1.37 / (download) - annotate - [select for diffs], Wed Jun 3 18:30:28 2020 UTC (3 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.36: +14 -7 lines
Diff to previous 1.36 (colored)

gitea: Update to 1.11.6

Patch submitted by teutat3s.  Changes since 1.11.5:

## [1.11.6](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) - 2020-05-30

* SECURITY
  * Fix missing authorization check on pull for public repos of private/limited
    org (#11656) (#11683)
  * Use session for retrieving org teams (#11438) (#11439)
* BUGFIXES
  * Return json on 500 error from API (#11574) (#11660)
  * Fix wrong milestone in webhook message (#11596) (#11612)
  * Prevent (caught) panic on login (#11590) (#11598)
  * Fix commit page js error (#11527)
  * Use media links for img in post-process (#10515) (#11504)
  * Ensure public repositories in private organizations are visible and fix
    admin organizations list (#11465) (#11475)
  * Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456)
    (#11461)
  * Allow all members of private orgs to see public repos (#11442) (#11459)
  * Whenever the ctx.Session is updated, release it to save it before sending
    the redirect (#11456) (#11457)
  * Forcibly clean and destroy the session on logout (#11447) (#11451)
  * Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname
    (#11381)
  * Add tracked time fix to doctor (part of #11111) (#11138)
  * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
  * Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build
    on go1.14  (#11481)

Revision 1.36 / (download) - annotate - [select for diffs], Tue Jun 2 08:24:57 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

Revbump for icu

Revision 1.35 / (download) - annotate - [select for diffs], Thu May 21 13:37:09 2020 UTC (3 years, 9 months ago) by jperkin
Branch: MAIN
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored)

gitea: Bump PKGREVISION for previous.

Apologies for the double commit, accidentally specified filename to cvs ci.

Revision 1.34 / (download) - annotate - [select for diffs], Thu May 21 13:35:12 2020 UTC (3 years, 9 months ago) by jperkin
Branch: MAIN
Changes since 1.33: +37 -18 lines
Diff to previous 1.33 (colored)

gitea: Various fixes.

Add a target to generate the frontend artefacts that are required at
runtime, but do not build them by default as they require nodejs/npm which
will download node modules during the build.  Instead use a pre-built copy
stored in LOCAL_PORTS.  The web interface should now look correct.

Use the supplied Makefile to simplify some of the targets.

Remove unnecessary MAKE_DIRS (shadows an OWN_DIRS_PERMS), and fix
permissions on some of the installed files.

Based on joyent/pkgsrc#263 from GitHub user teutat3s.

Revision 1.33 / (download) - annotate - [select for diffs], Sun May 17 14:50:40 2020 UTC (3 years, 9 months ago) by nia
Branch: MAIN
Changes since 1.32: +2 -3 lines
Diff to previous 1.32 (colored)

gitea: Update to 1.11.5

## [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) - 2020-05-09

* BUGFIXES
  * Prevent timer leaks in Workerpool and others (#11333) (#11340)
  * Fix tracked time issues (#11349) (#11354)
  * Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
  * Allow X in addition to x in tasks (#10979) (#11335)
  * When delete tracked time through the API return 404 not 500 (#11319) (#11326)
  * Prevent duplicate records in organizations list when creating a repository (#11303) (#11325)
  * Manage port in submodule refurl (#11305) (#11323)
  * api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
  * Show pull request selection even when unrelated branches (#11239) (#11283)
  * Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
  * Fix GetContents(): Dont't ignore Executables (#11192) (#11209)
  * Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
  * Prevent clones and pushes to disabled wiki (#11131) (#11134)
  * Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
  * On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125)
  * Refresh codemirror on show pull comment tab (#11100) (#11122)
  * Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
  * Load pr Issue Poster on API too (#11033) (#11039)
  * Fix release counter on API repository info (#10968) (#10996)
  * Generate Diff and Patch direct from Pull head (#10936) (#10938)
  * Fix rebase conflict detection in git 2.26 (#10929) (#10930)
* ENHANCEMENT
  * Fix 404 and 500 image size in small size screen (#11043) (#11049)
  * Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)

Revision 1.32 / (download) - annotate - [select for diffs], Fri May 1 21:27:49 2020 UTC (3 years, 10 months ago) by rillig
Branch: MAIN
Changes since 1.31: +6 -5 lines
Diff to previous 1.31 (colored)

www/gitea: fix the SUBST block for updating the version number

In the distfile gitea-1.11.4.tar.gz, the version number is written as
1.9.0-dev, which is probably a mistake. Make sure that this version
number is always fixed, until this inconsistency is fixed upstream.

Revision 1.31 / (download) - annotate - [select for diffs], Sun Apr 12 11:01:50 2020 UTC (3 years, 10 months ago) by bsiegert
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

Revbump all Go packages after default version switch to 1.14.

Revision 1.30 / (download) - annotate - [select for diffs], Sun Apr 12 08:29:17 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.29: +2 -1 lines
Diff to previous 1.29 (colored)

Recursive revision bump after textproc/icu update

Revision 1.29 / (download) - annotate - [select for diffs], Sun Apr 5 13:33:26 2020 UTC (3 years, 10 months ago) by nia
Branch: MAIN
Changes since 1.28: +2 -3 lines
Diff to previous 1.28 (colored)

gitea: Update to 1.11.4

## [1.11.4](https://github.com/go-gitea/gitea/releases/tag/v1.11.4) - 2020-04-01

* BUGFIXES
  * Only update merge_base if not already merged (#10909)
  * Fix milestones too many SQL variables bug (#10880) (#10904)
  * Protect against NPEs in notifications list (#10879) (#10883)
  * Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
  * Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
  * Account for empty lines in receive-hook message (#10773) (#10784)
  * Fix bug on branch API (#10767) (#10775)
  * Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
  * Fix hiding of fields in authorization source page (#10734) (#10752)
  * Prevent default for linkAction (#10742) (#10743)

Revision 1.28 / (download) - annotate - [select for diffs], Sat Mar 21 16:57:03 2020 UTC (3 years, 11 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)

Revbump all Go packages after go113 update.

Revision 1.27 / (download) - annotate - [select for diffs], Tue Mar 17 13:08:38 2020 UTC (3 years, 11 months ago) by nia
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

gitea: Update to 1.11.3

## [1.11.3](https://github.com/go-gitea/gitea/releases/tag/v1.11.3) - 2020-03-10

* BUGFIXES
  * Prevent panic in stopwatch (#10670) (#10673)
  * Fix bug on pull view when required status check no ci result (#10648) (#10651)
  * Build explicitly with Go 1.13 (#10684)

Revision 1.26 / (download) - annotate - [select for diffs], Mon Mar 9 11:06:16 2020 UTC (3 years, 11 months ago) by nia
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

gitea: Update to 1.11.2

## [1.11.2](https://github.com/go-gitea/gitea/releases/tag/v1.11.2) - 2020-03-06

* BREAKING
  * Various fixes in login sources (#10428) (#10429)
* SECURITY
  * Ensure only own addresses are updated (#10397) (#10399)
  * Logout POST action (#10582) (#10585)
  * Org action fixes and form cleanup (#10512) (#10514)
  * Change action GETs to POST (#10462) (#10464)
  * Fix admin notices (#10480) (#10483)
  * Change admin dashboard to POST (#10465) (#10466)
  * Update markbates/goth (#10444) (#10445)
  * Update crypto vendors (#10385) (#10398)
* BUGFIXES
  * Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626)
  * Handle deleted base branch in PR (#10618) (#10619)
  * Delete dependencies when deleting a repository (#10608) (#10616)
  * Ensure executable bit is kept on the web editor (#10607) (#10614)
  * Update mergebase in pr checker (#10586) (#10605)
  * Fix release attachments being deleted while upgrading (#10572) (#10573)
  * Fix redirection path if Slack webhook channel is invalid (#10566)
  * Fix head.tmpl og:image picture location (#10531) (#10556)
  * Fix 404 after activating secondary email (#10547) (#10553)
  * Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524)
  * Fix potential bugs (#10513) (#10518)
  * Use \[:space:\] instead of \\s (#10508) (#10509)
  * Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500)
  * Handle push rejection message in Merge & Web Editor (#10373) (#10497)
  * Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493)
  * Fix double PR notification from API (#10482) (#10486)
  * Show the username as a fallback on feeds if full name is blank (#10461)
  * Trigger webhooks on issue label-change via API too (#10421) (#10439)
  * Fix git reference type in webhooks (#10427) (#10432)
  * Prevent panic on merge to PR (#10403) (#10408)
  * Fix wrong num closed issues on repository when close issue via commit(#10364) (#10380)
  * Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354)
  * Set max-width on review-box comment box (#10348) (#10353)
  * Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344)
  * Fix protected branch status check settings (#10341) (#10343)
  * Truncate long commit message header (#10301) (#10319)
  * Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318)
  * Don't manually replace whitespace during render (#10291) (#10315)
* ENHANCEMENT
  * Admin page for managing user e-mail activation (#10557) (#10579)

Revision 1.25 / (download) - annotate - [select for diffs], Tue Feb 18 13:35:07 2020 UTC (4 years ago) by nia
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

gitea: Update to 1.11.1

## [1.11.1](https://github.com/go-gitea/gitea/releases/tag/v1.11.1) - 2020-02-15

* BUGFIXES
  * Repo name added to automatically generated commit message when merging (#9997) (#10285)
  * Fix Workerpool deadlock (#10283) (#10284)
  * Divide GetIssueStats query in smaller chunks (#10176) (#10282)
  * Fix reply on code review (#10257)
  * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
  * Fix filter label emoji width (#10241) (#10244)
  * Fix issue sidebar menus having an infinite height (#10239) (#10240)
  * Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
  * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
  * Blacklist manifest.json & milestones user (#10292) (#10293)

Revision 1.24 / (download) - annotate - [select for diffs], Thu Feb 13 22:23:19 2020 UTC (4 years ago) by nia
Branch: MAIN
Changes since 1.23: +2 -3 lines
Diff to previous 1.23 (colored)

gitea: Update to 1.11.0

## [1.11.0](https://github.com/go-gitea/gitea/releases/tag/v1.11.0) - 2020-02-10
* BREAKING
  * Fix followers and following tabs in profile (#10202) (#10203)
  * Make CertFile and KeyFile relative to CustomPath (#9868) (#9874)
  * Remove unused endpoints (#9538)
  * Prefix all user-generated IDs in markup (#9477)
  * Enforce Gitea environment for pushes (#8982)
  * Hide some user information via API if user have not enough permissions (#8655)
  * Move startpage/homepage translation to crowdin (#8596)
* SECURITY
  * Never allow an empty password to validate (#9682) (#9683)
  * Prevent redirect to Host (#9678) (#9679)
  * Swagger hide search field (#9554)
  * Add "search" to reserved usernames (#9063)
  * Switch to fomantic-ui (#9374)
  * Only serve attachments when linked to issue/release and if accessible by user (#9340)
* FEATURES
  * Webhooks should only show sender if it makes sense (#9601)
  * Provide Default messages for merges (#9393)
  * Add description to labels on create issue (#9392)
  * Graceful Queues: Issue Indexing and Tasks (#9363)
  * Default NO_REPLY_ADDRESS to DOMAIN (#9325)
  * Allow FCGI over unix sockets (#9298)
  * Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
  * Add API for Reactions (#9220)
  * Graceful: Cancel Process on monitor pages & HammerTime (#9213)
  * Graceful: Allow graceful restart for unix sockets (#9113)
  * Graceful: Allow graceful restart for fcgi (#9112)
  * Sign protected branches (#8993)
  * Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
  * Add Gitea icon to Emojis (#8950)
  * Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924)
  * Allow Custom Reactions (#8886)
  * Close/reopen issues by keywords in titles and comments (#8866)
  * Allow incompletely specified Time Formats (#8816)
  * Prevent upload (overwrite) of lfs locked file (#8769)
  * Template Repositories (#8768)
  * Add /milestones endpoint (#8733)
  * Make repository management section handle lfs locks (#8726)
  * Respect LFS File Lock on UI (#8719)
  * Add team option to grant rights for all organization repositories (#8688)
  * Enabling and disabling the commit button to prevent empty commits (web editor) (#8590)
  * Add setting to disable BASIC authentication (#8586)
  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528)
  * Allow Protected Branches to Whitelist Deploy Keys (#8483)
  * Push to create repo (#8419)
  * Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
  * Add basic repository lfs management (#7199)
* BUGFIXES
  * Fix code-expansion arc-green theme bug (#10180) (#10185)
  * Prevent double wait-group decrement (#10170) (#10175)
  * Allow emoji on review head comments (#10159) (#10174)
  * Fix issue/pull link (#10158) (#10173)
  * Fix push-create SSH bugs (#10145) (#10151)
  * Prevent DeleteUser API abuse (#10125) (#10128)
  * Fix issues/pulls dashboard paging error (#10114) (#10115)
  * Add button to revert SimpleMDE to plain textarea (#10099) (#10102)
  * Fix branch page pull request title and link error (#10092) (#10097)
  * Fix PR API: Only try to get HeadBranch if HeadRepo exist (#10029) (#10088)
  * Update topics repo count when deleting repository (#10051) (#10081)
  * Show pull icon on pull requests (#10061) (#10062)
  * Fix milestone API state parameter unhandled (#10049) (#10052)
  * Move to using a temporary repo for pushing new PRs (#10009) (#10042)
  * Fix wiki raw view on sub path (#10002) (#10040)
  * Ensure that feeds are appropriately restricted (#10018) (#10019)
  * Sanitize credentials in mirror form (#9975) (#9991)
  * Close related pull requests when deleting head repository or head branch (#9927) (#9974)
  * Switch to use -f instead of -F for sendmail (#9961) (#9970)
  * Fix file rename/copy not supported by indexer (#9965) (#9967)
  * Fix repo indexer not updating upon push (#9957) (#9963)
  * Don't convert ellipsis in markdown (#9905) (#9937)
  * Fixed repo link in generated comment for cross repository dependency (#9863) (#9935)
  * Check if diff actually contains sections when rendering (#9926) (#9933)
  * Fix wrong hint when status checking is running on pull request view (#9886) (#9928)
  * Fix RocketChat (#9908) (#9921)
  * Do not try to recreate ldap user if they are already created (#9900) (#9919)
  * Create terminated channel in queue_redis (#9910) (#9911)
  * Prevent empty LDAP search result from deactivating all users (#9879) (#9896)
  * Fix wrong permissions check when issues/prs shared operations (#9885) (#9889)
  * Check user != nil before checking values (#9881) (#9883)
  * Allow hyphen in language name (#9873) (#9880)
  * Ensure that 2fa is checked on reset-password (#9857) (#9876)
  * Fix issues/pulls dependencies problems (#9842) (#9864)
  * Fix markdown anchor links (#9673) (#9840)
  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9837)
  * Fix download file wrong content-type (#9825) (#9834)
  * Fix wrong poster identity on a migrated pull request when submit review (#9827) (#9830)
  * Fix database dump when log directory is missing (#9818) (#9819)
  * Fix compare (#9808) (#9814)
  * Fix push-to-create (#9772) (#9797)
  * Fix missing msteam webhook on organization (#9781) (#9794)
  * Fix missing unlock in uniquequeue (#9790) (#9791)
  * Fix add team on collaborator page when same name as organization (#9778)
  * DeleteRepoFile incorrectly handles Delete to new branch (#9769) (#9775)
  * Fix milestones page (#9771)
  * Fix SimpleMDE quote reply (#9757) (#9768)
  * Fix missing updated time on migrated issues and comments (#9744) (#9764)
  * Move Errored PRs out of StatusChecking (#9675) (#9726)
  * Make hook status printing configurable with delay (#9641) (#9725)
  * ix /reposissuessearch (#9698) (#9724)
  * Silence fomantic error regarding tabs (#9713) (#9718)
  * Remove unused lock (#9709) (#9710)
  * Remove q.lock.Unlock() in setInternal to prevent panic (#9705) (#9706)
  * Load milestone in API PR list (#9671) (#9700)
  * Don't attempt to close issue if already closed (#9696) (#9699)
  * Remove google font call (#9668) (#9681)
  * Eliminate horizontal scroll caused by footer (#9674)
  * Fix nil reference in repo generation (#9660) (#9666)
  * Add HTML URL to API Issues (#9654) (#9661)
  * Add PR review webhook to Telegram (#9653) (#9655)
  * Use filepath.IsAbs instead of path.IsAbs (#9651) (#9652)
  * Disable remove button on repository teams when have access to all (#9640)
  * Clean up old references on branch delete (#9614)
  * Hide public repos owned by private orgs (#9609)
  * Fix access issues on milestone and issue overview pages. (#9603)
  * Fix error logged when repos qs is empty (#9591)
  * Dont trigger notification twice on issue assignee change (#9582)
  * Fix mirror pushed commit actions (#9572)
  * Allow only specific columns to be updated on issue via API (#9189) (#9539)
  * Fix default avatar for ghost user (#9536)
  * Fix download of release attachments with same name (#9529)
  * Resolve deprecated INI conversion (#9525)
  * Ignore empty avatars during database migration (#9520)
  * Fix deleted branch isn't removed when push the branch again (#9516)
  * Fix repository issues pagination bug when there are more than one label filter (#9512)
  * Fix SetExpr failed (#9506)
  * Remove obsolete file private/push_update.go (#9503)
  * When recreating hooks, delete them first so they are recreated with the umask (#9502)
  * Properly enforce gitea environment for pushes (#9501)
  * Fix datarace on repo indexer queue (#9490)
  * Add call to load repo prior to redirect in add/remove dependency code (#9484)
  * Wrap the code indexer (#9476)
  * Use Req.URL.RequestURI() to cope with FCGI urls (#9473)
  * Set default ssh.minimum_key_sizes (#9466)
  * Fixed issue with paging in /repos/{owner}/{repo}/git/trees/{sha} api (#9459)
  * Fix wrong notification on merge (#9450)
  * Issue with Migration rule v111 (#9449)
  * Trigger webhook when deleting a branch after merging a PR (#9424)
  * Add migration to sanitize repository original_url (#9423)
  * Use OriginalURL instead of CloneAddr in migration logging (#9418)
  * Push update after branch is restored (#9416)
  * Fix wrong migration (#9381)
  * Fix show repositories filter (#9234) (#9379)
  * Fix Slack webhook payload title generation to work with Mattermost (#9378)
  * Fix double webhook for new PR (#9375)
  * AuthorizedKeysCommand should not query db directly (#9371)
  * Fix missed change to GetManager() (#9361)
  * Fix cache problem on dashboard (#9358)
  * RepoIndexer: DefaultBranch needs to be prefixed by BranchPrefix (#9356)
  * Fix protected branch using IssueID (#9348)
  * Fix nondeterministic behavior (#9341)
  * Fix PR/issue redirects when having external tracker (#9339)
  * Remove release attachments which repository has been deleted (#9334)
  * Fix issue indexer not triggered when migrating a repository (#9332)
  * Add SyncTags to uploader interface (#9326)
  * Fix bug that release attachment files not deleted when deleting repository (#9322)
  * Only sync tags after all migration release batches are completed (#9319)
  * File Edit: Author/Committer interchanged (#9297)
  * prebuild CSS/JS before xgo release binaries (#9293)
  * Log: Ensure FLAGS=none shows no flags (#9287)
  * Make Diff Detail on Pull Request Changed File UI always on Top (#9280)
  * Switch CSS minifier to cssnano (#9260)
  * Fix latest docker image haven't include static files. (#9252)
  * Don't link wiki revision to commit (#9244)
  * Change review content column to type text in db (#9229)
  * Fixed topic regex pattern and added search by topic links after save (#9219)
  * Add language to user API responce (#9215)
  * Correct tooltip message blocked by dependencies (#9211)
  * Add SimpleMDE and Fix Image Paste for Issue/Comment Editor (#9197)
  * Fix panic when diff (#9187)
  * Fix #9151 - smtp logger configuration sendTos should be an array (#9154)
  * Fix max length check and limit in multiple repo forms (#9148)
  * Always Show Password Field on Link Account Sign-in Page (#9147)
  * Properly fix displaying virtual session provider in admin panel (#9137)
  * Fix race condition on indexer (#9136)
  * Fix team links in HTML rendering (#9127)
  * Fix race condition in ReplaceSanitizer (#9123)
  * Fix what information is shown about user in API (#9115)
  * Fix nil context user for template repositories (#9099)
  * Hide given credentials for migrated repos. (#9097)
  * Fix reCAPTCHA API URL (#9083)
  * Fix password checks on admin create/edit user (#9076)
  * Update golang.org/x/crypto vendor to use acme v2 (#9056)
  * Ensure Written is set in GZIP ProxyResponseWriter (#9018)
  * Fix wrong system notice when repository is empty (#9010)
  * Fix broken link to branch from issue list (#9003)
  * Fix bug when pack js (#8992)
  * New review approvals shouldn't require a message (#8991)
  * Shadow password correctly for session config (#8984)
  * Don't send notification on pending reviews (#8943)
  * Fix Notify Create Ref Error on tag creation (#8936)
  * Convert EOL to UNIX-style to render MD properly (#8925)
  * Migrate temp_repo.go to use git.NewCommand  (#8918)
  * Fix issue with user.fullname (#8902)
  * Add Close() method to gogitRepository (#8901)
  * Enable punctuations ending mentions (#8889)
  * Fix password complexity check on registration (#8887)
  * Fix require external registration password (#8885)
  * Fix edit content button on migrated issue content (#8877)
  * Fix permission checks for close/reopen from commit (#8875)
  * Fix API Bug (fail on empty assignees) (#8873)
  * Stop using git count-objects and use raw directory size for repository (#8848)
  * Fix count for commit graph last page (#8843)
  * Fix to close opened io resources as soon as not needed (#8839)
  * Improve notification (#8835)
  * Fix new user form for non-local users (#8826)
  * Fix: remove duplicated signed commit icons (#8820)
  * Fix (open/closed) issue count when label excluded (#8815)
  * Fix SSH2 conditional in key parsing code (#8806)
  * Fix 500 when edit hook (#8782)
  * On windows set core.longpaths true (#8776)
  * Fix commit expand button to not go to commit link (#8745)
  * Avoid re-issuing redundant cross-references. (#8734)
  * Fix milestone close timestamp function (#8728)
  * Move webhook codes from service to webhook notification (#8712)
  * Show zero lines on the line counter if the file empty (#8700)
  * Fix deadline on update issue or PR via API (#8696)
  * make call createMilestoneComment on newIssue func (#8678)
  * Send tag create and push webhook when release created on UI (#8671)
  * Prevent chrome download page as html with alt + click (#8669)
  * Fix 500 when getting user as unauthenticated user (#8653)
  * Graceful fixes (#8645)
  * Add SubURL to redirect path (#8632) (#8634)
  * Fix extra columns from `label` table (#8633)
  * Add SubURL to redirect path for transferred/renamed repos (#8632)
  * Fix bug when migrate from API (#8631)
  * Allow to merge if file path contains " or \ (#8629)
  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609)
  * Ensure default gpg settings not nil and found commits have reference to repo (#8604)
  * Set webhook Content-Type for application/x-www-form-urlencoded (#8599)
  * Fix #8582 by handling empty repos (#8587)
  * Fix of the diff statistics view on pull request's (#8581)
  * Fix bug on pull requests when transfer head repository (#8564)
  * Fix template error on account page (#8562)
  * Allow externalID to be UUID (#8551)
  * Fix ignored error on editorconfig api (#8550)
  * Fix user avatar name (#8547)
  * Ensure that GitRepo is set on Empty repositories (#8539)
  * Add missed close in ServeBlobLFS (#8527)
  * Fix migrate mirror 500 bug (#8526)
  * Fix password complexity regex for special characters (on master) (#8525)
* ENHANCEMENTS
  * Explicitly refer to PR in squash-merge commit message in case of external tracker (#9844) (#9855)
  * Add a /user/login landing page option (#9622)
  * Some more e-mail notification fixes (#9596)
  * Add branch protection option to block merge on requested changes. (#9592)
  * Add footer extra links template (#9576)
  * Fix for a wrong URL in activity page of repository.  (#9571)
  * Update default issue template (#9568)
  * Change markdown rendering from blackfriday to goldmark  (#9533)
  * Extend file create api with dates (#9464)
  * Add ActionCommentPull action (#9456)
  * Response for context on retry database connection (#9444)
  * Refactor webhooks to reduce code duplication (#9422)
  * update couchbase deps for new license (#9419)
  * Add .ignore file for search tools (#9417)
  * Remove unsued struct (#9405)
  * Hide not allowed Reactions (#9387)
  * Remove text from action-only webhooks (#9377)
  * Move PushToBaseRepo from models to services/pull (#9352)
  * Site admin could view org's members (#9346)
  * Sleep longer if request speed is over github limitation (#9335)
  * Refactor comment (#9330)
  * Refactor code indexer (#9313)
  * Remove SavePatch and generate patches on the fly (#9302)
  * Move some pull request functions from models to services (#9266)
  * Update JS dependencies (#9255)
  * Show label list on label set (#9251)
  * Redirect issue if repo has configured external tracker. (#9247)
  * Allow kbd tags (#9245)
  * Remove unused comment actions (#9222)
  * Fixed errors logging in dump.go (#9218)
  * Expose release counter to repo API response (#9214)
  * Make consistent links to repository in the Slack/Mattermost notificiations (#9205)
  * Expose pull request counter to repo API response (#9202)
  * Extend TrackedTimes API (#9200)
  * Extend StopWatch API (#9196)
  * Move code indexer related code to a new package (#9191)
  * Docker: ask s6 to stop all service when gitea stop (#9171)
  * Variable expansion in repository templates (#9163)
  * Add avatar and issue labels to template repositories (#9149)
  * Show single review comments in the PR conversation tab (#9143)
  * Extract createComment (#9125)
  * Move PushUpdateOptions from models to repofiles (#9124)
  * Alternate syntax for cross references (#9116)
  * Add USE_SERVICE_WORKER setting (#9110)
  * Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092)
  * Explore page: Add topic param to pagination (#9077) (#9078)
  * Markdown: Sanitizier Configuration (#9075)
  * Add password requirement info on error (#9074)
  * Allow authors to use act keywords in PR content (#9059)
  * Move modules/gzip to gitea.com/macaron/gzip (#9058)
  * Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055)
  * Context menus for comments, add quote reply (#9043)
  * Update branch API endpoint to show effective branch protection. (#9031)
  * Move git graph from models to modules/graph (#9027)
  * Move merge actions to notification (#9024)
  * Move mirror sync actions to notification (#9022)
  * Add retry for migration http/https requests (#9019)
  * Rewrite delivery of issue and comment mails (#9009)
  * Add review comments to mail notifications (#8996)
  * Refactor pull request review (#8954)
  * Githook highlighter (#8932)
  * Add git hooks and webhooks to template repositories; move to services (#8926)
  * Only view branch or tag if it match refType requested. (#8899)
  * Drop Admin attribute based on LDAP when login (continue #1743) (#8849)
  * Add additional periods to activity page (#8829)
  * Update go-org to optimize code (#8824)
  * Move some actions to notification/action (#8779)
  * Webhook support custom proxy (#8760)
  * Fix API deadline removal (#8759)
  * Mark review comment as invalidated when file is deleted (#8751)
  * Move pull list code to a separate file (#8748)
  * Move webhook to a standalone package under modules (#8747)
  * Multi repo select on issue page (#8741)
  * apply exclude label on milestone issue list (#8739)
  * Move issue notifications and assignee man (#8713)
  * Move issue change content from models to service (#8711)
  * Move issue change status from models to service (#8691)
  * Move more issue assignee code from models to issue service (#8690)
  * Create PR on Current Repository by Default (#8670)
  * Improve Open Graph Protocol (#8637)
  * Batch hook pre- and post-receive calls (#8602)
  * Improve webhooks (#8583)
  * Move transfer repository and rename repository on a service package and start action notification (#8573)
  * Implement/Fix PR review webhooks (#8570)
  * Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
  * Move some repositories' operations to a standalone service package (#8557)
  * Allow more than 255 characters for tokens in external_login_user table (#8554)
  * Move issue label operations to issue service package (#8553)
  * Adjust error reporting from merge failures and use LC_ALL=C for git (#8548)
  * Mail assignee when issue/pull request is assigned (#8546)
  * Allow committing / adding empty files using the web ui (#8420) (#8532)
  * Move sync mirror actions to mirror service package (#8518)
  * Remove arrows on numeric inputs (#8516)
  * Support inline rendering of CUSTOM_URL_SCHEMES (#8496)
  * Recalculate repository access only for specific user (#8481)
  * Add download button for rull request diff- and patch-file (#8470)
  * Add single sign-on support via SSPI on Windows (#8463)
  * Move change issue title from models to issue service package (#8456)
  * Add included tag on  branch view (#8449)
  * Make static resouces web browser cache time customized on app.ini (#8442)
  * Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426)
  * Add pagination to commit graph page (#8360)
  * Use templates for issue e-mail subject and body (#8329)
  * Move clearlabels from models to issue service (#8326)
  * Move AddTestPullRequestTask to pull service package from models (#8324)
  * Team permission to create repository in organization (#8312)
  * Allows external rendering of other filetypes (#8300)
  * Add 'Alt + click' feature to exclude labels (#8199)
  * Configurable close and reopen keywords for PRs (#8120)
  * Configurable URL for static resources (#7911)
  * Unifies commit list in repository commit table and wiki revision page (#7907)
  * Allow cross-repository dependencies on issues (#7901)
  * Auto-subscribe user to repository when they commit/tag to it (#7657)
  * Restore Graceful Restarting & Socket Activation (#7274)
  * wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241)
  * Change target branch for pull request (#6488)
  * Display PR commits and diffs using base repo rather than forked (#3648)
* TESTING
  * Add debug option to serv to help debug problems (#9492)
  * Fix the intermittent TestGPGGit failures (#9360)
  * Testing: Update postgres sequences (#9304)
  * Missed defer prepareTestEnv (#9285)
  * Fix "data race" in testlogger (#9159)
  * Yet another attempt to fix the intermittent failure of gpg git test (#9146)
  * integrations: Fix Dropped Test Errors (#9040)
  * services/mirror: fix dropped test errors (#9007)
  * Fix intermittent GPG Git test failure (#8968)
  * Update Github Migration Tests (#8893) (#8938)
  * Update heatmap fixtures to restore tests (#8615)
* TRANSLATION
  * Fix Korean locales (#9761) (#9780)
  * Fix placeholders in the error message (#9060)
  * Fix spelling of admin.users.max_repo_creation (#8934)
  * Improve german translation of homepage (#8549)
* BUILD
  * Fix webpack polyfills (#9735) (#9738)
  * Update gitea.com/macaron to 1.4.0 (#9608)
  * Upgrade lato fonts to v16. (#9498)
  * Update alpine to 3.11 (#9440)
  * Upgrade blevesearch (#9177)
  * Remove built js/css files from git (#9114)
  * Move semantic.dropdown.custom.js to webpack (#9064)
  * Check compiled files during build (#9042)
  * Enable lazy-loading of gitgraph.js (#9036)
  * Pack web_src/js/draw.js to public/js/index.js (#8975)
  * Modernize js and use babel (#8973)
  * Move index.js to web_src and use webpack to pack them (#8598)
  * Restrict modules/graceful to non-windows build and shim IsChild (#8537)
  * Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
* DOCS
  * Swagger info corrections (#9441) (#9558)
  * Add ALLOW_ONLY_EXTERNAL_REGISTRATION to config cheat sheet (#8986)
  * Rephrase comment about RuntimeDirectory option in systemd config (#8912)
  * Explicitly indicate the socket unit to use the service unit "gitea.service" (#8804)
  * Adjust the must-change-password help (#8755)
  * Add notice to docs for migrating from more recent versions of Gogs (#8724)
  * Add explicit info about customization of homepage (#8694)
  * Change external asciidoctor tool to embedded mode (#8677)
  * Add Docker fail2ban configuration (#8642)
  * Correct some outdated statements in the contributing guidelines (#8612)
  * Basic Design guidelines (describing different parts of the code) (#8601)
  * Display Gitea logo in Readme (#8592)
  * Fix building from source docs to ref AppWorkPath (#8567)
  * Update the provided gitea.service to mention socket activation (#8531)
  * Doc added how to setup email (#8520)
* MISC
  * Backport Locales [2020-01-14] (#9773)
  * Add translatable Powered by Gitea text in footer (#9600)
  * Add contrib/environment-to-ini (#9519)
  * Remove unnecessary loading of settings in update hook (#9496)
  * Update gitignore list (#9437)
  * Update license list (#9436)
  * Fix background reactions in the arc-green theme (#9421)
  * Update and fix chardet import (#9351)
  * Ensure LF on checkouts and in editors (#9259)
  * Fixed topics margin (#9248)
  * Add comment to exported function WindowsServiceName (make revive) (#9241)
  * Remove empty lines on issues/pulls page (#9232)
  * Fix Add Comment Button's "+" Position (#9140)
  * Add first issue comment hashtag (#9052)
  * Change some label colors (#9051)
  * Fix double scroll in branch dropdown (#9048)
  * Add comment highlight when target from url (#9047)
  * Update display of reactions to issues and comments (#9038)
  * Button tooltip formatting under Branches (#9034)
  * Allow setting default branch via API (#9030)
  * Update dashboard context for PR reviews (#8995)
  * Show repository size in repo home page and settings (#8940)
  * Allow to add and remove all repositories to/from team. (#8867)
  * Show due date in dashboard issues list (#8860)
  * Theme arc-green: reverse heatmap colors (#8840)
  * Project files table style update (#8757)
  * gitignore debugging file from vscode (#8740)
  * Add API for Issue set Subscription (#8729)
  * Make 100% width search bar (#8710)
  * Update color theme for heatmap (#8709)
  * Add margin to title_wip_desc (#8705)
  * Improve visibility of "Pending" indicator (#8685)
  * Improve accessibility of dropdown menus (#8638)
  * Make /users/{username}/repos list private repos the current user has access to (#8621)
  * Prevent .code-view from overriding font on icon fonts (#8614)
  * Add id references on all issue events to allow internal linking (#8608)
  * Upgrade xorm to v0.8.0 (#8536)
  * Upgrade gopkg.in/ini.v1 (#8500)
  * Update CodeMirror to version 5.49.0 (#8381)
  * Wiki editor: enable side-by-side button (#7242)

Revision 1.23 / (download) - annotate - [select for diffs], Sun Feb 2 14:19:12 2020 UTC (4 years ago) by bsiegert
Branch: MAIN
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)

Revbump all Go packages after go113 update.

Revision 1.22 / (download) - annotate - [select for diffs], Sat Jan 18 15:33:09 2020 UTC (4 years, 1 month ago) by nia
Branch: MAIN
Changes since 1.21: +2 -3 lines
Diff to previous 1.21 (colored)

gitea: Update to 1.10.3

## [1.10.3](https://github.com/go-gitea/gitea/releases/tag/v1.10.3) - 2020-01-17
* SECURITY
  * Hide credentials when submitting migration (#9102) (#9704)
  * Never allow an empty password to validate (#9682) (#9684)
  * Prevent redirect to Host (#9678) (#9680)
  * Hide public repos owned by private orgs (#9609) (#9616)
* BUGFIXES
  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
  * Fix download file wrong content-type (#9825) (#9835)
  * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
  * Fix dump non-exist log directory (#9818) (#9820)
  * Fix compare (#9808) (#9815)
  * Fix missing msteam webhook on organization (#9781) (#9795)
  * Fix add team on collaborator page when same name as organization (#9783)
  * Fix cache problem on dashboard (#9358) (#9703)
  * Send tag create and push webhook when release created on UI (#8671) (#9702)
  * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)

Revision 1.21 / (download) - annotate - [select for diffs], Fri Jan 10 13:32:15 2020 UTC (4 years, 1 month ago) by bsiegert
Branch: MAIN
Changes since 1.20: +2 -1 lines
Diff to previous 1.20 (colored)

Revbump Go packages after Go default version bump.

Revision 1.20 / (download) - annotate - [select for diffs], Sat Jan 4 12:13:35 2020 UTC (4 years, 1 month ago) by nia
Branch: MAIN
Changes since 1.19: +2 -3 lines
Diff to previous 1.19 (colored)

gitea: Update to 1.10.2

## [1.10.2](https://github.com/go-gitea/gitea/releases/tag/v1.10.2) - 2020-01-02
* BUGFIXES
  * Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
  * Add ErrReactionAlreadyExist error (#9550) (#9564)
  * Fix bug when migrate from API (#8631) (#9563)
  * Use default avatar for ghost user (#9536) (#9537)
  * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
  * Fix deleted branch not removed when push the branch again (#9516) (#9524)
  * Fix missing repository status when migrating repository via API (#9511)
  * Trigger webhook when deleting a branch after merging a PR (#9510)
  * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
  * Fix NewCommitStatus (#9434) (#9435)
  * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
  * Fix Slack webhook payload title generation to work with Mattermost (#9404)
  * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
  * Fix issue indexer not triggered when migrating a repository (#9333)
  * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
  * Fix migration releases (#9319) (#9326) (#9328)
  * Fix File Edit: Author/Committer interchanged (#9297) (#9300)

Revision 1.19 / (download) - annotate - [select for diffs], Fri Dec 13 07:44:05 2019 UTC (4 years, 2 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)

Revbump all Go packages after Go 1.12.14 update.

Revision 1.18 / (download) - annotate - [select for diffs], Mon Dec 9 10:11:35 2019 UTC (4 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.17: +2 -5 lines
Diff to previous 1.17 (colored)

*: Include go-vars.mk where appropriate.

Revision 1.17 / (download) - annotate - [select for diffs], Sat Dec 7 19:23:37 2019 UTC (4 years, 2 months ago) by nia
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

gitea: Update to 1.10.1

BUGFIXES

    Fix max length check and limit in multiple repo forms (#9148) (#9204)
    Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
    Upgrade levelqueue to 0.1.0 (#9192) (#9199)
    Fix panic when diff (#9187) (#9193)
    Smtp logger configuration sendTos should be an array (#9154) (#9157)
    Always Show Password Field on Link Account Sign-in Page (#9150)
    Create PR on Current Repository by Default (#8670) (#9141)
    Fix race on indexer (#9136) (#9139)
    Fix reCAPTCHA URL (#9119)
    Hide migrated credentials (#9098)
    Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
    Fix password checks on admin create/edit user (#9076) (#9081)
    Fix add search as a reserved username (#9063) (#9065)
    Fix permission checks for close/reopen from commit (#8875) (#9033)
    Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
    Fix broken link to branch from issue list (#9003) (#9021)
    Fix wrong system notice when repository is empty (#9020)
    Shadow password correctly for session config (#8984) (#9002)

Revision 1.12.2.1 / (download) - annotate - [select for diffs], Sun Nov 17 08:30:20 2019 UTC (4 years, 3 months ago) by spz
Branch: pkgsrc-2019Q3
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)

Pullup ticket #6083 - requested by leot
lang/go112: security update
lang/go: update available version

Revisions pulled up:
- lang/go/version.mk                                            1.70
- lang/go112/PLIST                                              1.8
- lang/go112/distinfo                                           1.8

Revision bump for:
- archivers/go-xz/Makefile
- chat/coyim/Makefile
- chat/matterircd/Makefile
- databases/go-etcd/Makefile
- databases/go-ldap/Makefile
- databases/influxdb/Makefile
- databases/postgres_exporter/Makefile
- databases/prometheus/Makefile
- devel/git-lfs/Makefile
- devel/go-afero/Makefile
- devel/go-amber/Makefile
- devel/go-appengine/Makefile
- devel/go-assert/Makefile
- devel/go-blackfriday/Makefile
- devel/go-buffruneio/Makefile
- devel/go-cast/Makefile
- devel/go-check/Makefile
- devel/go-cli/Makefile
- devel/go-cobra/Makefile
- devel/go-colorable/Makefile
- devel/go-colortext/Makefile
- devel/go-colour/Makefile
- devel/go-consul-api/Makefile
- devel/go-debounce/Makefile
- devel/go-ed25519/Makefile
- devel/go-emoji/Makefile
- devel/go-errors/Makefile
- devel/go-flags-svent/Makefile
- devel/go-fnmatch/Makefile
- devel/go-fs/Makefile
- devel/go-fsnotify/Makefile
- devel/go-fsync/Makefile
- devel/go-gitmap/Makefile
- devel/go-glog/Makefile
- devel/go-gls/Makefile
- devel/go-gocode/Makefile
- devel/go-godef/Makefile
- devel/go-godirwalk/Makefile
- devel/go-godotenv/Makefile
- devel/go-golang-lru/Makefile
- devel/go-goorgeous/Makefile
- devel/go-gopkgs/Makefile
- devel/go-goptlib/Makefile
- devel/go-goreturns/Makefile
- devel/go-gox/Makefile
- devel/go-hashstructure/Makefile
- devel/go-homedir/Makefile
- devel/go-humanize/Makefile
- devel/go-i18n/Makefile
- devel/go-immutable-radix/Makefile
- devel/go-ini/Makefile
- devel/go-iochan/Makefile
- devel/go-isatty/Makefile
- devel/go-jwalterweatherman/Makefile
- devel/go-kingpin.v3-unstable/Makefile
- devel/go-locker/Makefile
- devel/go-logrus/Makefile
- devel/go-mapstructure/Makefile
- devel/go-mapstructure-bep/Makefile
- devel/go-mow-cli/Makefile
- devel/go-nbreader/Makefile
- devel/go-nitro/Makefile
- devel/go-osext/Makefile
- devel/go-pflag/Makefile
- devel/go-properties/Makefile
- devel/go-protobuf/Makefile
- devel/go-purell/Makefile
- devel/go-ratelimit/Makefile
- devel/go-repr/Makefile
- devel/go-review/Makefile
- devel/go-sanitized_anchor_name/Makefile
- devel/go-shellwords/Makefile
- devel/go-shuffle/Makefile
- devel/go-siphash/Makefile
- devel/go-sync/Makefile
- devel/go-sys/Makefile
- devel/go-termbox/Makefile
- devel/go-testify/Makefile
- devel/go-thrift/Makefile
- devel/go-tools/Makefile
- devel/go-try/Makefile
- devel/go-viper/Makefile
- devel/go-yaml/Makefile
- devel/golint/Makefile
- devel/google-api-go-client/Makefile
- graphics/go-image/Makefile
- graphics/go-imaging/Makefile
- graphics/go-resize/Makefile
- graphics/go-smartcrop/Makefile
- lang/go-hcl/Makefile
- mail/postforward/Makefile
- math/go-stats/Makefile
- math/go-units/Makefile
- misc/go-genproto/Makefile
- misc/go-genproto-googleapis-rpc/Makefile
- net/aws-sdk-go/Makefile
- net/dnscrypt-proxy2/Makefile
- net/gcloud-golang-metadata/Makefile
- net/go-dns/Makefile
- net/go-dnstap/Makefile
- net/go-framestream/Makefile
- net/go-grpc/Makefile
- net/go-net/Makefile
- net/go-ovh/Makefile
- net/go-websocket/Makefile
- net/hub/Makefile
- net/obfs4proxy/Makefile
- net/syncthing/Makefile
- pkgtools/pkglint/Makefile
- security/2fa/Makefile
- security/go-asn1-ber/Makefile
- security/go-crypt/Makefile
- security/go-crypto/Makefile
- security/go-mkcert/Makefile
- security/go-oauth2/Makefile
- security/go-sftp/Makefile
- security/vault/Makefile
- sysutils/beats/Makefile
- sysutils/consul/Makefile
- sysutils/fzf/Makefile
- sysutils/goreman/Makefile
- sysutils/lf/Makefile
- sysutils/node_exporter/Makefile
- sysutils/vultr/Makefile
- textproc/go-chroma/Makefile
- textproc/go-diff/Makefile
- textproc/go-glob/Makefile
- textproc/go-inflect/Makefile
- textproc/go-md2man/Makefile
- textproc/go-mmark/Makefile
- textproc/go-prose/Makefile
- textproc/go-regexp2/Makefile
- textproc/go-runewidth/Makefile
- textproc/go-sentences/Makefile
- textproc/go-tablewriter/Makefile
- textproc/go-text/Makefile
- textproc/sift/Makefile
- www/caddy/Makefile
- www/gitea/Makefile
- www/go-ace/Makefile
- www/go-cssmin/Makefile
- www/go-gogs-client/Makefile
- www/go-gohtml/Makefile
- www/go-libsass/Makefile
- www/go-minify/Makefile
- www/go-parse/Makefile
- www/go-spritewell/Makefile
- www/go-tocss/Makefile
- www/go-toml-burntsushi/Makefile
- www/go-toml-pelletier/Makefile
- www/go-urlesc/Makefile
- www/go-webhooks/Makefile
- www/grafana/Makefile
- www/hugo/Makefile
- www/pup/Makefile

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Fri Oct 18 14:48:29 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go112: PLIST distinfo

   Log Message:
   Update go112 to 1.12.12.

   qo1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
   package. See the Go 1.12.11 milestone on our issue tracker for details.

   go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
   syscall and net packages. See the Go 1.12.12 milestone on our issue tracker
   for details.


   To generate a diff of this commit:
   cvs rdiff -u -r1.69 -r1.70 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/go112/PLIST pkgsrc/lang/go112/distinfo

Revision 1.16 / (download) - annotate - [select for diffs], Thu Nov 14 21:47:48 2019 UTC (4 years, 3 months ago) by nia
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

gitea: Update to 1.10.0

Changes:

* BREAKING
  * Fix deadline on update issue or PR via API (#8698)
  * Hide some user information via API if user doesn't have enough permission (#8655) (#8657)
  * Remove legacy handling of drone token (#8191)
  * Change repo search to use exact match for topic search. (#7941)
  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742)
  * Implement the ability to change the ssh port to match what is in the gitea config (#7286)
* SECURITY
  * Fix issue with user.fullname (#8903)
  * Ignore mentions for users with no access (#8395)
  * Be more strict with git arguments (#7715)
  * Extract the username and password from the mirror url (#7651)
  * reserve .well-known username (#7637)
* FEATURE
  * Org/Members: display 2FA members states + optimize sql requests (#7621)
  * SetDefaultBranch on pushing to empty repository (#7610)
  * Adds side-by-side diff for images (#6784)
  * API method to list all commits of a repository (#6408)
  * Password Complexity Checks  (#6230)
  * Add option to initialize repository with labels (#6061)
  * Add additional password hash algorithms (#6023)
* BUGFIXES
  * Allow to merge if file path contains " or \ (#8629) (#8771)
  * On windows set core.longpaths true (#8776) (#8786)
  * Fix 500 when edit hook (#8782) (#8789)
  * Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801)
  * Fix SSH2 conditional in key parsing code (#8806) (#8810)
  * Fix commit expand button to not go to commit link (#8745) (#8825)
  * Fix new user form for non-local users (#8826) (#8828)
  * Fix to close opened io resources as soon as not needed (#8839) (#8846)
  * Fix edit content button on migrated issue content (#8877) (#8884)
  * Fix require external registration password (#8885) (#8890)
  * Fix password complexity check on registration (#8887) (#8888)
  * Update Github Migration Tests (#8896) (#8938) (#8945)
  * Enable punctuations ending mentions (#8889) (#8894)
  * Add Close() method to gogitRepository (#8901) (#8956)
  * Hotfix for review actions and notifications (#8965)
  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618)
  * Fix milestone close timestamp (#8728) (#8730)
  * Fix 500 when getting user as unauthenticated user (#8653) (#8663)
  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8681)
  * Use AppSubUrl for more redirections (#8647) (#8651)
  * Add SubURL to redirect path (#8632) (#8634)
  * Fix template error on account page (#8562) (#8622)
  * Allow externalID to be UUID (#8551) (#8624)
  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623)
  * Update heatmap fixtures to restore tests (#8615) (#8616)
  * Ensure that diff stats can scroll independently of the diff (#8581) (#8621)
  * Webhook: set Content-Type for application/x-www-form-urlencoded (#8600)
  * Fix #8582 by handling empty repos (#8587) (#8594)
  * Fix bug on pull requests when transfer head repository (#8564) (#8569)
  * Add missed close in ServeBlobLFS (#8527) (#8542)
  * Ensure that GitRepo is set on Empty repositories (#8539) (#8541)
  * Fix migrate mirror 500 bug (#8526) (#8530)
  * Fix password complexity regex for special characters (#8524)
  * Prevent .code-view from overriding font on icon fonts (#8614) (#8627)
  * Allow more than 255 characters for tokens in external_login_user table (#8554)
  * Fix errors in create org UI regarding team access permission (#8506)
  * Fix bug on FindExternalUsersByProvider (#8504)
  * Create .ssh dir as necessary (#8486)
  * IsBranchExist: return false if provided name is empty (#8485)
  * Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477)
  * Add check for empty set when dropping indexes during migration (#8471)
  * LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455)
  * Ensure Request Body Readers are closed in LFS server (#8454)
  * Fix template bug on mirror repository setting page (#8438)
  * Fix migration v96 to keep issue attachments (#8435)
  * Update strk.kbt.io/projects/go/libravatar to latest (#8429)
  * Singular form for files that has only one line (#8416)
  * Check for either escaped or unescaped wiki filenames (#8408)
  * Allow users with explicit read access to give approvals (#8382)
  * Fix editor commit to new branch if PR disabled (#8375)
  * readd .markdown class to all markup renderers (#8357)
  * Upgrade xorm to v0.7.9 to fix some bugs (#8354)
  * Fix column name ambiguity in GetUserIssueStats() (#8347)
  * Change general form binding to gogs form (#8334)
  * Fix pull request commit status in user dashboard list (#8321)
  * Fix repo_admin_change_team_access always checked in org settings (#8319)
  * Update to github.com/lafriks/xormstore@v1.3.0 (#8317)
  * Show correct commit status in PR list (#8316)
  * Bugfix for image compare and minor improvements to image compare (#8289)
  * Update xorm (#8286)
  * Fix API for edit and delete release attachment (#8285)
  * Fix nil object access in some conditions when parsing cross references (#8281)
  * Fix label count (#8267)
  * Only show teams access for organization repositories on collaboration setting page (#8265)
  * Test more reserved usernames (#8263)
  * Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
  * Fix assets key on release webhook (#8253)
  * Allow registration when button is hidden (#8237)
  * Fix release API URL generation (#8234)
  * Fix milestone num_issues (#8221)
  * MS Teams webhook misses commit messages (#8209)
  * Fix data race (#8204)
  * Fix team user api (#8172)
  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161)
  * Make show private icon when repo avatar set (#8144)
  * Add reviewers as participants (#8121)
  * Fix Go 1.13 private repository go get issue (#8112)
  * feat: highlight issue references with : (#8101)
  * Make AllowedUsers configurable in sshd_config (#8094)
  * Strict name matching for Repository.GetTagID() (#8074)
  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066)
  * Add change title notification for issues (#8061)
  * [ssh] fix the config specification in the authorized_keys template (#8031)
  * Fix reading git notes from nested trees (#8026)
  * Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990)
  * Fix adding default Telegram webhook (#7972)
  * Run CORS handler first for /api routes (#7967)
  * Abort synchronization from LDAP source if there is some error. (#7960)
  * Fix wrong sender when send slack webhook (#7918)
  * Fix bug when migrating a private repository (#7917)
  * Evaluate emojis in commit messages in list view (#7906)
  * Fix upload file type check (#7890)
  * lfs/lock: round locked_at timestamp to second (#7872)
  * fix non existent milestone with 500 error instead of 404 (#7867)
  * gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
  * Fix duplicate call of webhook (#7821)
  * Enable switching to a different source branch when PR already exists (#7819)
  * Convert files to utf-8 for indexing (#7814)
  * Do not fetch all refs in pull-request compare (#7797)
  * Fix multiple bugs with statuses endpoints at API (#7785)
  * Restore functionality for early gits (#7775)
  * Fix Slack webhook fork message (#7774)
  * Rewrite existing repo units if setting is not included in api body (#7763)
  * Fix rename failed when rewrite public keys (#7761)
  * Fix approvals counting (#7757)
  * Add migration step to remove old repo_indexer_status orphaned records (#7746)
  * Fix repo_index_status lingering when deleting a repository (#7734)
  * Remove camel case tokenization from repo indexer (#7733)
  * Fix milestone completness calculation when migrating (#7725)
  * Regression: Include "executable" files in the index, as they are not necessarily (#7718)
  * Fixes indexed repos keeping outdated indexes when files grow too large (#7712)
  * Skip non-regular files (e.g. submodules) on repo indexing (#7711)
  * Fix dropTableColumns sqlite implementation (#7710)
  * Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705)
  * improve branches list performance and fix protected branch icon when no-login (#7695)
  * Correct wrong datetime format for git (#7689)
  * Move add to hook queue for created repo to outside xorm session. (#7675)
  * sugestion to use range .Branches (#7674)
  * Fix bug on migrating milestone from github (#7665)
  * hide delete/restore button on archived repos (#7658)
  * css: use flex to fix floating paginate (#7656)
  * Fix syntax highlight initialization (#7617)
  * Fix panic on push at - Merging pull request causes 500 error (#7615)
  * Make PKCS8, PEM and SSH2 keys work (#7600)
  * Fix mistake in arc-green.less split-diff css code. (#7587)
  * Handle ErrUserProhibitLogin in http git (#7586)
  * Fix bug create/edit wiki pages when code master branch protected (#7580)
  * Fixes Malformed URLs in API git/commits response (#7565)
  * Fix file header overflow in file and blame views (#7562)
  * Improve SSH key parser to handle newlines in keys (#7522)
  * Fix empty commits now showing in repo overview (#7521)
  * Fix repository's pull request count error (#7518)
  * Fix markdown invoke sequence (#7513)
  * Remove duplicated webhook trigger (#7511)
  * Update User.NumRepos atomically in createRepository (#7493)
  * Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482)
  * Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478)
  * cmd/serv: actually exit after fatal errors (#7458)
  * Fix an issue with some pages throwing 'not defined' js exceptions (#7450)
  * fix Dropzone.js integration (#7445)
  * Fix regex for issues in commit messages (#7444)
  * Diff: Fix indentation on unhighlighted code (#7435)
  * Only show "New Pull Request" button if repo allows pulls (#7426)
  * Upgrade macaron/captcha to fix random error problem (#7407)
  * create class for inline positioned lists (#7393)
  * Fetch refs for successful testing for tag (#7388)
  * add missing template variable on organisation settings (#7385)
  * fix post parameter - on issue list - unset assignee (#7380)
  * fix/define autochecked checkboxes on issue list in firefox (#7320)
  * only return head: null if source branch was deleted (#6705)
* ENHANCEMENT
  * Add nofollow to sign in links (#8509)
  * vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495)
  * Update milestone issues numbers when save milestone and other code improvements (#8411)
  * Add extra user information when migrating release (#8331)
  * Require overall success if no context is given for status check (#8318)
  * Transaction-aware retry create issue to cope with duplicate keys (#8307)
  * Change link on issue milestone (#8246)
  * Alwaywas return local url for users avatar (#8245)
  * Move some milestone functions to a standalone package (#8213)
  * Move create issue comment to comments package (#8212)
  * Disable max height property of comment textarea (#8203)
  * Add 'Mentioning you' group to /issues page (#8201)
  * oauth2 with remote Gitea (#8149)
  * Reference issues from pull requests and other issues (#8137)
  * Fix webhooks to use proxy from environment (#8116)
  * Add merged commit id on pull view when it's merged (#8062)
  * Add teams to repo on collaboration page. (#8045)
  * Update swagger to 0.20.1  (#8010)
  * Make link last commit massages in repository home page and commit tables (#8006)
  * Add API endpoint for accessing repo topics (#7963)
  * Include description in repository search (#7942)
  * Use gitea forked macaron (#7933)
  * Fix pull creation with empty changes (#7920)
  * Allow token as authorization for accessing attachments (#7909)
  * Retry create issue to cope with duplicate keys (#7898)
  * Move git diff codes from models to services/gitdiff (#7889)
  * migrate gplus to google oauth2 provider (#7885)
  * Remove unique filter from repo indexer analyzer. (#7878)
  * Detect delimiter in CSV rendering (#7869)
  * Import topics during migration (#7851)
  * Move CreateReview to modules/pull (#7841)
  * vendor: update pdf.js to v2.1.266 (#7834)
  * Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
  * Add Ability for User to Customize Email Notification Frequency (#7813)
  * Move database settings from models to setting (#7806)
  * Display ui time with customize time location (#7792)
  * Implement webhook branch filter (#7791)
  * Restrict repository indexing by glob match (#7767)
  * Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
  * Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
  * deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
  * Apply emoji on commit graph page (#7743)
  * Add a lot of extension to language mappings for syntax highlights (#7741)
  * Add SQL execution on log and indexes on table repository and comment (#7740)
  * Set DB connection error level to error (#7724)
  * Check commit message hashes before making links (#7713)
  * remove unnecessary fmt on generate bindata (#7706)
  * Fix specific highlighting (CMakeLists.txt ...) (#7686)
  * Add file status on API (#7671)
  * Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
  * Provide links in commit summaries in commits table/view list (#7659)
  * Change length of some repository's columns (#7652)
  * Move commit repo action from models to repofiles package (#7645)
  * fix wrong email when use gitea as OAuth2 provider (#7640)
  * [Branch View] add download button (#7604)
  * Update to xorm@v0.7.4 (#7596)
  * use 403 instead of 401 for ErrUserProhibitLogin (#7591)
  * Removed unnecessary conversions (#7557)
  * Un-lambda base.FileSize (#7556)
  * Added missing error checks in tests (#7554)
  * Move create release from models to a standalone package (#7539)
  * Make default branch name link to default branch (#7519)
  * Added total count of contributions to heatmap (#7517)
  * Move mirror to a standalone package from models (#7486)
  * Move models.PushUpdate to repofiles.PushUpdate (#7485)
  * Include thread related headers in issue/coment mail (#7484)
  * Refuse merge until all required status checks success (#7481)
  * convert all js var to let/const (#7464)
  * Only create branches for opened pull requestes when migrating from github (#7463)
  * jQuery 3 (#7425)
  * Add notification placeholder (#7409)
  * Search Commits via Commit Hash (#7400)
  * Move status table to cron package (#7370)
  * wiki - page revisions list  (#7369)
  * Display original author and URL information when showing migrated issues/comments (#7352)
  * Refactor filetype is not allowed errors (#7309)
  * switch to use gliderlabs/ssh for builtin server (#7250)
  * Remove settting dependency on modules/session (#7237)
  * Move all mail related codes from models to services/mailer (#7200)
  * Support git.PATH entry in app.ini (#6772)
  * Support setting cookie domain (#6288)
  * Move migrating repository from frontend to backend (#6200)
  * Delete releases attachments if release is deleted (#6068)
* TRANSLATION
  * Latvian translation for home page (#8468)
  * Add home template italian translation (#8352)
  * fix misprint (#7452)
* BUILD
  * use go 1.13 (#8088)
* MISC
  * add file line count info on UI (#8396)
  * Make issues page left menu 100% width and add reponame as title attribute (#8359)
  * [arc-green] white on hover for active menu items (#8344)
  * Move ref (branch or tag) location on issue list page (#8157)
  * apply emoji on dashboard issue list labels (#8156)
  * 1148: Take up the full width when viewing the diff in split view. (#8114)
  * Display description of 'make this repo private' as help text, not as tooltip (#8097)
  * Fixes deformed emoji in pull request reviews (#8047)
  * Add strike to old header on comment (#8046)
  * Add tooltip for the visibility checkbox in /repo/create (#8025)
  * Update github.com/lafriks/xormstore and tidy up mod.go (#8020)
  * keep blame view buttons sequence consistent with normal view when view a file (#8007)
  * Use "Pull Request" instead of "Merge Request" (#8003)
  * Move line number to :before attr to hide from search on browser (#8002)
  * Changed black color to white for (read) number label on issue list page (#8000)
  * [Branch View] show "New Pull Request" Button only if posible (#7977)
  * Fix hook problem by only setting the git environment variables if we are passed them (#7854)
  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800)
  * Fix global search result CSS, misc CSS tweaks (#7789)
  * Tweak label border CSS (#7739)
  * Fix create menu item widths (#7708)
  * [Branch View] Delete duplicate protection symbol (#7624)
  * [Branch View] Delete Table Header (#7622)
  * [Branch View] icons to buttons (#7602)
  * update js dependencies (#7462)
  * Add Extra Info to Branches Page (#7461)
  * Bump lodash from 4.17.11 to 4.17.14 (#7459)
  * wiki history improvements (#7391)
  * ui fixes - compare view and archieved repo issues (#7345)
  * dark theme scrollbars (#7269)
  * wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243)
  * Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141)

Revision 1.15 / (download) - annotate - [select for diffs], Fri Nov 1 17:52:38 2019 UTC (4 years, 4 months ago) by nia
Branch: MAIN
Changes since 1.14: +2 -3 lines
Diff to previous 1.14 (colored)

gitea: Update to 1.9.5

Changes:

* BREAKING
  * Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
* BUGFIXES
  * Fix milestone close timestamp (#8728) (#8731)
  * Fix deadline on update issue or PR via API (#8699)
  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
  * Fix 500 when getting user as unauthenticated user (#8653) (#8662)
  * Use AppSubUrl for more redirections (#8647) (#8652)
  * Add SubURL to redirect path (#8632) (#8634) (#8640)
  * Fix #8582 by handling empty repos (#8587) (#8593)
  * Fix bug on pull requests when transfer head repository (#8571)
  * Add missed close in ServeBlobLFS (#8527) (#8543)
  * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
  * Create .ssh dir as necessary (#8369) (#8486) (#8489)
  * Restore functionality for early gits (#7775) (#8476)
  * Add check for empty set when dropping indexes during migration (#8475)
  * Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
  * Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
* SECURITY
  * Ignore mentions for users with no access (#8395) (#8484)
* TESTING
  * Update heatmap fixtures to restore tests (#8615) (#8617)

Revision 1.14 / (download) - annotate - [select for diffs], Fri Oct 18 14:58:59 2019 UTC (4 years, 4 months ago) by bsiegert
Branch: MAIN
Changes since 1.13: +2 -1 lines
Diff to previous 1.13 (colored)

Revbump all Go packages after lang/go112 update

Revision 1.13 / (download) - annotate - [select for diffs], Wed Oct 16 12:13:23 2019 UTC (4 years, 4 months ago) by nia
Branch: MAIN
Changes since 1.12: +2 -3 lines
Diff to previous 1.12 (colored)

gitea: Update to 1.9.4

* BUGFIXES
  * Highlight issue references (#8101) (#8404)
  * Fix bug when migrating a private repository #7917 (#8403)
  * Change general form binding to gogs form (#8334) (#8402)
  * Fix editor commit to new branch if PR disabled (#8375) (#8401)
  * Fix milestone num_issues (#8221) (#8400)
  * Allow users with explicit read access to give approvals (#8398)
  * Fix commit status in PR #8316 and PR #8321 (#8339)
  * Fix API for edit and delete release attachment (#8290)
  * Fix assets on release webhook (#8283)
  * Fix release API URL generation (#8239)
  * Allow registration when button is hidden (#8238)
  * MS Teams webhook misses commit messages (backport v1.9) (#8225)
  * Fix data race (#8206)
  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8194)
  * Fix the SSH config specification in the authorized_keys template (#8193)
  * Fix reading git notes from nested trees (#8189)
  * Fix team user api (#8172) (#8188)
  * Add reviewers as participants (#8124)
* BUILD
  * Use vendored go-swagger (#8087) (#8165)
  * Fix version-validation for GO 1.13 (go-macaron/cors) (#8389)
* MISC
  * Make show private icon when repo avatar set (#8144) (#8175)

Revision 1.12 / (download) - annotate - [select for diffs], Thu Sep 26 20:10:56 2019 UTC (4 years, 5 months ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base
Branch point for: pkgsrc-2019Q3
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)

Revbump all Go packages after 1.12.10 update.

ok wiz@ for PMC

Revision 1.11 / (download) - annotate - [select for diffs], Tue Sep 10 08:46:37 2019 UTC (4 years, 5 months ago) by nia
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

gitea: Update to 1.9.3

* BUGFIXES
  * Fix go get from a private repository with Go 1.13 (#8100)
  * Strict name matching for Repository.GetTagID() (#8082)
  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
  * Add change title notification for issues (#8064)
  * Run CORS handler first for /api routes (#7967) (#8053)
  * Evaluate emojis in commit messages in list view (#8044)
  * Fix failed to synchronize tags to releases for repository (#7990) (#7994)
  * Fix adding default Telegram webhook (#7972) (#7992)
  * Abort synchronization from LDAP source if there is some error (#7965)
  * Fix deformed emoji in commit message (#8071)
* ENHANCEMENT
  * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)

Revision 1.10 / (download) - annotate - [select for diffs], Thu Sep 5 13:43:33 2019 UTC (4 years, 5 months ago) by nia
Branch: MAIN
Changes since 1.9: +2 -3 lines
Diff to previous 1.9 (colored)

gitea: Update to 1.9.2.

* BUGFIXES
  * Fix wrong sender when send slack webhook (#7918) (#7924)
  * Upload support text/plain; charset=utf8 (#7899)
  * Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
  * Fix non existent milestone with 500 error (#7867) (#7873)
* SECURITY
  * Fix No PGP signature on 1.9.1 tag (#7874)
  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
* ENHANCEMENT
  * Fix pull creation with empty changes (#7920) (#7926)
* BUILD
  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)

Revision 1.9 / (download) - annotate - [select for diffs], Mon Aug 19 10:27:42 2019 UTC (4 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.8: +2 -3 lines
Diff to previous 1.8 (colored)

gitea: Update to 1.9.1

Changes:

* BREAKING
  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)
* SECURITY
  * Be more strict with git arguments (#7715) (#7762)
  * Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA
* BUGFIXES
  * Fix local runs of ssh-requiring integration tests (#7855) (#7857)
  * Fix hook problem (#7856) (#7754)
  * Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846)
  * Do not fetch all refs (#7797) (#7837)
  * Fix duplicate call of webhook (#7824) (#7821)
  * Enable switching to a different source branch when PR already exists (#7823)
  * Rewrite existing repo units if setting is not included in api body (#7811)
  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808)
  * API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807)
  * Fix Slack webhook fork message (1.9 release backport) (#7783)
  * Fix approvals counting (#7757) (#7777)
  * Fix rename failed when rewrite public keys (#7761) (#7769)
  * Fix dropTableColumns sqlite implementation (#7710) (#7765)
  * Fix repo_index_status lingering when deleting a repository (#7738)
  * Fix milestone completness calculation when migrating (#7725) (#7732)
  * Fixes indexed repos keeping outdated indexes when files grow too large (#7731)
  * Skip non-regular files (e.g. submodules) on repo indexing (#7717)
  * Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704)
  * Correct wrong datetime format for git (#7689) (#7690)

Revision 1.8 / (download) - annotate - [select for diffs], Wed Aug 14 15:45:50 2019 UTC (4 years, 6 months ago) by bsiegert
Branch: MAIN
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)

Recursive bump of all packages using Go after Go 1.12.8 update.

Revision 1.7 / (download) - annotate - [select for diffs], Sun Aug 4 12:26:59 2019 UTC (4 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.6: +3 -2 lines
Diff to previous 1.6 (colored)

gitea: Fix config file handling.

Revision 1.6 / (download) - annotate - [select for diffs], Sun Aug 4 11:39:53 2019 UTC (4 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

gitea: Update to 1.9.0

BREAKING
* Better logging (#6038) (#6095)

SECURITY
* Shadow the password on cache and session config on admin panel (#7300)
* Fix markdown invoke sequence (#7513) (#7560)
* Reserve .well-known username (#7638)
* Do not leak secrets via timing side channel (#7364)
* Ensure that decryption of cookie actually suceeds (#7363)

FEATURE
* Content API for Creating, Updating, Deleting Files (#6314)
* Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229)
* Add command to convert mysql database from utf8 to utf8mb4 (#7144)
* Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Compare branches, commits and tags with each other (#6991)
* Show Pull Request button or status of latest PR in branch list (#6990)
* Repository avatars (#6986)
* Show git-notes (#6984)
* Add commit statuses reports on pull request view (#6845)
* Number of commits ahead/behind in branch overview (#6695)
* Add CLI commands to manage LDAP authentication source (#6681)
* Add support for MS Teams webhooks (#6632)
* OAuth2 Grant UI (#6625)
* Add SUBJECT_PREFIX mailer config option (#6605)
* Include custom configuration file in dump (#6516)
* Add API for manipulating Git hooks (#6436)
* Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* Add option to blame files (#5721)
* Implement Default Webhooks (#4299)
* Telegram webhook (#4227)

BUGFIXES
* Send webhook after commit when creating issue with assignees (#7681) (#7684)
* Upgrade macaron/captcha to fix random error problem (#7407) (#7683)
* Move add to hook queue for created repo to outside xorm session. (#7682) (#7675)
* Show protection symbol if needed on default branch (#7660) (#7668)
* Hide delete/restore button on archived repos (#7660)
* Fix bug on migrating milestone from github (#7665) (#7666)
* Use flex to fix floating paginate (#7656) (#7662)
* Change length of some repository's columns (#7652) (#7655)
* Fix wrong email when use gitea as OAuth2 provider (#7640) (#7647)
* Fix syntax highlight initialization (#7617) (#7626)
* Fix bug create/edit wiki pages when code master branch protected (#7580) (#7623)
* Fix panic on push at #7611 (#7615) (#7618)
* Handle ErrUserProhibitLogin in http git (#7586, #7591) (#7590)
* Fix color of split-diff view in dark theme (#7587) (#7589)
* Fix file header overflow in file and blame views (#7562) (#7579)
* Malformed URLs in API git/commits response (#7565) (#7567)
* Fix empty commits now showing in repo overview (#7521) (#7563)
* Fix repository's pull request count error (#7518) (#7524)
* Remove duplicated webhook trigger (#7511) (#7516)
* Handles all redirects for Web UI File CRUD (#7478) (#7507)
* Fix regex for issues in commit messages (#7444) (#7466)
* cmd/serv: actually exit after fatal errors (#7458) (#7460)
* Fix an issue with some pages throwing 'not defined' js exceptions #7450 (#7453)
* Fix Dropzone.js integration (#7445) (#7448)
* Create class for inline positioned lists (#7439) (#7393)
* Diff: Fix indentation on unhighlighted code (#7435) (#7443)
* jQuery 3 (#7442) (#7425)
* Only show "New Pull Request" button if repo allows pulls (#7426) (#7432)
* Fix vendor references (#7394) (#7396)
* Only return head: null if source branch was deleted (#6705) (#7376)
* Add missing template variable on organisation settings (#7386) (#7385)
* Fix post parameter on issue list which had unset assignee (#7380) (#7383)
* Fix migration tests due to issue 7 being resolved (#7375) (#7381)
* Correctly adjust mirror url (#6593)
* Handle early git version's lack of get-url (#7065)
* Fix icon position in issue view (#7354)
* Cut timeline length with last element on issue view (#7355)
* Fix mirror repository webhooks (#7366)
* Fix api route for hooks (#7346)
* Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337)
* Fix pull view ui merge section (#7335)
* Fix 7303 - remove unnessesary buttons on archived repos (#7326)
* Fix topic bar to allow prefixes (#7325)
* Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
* Fixes #7238 - Annotated tag commit ID incorrect (#7321)
* Dark theme fixes (#7319)
* Gitea own dark codemirror theme (#7317)
* Fixes #7292 - API File Contents bug (#7301)
* Fix API link header (#7298)
* Fix extra newlines when copying from diff in Firefox (#7288)
* Make diff line-marker non-selectable (#7279)
* Fix Submodule dection in subdir (#7275)
* Fix error log when loading issues caused by a xorm bug (#7271)
* Add .fa icon margin like .octicon (#7258)
* Fix hljs unintenionally highlighting commit links (#7244)
* Only check and config git on web subcommand but not others (#7236)
* Fix migration panic when Head.User is not exist (#7226)
* Only warn on errors in deleting LFS orphaned files during repo deletion (#7213)
* Fix duplicated file on pull request conflicted files (#7211)
* Allow colon between fixing word and issue (#7207)
* Fix overflow issues in repo (#7190)
* API error cleanup (#7186)
* Add error for fork already existing (#7185)
* Fixes diff on merged pull requests (#7171)
* If milestone id is zero don't get it from database (#7169)
* Fix pusher name via ssh push (#7167)
* Fix database lock when use random repository fallback image (#7166)
* Various fixes for issue mail notifications (#7165)
* Allow archived repos to be (un)starred and (un)watched (#7163)
* Fix GCArgs load from ini (#7156)
* Detect noreply email address as user (#7133)
* Avoid arbitrary format strings upon calling fail() function (#7112)
* Validate External Tracker URL Format (#7089)
* Repository avatar fallback configuration (#7087)
* Fix #732: Add LFS objects to base repository on merging (#7082)
* Install page - Handle invalid administrator username better (#7060)
* Workaround for posting single comments in split diff view (#7052)
* Fix possbile mysql invalid connnection error (#7051)
* Fix charset was not saved after installation finished (#7048)
* Handle insecure and ports in go get (#7041)
* Avoid bad database state after failed migration (#7040)
* Fix wrong init dependency on markup extensions (#7038)
* Fix default for allowing new organization creation for new users (#7017)
* Fix content download and /verify LFS handler expecting wrong content-type (#7015)
* Fix missing repo description when migrating (#7000)
* Fix LFS Locks over SSH (#6999)
* Do not attempt to return blob on submodule (#6996)
* Fix U2F for Chrome >= 74 (#6980)
* Fix index produces problem when issues/pulls deleted (#6973)
* Allow collaborators to view repo owned by private org (#6965)
* Stop running hooks on pr merge (#6963)
* Run hooks on merge/edit and cope with protected branches (#6961)
* Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
* Stop colorizing log files by default (#6949)
* Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935)
* Fix plain text overflow line wrap (#6915)
* Fix input size for dependency select (#6913)
* Change drone token name to let users know to use oauth2 (#6912)
* Fix syntax highlight in blame view #6895 (#6909)
* Use AppURL for Oauth user link (#6894)
* Fixes #6881 - API users search fix (#6882)
* Fix 404 when send pull request some situation (#6871)
* Enforce osusergo build tag for releases (#6862)
* Fix 500 when reviewer is deleted with integration tests (#6856)
* Fix v85.go (#6851)
* Make dropTableColumns drop columns on sqlite and constraints on all (#6849)
* Fix double-generation of scratch token (#6832) (#6833)
* When mirroring we should set the remote to mirror (#6824)
* Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823)
* Change verbose flag in dump command to avoid colliding with global version flag (#6822)
* Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
* Remove seen map from getLastCommitForPaths (#6807)
* Show scrollbar only when needed (#6802)
* Restore IsWindows variable assignment (#6722) (#6790)
* Service worker js is a missing comma (#6788)
* Fix team edit API panic (#6780)
* Set user search base field optional in LDAP (simple auth) edit page (#6779)
* Ignore already existing public keys after ldap sync (#6766)
* Fix pulls broken when fork repository deleted (#6754)
* Fix missing return (#6751)
* Fix new team 500 (#6749)
* OAuth2 token can be used in basic auth (#6747)
* Fix org visibility bug when git cloning (#6743)
* Fix bug when sort repos on org home page login with non-admin (#6741)
* Stricter domain name pattern in email regex (#6739)
* Fix admin template error (#6737)
* Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736)
* UI: Detect and restore encoding and BOM in content (#6727)
* Load issue attributes when editing an issue with API (#6723)
* Fix team members API (#6714)
* Unfortunately MemProvider Init does not actually Init properly (#6692)
* Fix partial reversion of #6657 caused by #6314 (#6685)
* Prevent creating empty sessions (#6677)
* Fixes #6659 - Swagger schemes selection default to page's protocol (#6660)
* Update highlight.js to 9.15.6 (#6658)
* Properly escape on the redirect from the web editor (#6657)
* Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656)
* Use ctx.metas for SHA hash links (#6645)
* Fix wrong GPG expire date (#6643)
* upgrade version of lib/pq to v1.1.0 (#6640)
* Fix forking an empty repository (#6637)
* Fix issuer of OTP URI should be URI-encoded. (#6634)
* Return a UserList from /api/v1/admin/users (#6629)
* Add json tags for oauth2 form (#6627)
* Remove extra slash from twitter card (#6619)
* remove bash requirement in makefile (#6617)
* Fix Open Graph og:image link (#6612)
* Fix cross-compile builds (#6609)
* Change commit summary to full message in API (#6591)
* Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579)
* Prevent server 500 on compare branches with no common history (#6555)
* Properly escape release attachment URL (#6512)
* Delete local branch when repo branch is deleted (#6497)
* Fix bug when user login and want to resend register confirmation email (#6482)
* Fix upload attachments (#6481)
* Avoid multi-clicks in oauth2 login (#6467)
* Hacky fix for alignment of the create-organization dialog (#6455)
* Change order that PostProcess Processors are run (#6445)
* Clean up ref name rules (#6437)
* Fix Hook & HookList in Swagger (#6432)
* Fixed unitTypeCode not being used in accessLevelUnit (#6419)
* Display correct error for invalid mirror interval (#6414)
* Don't Unescape redirect_to cookie value (#6399)
* Fix dump table name error and add some test for dump database (#6394)
* Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387)
* Make sure units of a team are returned (#6379)
* Fix bug manifest.json will not request with cookie so that session will created every request (#6372)
* Disable benchmarking during tag events on DroneIO (#6365)
* Comments list performance optimization (#5305)

ENHANCEMENT
* Update Drone docker generation to standard format (#7480) (#7496) (#7504)
* Add API Endpoint for Repo Edit (#7006)
* Add state param to milestone listing API (#7131)
* Make captcha and password optional for external accounts (#6606)
* Detect migrating batch size (#7353)
* Fix 7255 - wrap long texts on user profile info (#7333)
* Use commit graph files for listing pages (#7314)
* Add git command line commitgraph support global default true when git version >= 2.18 (#7313)
* Add LFS_START_SERVER option to control git-lfs support (#7281)
* Dark theme markdown fixes (#7260)
* Update go-git to v4.12.0 (#7249)
* Show lfs config on admin panel (#7220)
* Disable same user check for internal SSH (#7215)
* Add LastLogin to the User API (#7196)
* Add missing description of label on API (#7159)
* Use go method to calculate ssh key fingerprint (#7128)
* Enable Rust highlighting (#7125)
* Refactor submodule URL parsing (#7100)
* Change issue mail title. (#7064)
* Use batch insert on migrating repository to make the process faster (#7050)
* Improve github downloader on migrations (#7049)
* When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047)
* Fix Erlang and Elixir highlight mappings (#7044)
* API Org Visibility (#7028)
* Improve handling of non-square avatars (#7025)
* Bugfix: Align comment label and actions to the right (#7024)
* Change UpdateRepoIndex api to include watchers (#7012)
* Move serv hook functionality & drop GitLogger (#6993)
* Add support of utf8mb4 for mysql (#6992)
* Make webhook http connections resuable (#6976)
* Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
* Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* Remove macaron dependent on models (#6940)
* Add less linter via npx (#6936)
* Remove macaron dependent on modules/log (#6933)
* Remove macaron dependent on models/mail.go (#6931)
* Clean less files (#6921)
* Fix code overflow (#6914)
* Style orgs list in user profile (#6911)
* Improve description of branch protection (fix #6886) (#6906)
* Move sdk structs to modules/structs (#6905)
* update sdk to latest (#6903)
* Escape the commit message on issues update and title in telegram hook (#6901)
* SearchRepositoryByName improvements and unification (#6897)
* Change the color of issues/pulls list, merged is purple and closed is red (#6874)
* Refactor table width to have more info shown in file list (#6867)
* Monitor all git commands; move blame to git package and replace git as a variable (#6864)
* Fix config ui error about cache ttl (#6861)
* Improve localization of git activity stats (#6848)
* Generate access token in admin cli (#6847)
* Update github.com/urfave/cli to version 1.2.0 (#6838)
* Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826)
* internal/ssh: ignore env command totally (#6825)
* Allow Recaptcha service url to be configured (#6820)
* update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815)
* Use modules/git for git commands (#6775)
* Add GET requests to webhook (#6771)
* Move PushUpdate dependency from models to repofiles (#6763)
* Tweak tab text and icon colors (#6760)
* Ignore non-standard refs in git push (#6758)
* Disable web preview for telegram webhook (#6719)
* Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710)
* Reorder file actions (#6706)
* README WordPress the code is overflowing #6679 (#6696)
* Improve issue reference on commit (#6694)
* Handle redirects for git clone commands (#6688)
* Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
* API OTP Context (#6674)
* Remove local clones & make hooks run on merge/edit/upload (#6672)
* Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
* Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
* Fix dropdown icon padding (#6651)
* Add more title attributes on shortened names (#6647)
* Update UI for topics labels on projects (#6639)
* Trace Logging on Permission Denied & ColorFormat (#6618)
* Add .gpg url (match github behaviour) (#6610)
* Support for custom GITEA_CUSTOM env var in docker(#6608)
* Show "delete branch" button on closed pull requests (#6570) (#6601)
* Add option to disable refresh token invalidation (#6584)
* Fix new repo dropdown alignment (#6583)
* Fix mail notification when close/reopen issue (#6581)
* Pre-calculate the absolute path of git (#6575)
* Minor CSS cleanup for the navbar (#6553)
* Render SHA1 links as code blocks (#6546)
* Add username flag in create-user command (#6534)
* Unifies pagination template usage (#6531) (#6533)
* Fixes pagination width on mobile view (#5711) (#6532)
* Improve SHA1 link detection (#6526)
* Fixes #6446 - Sort team members and team's repositories (#6525)
* Use stricter boundaries for auto-link detection (#6522)
* Use regular line-height on frontpage entries (#6518)
* Fixes #6514 - New Pull Request on files and pulls pages the same (#6515)
* Make distinction between DisplayName and Username in email templates (#6495)
* Add X-Auto-Response-Suppress header to outgoing messages (#6492)
* Cleaned permission checks for API -> site admin can now do anything (#6483)
* Support search operators for commits search (#6479)
* Improve listing performance by using go-git (#6478)
* Fix repo sub_menu font color in arc-green (#6477)
* Show last commit status in pull request lists (#6465)
* Add signatures to webhooks (#6428)
* Optimize all images in public/img (#6427)
* Add golangci (#6418)
* Make "Ghost" not link to 404 page (#6410)
* Include more variables on admin/config page (#6378)
* Markdown: enable some more extensions (#6362)
* Include repo name in page title tag (#6343)
* Show locale string on timestamp (#6324)
* Handle CORS requests (#6289)
* Improve issue autolinks (#6273)
* Migration Tweaks (#6260)
* Add title attributes to all items in the repo list viewer (#6258)
* Issue indexer queue redis support (#6218)
* Add bio field for user (#6113)
* Make the version within makefile overwriteable (#6080)
* Updates to API 404 responses (#6077)
* Use Go1.11 module (#5743)
* UX + Security current user password reset (#5042)
* Refactor: append, build variable and type switch (#4940)
* Git statistics in Activity tab (#4724)
* Drop the bits argument when generating an ed25519 key (#6504)

TESTING
* Exclude pull_request from fetch-tags step, fixes #7108 (#7120)
* Refactor and improve git test (#7086)
* Fix TestSearchRepo by waiting till indexing is done (#7004)
* Add mssql migration tests (needs #6823) (#6852)
* Add tests for Org API (#6731)
* Context.ServerError and NotFound should log from their caller (#6550)

TRANSLATION
* Add french specific rule for translating plural texts (#6846)

BUILD
* Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306)
* Alpine 3.10 (#7256)
* Use vfsgen instead of go-bindata (#7080)
* remove and disable package-lock (#6969)
* add make targets for js and css, add js linter (#6952)
* Added tags pull step to drone config to show correct version hashes i(#6836)
* Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631)
* chore: update drone format to 1.0 (#6602)
* Fix race in integration testlogger (#6556)
* Quieter Integration Tests (#6513)
* Drop the docker Makefile from the image (#6507)
* Add make version on gitea version (#6485)
* Fix #6468 - Uses space match and adds newline for all sed flavors (#6473)
* Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* Update npm dependencies and various tweaks (#7344)
* Fix updated drone file (#7336)
* Add 'npm' and 'npm-update' make targets and lockfile (#7246)

DOCS
* Add work path CLI option (#6922)
* Fix logging documentation (#6904)
* Some logging documentation (#6498)
* Fix link to Hacking on Gitea on From-Source doc page (#6471)
* Fix typos in docs command-line examples (#6466)
* Added docker example for backup (#5846)

Revision 1.5 / (download) - annotate - [select for diffs], Wed Jun 19 10:04:10 2019 UTC (4 years, 8 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.4: +2 -3 lines
Diff to previous 1.4 (colored)

gitea: Update to 1.8.3

Bugfixes

Always set userID on LFS authentication (#7224) (Part of #6993)
Fix LFS Locks over SSH (#6999) (#7223)
Fix duplicated file on pull request conflicted files (#7211) (#7214)
Detect noreply email address as user (#7133) (#7195)
Don't get milestone from DB if ID is zero (#7169) (#7174)
Allow archived repos to be (un)starred and (un)watched (#7163) (#7168)
Fix GCArgs load from ini (#7156) (#7157)
Fix possbile mysql invalid connnection error (#7051) (#7071)
Handle invalid administrator username on install page (#7060) (#7063)
Fix default for allowing new organization creation for new users (#7017) (#7034)
SearchRepositoryByName improvements and unification (#6897) (#7002)
Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
Allow collaborators to view repo owned by private org (#6965) (#6968)
Use AppURL for Oauth user link (#6894) (#6925)
Escape the commit message on issues update (#6901) (#6902)
Fix regression for API users search (#6882) (#6885)
Handle early git version's lack of get-url (#7065) (#7076)
Fix wrong init dependency on markup extensions (#7038) (#7074)

Revision 1.4 / (download) - annotate - [select for diffs], Mon May 27 15:18:34 2019 UTC (4 years, 9 months ago) by bsiegert
Branch: MAIN
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)

Revbump all Go packages after go112 update.

Revision 1.3 / (download) - annotate - [select for diffs], Mon May 13 10:48:58 2019 UTC (4 years, 9 months ago) by nia
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

gitea: Update to 1.8.1

BUGFIXES

    Fix 404 when sending pull requests in some situations (#6871) (#6873)
    Enforce osusergo build tag for releases (#6862) (#6869)
    Don't post process commit summary in templates (#6842) (#6868)
    Fix 500 when reviewer is deleted (#6856) (#6860)
    Fix v78 migration for MSSQL (#6823) (#6854)
    Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
    Fix double-generation of scratch token (#6833) (#6835)
    When mirroring we should set the remote to mirror (#6824) (#6834)
    Show scrollbar only when needed (#6802) (#6803)
    Service worker js is missing a comma (#6788) (#6795)
    Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
    Fix team edit API panic (#6780) (#6785)
    Minor CSS cleanup for the navbar (#6553) (#6781)
    Stricter domain name pattern in email regex (#6739) (#6768)
    Detect and restore encoding and BOM in content (#6727) (#6765)
    Fix org visibility bug when git cloning (#6743) (#6762)
    OAuth2 token can be used in basic auth (#6747) (#6761)
    Fix missing return (#6751) (#6756)
    Fix sorting repos on org home page with non-admin login (#6741) (#6746)
    Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
    Fix team members API (#6714) (#6729)
    Load issue attributes when editing an issue with API (#6723) (#6725)
    Fix config ui error about cache ttl (#6861) (#6865)

Revision 1.1.2.1 / (download) - annotate - [select for diffs], Sun Apr 28 16:41:30 2019 UTC (4 years, 10 months ago) by bsiegert
Branch: pkgsrc-2019Q1
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored) next main 1.2 (colored)

Pullup ticket #5947 - requested by nia
www/gitea: security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.2
- www/gitea/PLIST                                               1.2
- www/gitea/distinfo                                            1.2
- www/gitea/options.mk                                          1.2

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Apr 23 06:04:41 UTC 2019

   Modified Files:
   	pkgsrc/www/gitea: Makefile PLIST distinfo options.mk

   Log Message:
   gitea: Update to 1.8.0

   Changes from 1.7.5:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
           Resolve 2FA bypass on API (#6676) (#6674)
           Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
       BREAKING
           Add "ghost" and "notifications" to list of reserved user names. (#6208)
           Change sqlite DB path default to data directory (#6198)
           Adds MustChangePassword to user create/edit API (#6193)
           Disable redirect for i18n (#5910)
           Releases API paging (#5831)
           Allow Macaron to be set to log through to gitea.log (#5667)
           Don't close issues via commits on non-default branch (#5622)
       FEATURE
           Add regenerate secret feature for oauth2 (#6291)
           Expose issue stopwatch toggling via API (#5970)
           Add other session providers (#5963)
           Pull request conflict files detection (#5951)
           Integrate OAuth2 Provider (#5378)
           Implement "conversation lock" for issue comments (#5073)
           Feature: Archive repos (#5009)
           Discord Oauth2 support (#4476)
           Allow to set organization visibility (public, internal, private) (#1763)
           Added URL mapping for Release attachments like on github.com (#1707)
       ENHANCEMENT
           Add support for client basic auth for exchanging access tokens (#6293)
           Add ability to sort issues by due date (#6206) (#6244)
           Style tweaks to issue selection (#6196)
           Increase Username and Orgname MaxSize 35 -> 40 (#6178)
           Coverage profile with multiple packages (#6167)
           Split setting.go to multiple files (#6154)
           Allow labels to contain emoji (#6063)
           Disable git fsck for mirrored repos by default (#6018)
           Add default time out for git operations (#6015)
           Split setting.go as multiple files (#6014)
           Make dashboard navbar and footer full-width (#6013)
           Add lang specific font stacks for CJK (#6007)
           Fix header menu misalignment (#6002)
           Enhance closed PR and Issue status in the list (#6000)
           Make navbar full width (#5998)
           Add option to close issues via commit on a non master branch (#5992)
           Support n as a line highlight prefix (#5987)
           Search for org repos (#3031) (#5986)
           Minor UI tweaks (#5980)
           Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
           Dashboard tweaks (#5974)
           Fixes for repo topic editor (#5971)
           Display the branch name in the commit view (#5950)
           handle milestone events for issues and PR (#5947)
           Add label names as filter in issue search api (#5946)
           Repo header tweaks (#5945)
           Better support for long repo names (#5932)
           Fix wrapping long code lines (#5927)
           Change GPG Validation colors and remove inline CSS (#5404) (#5896)
           Fix "pulls.blocked_by_approvals" text (#5879)
           Rename reject to 'request changes' (#5858)
           Move input fields to add members to a team and repos to a team (#5853)
           Config option to disable automatic repo watching (#5852)
           New Issue ?body= query (#5851)
           Add API to list tags (#5850)
           Pagination for git tree API (#5838)
           Add InternalTokenURI to load InternalToken from an external file (#5812)
           Allow markdown files to read from the LFS (#5787)
           Add the ability to use multiple labels as filters (#5786)
           Adjust log settings when a user is not found. (#5771)
           Log IP of failed ssh connection (#5766)
           Moved defaults in defaults.go to setting.go (#5764)
           Make DB connect more robust (#5738)
           Add Default Pull Request Title (#5735)
           Refactor repo.isBare to repo.isEmpty #5629 (#5714)
           Add flag to skip repository dumping (#5695)
           Prioritize "readme.md" (#5691)
           Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
           Allow for user specific themes (#5668)
           Display branch name in delete branch confirmation modal. (#5654)
           New API routes added (#5594)
           Refactor notification for indexer (#5111)
           Refactor mail notification (#5110)
           Show email if the authenticated user owns the profile page being requested for (#4981)
           Optimize pulls merging (#4921)
           Sort Repositories widget by most recently updated (#3963) (#4599)
           Allow markdown table to scroll (#4401)
           Automatically clear stopwatch on merging a PR (#4327)
           Add the Owner Name to differentiate when merging (#3807)
           Add title attributes to all items in the repo list viewer (#6258) (#6650)
       BUGFIXES
           Fix dropdown icon padding (#6651) (#6654)
           Fix wrong GPG expire date (#6643) (#6644)
           Fix forking an empty repository (#6637) (#6653)
           Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
           Properly escape on the redirect from the web editor (#6657) (#6667)
           Allow resend of confirmation email when logged in (#6482) (#6486)
           Fix mail notification when close/reopen issue (#6581) (#6588)
           Change API commit summary to full message (#6591) (#6592)
           Add option to disable refresh token invalidation (#6584) (#6587)
           Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
           Fix new repo alignment (#6583) (#6585)
           Prevent server 500 on compare branches with no common history (#6555) (#6558)
           Properly escape release attachment URL (#6512) (#6523)
           Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
           Disable benchmarking during tag events on DroneIO (#6365) (#6366)
           Make sure units of a team are returned (#6379) (#6381)
           Don't Unescape redirect_to cookie value (#6399) (#6401)
           Fix dump table name error and add some test for dump database (#6394) (#6402)
           Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
           Display correct error for invalid mirror interval (#6414) (#6429)
           Clean up ref name rules (#6437) (#6439)
           Fix Hook & HookList in Swagger (#6432) (#6440)
           Change order that PostProcess Processors are run (#6445) (#6447)
           Clean up various use of escape/unescape functions for URL generation (#6334)
           Return 409 when creating repo if it already exists. (#6330)
           Add same changes from issues page to milestone->issues page (#6328)
           Fix ParsePatch function to work with quoted diff --git strings (#6323)
           Fix reported issue in repo description (#6306)
           Use url.PathEscape to escape the branchname (#6304)
           Add robots.txt as reserved username (#6272)
           Replace linkRegex with xurls library (#6261)
           Remove visitLinksForShortLinks features (#6257)
           Add unit types to repo action URL to correctly show 404 when archived (#6247)
           Check organization visibility before everything else (#6234) (#6235)
           Prevent double-close of issues (#6233)
           Override xorm type mapping for U2F counter (#6232)
           Add isAdmin to user API response (#6231)
           Update git vendor to fix wrong release commit id and add migrations (#6224)
           Fix fork button (#6223)
           Fix renames over redirects (#6216)
           Fix display dashboard even if require to change password (#6214)
           Create a repo redirect when transferring ownership (#6210) (#6211)
           Fix issue update race condition (#6194)
           Fix bug when migrate repository 500 when repo is existed (#6188)
           Fix scrollbar always present on page body (#6177)
           Fix bug when set indexer as db and add tests (#6173)
           Modify linkRegex to require http|https (#6171)
           Fix bug user could change private repository to public when force private enabled. (#6156)
           Fix admin list user/org API (#6143)
           Make repo creation for API similar to UI (#6142)
           Make document body a flexbox (#6139)
           Refactor issue indexer, add some testing and fix a bug (#6131)
           Load Issue attributes for API call (#6122)
           Fix bug when update owner team then visit team's repo return 404 (#6119)
           Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
           Show private organization for admin, fix #6111 (#6112)
           Fix prohibit login check on authorization (#6106)
           Move to ldap.v3 to fix #5928 (#6105)
           Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
           Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
           Make sure labels are actually returned (#6053)
           Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
           After deleting a repo on admin panel, UI should remember the last sort type (#6033)
           Default create repository on organisation on its dashboard (#6026)
           Swagger: Remove spaces in MergePullRequestOption enum (#6016)
           Fix metrics auth token detection (#6006)
           Fix repo header issues (#5995)
           Fix bug when deleting a linked account will removed all (#5989)
           Make organization dropdown scrollable when using mouse wheel (#5988)
           Fix empty ssh key importing in ldap (#5984)
           Admin config page mailertype setting option update (#5973)
           Fix redirect loop during forced password change (#5965)
           Show user who created the repository instead of the organisation in action feed (#5948)
           Remove all CommitStatus when a repo is deleted (#5940)
           Fix ssh deploy and user key constraints (#1357) (#5939)
           Fix log output (#5938)
           Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
           Fix compare button (#5929)
           Fix bug when read public repo lfs file (#5912)
           Only allow local login if password is non-empty (#5906)
           Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
           Provide better panic handling (#5902)
           Respect value of REQUIRE_SIGNIN_VIEW (#5901)
           Show a 404 not a 500 if a repo does not exist (#5900)
           Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
           Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
           Correct footer height if screen-width is to small (fixes #5878) (#5889)
           In gitea serv switch off console logger to fix #5866 (#5887)
           Don't allow pull requests to be created on an archived repository (#5883)
           Support reviews on a deleted file path (#5880)
           Fix compare button on upstream repo leading to 404 (#5877)
           Fix null pointer on not logged in attempt to Sudo (#5872)
           Fix new release creation API to allow empty target (#5870)
           Fix an error while adding a dependency via UI. (#5862)
           Fix failing migration v67 (#5849)
           Fix delete correct temp directory (#5839)
           Make sure .git/info is created before generating .git/info/sparse-che(#5825)
           Fix topics saving internal error and disable for archived repos (#5821)
           Fix TLS errors when using acme/autocert for local connections (#5820)
           When creating new repository fsck option should be enabled (#5817)
           Request for public keys only if LDAP attribute is set (#5816)
           Fix serving of raw wiki files other than .md (#5814)
           Fix migration 78 error mssql (#5791)
           Disallow empty titles (#5785)
           Fix the v78 migration script (#5776)
           Ensure valid git author names passed in signatures (#5774)
           Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
           Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
           Fixing PostgreSQL dump creation (#5747)
           Add proper CORS preflight origin validation (#5740)
           Disable auto-migrate in docker container (#5730)
           In basic auth check for tokens before call UserSignIn (#5725)
           Pooled and buffered gzip implementation (#5722)
           Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
           Keep file permissions during database migration (#5707)
           Use correct value for "MSpan Structures Obtained" #4742 (#5706)
           Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
           Update xorm to fix issue #5659 and #5651 (#5680)
           Fix public will not be reused as public key after deleting as deploy key (#5671)
           When redirecting, clean the path (#5669)
           Don't list an issue on its own dependency list UI. (#5658)
           Fix commit page showing status for current default branch (#5649) (#5650)
           Only count users own actions for heatmap contributions (#5647)
           Fix sqlite deadlock when assigning to a PR (#5640)
           Refactor issue indexer (#5363)
       TESTING
           Run benchmark at tag to track performances (#6035)
           Add test environment for MySQL8 (#5234)
       BUILD
           Use go 1.12 for tests and deprecate go 1.9 (#6186)
           Makefile changes for Windows and easier development (#6103)
           Update bleve dependency to latest master revision (#6100)
           Switch to more recent build of xgo (#6070)
           Add autoprefixer to css build (#6029)
           Update the version of less (#6010)
           Make log mailer for testing (#5893)
       DOCS
           Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
           update default value of --must-change-password cli flag (#6032)
           Update and expand information about building Gitea (#6019)
           Update U2F Section of app.ini.sample (#5994)
           Update swagger for release API pagination (#5841)
           Added docs for the tree api (#5834)
       MISC
           Add single commit API support (#5843)
           Add missing GET teams endpoints (#5382)
           Migrate database if app.ini found (#5290)

   Changes from 1.7.4:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
       BUGFIXES
           Allow resend of confirmation email when logged in (#6482) (#6487)

Revision 1.2 / (download) - annotate - [select for diffs], Tue Apr 23 06:04:41 2019 UTC (4 years, 10 months ago) by nia
Branch: MAIN
Changes since 1.1: +5 -5 lines
Diff to previous 1.1 (colored)

gitea: Update to 1.8.0

Changes from 1.7.5:

    SECURITY
        Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
        Resolve 2FA bypass on API (#6676) (#6674)
        Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
    BREAKING
        Add "ghost" and "notifications" to list of reserved user names. (#6208)
        Change sqlite DB path default to data directory (#6198)
        Adds MustChangePassword to user create/edit API (#6193)
        Disable redirect for i18n (#5910)
        Releases API paging (#5831)
        Allow Macaron to be set to log through to gitea.log (#5667)
        Don't close issues via commits on non-default branch (#5622)
    FEATURE
        Add regenerate secret feature for oauth2 (#6291)
        Expose issue stopwatch toggling via API (#5970)
        Add other session providers (#5963)
        Pull request conflict files detection (#5951)
        Integrate OAuth2 Provider (#5378)
        Implement "conversation lock" for issue comments (#5073)
        Feature: Archive repos (#5009)
        Discord Oauth2 support (#4476)
        Allow to set organization visibility (public, internal, private) (#1763)
        Added URL mapping for Release attachments like on github.com (#1707)
    ENHANCEMENT
        Add support for client basic auth for exchanging access tokens (#6293)
        Add ability to sort issues by due date (#6206) (#6244)
        Style tweaks to issue selection (#6196)
        Increase Username and Orgname MaxSize 35 -> 40 (#6178)
        Coverage profile with multiple packages (#6167)
        Split setting.go to multiple files (#6154)
        Allow labels to contain emoji (#6063)
        Disable git fsck for mirrored repos by default (#6018)
        Add default time out for git operations (#6015)
        Split setting.go as multiple files (#6014)
        Make dashboard navbar and footer full-width (#6013)
        Add lang specific font stacks for CJK (#6007)
        Fix header menu misalignment (#6002)
        Enhance closed PR and Issue status in the list (#6000)
        Make navbar full width (#5998)
        Add option to close issues via commit on a non master branch (#5992)
        Support n as a line highlight prefix (#5987)
        Search for org repos (#3031) (#5986)
        Minor UI tweaks (#5980)
        Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
        Dashboard tweaks (#5974)
        Fixes for repo topic editor (#5971)
        Display the branch name in the commit view (#5950)
        handle milestone events for issues and PR (#5947)
        Add label names as filter in issue search api (#5946)
        Repo header tweaks (#5945)
        Better support for long repo names (#5932)
        Fix wrapping long code lines (#5927)
        Change GPG Validation colors and remove inline CSS (#5404) (#5896)
        Fix "pulls.blocked_by_approvals" text (#5879)
        Rename reject to 'request changes' (#5858)
        Move input fields to add members to a team and repos to a team (#5853)
        Config option to disable automatic repo watching (#5852)
        New Issue ?body= query (#5851)
        Add API to list tags (#5850)
        Pagination for git tree API (#5838)
        Add InternalTokenURI to load InternalToken from an external file (#5812)
        Allow markdown files to read from the LFS (#5787)
        Add the ability to use multiple labels as filters (#5786)
        Adjust log settings when a user is not found. (#5771)
        Log IP of failed ssh connection (#5766)
        Moved defaults in defaults.go to setting.go (#5764)
        Make DB connect more robust (#5738)
        Add Default Pull Request Title (#5735)
        Refactor repo.isBare to repo.isEmpty #5629 (#5714)
        Add flag to skip repository dumping (#5695)
        Prioritize "readme.md" (#5691)
        Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
        Allow for user specific themes (#5668)
        Display branch name in delete branch confirmation modal. (#5654)
        New API routes added (#5594)
        Refactor notification for indexer (#5111)
        Refactor mail notification (#5110)
        Show email if the authenticated user owns the profile page being requested for (#4981)
        Optimize pulls merging (#4921)
        Sort Repositories widget by most recently updated (#3963) (#4599)
        Allow markdown table to scroll (#4401)
        Automatically clear stopwatch on merging a PR (#4327)
        Add the Owner Name to differentiate when merging (#3807)
        Add title attributes to all items in the repo list viewer (#6258) (#6650)
    BUGFIXES
        Fix dropdown icon padding (#6651) (#6654)
        Fix wrong GPG expire date (#6643) (#6644)
        Fix forking an empty repository (#6637) (#6653)
        Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
        Properly escape on the redirect from the web editor (#6657) (#6667)
        Allow resend of confirmation email when logged in (#6482) (#6486)
        Fix mail notification when close/reopen issue (#6581) (#6588)
        Change API commit summary to full message (#6591) (#6592)
        Add option to disable refresh token invalidation (#6584) (#6587)
        Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
        Fix new repo alignment (#6583) (#6585)
        Prevent server 500 on compare branches with no common history (#6555) (#6558)
        Properly escape release attachment URL (#6512) (#6523)
        Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
        Disable benchmarking during tag events on DroneIO (#6365) (#6366)
        Make sure units of a team are returned (#6379) (#6381)
        Don't Unescape redirect_to cookie value (#6399) (#6401)
        Fix dump table name error and add some test for dump database (#6394) (#6402)
        Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
        Display correct error for invalid mirror interval (#6414) (#6429)
        Clean up ref name rules (#6437) (#6439)
        Fix Hook & HookList in Swagger (#6432) (#6440)
        Change order that PostProcess Processors are run (#6445) (#6447)
        Clean up various use of escape/unescape functions for URL generation (#6334)
        Return 409 when creating repo if it already exists. (#6330)
        Add same changes from issues page to milestone->issues page (#6328)
        Fix ParsePatch function to work with quoted diff --git strings (#6323)
        Fix reported issue in repo description (#6306)
        Use url.PathEscape to escape the branchname (#6304)
        Add robots.txt as reserved username (#6272)
        Replace linkRegex with xurls library (#6261)
        Remove visitLinksForShortLinks features (#6257)
        Add unit types to repo action URL to correctly show 404 when archived (#6247)
        Check organization visibility before everything else (#6234) (#6235)
        Prevent double-close of issues (#6233)
        Override xorm type mapping for U2F counter (#6232)
        Add isAdmin to user API response (#6231)
        Update git vendor to fix wrong release commit id and add migrations (#6224)
        Fix fork button (#6223)
        Fix renames over redirects (#6216)
        Fix display dashboard even if require to change password (#6214)
        Create a repo redirect when transferring ownership (#6210) (#6211)
        Fix issue update race condition (#6194)
        Fix bug when migrate repository 500 when repo is existed (#6188)
        Fix scrollbar always present on page body (#6177)
        Fix bug when set indexer as db and add tests (#6173)
        Modify linkRegex to require http|https (#6171)
        Fix bug user could change private repository to public when force private enabled. (#6156)
        Fix admin list user/org API (#6143)
        Make repo creation for API similar to UI (#6142)
        Make document body a flexbox (#6139)
        Refactor issue indexer, add some testing and fix a bug (#6131)
        Load Issue attributes for API call (#6122)
        Fix bug when update owner team then visit team's repo return 404 (#6119)
        Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
        Show private organization for admin, fix #6111 (#6112)
        Fix prohibit login check on authorization (#6106)
        Move to ldap.v3 to fix #5928 (#6105)
        Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
        Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
        Make sure labels are actually returned (#6053)
        Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
        After deleting a repo on admin panel, UI should remember the last sort type (#6033)
        Default create repository on organisation on its dashboard (#6026)
        Swagger: Remove spaces in MergePullRequestOption enum (#6016)
        Fix metrics auth token detection (#6006)
        Fix repo header issues (#5995)
        Fix bug when deleting a linked account will removed all (#5989)
        Make organization dropdown scrollable when using mouse wheel (#5988)
        Fix empty ssh key importing in ldap (#5984)
        Admin config page mailertype setting option update (#5973)
        Fix redirect loop during forced password change (#5965)
        Show user who created the repository instead of the organisation in action feed (#5948)
        Remove all CommitStatus when a repo is deleted (#5940)
        Fix ssh deploy and user key constraints (#1357) (#5939)
        Fix log output (#5938)
        Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
        Fix compare button (#5929)
        Fix bug when read public repo lfs file (#5912)
        Only allow local login if password is non-empty (#5906)
        Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
        Provide better panic handling (#5902)
        Respect value of REQUIRE_SIGNIN_VIEW (#5901)
        Show a 404 not a 500 if a repo does not exist (#5900)
        Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
        Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
        Correct footer height if screen-width is to small (fixes #5878) (#5889)
        In gitea serv switch off console logger to fix #5866 (#5887)
        Don't allow pull requests to be created on an archived repository (#5883)
        Support reviews on a deleted file path (#5880)
        Fix compare button on upstream repo leading to 404 (#5877)
        Fix null pointer on not logged in attempt to Sudo (#5872)
        Fix new release creation API to allow empty target (#5870)
        Fix an error while adding a dependency via UI. (#5862)
        Fix failing migration v67 (#5849)
        Fix delete correct temp directory (#5839)
        Make sure .git/info is created before generating .git/info/sparse-che(#5825)
        Fix topics saving internal error and disable for archived repos (#5821)
        Fix TLS errors when using acme/autocert for local connections (#5820)
        When creating new repository fsck option should be enabled (#5817)
        Request for public keys only if LDAP attribute is set (#5816)
        Fix serving of raw wiki files other than .md (#5814)
        Fix migration 78 error mssql (#5791)
        Disallow empty titles (#5785)
        Fix the v78 migration script (#5776)
        Ensure valid git author names passed in signatures (#5774)
        Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
        Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
        Fixing PostgreSQL dump creation (#5747)
        Add proper CORS preflight origin validation (#5740)
        Disable auto-migrate in docker container (#5730)
        In basic auth check for tokens before call UserSignIn (#5725)
        Pooled and buffered gzip implementation (#5722)
        Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
        Keep file permissions during database migration (#5707)
        Use correct value for "MSpan Structures Obtained" #4742 (#5706)
        Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
        Update xorm to fix issue #5659 and #5651 (#5680)
        Fix public will not be reused as public key after deleting as deploy key (#5671)
        When redirecting, clean the path (#5669)
        Don't list an issue on its own dependency list UI. (#5658)
        Fix commit page showing status for current default branch (#5649) (#5650)
        Only count users own actions for heatmap contributions (#5647)
        Fix sqlite deadlock when assigning to a PR (#5640)
        Refactor issue indexer (#5363)
    TESTING
        Run benchmark at tag to track performances (#6035)
        Add test environment for MySQL8 (#5234)
    BUILD
        Use go 1.12 for tests and deprecate go 1.9 (#6186)
        Makefile changes for Windows and easier development (#6103)
        Update bleve dependency to latest master revision (#6100)
        Switch to more recent build of xgo (#6070)
        Add autoprefixer to css build (#6029)
        Update the version of less (#6010)
        Make log mailer for testing (#5893)
    DOCS
        Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
        update default value of --must-change-password cli flag (#6032)
        Update and expand information about building Gitea (#6019)
        Update U2F Section of app.ini.sample (#5994)
        Update swagger for release API pagination (#5841)
        Added docs for the tree api (#5834)
    MISC
        Add single commit API support (#5843)
        Add missing GET teams endpoints (#5382)
        Migrate database if app.ini found (#5290)

Changes from 1.7.4:

    SECURITY
        Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
    BUGFIXES
        Allow resend of confirmation email when logged in (#6482) (#6487)

Revision 1.1 / (download) - annotate - [select for diffs], Sun Mar 24 21:34:23 2019 UTC (4 years, 11 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base
Branch point for: pkgsrc-2019Q1

www/gitea: Add version 1.7.4

Mostly based on work by tuxillo in pkgsrc-wip with some changes and additions
by me.

Gitea is a community managed fork of Gogs, lightweight code hosting solution
written in Go and published under the MIT license.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>