All Versions
135
Latest Version
Avg Release Cycle
19 days
Latest Release
748 days ago
Changelog History
Page 12
Changelog History
Page 12
-
v1.6.2 Changes
December 21, 2018- π SECURITY
- Sanitize uploaded file names (#5571) (#5573)
- HTMLEncode user added text (#5570) (#5575)
- π BUGFIXES
- Fix indexer reindex bug when gitea restart (#5563) (#5564)
- Remove a double slash in the HTTPS redirect with Let's Encrypt (#5537) (#5539)
- Fix bug when a read perm user to edit his issue (#5516) (#5534)
- Detect force push failure on deletion of protected branches (#5522) (#5531)
- Let's Encrypt handler listens on correct port for certificate validation (#5525) (#5527)
- Fix forgot deletion of notification when delete repository (#5506) (#5514)
- Fix undeleted content when deleting user (#5429) (#5509)
- Fix empty wiki (#5504) (#5508)
- π SECURITY
-
v1.6.1 Changes
December 08, 2018- π BUGFIXES
- Fix dependent issue searching when gitea is run in subpath (#5392) (#5400)
- API: '/orgs/:org/repos': return private repos with read access (#5393)
- Fix repository deletion when there is large number of issues in it (#5426) (#5434)
- Word-break the WebHook url to prevent a ui-break (#5445)
- Admin should be able to delete repos via the API even if they are not a member of the organization (#5443) (#5447)
- Ensure that the
closed_at
is set for closed (#5450) - Fix topic name length on database (#5493) (#5495)
- π BUGFIXES
-
v1.6.0 Changes
November 22, 2018- π₯ BREAKING
- Respect email privacy option in user search via API (#4512)
- Simply remove tidb and deps (#3993)
- Swagger.v1.json template (#3572)
- π SECURITY
- Add CSRF checking to reqToken and add reqToken to admin API routes (#5272) (#5250)
- Improve URL validation for external wiki and external issues (#4710)
- Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)
- Don't disclose emails of all users when sending out emails (#4664)
- Check that repositories can only be migrated to own user or organizations (#4366)
- π FEATURES
- Add comment replies (#5147) (#5104)
- Pull request review/approval and comment on code (#3748)
- Added dependencies for issues (#2196) (#2531)
- Add the ability to have built in themes in Gitea and provide dark theme arc-green (#4198)
- Add sudo functionality to the API (#4809)
- Add oauth providers via cli (#4591)
- Disable merging a WIP Pull request (#4529)
- Force user to change password (#4489)
- Add letsencrypt to Gitea (#4189)
- Add push webhook support for mirrored repositories (#4127)
- Add csv file render support defaultly (#4105)
- Add Recaptcha functionality to Gitea (#4044)
- β¨ ENHANCEMENTS
- Fix milestones sorted wrongly (#4987)
- Allow api to create tags for releases if they don't exist (#4890)
- Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
- Enforce token on api routes fixed critical security issue #4357
- Update legacy branch and tag URLs in dashboard to new format (#4812)
- Slack webhook channel name cannot be empty or just contain an hashtag (#4786)
- Add whitespace handling to PR-comparsion (#4683)
- Make reverse proxy auth optional (#4643)
- MySQL TLS (#4642)
- Make sure to set PR split view when creating/previewing a pull request (#4617)
- Log user in after a successful sign up (#4615)
- Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578)
- Allow admin toggle forcing a password change for newly created users (#4563)
- Update jQuery to v1.12.4 (#4551)
- Env var GITEA_PUSHER_EMAIL (#4516)
- Feat(repo): support search repository by topic name (#4505)
- Small improvements to dependency UI (#4503)
- Make max commits in graph configurable (#4498)
- Add valid for lfs oid (#4461)
- Add shortcut to save wiki page (#4452)
- Allow administrator to create repository for any organization (#4368)
- Fix repository last updated time update when delete a user who watched the repo (#4363)
- Switch plaintext scratch tokens to use hash instead (#4331)
- Increase default TOTP secret size to 320 bits (#4287)
- Keep preseeded database password (#4284)
- Implemented hover text showing user FullName (#4261)
- Add ability to delete a token (#4235)
- Fix typos in i18n variable names. (#4080)
- Api: repos/search: add parameters to control the sort order (#3964)
- Add missing path in the Docker app.ini template (#2181)
- Add file name and branch to page title (#4902)
- Offline use of google fonts (#4872)
- Add missing History link to directory listings v2 (#4829)
- Locale for Edit and Remove due date issue (#4802)
- Disable 'May Import Local Repository' when is disabled by setting (Is⦠(#4780)
- API /admin/users/{username} missing parameter (#4775)
- Display error when adding a user to a team twice (#4746)
- Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722)
- Focus title input when clicking helper link (#4696)
- Add vendor to user reserved words and format words list according alphabet (#4685)
- Add gitea/issues link to 500 page (#4654)
- Hide home button when landing page is not set to home (#4651)
- Remove link to GitHub issues in 404 template (#4639)
- Cmd/serve: pprof cpu and memory profile dumps to disk (#4560)
- Add flash message after an account has been successfully activated (#4510)
- Prevent html entity escaping on delete branch (#4471)
- Locale for button Edit on protected branch (#4442)
- Update notification icon (#4343)
- Added front-end topics validation (#4316)
- Don't display buttons if there are no system notifications (#4280)
- Issue due date api (#3890)
- π BUGFIXES
- dont' send assign webhooks when creating issue (#5365)
- Fix create team, update team missing units (#5188)
- Fix file edit change preview functionality (#5300)
- *ix bug when users have serval teams with different units on different repositories (#5307)
- Fix U2F if gitea is configured in subpath (#5302)
- Fix markdown image with link (#4675)
- Remove maxlines option for file logger (#5282)
- Fix wrong api request url for instances running in subfolders (#5261) (#5247)
- Accept web-command cli flags if web-command is commited (#5245) (#5200)
- Reduce join star, repo_topic, topic tables on repo search, to resolve extra columns problem on MSSQL (#5136) (#5229)
- Fix data race on migrate repository (#5224) (#5230)
- Add secret to all webhook's payload where it has been missing (#5208) (#5199)
- Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218) (#5176) (#5179)
- Fix race on updatesize (#5190) (#5215)
- Fix filtering issues by tags on main screen issues (#5219) (#3824)
- Fix SQL quoting (#5137) (#5117)
- Fix regex to support optional end line of old section in diff hunk (#5097) (#5096)
- Fix release creation via API (#5076)
- Remove links from topics in edit mode (#5026)
- Fix missing AppSubUrl in few more templates (fixup) (#5021)
- Fix missing AppSubUrl in some templates (#5020)
- Hide outdated comments in file view (#5017)
- Upgrade gopkg.in/testfixtures.v2 (#4999)
- Disable debug routes unless PPROF is enabled in configuration (#4995)
- Fix user menu item styling (#4985)
- Fix layout of the topics editing form (#4971)
- Fix null pointer dereference in ParseCommitWithSignature (#4962)
- Fix url in discord webhook (#4953)
- Detect charset and convert non UTF-8 files for display (#4950)
- Make sure to catch the right error so it is displayed on the UI (#4945)
- Fix(topics): don't redirect to explore page. (#4938)
- Fix bug forget to remove Stopwatch when remove repository (#4928)
- Fix bug when repo remained bare if multiple branches pushed in single push (#4923)
- Fix: Crippled diff (#4726) (#4900)
- Fix trimming of markup section names (#4863)
- Issues api allow pulls and fix #4832 (#4852)
- Do not autocreate directory for new users/orgs (#4828) (#4849)
- Fix redirect with non-ascii branch names (#4764) (#4810)
- Fix missing release title in webhook (#4783) (#4796)
- User shouldn't be able to approve or reject his/her own PR (#4729)
- Make sure to reset commit count in the cache on mirror syncing (#4720)
- Fixed bug where team with admin privelege type doesn't get any unit (#4719)
- Fix incorrect caption of webhook setting (#4701) (#4717)
- Allow WIP marker to contains < or > (#4709)
- Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680)
- Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645)
- Fix custom templates being ignored (#4638)
- Fix starring icon after semantic ui update (#4628)
- Fix Split-View line adjustment (#4622)
- Fix integer constant overflows in tests (#4616)
- Push whitelist now doesn't apply to branch deletion (#4601) (#4607)
- Fix bugs when too many IN variables (#4594)
- Fix failure on creating pull request with assignees (#4419) (#4583)
- Fix panic issue on update avatar email (#4580) (#4581)
- Fix status code label for a successful webhook (#4540)
- An inactive user shouldn't be able to be added as a collaborator (#4535)
- Don't fail silently if trying to add a collaborator twice (#4533)
- Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525)
- Fix out-of-transaction query in removeOrgUser (#4521) (#4522)
- Fix migration from older releases (#4495)
- Accept 'Data:' in commit graph (#4487)
- Update xorm to latest version and fix correct
user
table referencing in sql (#4473) - Relative URLs for LibreJS page (#4460)
- Redirect to correct page after using scratch token (#4458)
- Fix column droping for MSSQL that need new transaction for that (#4440)
- Replace src with raw to fix image paths (#4377)
- Add default merge options when creating new repository (#4369)
- Fix docker build (#4358)
- Fixes repo membership check in API (#4341)
- Dep upgrade mysql lib (#4161)
- Fix some issues with special chars in branch names (#3767)
- Responsive design fixes (#4508)
- π TRANSLATION
- Fix punctuation in English translation (#4958)
- Fix translation (#4355)
- π₯ BREAKING
-
v1.5.3 Changes
October 31, 2018- π SECURITY
- Fix remote command execution vulnerability in upstream library (#5177) (#5196)
- π SECURITY
-
v1.5.2 Changes
October 09, 2018- π SECURITY
- Enforce token on api routes (#4840) (#4905)
- π BUGFIXES
- Remove links from topics in edit mode (#5030)
- Detect charset and convert non UTF-8 files for display (#4950) (#4994)
- Fix layout of the topics editing form (#4971) (#4993)
- Fix null pointer dereference in ParseCommitWithSignature (#4964)
- Fix url in discord webhook (#4951)
- Fix font-cropping UI bug in diff (#4726) (#4929)
- Fix bug forget to remove Stopwatch when remove repository (#4933)
- Fix bug when repo remained bare if multiple branches pushed (#4927)
- Fix redirect with non-ascii branch names (#4764) (#4887)
- Fix issues api allow pulls (#4852) (#4862)
- Fix trimming of markup section names (#4864)
- π SECURITY
-
v1.5.1 Changes
September 03, 2018- π SECURITY
- Don't disclose emails of all users when sending out emails (#4784)
- Improve URL validation for external wiki and external issues (#4710) (#4740)
- Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
- π BUGFIXES
- Fix missing release title in webhook (#4783) (#4800)
- Make sure to reset commit count in the cache on mirror syncing (#4770)
- Fixed bug where team with admin privelege type doesn't get any unit (#4759)
- Fix failure on creating pull request with assignees (#4583) (#4727)
- Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
- π TRANSLATION
- Fix incorrect caption of webhook setting (#4701) (#4718)
- π SECURITY
-
v1.5.0 Changes
August 10, 2018- π SECURITY
- Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
- Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
- Do not allow to reuse TOTP passcode (#3878)
- π BUGFIXES
- Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
- Redirect to correct page after using scratch token (#4458) (#4472)
- Replace src with raw to fix image paths (#4377) (#4386)
- Fixes repo membership check in API (#4341) (#4379)
- Add default merge options when adding new repository (#4369) (#4373)
- Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
- Fix html entity escaping in branch deletion message (#4471) (#4485)
- Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
- Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519)
- Fix panic issue on update avatar email (#4580) (#4590)
- Fix bugs when too many IN variables (#4594) (#4597)
- Push whitelist now doesn't apply to branch deletion (#4601) (#4640)
- Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650)
- π FEATURES
- Add cli commands to regen hooks & keys (#3979)
- Add support for FIDO U2F (#3971)
- Added user language setting (#3875)
- LDAP Public SSH Keys synchronization (#1844)
- Add topic support (#3711)
- Multiple assignees (#3705)
- Add protected branch whitelists for merging (#3689)
- Global code search support (#3664)
- Add label descriptions (#3662)
- Add issue search via API (#3612)
- Add repository setting to enable/disable health checks (#3607)
- Emoji Autocomplete (#3433)
- Implements generator cli for secrets (#3531)
- β¨ ENHANCEMENTS
- Add more webhooks support and refactor webhook templates directory (#3929)
- Add new option to allow only OAuth2/OpenID user registration (#3910)
- Add option to use paged LDAP search when synchronizing users (#3895)
- Symlink icons (#1416)
- Improve release page UI (#3693)
- Add admin dashboard option to run health checks (#3606)
- Add branch link in branch list (#3576)
- Reduce sql query times in retrieveFeeds (#3547)
- Option to enable or disable swagger endpoints (#3502)
- Add missing licenses (#3497)
- Reduce repo indexer disk usage (#3452)
- Enable caching on assets and avatars (#3376)
- Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
- Add Environment Variables to Docker template (#4012)
- LFS: make HTTP auth period configurable (#4035)
- Add config path as an optionial flag when changing pass via CLI (#4184)
- Refactor User Settings sections (#3900)
- Allow square brackets in external issue patterns (#3408)
- Add Attachment API (#3478)
- Add EnableTimetracking option to app settings (#3719)
- Add config option to enable or disable log executed SQL (#3726)
- Shows total tracked time in issue and milestone list (#3341)
- π TRANSLATION
- Improve English grammar and consistency (#3614)
- π DEPLOYMENT
- Allow Gitea to run as different USER in Docker (#3961)
- Provide compressed release binaries (#3991)
- Sign release binaries (#4188)
- π SECURITY
-
v1.4.3 Changes
June 26, 2018- π SECURITY
- HTML-escape plain-text READMEs (#4192) (#4214)
- Fix open redirect vulnerability on login screen (#4312) (#4312)
- π BUGFIXES
- Fix broken monitoring page when running processes are shown (#4203) (#4208)
- Fix delete comment bug (#4216) (#4228)
- Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
- Fix wiki URL encoding bug (#4091) (#4254)
- Fix code tab link when viewing tags (#3908) (#4263)
- Fix webhook type conflation (#4285) (#4285)
- π SECURITY
-
v1.4.2 Changes
June 04, 2018- π BUGFIXES
- Adjust z-index for floating labels (#3939) (#3950)
- Add missing token validation on application settings page (#3976) #3978
- Webhook and hook_task clean up (#4006)
- Fix webhook bug of response info is not displayed in UI (#4023)
- Fix writer cannot read bare repo guide (#4033) (#4039)
- Don't force due date to current time (#3830) (#4057)
- Fix wiki redirects (#3919) (#4065)
- Fix attachment ENABLED (#4064) (#4066)
- Added deletion of an empty line at the end of file (#4054) (#4074)
- Use ResolveReference instead of path.Join (#4073)
- Fix #4081 Check for leading / in base before removing it (#4083)
- Respository's home page not updated after first push (#4075)
- π BUGFIXES
-
v1.4.1 Changes
May 03, 2018- π₯ BREAKING
- Add "error" as reserved username (#3882) (#3886)
- π SECURITY
- Do not allow inactive users to access repositories using private key (#3887) (#3889)
- Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873)
- Remove unnecessary allowed safe HTML (#3778) (#3779)
- Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
- π BUGFIXES
- Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
- Fix GPG expire time display when time is zero (#3584) (#3884)
- Fix to update only issue last update time when adding a comment (#3855) (#3860)
- Fix repository star count after deleting user (#3781) (#3783)
- Use the active branch for the code tab (#3720) (#3776)
- Set default branch name on first push (#3715) (#3723)
- Show clipboard button if disable HTTP of git protocol (#3773) (#3774)
- π₯ BREAKING