v1.11.7

• BUGFIXES
  • Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
  • Fix webpack_public_path for 1.11 (#11907)
  • Fix verification of subkeys of default gpg key (#11713) (#11902)
  • Remove unnecessary parentheses in wiki/view template (#11781)
  • Doctor fix xorm.Count nil on sqlite error (#11741)

v1.12.0-rc2

• BUGFIXES
  • In File Create/Update API return 404 if Branch does not exist (#11791) (#11795)
  • Fix doer of rename repo (#11789) (#11794)
  • Initialize SimpleMDE when making a code comment (#11749) (#11785)
  • Fix timezone on issue deadline (#11697) (#11784)
  • Fix to allow comment poster to edit or delete his own comments (#11671) (#11774)
  • Show full 500 error in API when Gitea in dev mode (#11641) (#11753)
  • Add missing templates for Matrix system webhooks (#11729) (#11748)
  • Fix verification of subkeys of default gpg key (#11713) (#11747)
  • Fix styling for commiter on diff view (#11715) (#11744)
  • Properly truncate system notices (#11714) (#11742)
  • Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718)
  • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682)
  • Update emoji regex (#11584) (#11679)
  • Doctor check & fix db consistency (#11111) (#11676)
  • Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673)
  • Exclude generated files from language statistics (#11653) (#11670)
  • Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662)
  • Return json on 500 error from API (#11574) (#11659)
  • When must change password only show Signout (#11600) (#11637)
  • Backport various styling fixes (#11619)
  • Fix wrong milestone in webhook message (#11596) (#11611)
  • Fix serviceworker output file and misc improvements (#11562) (#11610)
  • When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608)
  • Prevent empty query parameter being set on dashboard (#11561) (#11604)
  • Fix images in wiki edit preview (#11546) (#11602)
  • Allow different HardBreaks settings for documents and comments (#11515) (#11599)
  • Prevent (caught) panic on login (#11590) (#11597)
  • Prevent transferring repos to invisible orgs (#11517) (#11549)
  • Move serviceworker to workbox and fix SSE interference (#11538) (#11547)
  • API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533)
  • Fix repo-list private and total count bugs (#11500) (#11532)
  • Fix form action template substitutions on admin pages (backport #11519) (#11531)
  • Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530)
  • TrimSpace when reading InternalToken from a file (#11502) (#11524)
  • Fix selected line color in arc-green (#11492) (#11520)
  • Make localstorage read ssh or https correctly (#11483) (#11490)
• ENHANCEMENTS
  • Make tabular menu styling consistent for arc-green (#11570) (#11798)
  • Add option to API to update PullRequest base branch (#11666) (#11796)
  • Increase maximum SQLite variables count to 32766 (#11696) (#11783)
  • Update emoji dataset with skin tone variants (#11678) (#11763)
  • Add logging to long migrations (#11647) (#11691)
  • Change language statistics to save size instead of percentage (#11681) (#11690)
  • Fix alignment for commits on dashboard (#11595) (#11680)
  • Handle expected errors in AddGPGkey API (#11644) (#11661)
  • Close EventSource before unloading the page (#11539) (#11557)
  • Ensure emoji render with regular font-weight (#11541) (#11545)
  • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542)
  • Tweak reaction buttons (#11516)
  • Use more toned colors for selected line (#11493) (#11511)

v1.11.6

• SECURITY
  • Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
  • Use session for retrieving org teams (#11438) (#11439)
• BUGFIXES
  • Return json on 500 error from API (#11574) (#11660)
  • Fix wrong milestone in webhook message (#11596) (#11612)
  • Prevent (caught) panic on login (#11590) (#11598)
  • Fix commit page js error (#11527)
  • Use media links for img in post-process (#10515) (#11504)
  • Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
  • Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461)
  • Allow all members of private orgs to see public repos (#11442) (#11459)
  • Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
  • Forcibly clean and destroy the session on logout (#11447) (#11451)
  • Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381)
  • Add tracked time fix to doctor (part of #11111) (#11138)
  • Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
  • Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14 (#11481)

v1.12.0-rc1

• BREAKING
  • Remove migration support from versions earlier than 1.6.0 (#10026)
  • Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162)
  • Fix sanitizer config - multiple rules (#11133)
  • When using API CreateRelease set created_unix to the tag commit time (#11218)
  • Remove check on username when using AccessToken authentication for the API (#11015)
  • Return 404 from Contents API when items don't exist (#10323)
  • Notification API should always return a JSON object with the current count of notifications (#10059)
• FEATURES
  • Improve config logging when WrappedQueue times out (#11174)
  • Add branch delete to API (#11112)
  • Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047)
  • Add a way to mark Conversation (code comment) resolved (#11037)
  • Handle yaml frontmatter in markdown (#11016)
  • Cache PullRequest Divergence (#10914)
  • Make gitea admin auth list formatting configurable (#10844)
  • Add Matrix webhook (#10831)
  • Add Organization Wide Labels (#10814)
  • Allow to set protected file patterns for files that can not be changed under no conditions (#10806)
  • Option to set default branch at repository creation (#10803)
  • Add request review from specific reviewers feature in pull request (#10756)
  • Add NextCloud oauth (#10562)
  • System-wide webhooks (#10546)
  • Relax sanitization as per https://github.com/jch/html-pipeline (#10527)
  • Use media links for img in post-process (#10515)
  • Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
  • Render READMEs in docs/ .gitea or .github from root (#10361)
  • Add feishu webhook support (#10229)
  • Cache last commit to accelerate the repository directory page visit (#10069)
  • Implement basic app.ini and path checks to doctor cmd (#10064)
  • Make WorkerPools and Queues flushable (#10001)
  • Implement "embedded" command to extract static resources (#9982)
  • Add API endpoint for repo transfer (#9947)
  • Make archive prefixing configurable with a global setting (#9943)
  • Add Unique Queue infrastructure and move TestPullRequests to this (#9856)
  • Issue/PR Context Popups (#9822)
  • Add "Update Branch" button to Pull Requests (#9784)
  • Add require signed commit for protected branch (#9708)
  • Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
  • Add API notification endpoints (#9488)
  • Issue search support elasticsearch (#9428)
  • Add API branch protection endpoint (#9311)
  • Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
  • Add support for migrating from Gitlab (#9084)
  • Add support for database schema in PostgreSQL (#8819)
  • Add setting to set default and global disabled repository units. (#8788)
  • Language statistics bar for repositories (#8037)
  • Restricted users (#6274)
• BUGFIXES
  • Check branch protection on IsUserAllowedToUpdate (#11448)
  • Fix margin on attached segment headers when they are separated by other element (#11425)
  • Fix webhook template when validation errors occur (#11421)
  • Fix NPE in template due to missing signing key on commit page (#11392)
  • Restore active background to Register button on Register page (#11390)
  • Fix hook failure due to relative LFS_CONTENT_PATH (#11362)
  • Correctly set the organization num repos (#11339)
  • Prevent 500 with badly formed task list (#11328)
  • Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327)
  • Handle panics that percolate up to the graceful module (#11291)
  • Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248)
  • Patch fomantic-ui to workaround build issue (#11244)
  • Prevent panic during wrappedConn close at hammertime (#11219)
  • On logout force redirect to start page (#11202)
  • Fix creation of Organization repos by Users with max created personal repos (#11183)
  • Add option to increase provided OAuth2 token maximum size (#11180)
  • Log the indexer path on failure (#11172)
  • Ensure that relative paths in edit preview work (#11143)
  • Make API EditIssue and EditPullRequest issue notifications (#11123)
  • Send 404 immediately for known public requests (#11117)
  • Remove nil inserts in models (#11096)
  • Add GetReviews() to RetryDownloader (#11093)
  • Remove nonexistent serviceworker entries (#11091)
  • Simplify and fix GetApprovalCounts (#11086)
  • Fix wiki revision template and simplify some tmpl conditions (#11080)
  • Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067)
  • Align review-item svg octicons (#11065)
  • Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
  • Users should not be able to prohibit their own login (#10970)
  • Fix scrollbar issues in dropdowns (#10897)
  • Change the order of issues.closed_by to list opening user first (#10876)
  • Allow site admin to check /api/v1/orgs endpoints (#10867)
  • Avoid logging []byte in queue failures - convert to string first (#10865)
  • Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
  • Fix assignees double load bug (#10856)
  • Handle push rejection in branch and upload (#10854)
  • In authorized_keys use double-quote for windows compatibility (#10841)
  • Fix milestone template (#10824)
  • log.Fatal on failure to listen to SSH port (#10795)
  • Fix forked repo has no icon and language stat. (#10791)
  • Fix tag/release deletion (#10663)
  • Fix webhook migration (#10641)
  • Migration for deleting orphaned dependencies (#10617)
  • Add migration to fix the old broken merge-bases (#10604)
  • Update templates for Go 1.14 (#10596)
  • Remove unnecessary parentheses in wiki/view template (#10583)
  • Change default value of DefaultCommandExecutionTimeout to match docs (#10581)
  • Handle panic in indexer initialisation better (#10534)
  • Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456)
  • Fixed wrong AppSubUrl in multiple templates (#10447)
  • Fix profile page CSS (#10406)
  • Inject SVG sprite via ajax (#10320)
  • Fix migration information update bug when linked github account (#10310)
  • Allow admin to check org membership by API for other users (#10201)
  • Fix topics dropdown (#10167)
  • Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
  • Fix IsErrPullClosed (#10093)
  • Accept punctuation after simple+cross repository issue references (#10091)
  • On merge of already closed PR redirect back to the pulls page (#10010)
  • Fix crowdin update script (#9969)
  • Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927)
  • Add option to prevent LDAP from deactivating everything on empty search (#9879)
  • Fix admin handling at merge of PR (#9749)
  • err_admin_name_pattern_not_allowed String Clarification (#9731)
  • Fix wrong original git service type on a migrated repository (#9693)
  • Fix ref links in issue overviews for tags (#8742)
• ENHANCEMENTS
  • Increase width for authors on commit view (#11441)
  • Hide archived repos by default in repo-list (#11440)
  • Better styling for code review comment textarea (#11428)
  • Support view individual commit for wiki pages (#11415)
  • Fix yellow background on active elements in code review (#11414)
  • Better styling for code review comment form (#11413)
  • Change install description on homepage (#11395)
  • Ensure search action button is coalesced to adjacent input (#11385)
  • Switch code editor to Monaco (#11366)
  • Add paging and archive/private repository filtering to dashboard list (#11321)
  • Changed image of openid-connect logo for better look on arc-green theme (#11312)
  • Load Repo Topics on blame view too (#11307)
  • Change the style in admin notice content view from <p> to <pre> (#11301)
  • Allow log.xxx.default to set logging settings for the default logger only (#11292)
  • Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285)
  • Make sendmail a Process and have default timeout (#11256)
  • Check value of skip-repository flag in dump command (#11254)
  • Fix submit review form (#11252)
  • Allow unauthenticated users to compare (#11240)
  • Add EventSource support (#11235)
  • Refactor Milestone related (#11225)
  • Add pull review API endpoints (#11224)
  • Add a 'this' to issue close/reopened messages (#11204)
  • When migrating from Gitlab map Approvals to approving Reviews (#11147)
  • Improve representation of attachments in issues (#11141)
  • Protect default branch against deletion (#11115)
  • Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113)
  • Fix status label on branches list vertical alignment (#11109)
  • Add single release page and latest redirect (#11102)
  • Add missing commit states to PR checks template (#11085)
  • Change icon on title for merged PR to git-merge (#11064)
  • Add MergePull comment type instead of close for merge PR (#11058)
  • Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055)
  • Consolidate author name across timeline (#11053)
  • Refactor UpdateOAuth2Application (#11034)
  • Support unicode emojis and remove emojify.js (#11032)
  • Add git hook "warning" to admin panel (#11030)
  • Add flash notify for email preference setting success (#11027)
  • Remove package code.gitea.io/gitea/modules/git import out of models (#11025)
  • Match arc-green code tag color to code blocks (#11023)
  • Move syntax highlighting to web worker (#11017)
  • Prevent merge of outdated PRs on protected branches (#11012)
  • Add Get/Update for api/v1/user/applications/oauth2 (#11008)
  • Upgrade to most recen...

v1.11.5

• BUGFIXES
  • Prevent timer leaks in Workerpool and others (#11333) (#11340)
  • Fix tracked time issues (#11349) (#11354)
  • Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
  • Allow X in addition to x in tasks (#10979) (#11335)
  • When delete tracked time through the API return 404 not 500 (#11319) (#11326)
  • Prevent duplicate records in organizations list when creating a repository (#11303) (#11325)
  • Manage port in submodule refurl (#11305) (#11323)
  • api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
  • Show pull request selection even when unrelated branches (#11239) (#11283)
  • Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
  • Fix GetContents(): Dont't ignore Executables (#11192) (#11209)
  • Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
  • Prevent clones and pushes to disabled wiki (#11131) (#11134)
  • Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
  • On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125)
  • Refresh codemirror on show pull comment tab (#11100) (#11122)
  • Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
  • Load pr Issue Poster on API too (#11033) (#11039)
  • Fix release counter on API repository info (#10968) (#10996)
  • Generate Diff and Patch direct from Pull head (#10936) (#10938)
  • Fix rebase conflict detection in git 2.26 (#10929) (#10930)
• ENHANCEMENT
  • Fix 404 and 500 image size in small size screen (#11043) (#11049)
  • Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)

v1.11.4

BUGFIXES

• Only update merge_base if not already merged (#10909)
• Fix milestones too many SQL variables bug (#10880) (#10904)
• Protect against NPEs in notifications list (#10879) (#10883)
• Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
• Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
• Account for empty lines in receive-hook message (#10773) (#10784)
• Fix bug on branch API (#10767) (#10775)
• Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
• Fix hiding of fields in authorization source page (#10734) (#10752)
• Prevent default for linkAction (#10742) (#10743)

v1.11.3

BUGFIXES

• Prevent panic in stopwatch (#10670) (#10673)
• Fix bug on pull view when required status check no ci result (#10648) (#10651)
• Build explicitly with Go 1.13 (#10684)

v1.10.6

This is a re-tag version of v1.10.5 and also explicitly built with Go 1.13.

WARNING: v1.10.5 is incorrectly tagged targeting 1.12-dev and should not be used.

v1.11.2

BREAKING

• Various fixes in login sources (#10428) (#10429)

SECURITY

• Ensure only own addresses are updated (#10397) (#10399)
• Logout POST action (#10582) (#10585)
• Org action fixes and form cleanup (#10512) (#10514)
• Change action GETs to POST (#10462) (#10464)
• Fix admin notices (#10480) (#10483)
• Change admin dashboard to POST (#10465) (#10466)
• Update markbates/goth (#10444) (#10445)
• Update crypto vendors (#10385) (#10398)

BUGFIXES

• Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626)
• Handle deleted base branch in PR (#10618) (#10619)
• Delete dependencies when deleting a repository (#10608) (#10616)
• Ensure executable bit is kept on the web editor (#10607) (#10614)
• Update mergebase in pr checker (#10586) (#10605)
• Fix release attachments being deleted while upgrading (#10572) (#10573)
• Fix redirection path if Slack webhook channel is invalid (#10566)
• Fix head.tmpl og:image picture location (#10531) (#10556)
• Fix 404 after activating secondary email (#10547) (#10553)
• Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524)
• Fix potential bugs (#10513) (#10518)
• Use [:space:] instead of \s (#10508) (#10509)
• Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500)
• Handle push rejection message in Merge & Web Editor (#10373) (#10497)
• Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493)
• Fix double PR notification from API (#10482) (#10486)
• Show the username as a fallback on feeds if full name is blank (#10461)
• Trigger webhooks on issue label-change via API too (#10421) (#10439)
• Fix git reference type in webhooks (#10427) (#10432)
• Prevent panic on merge to PR (#10403) (#10408)
• Fix wrong num closed issues on repository when close issue via commit… (#10364) (#10380)
• Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354)
• Set max-width on review-box comment box (#10348) (#10353)
• Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344)
• Fix protected branch status check settings (#10341) (#10343)
• Truncate long commit message header (#10301) (#10319)
• Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318)
• Don't manually replace whitespace during render (#10291) (#10315)

ENHANCEMENTS

• Admin page for managing user e-mail activation (#10557) (#10579)

v1.11.1

• BUGFIXES
  • Repo name added to automatically generated commit message when merging (#9997) (#10285)
  • Fix Workerpool deadlock (#10283) (#10284)
  • Divide GetIssueStats query in smaller chunks (#10176) (#10282)
  • Fix reply on code review (#10257)
  • Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
  • Fix filter label emoji width (#10241) (#10244)
  • Fix issue sidebar menus having an infinite height (#10239) (#10240)
  • Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
  • Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
  • Blacklist manifest.json & milestones user (#10292) (#10293)