All Versions
133
Latest Version
Avg Release Cycle
17 days
Latest Release
40 days ago

Changelog History
Page 1

  • v1.17.1 Changes

    August 17, 2022
    • ๐Ÿ”’ SECURITY
      • Correctly escape within tribute.js (#20831) (#20832)
    • โœจ ENHANCEMENTS
      • Add support for NuGet API keys (#20721) (#20734)
      • Display project in issue list (#20583)
      • Add disable download source configuration (#20548) (#20579)
      • Add username check to doctor (#20140) (#20671)
      • Enable Wire 2 for Internal SSH Server (#20616) (#20617)
    • ๐Ÿ›  BUGFIXES
      • Use the total issue count for UI (#20785) (#20827)
      • Add proxy host into allow list (#20798) (#20819)
      • Add missing translation for queue flush workers (#20791) (#20792)
      • Improve comment header for mobile (#20781) (#20789)
      • Fix git.Init for doctor sub-command (#20782) (#20783)
      • Check webhooks slice length before calling xorm (#20642) (#20768)
      • Remove manual rollback for failed generated repositories (#20639) (#20762)
      • Use correct field name in npm template (#20675) (#20760)
      • Keep download count on Container tag overwrite (#20728) (#20735)
      • Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707)
      • Use request timeout for git service rpc (#20689) (#20693)
      • Send correct NuGet status codes (#20647) (#20677)
      • Use correct context to get package content (#20673) (#20676)
      • Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663)
      • Add default commit messages to PR for squash merge (#20618) (#20645)
      • Fix package upload for files >32mb (#20622) (#20635)
      • Fix the new-line copy-paste for rendered code (#20612)
      • Clean up and fix clone button script (#20415 & #20600) (#20599)
      • Fix default merge style (#20564) (#20565)
      • Add repository condition for issue count (#20454) (#20496)
      • Make branch icon stand out more (#20726) (#20774)
      • Fix loading button with invalid form (#20754) (#20759)
      • Fix SecToTime edge-cases (#20610) (#20611)
      • Executable check always returns true for windows (#20637) (#20835)
      • Check issue labels slice length before calling xorm Insert (#20655) (#20836)
      • Fix owners cannot create organization repos bug (#20841) (#20854)
      • Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848)
  • v1.17.0 Changes

    July 30, 2022
    • ๐Ÿ’ฅ BREAKING
      • Require go1.18 for Gitea 1.17 (#19918)
      • Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
      • Nuke the incorrect permission report on /api/v1/notifications (#19761)
      • Refactor git module, make Gitea use internal git config (#19732)
      • Remove RequireHighlightJS field, update plantuml example. (#19615)
      • Increase minimal required git version to 2.0 (#19577)
      • Add a directory prefix gitea-src-VERSION to release-tar-file (#19396)
      • Use "main" as default branch name (#19354)
      • Make cron task no notice on success (#19221)
      • Add pam account authorization check (#19040)
      • Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
      • Refactor mirror code & fix StartToMirror (#18904)
      • Remove deprecated SSH ciphers from default (#18697)
      • Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
      • Update reserved usernames list (#18438)
      • Support custom ACME provider (#18340)
      • Change initial TrustModel to committer (#18335)
      • Update HTTP status codes (#18063)
      • Upgrade Alpine from 3.13 to 3.15 (#18050)
      • Restrict email address validation (#17688)
      • Refactor Router Logger (#17308)
    • ๐Ÿ”’ SECURITY
      • Use git.HOME_PATH for Git HOME directory (#20114) (#20293)
      • Add write check for creating Commit Statuses (#20332) (#20333)
      • Remove deprecated SSH ciphers from default (#18697)
    • FEDERATION
      • Return statistic information for nodeinfo (#19561)
      • Add Webfinger endpoint (#19462)
      • Store the foreign ID of issues during migration (#18446)
    • ๐Ÿ”‹ FEATURES
      • Automatically render wiki TOC (#19873)
      • Adding button to link accounts from user settings (#19792)
      • Allow set default merge style while creating repo (#19751)
      • Auto merge pull requests when all checks succeeded (#9307 & #19648)
      • Improve reviewing PR UX (#19612)
      • Add support for rendering console output with colors (#19497)
      • Add Helm Chart registry (#19406)
      • Add Goroutine stack inspector to admin/monitor (#19207)
      • RSS/Atom support for Orgs & Repos (#17714 & #19055)
      • Add button for issue deletion (#19032)
      • Allow to mark files in a PR as viewed (#19007)
      • Add Index to comment for migrations and mirroring (#18806)
      • Add health check endpoint (#18465)
      • Add packagist webhook (#18224)
      • Add "Allow edits from maintainer" feature (#18002)
      • Add apply-patch, basic revert and cherry-pick functionality (#17902)
      • Add Package Registry (#16510)
      • Add LDAP group sync to Teams (#16299)
      • Pause queues (#15928)
      • Added auto-save whitespace behavior if it changed manually (#15566)
      • Find files in repo (#15028)
      • Provide configuration to allow camo-media proxying (#12802)
    • API
      • Add endpoint to serve blob or LFS file content (#19689)
      • Add endpoint to check if team has repo access (#19540)
      • More commit info (#19252)
      • Allow to create file on empty repo (#19224)
      • Allow removing issues (#18879)
      • Add endpoint to query collaborators permission for a repository (#18761)
      • Return primary language and repository language stats API URL (#18396)
      • Implement http signatures support for the API (#17565)
    • โœจ ENHANCEMENTS
      • Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269)
      • Adjust max-widths for the repository file table (#20243) (#20247)
      • Display full name (#20171) (#20246)
      • Add dbconsistency checks for Stopwatches (#20010)
      • Add fetch.writeCommitGraph to gitconfig (#20006)
      • Add fgprof pprof profiler (#20005)
      • Move agit dependency (#19998)
      • Empty log queue on flush and close (#19994)
      • Remove tab/TabName usage where it's not needed (#19973)
      • Improve file header on mobile (#19945)
      • Move issues related files into models/issues (#19931)
      • Add breaking email restrictions checker in doctor (#19903)
      • Improve UX on modal for deleting an access token (#19894)
      • Add alt text to logo (#19892)
      • Move some code into models/git (#19879)
      • Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861)
      • Make user profile image show full image on mobile (#19840)
      • Replace blue button and label classes with primary (#19763)
      • Remove fomantic progress module (#19760)
      • Allows repo search to match against "owner/repo" pattern strings (#19754)
      • Move org functions (#19753)
      • Move almost all functions' parameter db.Engine to context.Context (#19748)
      • Show source/target branches on PR's list (#19747)
      • Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739)
      • Add doctor orphan check for orphaned pull requests without an existing base repo (#19731)
      • Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729)
      • Update go-chi/cache to utilize Ping() (#19719)
      • Improve commit list/view on mobile (#19712)
      • Move some repository related code into sub package (#19711)
      • Use a better OlderThan for DeleteInactiveUsers (#19693)
      • Introduce eslint-plugin-jquery (#19690)
      • Tidy up <head> template (#19678)
      • Calculate filename hash only once (#19654)
      • Simplify IsVendor (#19626)
      • Add "Reference" section to Issue view sidebar (#19609)
      • Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581)
      • Use for a repo action one database transaction (#19576)
      • Simplify loops to copy (#19569)
      • Added X-Mailer header to outgoing emails (#19562)
      • use middleware to open gitRepo (#19559)
      • Mute link in diff header (#19556)
      • Improve UI on mobile (#19546)
      • Fix Pull Request comment filename word breaks (#19535)
      • Permalink files In PR diff (#19534)
      • PullService lock via pullID (#19520)
      • Make repository file list useable on mobile (#19515)
      • more context for models (#19511)
      • Refactor readme file renderer (#19502)
      • By default force vertical tabs on mobile (#19486)
      • Github style following followers (#19482)
      • Improve action table indices (#19472)
      • Use horizontal tabs for repo header on mobile (#19468)
      • pass gitRepo down since its used for main repo and wiki (#19461)
      • Admin should not delete himself (#19423)
      • Use queue instead of memory queue in webhook send service (#19390)
      • Simplify the code to get issue count (#19380)
      • Add commit status popup to issuelist (#19375)
      • Add RSS Feed buttons to Repo, User and Org pages (#19370)
      • Add logic to switch between source/rendered on Markdown (#19356)
      • Move some helper files out of models (#19355)
      • Move access and repo permission to models/perm/access (#19350)
      • Disallow selecting the text of buttons (#19330)
      • Allow custom redirect for landing page (#19324)
      • Remove dependent on session auth for api/v1 routers (#19321)
      • Never use /api/v1 from Gitea UI Pages (#19318)
      • Remove legacy unmaintained packages, refactor to support change default locale (#19308)
      • Move milestone to models/issues/ (#19278)
      • Configure OpenSSH log level via Environment in Docker (#19274)
      • Move reaction to models/issues/ (#19264)
      • Make git.OpenRepository accept Context (#19260)
      • Move some issue methods as functions (#19255)
      • Show last cron messages on monitor page (#19223)
      • New cron task: delete old system notices (#19219)
      • Add Redis Sentinel Authentication Support (#19213)
      • Add auto logging of goroutine pid label (#19212)
      • Set OpenGraph title to DisplayName in profile pages (#19206)
      • Add pprof labels in processes and for lifecycles (#19202)
      • Let web and API routes have different auth methods group (#19168)
      • Move init repository related functions to modules (#19159)
      • Feeds: render markdown to html (#19058)
      • Allow users to self-request a PR review (#19030)
      • Allow render HTML with css/js external links (#19017)
      • Fix script compatiable with OpenWrt (#19000)
      • Support ignore all santize for external renderer (#18984)
      • Add note to GPG key response if user has no keys (#18961)
      • Improve Stopwatch behavior (#18930)
      • Improve mirror iterator (#18928)
      • Uncapitalize errors (#18915)
      • Prevent Stats Indexer reporting error if repo dir missing (#18870)
      • Refactor SecToTime() function (#18863)
      • Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796)
      • Move deletebeans into models/db (#18781)
      • Fix display time of milestones (#18753)
      • Add config option to disable "Update branch by rebase" (#18745)
      • Display template path of current page in dev mode (#18717)
      • Add number in queue status to monitor page (#18712)
      • Change git.cmd to RunWithContext (#18693)
      • Refactor i18n, use Locale to provide i18n/translation related functions (#18648)
      • Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552)
      • Move organization related structs into sub package (#18518)
      • Warn at startup if the provided SCRIPT_TYPE is not on the PATH (#18467)
      • Use CryptoRandomBytes instead of CryptoRandomString (#18439)
      • Use explicit jQuery import, remove unused eslint globals (#18435)
      • Allow to filter repositories by language in explore, user and organization repositories lists (#18430)
      • Use base32 for 2FA scratch token (#18384)
      • Unexport var git.GlobalCommandArgs (#18376)
      • Don't underline commit status icon on hover (#18372)
      • Always use git command but not os.Command (#18363)
      • Switch to non-deprecation setting (#18358)
      • Set the LastModified header for raw files (#18356)
      • Refactor jwt.StandardClaims to RegisteredClaims (#18344)
      • Enable deprecation error for v1.17.0 (#18341)
      • Refactor httplib (#18338)
      • Limit max-height of CodeMirror editors for issue comment and wiki (#18271)
      • Validate migration files (#18203)
      • Format with gofumpt (#18184)
      • Allow custom default merge message with .gitea/default_merge_message/_TEMPLATE.md (#18177)
      • Prettify number of issues (#17760)
      • Add a "admin user generate-access-token" subcommand (#17722)
      • Custom regexp external issues (#17624)
      • Add smtp password to install page (#17564)
      • Add config options to hide issue events (#17414)
      • Prevent double click new issue/pull/comment button (#16157)
      • Show issue assignee on project board (#15232)
    • ๐Ÿ›  BUGFIXES
      • WebAuthn CredentialID field needs to be increased in size (#20530) (#20555)
      • Ensure that all unmerged files are merged when conflict checking (#20528) (#20536)
      • Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)
      • Add labels to two buttons that were missing them (#20419) (#20524)
      • Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503)
      • Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407)
      • Allow RSA 2047 bit keys (#20272) (#20396)
      • Add missing return for when topic isn't found (#20351) (#20395)
      • Fix commit status icon when in subdirectory (#20285) (#20385)
      • Initialize cron last (#20373) (#20384)
      • Set target on create release with existing tag (#20381) (#20382)
      • Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372)
      • Make sure repo_dir is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370)
      • Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)
      • Correctly handle draft releases without a tag (#20314) (#20335)
      • Prevent "empty" scrollbars on Firefox (#20294) (#20308)
      • Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)
      • Bump goldmark to v1.4.13 (#20300) (#20301)
      • Do not create empty ".ssh" directory when loading config (#20289) (#20298)
      • Fix NPE when using non-numeric (#20277) (#20278)
      • Store read access in access for team repositories (#20275) (#20276)
      • EscapeFilter the group dn membership (#20200) (#20254)
      • Only show Followers that current user can access (#20220) (#20252)
      • Update Bluemonday to v1.0.19 (#20199) (#20209)
      • Refix indices on actions table (#20158) (#20198)
      • Check if project has the same repository id with issue when assign project to issue (#20133) (#20188)
      • Fix remove file on initial comment (#20127) (#20128)
      • Catch the error before the response is processed by goth (#20000) (#20102)
      • Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)
      • Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
      • Respond with a 401 on git push when password isn't changed yet (#20026) (#20027)
      • Return 404 when tag is broken (#20017) (#20024)
      • Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
      • Respond with a 401 on git push when password isn't changed yet (#20026) (#20027)
      • Return 404 when tag is broken (#20017) (#20024)
      • Write Commit-Graphs in RepositoryDumper (#20004)
      • Use DisplayName() instead of FullName in Oauth Provider (#19991)
      • Don't buffer doctor logger (#19982)
      • Always try to fetch repo for mirrors (#19975)
      • Uppercase first languages letters (#19965)
      • Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953)
      • Ensure minimum mirror interval is reported on settings page (#19895)
      • Exclude Archived repos from Dashboard Milestones (#19882)
      • gitconfig: set safe.directory = * (#19870)
      • Prevent NPE on update mirror settings (#19864)
      • Only return valid stopwatches to the EventSource (#19863)
      • Prevent NPE whilst migrating if there is a team request review (#19855)
      • Fix inconsistency in doctor output (#19836)
      • Fix release tag for webhook (#19830)
      • Add title attribute to dependencies in sidebar (#19807)
      • Estimate Action Count in Statistics (#19775)
      • Do not update user stars numbers unless fix is specified (#19750)
      • Improved ref comment link when origin is body/title (#19741)
      • Fix nodeinfo caching and prevent NPE if cache non-existent (#19721)
      • Fix duplicate entry error when add team member (#19702)
      • Fix sending empty notifications (#19589)
      • Update image URL for Discord webhook (#19536)
      • Don't let repo clone URL overflow (#19517)
      • Allow commit status popup on /pulls page (#19507)
      • Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494)
      • Fix logging of Transfer API (#19456)
      • Fix panic in teams API when requesting members (#19360)
      • Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337)
      • An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300)
      • Move checks for pulls before merge into own function (#19271)
      • Fix contrib/upgrade.sh (#19222)
      • Set the default branch for repositories generated from templates (#19136)
      • Fix EasyMDE error when input Enter (#19004)
      • Don't clean up hardcoded tmp (#18983)
      • Delete related notifications on issue deletion too (#18953)
      • Fix trace log to show value instead of pointers (#18926)
      • Fix behavior or checkbox submission. (#18851)
      • Add ContextUser (#18798)
      • Fix some mirror bugs (#18649)
      • Quote MAKE to prevent path expansion with space error (#18622)
      • Preserve users if restoring a repository on the same Gitea instance (#18604)
      • Fix non-ASCII search on database (#18437)
      • Automatically pause queue if index service is unavailable (#15066)
    • โœ… TESTING
      • Allow postgres integration tests to run over unix pipe (#19875)
      • Prevent intermittent NPE in queue tests (#19301)
      • Add test for importing pull requests in gitea uploader for migrations (#18752)
      • Remove redundant comparison in repo dump/restore (#18660)
      • More repo dump/restore tests, including pull requests (#18621)
      • Add test coverage for original author conversion during migrations (#18506)
    • ๐ŸŒ TRANSLATION
      • Update issue_no_dependencies description (#19112)
      • Refactor webhooks i18n (#18380)
    • ๐Ÿ— BUILD
      • Use alpine 3.16 (#19797)
      • Require node 14.0 (#19451)
    • ๐Ÿ“„ DOCS
      • Update documents (git/fomantic/db, etc) (#19868)
      • Update the ROOT documentation and error messages (#19832)
      • Update document to use FHS /usr/local/bin/gitea instead of /app/... for Docker (#19794)
      • Update documentation to disable duration settings with -1 instead of 0 (#19647)
      • Add warning to set SENDMAIL_ARGS to -- (#19102)
      • Update nginx reverse proxy docs (#18922)
      • Add example to render html files (#18736)
      • Make SSH passtrough documentation better (#18687)
      • Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470)
      • Update the SSH passthrough documentation (#18366)
      • Add contrib/upgrade.sh (#18286)
    • MISC
      • Fix aria for logo (#19955)
      • In code search, get code unit accessible repos in one (main) query (#19764)
      • Add tooltip to pending PR comments (#19662)
      • Improve sync performance for pull-mirrors (#19125)
      • Improve dashboard's repo list performance (#18963)
      • Avoid database lookups for DescriptionHTML (#18924)
      • Remove CodeMirror dependencies (#18911)
      • Disable unnecessary mirroring elements (#18527)
      • Disable unnecessary OpenID/OAuth2 elements (#18491)
      • Disable unnecessary GitHooks elements (#18485)
      • Change some logging levels (#18421)
      • Prevent showing webauthn error for every time visiting /user/settings/security (#18385)
      • Use correct translation key for errors (#18342)
  • v1.16.9 Changes

    July 12, 2022
    • ๐Ÿ”’ SECURITY
      • Add write check for creating Commit status (#20332) (#20334)
      • Check for permission when fetching user controlled issues (#20133) (#20196)
    • ๐Ÿ›  BUGFIXES
      • Hide notify mail setting ui if not enabled (#20138) (#20337)
      • Add write check for creating Commit status (#20332) (#20334)
      • Only show Followers that current user can access (#20220) (#20253)
      • Release page show all tags in compare dropdown (#20070) (#20071)
      • Fix permission check for delete tag (#19985) (#20001)
      • Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
      • Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
      • Set Setpgid on child git processes (#19865) (#19881)
      • Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
      • Ensure responses are context.ResponseWriters (#19843) (#19859)
      • Fix incorrect usage of Count function (#19850)
      • Fix raw endpoint PDF file headers (#19825) (#19826)
      • Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
      • Don't return 500 on NotificationUnreadCount (#19802)
      • Prevent NPE when cache service is disabled (#19703) (#19783)
      • Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
      • Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770)
      • Fix bug with assigneees (#19757)
  • v1.16.8 Changes

    May 16, 2022
    • โœจ ENHANCEMENTS
      • Add doctor check/fix for bogus action rows (#19656) (#19669)
      • Make .cs highlighting legible on dark themes. (#19604) (#19605)
    • ๐Ÿ›  BUGFIXES
      • Fix oauth setting list bug (#19681)
      • Delete user related oauth stuff on user deletion too (#19677) (#19680)
      • Fix new release from tags list UI (#19670) (#19673)
      • Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
      • GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
      • Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
      • Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
      • Fix sending empty notifications (#19589) (#19590)
      • Ignore DNS error when doing migration allow/block check (#19566) (#19567)
      • Fix issue overview for teams (#19652) (#19653)
  • v1.16.7 Changes

    May 02, 2022
    • ๐Ÿ”’ SECURITY
      • Escape git fetch remote (#19487) (#19490)
    • ๐Ÿ›  BUGFIXES
      • Don't overwrite err with nil (#19572) (#19574)
      • On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
      • Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
      • Don't error when branch's commit doesn't exist (#19547) (#19548)
      • Support hostname:port to pass host matcher's check (#19543) (#19544)
      • Prevent intermittent race in attribute reader close (#19537) (#19539)
      • Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
      • Prevent dangling archiver goroutine (#19516) (#19526)
      • Fix migrate release from github (#19510) (#19523)
      • When view _Siderbar or _Footer, just display once (#19501) (#19522)
      • Fix blame page select range error and some typos (#19503)
      • Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
      • User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
      • Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
      • RepoAssignment ensure to close before overwrite (#19449) (#19460)
      • Set correct PR status on 3way on conflict checking (#19457) (#19458)
      • Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
  • v1.16.6 Changes

    April 20, 2022
    • โœจ ENHANCEMENTS
      • Only request write when necessary (#18657) (#19422)
      • Disable service worker by default (#18914) (#19342)
    • ๐Ÿ›  BUGFIXES
      • When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
      • Fix DELETE request for non-existent public key (#19443) (#19444)
      • Don't panic on ErrEmailInvalid (#19441) (#19442)
      • Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
      • Warn on SSH connection for incorrect configuration (#19317) (#19437)
      • Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
      • When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
      • Fix nil error when some pages are rendered outside request context (#19427) (#19428)
      • Fix double blob-hunk on diff page (#19404) (#19405)
      • Don't allow merging PR's which are being conflict checked (#19357) (#19358)
      • Fix middleware function's placements (#19377) (#19378)
      • Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
      • Restore user autoregistration with email addresses (#19261) (#19312)
      • Move checks for pulls before merge into own function (#19271) (#19277)
      • Granular webhook events in editHook (#19251) (#19257)
      • Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
      • Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
      • Touch mirrors on even on fail to update (#19217) (#19233)
      • Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
      • Fix clone url JS error for the empty repo page (#19209)
      • Bump goldmark to v1.4.11 (#19201) (#19203)
    • โœ… TESTING
      • Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)
    • ๐Ÿ— BUILD
      • Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)
    • MISC
      • Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
      • Check go and nodejs version by go.mod and package.json (#19197) (#19254)
  • v1.16.5 Changes

    March 23, 2022
    • ๐Ÿ’ฅ BREAKING
      • Bump to build with go1.18 (#19120 et al) (#19127)
    • ๐Ÿ”’ SECURITY
      • Prevent redirect to Host (2) (#19175) (#19186)
      • Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
      • Clean paths when looking in Storage (#19124) (#19179)
      • Do not send notification emails to inactive users (#19131) (#19139)
      • Do not send activation email if manual confirm is set (#19119) (#19122)
    • โœจ ENHANCEMENTS
      • Use the new/choose link for New Issue on project page (#19172) (#19176)
    • ๐Ÿ›  BUGFIXES
      • Fix showing issues in your repositories (#18916) (#19191)
      • Fix compare link in active feeds for new branch (#19149) (#19185)
      • Redirect .wiki/* ui link to /wiki (#18831) (#19184)
      • Ensure deploy keys with write access can push (#19010) (#19182)
      • Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
      • Cleanup protected branches when deleting users & teams (#19158) (#19174)
      • Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
      • Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
      • Use custom favicon when viewing static files if it exists (#19130) (#19152)
      • Fix the editor height in review box (#19003) (#19147)
      • Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
      • Fix wrong scopes caused by empty scope input (#19029) (#19145)
      • Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
      • Handle email address not exist (#19089) (#19121)
    • MISC
      • Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
      • Update golang.org/x/crypto (#19097) (#19098)
  • v1.16.4 Changes

    March 14, 2022
    • ๐Ÿ”’ SECURITY
      • Restrict email address validation (#17688) (#19085)
      • Fix lfs bug (#19072) (#19080)
    • โœจ ENHANCEMENTS
      • Improve SyncMirrors logging (#19045) (#19050)
    • ๐Ÿ›  BUGFIXES
      • Refactor mirror code & fix StartToMirror (#18904) (#19075)
      • Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
      • Prevent 500 when there is an error during new auth source post (#19041) (#19059)
      • If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
      • Fix flag validation (#19046) (#19051)
      • Add pam account authorization check (#19040) (#19047)
      • Ignore missing comment for user notifications (#18954) (#19043)
      • Set rel="nofollow noindex" on new issue links (#19023) (#19042)
      • Upgrading binding package (#19034) (#19035)
      • Don't show context cancelled errors in attribute reader (#19006) (#19027)
      • Fix update hint bug (#18996) (#19002)
    • MISC
      • Fix potential assignee query for repo (#18994) (#18999)
  • v1.16.3 Changes

    March 02, 2022
    • ๐Ÿ”’ SECURITY
      • Git backend ignore replace objects (#18979) (#18980)
    • โœจ ENHANCEMENTS
      • Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)
    • ๐Ÿ›  BUGFIXES
      • Set max text height to prevent overflow (#18862) (#18977)
      • Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
      • Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
      • Send 404 on /{org}.gpg (#18959) (#18962)
      • Fix admin user list pagination (#18957) (#18960)
      • Fix lfs management setting (#18947) (#18946)
      • Fix login with email panic when email is not exist (#18942)
      • Update go-org to v1.6.1 (#18932) (#18933)
      • Fix <strong> html in translation (#18929) (#18931)
      • Fix page and missing return on unadopted repos API (#18848) (#18927)
      • Allow adminstrator teams members to see other teams (#18918) (#18919)
      • Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
      • Correctly link URLs to users/repos with dashes, dots or underscores (โ€ฆ (#18908)
      • Fix redirect when using lowercase repo name (#18775) (#18902)
      • Fix migration v210 (#18893) (#18892)
      • Fix team management UI (#18887) (18886)
      • BeforeSourcePath should point to base commit (#18880) (#18799)
    • ๐ŸŒ TRANSLATION
      • Backport locales from master (#18944)
    • MISC
      • Don't update email for organisation (#18905) (#18906)
  • v1.16.2 Changes

    February 24, 2022
    • โœจ ENHANCEMENTS
      • Show fullname on issue edits and gpg/ssh signing info (#18828)
      • Immediately Hammer if second kill is sent (#18823) (#18826)
      • Allow mermaid render error to wrap (#18791)
    • ๐Ÿ›  BUGFIXES
      • Fix ldap user sync missed email in email_address table (#18786) (#18876)
      • Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
      • Don't report signal: killed errors in serviceRPC (#18850) (#18865)
      • Fix bug where certain LDAP settings were reverted (#18859)
      • Update go-org to 1.6.0 (#18824) (#18839)
      • Fix login with email for ldap users (#18800) (#18836)
      • Fix bug for get user by email (#18834)
      • Fix panic in EscapeReader (#18820) (#18821)
      • Fix ldap loginname (#18789) (#18804)
      • Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
      • In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
      • Fix template bug of LFS lock (#18784) (#18787)
      • Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
      • Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
      • Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
      • Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
      • Prevent dangling GetAttribute calls (#18754) (#18755)
      • Fix isempty detection of git repository (#18746) (#18750)
      • Fix source code line highlighting on external tracker (#18729) (#18740)
      • Prevent double encoding of branch names in delete branch (#18714) (#18738)
      • Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
      • Fix forked repositories missed tags (#18719) (#18735)
      • Fix release typo (#18728) (#18731)
      • Separate the details links of commit-statuses in headers (#18661) (#18730)
      • Update object repo with the migrated repository (#18684) (#18726)
      • Fix bug for version update hint (#18701) (#18705)
      • Fix issue with docker-rootless shimming script (#18690) (#18699)
      • Let MinUnitAccessMode return correct perm (#18675) (#18689)
      • Prevent security failure due to bad APP_ID (#18678) (#18682)
      • Restart zero worker if there is still work to do (#18658) (#18672)
      • If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
    • โœ… TESTING
      • Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)
    • ๐Ÿ— BUILD
      • Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)
    • MISC
      • Put buttons back in org dashboard (#18817) (#18825)
      • Various Mermaid improvements (#18776) (#18780)
      • C preprocessor colors improvement (#18671) (#18696)
      • Fix the missing i18n key for update checker (#18646) (#18665)