[0.1.0] * Initial package (forked from Gogs app) [0.1.1] * Removed reference to Gogs [0.1.2] * Updated description [0.1.3] * Updated to version 1.1.2 [1.0.0] * Update to version 1.1.3 [1.0.1] * Update Git to v2.7.4-0ubuntu1.2 * Fixes critical security issue that allows remote command execution in git * https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html [1.0.2] * Preserve SECRET_KEY across updates and restarts [1.0.3] * Update to version 1.1.4 [1.1.0] * Update to version 1.2.0 * New logo! * SECURITY: Sanitation fix from Gogs (#1461) * Status-API * Implement GPG api * https://github.com/go-gitea/gitea/releases/tag/v1.2.0 [1.1.1] * Update to version 1.2.1 * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714) * Fix plain readme didn't render correctly on repo home page (#2705) (#2712) * Fix so that user can still fork his own repository to his organizations (#2699) (#2707) * Fix .netrc authentication (#2700) (#2708) * Fix slice out of bounds error in mailer (#2479) (#2696) [1.1.2] * Update to version 1.2.2 * Add checks for commits with missing author and time (#2771) (#2785) * Fix sending mail with a non-latin display name (#2559) (#2783) * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780) * Update vendor git (#2765) (#2772) * Fix emojify image URL (#2769) (#2773) [1.1.3] * Update to version 1.2.3 * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788) * Fix order of comments (#2835) (#2839) [1.2.0] * Update to version 1.3.0 [1.3.0] * Update to version 1.3.1 * Add documentationUrl * Sanitize logs for mirror sync (#3057, #3082) (#3078) * Fix missing branch in release bug (#3108) (#3117) * Fix repo indexer and submodule bug (#3107) (#3110) * Fix legacy URL redirects (#3100) (#3106) * Fix redis session failed (#3086) (#3089) * Fix issue list branch link broken (#3061) (#3070) * Fix missing password length check when change password (#3039) (#3071) [1.3.1] * Update Gitea to 1.3.2 * Fix run web with -p push failed (#3154) (#3179) * Fix source download link when no code unit allowed (#3166) (#3169) * Allow adding collaborators with (fullname) (#3103) (#3168) * Fix repo links (#3093) (#3163) * Fix Uninitialized variable in ParsePatch (#3156) (#3162) * Fix migration order v1.3 (#3157) * Fix avatar URLs (#3069) (#3143) [1.4.0] * Fix email sending (use SMTPS) [1.4.1] * Update Gitea to 1.3.3 * Security fixes * Fix escaping changed title in comments (#3530) (#3535) * Escape search query display (#3486) (#3489) * Bug fixes * Fix repo-transfer-and-team-repo-count bug (#3241) (#3244) * Open external tracker in blank window, consistently with wiki (#3227) (#3228) * Change SSL Mode from checkbox to string in admin page (#3208) (#3211) [1.5.0] * Update Gitea to 1.4.0 [1.5.1] * Update Gitea to 1.4.1 * Add “error” as reserved username (#3882) (#3886) * Do not allow inactive users to access repositories using private key (#3887) (#3889) * Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873) * Remove unnecessary allowed safe HTML (#3778) (#3779) * Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743) * Fix to use only needed columns from tables to get repository git paths (#3870) (#3883) * Fix GPG expire time display when time is zero (#3584) (#3884) * Fix to update only issue last update time when adding a comment (#3855) (#3860) * Fix repository star count after deleting user (#3781) (#3783) * Use the active branch for the code tab (#3720) (#3776) * Set default branch name on first push (#3715) (#3723) * Show clipboard button if disable HTTP of git protocol (#3773) (#3774) [1.5.2] * Update Gitea to 1.4.2 * Adjust z-index for floating labels (#3939) (#3950) * Add missing token validation on application settings page (#3976) #3978 * Webhook and hook_task clean up (#4006) * Fix webhook bug of response info is not displayed in UI (#4023) * Fix writer cannot read bare repo guide (#4033) (#4039) * Don't force due date to current time (#3830) (#4057) * Fix wiki redirects (#3919) (#4065) * Fix attachment ENABLED (#4064) (#4066) * Added deletion of an empty line at the end of file (#4054) (#4074) * Use ResolveReference instead of path.Join (#4073) * Fix #4081 Check for leading / in base before removing it (#4083) * Respository's home page not updated after first push (#4075) [1.5.2-1] * Rebuild Gitea package because of https://github.com/go-gitea/gitea/issues/4167 * Adjust z-index for floating labels (#3939) (#3950) * Add missing token validation on application settings page (#3976) #3978 * Webhook and hook_task clean up (#4006) * Fix webhook bug of response info is not displayed in UI (#4023) * Fix writer cannot read bare repo guide (#4033) (#4039) * Don't force due date to current time (#3830) (#4057) * Fix wiki redirects (#3919) (#4065) * Fix attachment ENABLED (#4064) (#4066) * Added deletion of an empty line at the end of file (#4054) (#4074) * Use ResolveReference instead of path.Join (#4073) * Fix #4081 Check for leading / in base before removing it (#4083) * Respository's home page not updated after first push (#4075) [1.5.3] * Update Gitea to 1.4.3 * SECURITY * HTML-escape plain-text READMEs (#4192) (#4214) * Fix open redirect vulnerability on login screen (#4312) (#4312) * BUGFIXES * Fix broken monitoring page when running processes are shown (#4203) (#4208) * Fix delete comment bug (#4216) (#4228) * Delete reactions added to issues and comments when deleting repository (#4232) (#4237) * Fix wiki URL encoding bug (#4091) (#4254) * Fix code tab link when viewing tags (#3908) (#4263) * Fix webhook type conflation (#4285) (#4285) [1.5.4] * Allow customization using gitea's custom data directory [1.6.0] * Update Gitea to 1.5.0 * Security * Check that repositories can only be migrated to own user or organizations (#4366) (#4370) * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353) * Do not allow to reuse TOTP passcode (#3878) * Features * Add cli commands to regen hooks & keys (#3979) * Add support for FIDO U2F (#3971) * Added user language setting (#3875) * Add topic support (#3711) * Multiple assignees (#3705) * Add protected branch whitelists for merging (#3689) * Global code search support (#3664) * Add label descriptions (#3662) * Add issue search via API (#3612) * Add repository setting to enable/disable health checks (#3607) * Emoji Autocomplete (#3433) * Implements generator cli for secrets (#3531) [1.6.1] * Update Gitea to 1.5.1 * Security * Don't disclose emails of all users when sending out emails (#4784) * Improve URL validation for external wiki and external issues (#4710) (#4740) * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707) * Bugfixes * Fix missing release title in webhook (#4783) (#4800) * Make sure to reset commit count in the cache on mirror syncing (#4770) * Fixed bug where team with admin privelege type doesn't get any unit (#4759) * Fix failure on creating pull request with assignees (#4583) (#4727) * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686) [1.7.0] * Update base image [1.7.1] * Update Gitea to 1.5.2 [1.7.2] * Update Gitea to 1.5.3 * Security * Fix remote command execution vulnerability in upstream library (#5177) (#5196) [1.8.0] * Update Gitea to 1.6.0 [1.8.1] * Update Gitea to 1.6.1 [1.8.2] * Update Gitea to 1.6.2 * SECURITY * Sanitize uploaded file names (#5571) (#5573) * HTMLEncode user added text (#5570) (#5575) * BUGFIXES * Fix indexer reindex bug when gitea restart (#5563) (#5564) * Fix bug when a read perm user to edit his issue (#5516) (#5534) * Detect force push failure on deletion of protected branches (#5522) (#5531) * Fix forgot deletion of notification when delete repository (#5506) (#5514) * Fix undeleted content when deleting user (#5429) (#5509) * Fix empty wiki (#5504) (#5508) [1.8.3] * Update Gitea to 1.6.3 * SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631) * BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608) [1.8.4] * Update Gitea to 1.6.4 * Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685) * When redirecting clean the path to avoid redirecting to external site (#5669) (#5703) * Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715) [1.9.0] * Update Gitea to 1.7.0 [1.9.1] * Update Gitea to 1.7.1 * [Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.7.1) * Disable redirect for i18n (#5910) (#5916) * Only allow local login if password is non-empty (#5906) (#5908) * Fix go-get URL generation (#5905) (#5907) * Fix TLS errors when using acme/autocert for local connections (#5820) (#5826) * Request for public keys only if LDAP attribute is set (#5816) (#5819) * Fix delete correct temp directory (#5840) (#5839) * Fix an error while adding a dependency via UI (#5862) (#5876) * Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884) * When creating new repository fsck option should be enabled (#5817) (#5885) * Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894) * Fix bug when read public repo lfs file (#5913) (#5912) * Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915) * Fix compare button on upstream repo leading to 404 (#5877) (#5914) [1.9.2] * Update Gitea to 1.7.2 * Remove all CommitStatus when a repo is deleted (#5940) (#5941) * Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944) * Silence console logger in gitea serv (#5887) (#5943) * Handle milestone webhook events for issues and PR (#5947) (#5955) * Show user who created the repository instead of the organization in action feed (#5948) (#5956) * Fix ssh deploy and user key constraints (#1357) (#5939) (#5966) * Fix bug when deleting a linked account will removed all (#5989) (#5990) * Fix empty ssh key importing in ldap (#5984) (#6009) * Fix metrics auth token detection (#6006) (#6017) * Create repository on organisation by default on its dashboard (#6026) (#6048) * Make sure labels are actually returned in API (#6053) (#6059) * Switch to more recent build of xgo (#6070) (#6072) * In basic auth check for tokens before call UserSignIn (#5725) (#6083) [1.9.3] * Update Gitea to 1.7.3 * Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197) * Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185) * Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165) * Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166) * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137) * Fix prohibit login check on authorization (#6106) (#6115) * Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107) * Fix deadlock in webhook PullRequest (#6102) (#6104) * Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101) * Fix compare button regression (#5929) (#6098) * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097) [1.9.4] * Update Gitea to 1.7.4 * Fix potential XSS vulnerability in repository description. (#6306) (#6308) * Fix wrong release commit id (#6224) (#6300) * Fix panic on empty signed commits (#6292) (#6300) * Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246) * Fix displaying dashboard even if required to change password (#6214) (#6215) [1.9.5] * Update Gitea to 1.7.5 * unitTypeCode not being used in accessLevelUnit (#6419) (#6423) * ParsePatch function to work with quoted diff --git strings (#6323) (#6332) [1.9.6] * Update Gitea to 1.7.6 * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595) * Allow resend of confirmation email when logged in (#6482) (#6487) [1.10.0] * Update Gitea to 1.8.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.8.0) * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594) * Resolve 2FA bypass on API (#6676) (#6674) * Prevent the creation of empty sessions for non-logged in users (#6690) (#6677) * Expose issue stopwatch toggling via API (#5970) * Pull request conflict files detection (#5951) * Implement "conversation lock" for issue comments (#5073) * Feature: Archive repos (#5009) * Allow to set organization visibility (public, internal, private) (#1763) * Added URL mapping for Release attachments like on github.com (#1707) [1.10.1] * Update Gitea to 1.8.1 [1.10.2] * Update Gitea to 1.8.2 [1.11.0] * better custom app.ini integration * optional sso support [1.12.0] * Update Gitea to 1.8.3 * Update manifest to v2 [1.13.0] * Update Gitea to 1.9.0 [1.13.1] * Update Gitea to 1.9.1 [1.13.2] * Make sessions persist restarts [1.13.3] * Update Gitea to 1.9.2 * Fix wrong sender when send slack webhook (#7918) (#7924) * Upload support text/plain; charset=utf8 (#7899) * Lfs/lock: round locked_at timestamp to second (#7872) (#7875) * Fix non existent milestone with 500 error (#7867) (#7873) * SECURITY * Fix No PGP signature on 1.9.1 tag (#7874) * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ * ENHANCEMENT * Fix pull creation with empty changes (#7920) (#7926) * BUILD * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884) [1.13.4] * Update Gitea to 1.9.3 * Fix go get from a private repository with Go 1.13 (#8100) * Strict name matching for Repository.GetTagID() (#8082) * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070) * Add change title notification for issues (#8064) * Run CORS handler first for /api routes (#7967) (#8053) * Evaluate emojis in commit messages in list view (#8044) * Fix failed to synchronize tags to releases for repository (#7990) (#7994) * Fix adding default Telegram webhook (#7972) (#7992) * Abort synchronization from LDAP source if there is some error (#7965) * Fix deformed emoji in commit message (#8071) * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009) [1.13.5] * Update Gitea to 1.9.4 * Highlight issue references (#8101) (#8404) * Fix bug when migrating a private repository #7917 (#8403) * Change general form binding to gogs form (#8334) (#8402) * Fix editor commit to new branch if PR disabled (#8375) (#8401) * Fix milestone num_issues (#8221) (#8400) * Allow users with explicit read access to give approvals (#8398) * Fix commit status in PR #8316 and PR #8321 (#8339) * Fix API for edit and delete release attachment (#8290) * Fix assets on release webhook (#8283) * Fix release API URL generation (#8239) * Allow registration when button is hidden (#8238) * MS Teams webhook misses commit messages (backport v1.9) (#8225) [1.13.6] * Update Gitea to 1.9.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.9.5) * Hide some user information via API if user doesn't have enough permission (#8655) (#8658) * Fix milestone close timestamp (#8728) (#8731) * Fix deadline on update issue or PR via API (#8699) * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682) * Fix 500 when getting user as unauthenticated user (#8653) (#8662) * Use AppSubUrl for more redirections (#8647) (#8652) * Add SubURL to redirect path (#8632) (#8634) (#8640) * Fix #8582 by handling empty repos (#8587) (#8593) * Fix bug on pull requests when transfer head repository (#8571) * Add missed close in ServeBlobLFS (#8527) (#8543) * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492) * Create .ssh dir as necessary (#8369) (#8486) (#8489) * Restore functionality for early gits (#7775) (#8476) * Add check for empty set when dropping indexes during migration (#8475) * Ensure Request Body Readers are closed in LFS server (#8454) (#8459) * Ensure that LFS files are relative to the LFS content path (#8455) (#8458) * Ignore mentions for users with no access (#8395) (#8484) [1.14.0] * Update Gitea to 1.10.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.10.0) [1.14.1] * Update Gitea to 1.10.1 * Fix max length check and limit in multiple repo forms (#9148) (#9204) * Properly fix displaying virtual session provider in admin panel (#9137) (#9203) * Upgrade levelqueue to 0.1.0 (#9192) (#9199) * Fix panic when diff (#9187) (#9193) * Smtp logger configuration sendTos should be an array (#9154) (#9157) * Always Show Password Field on Link Account Sign-in Page (#9150) * Create PR on Current Repository by Default (#8670) (#9141) * Fix race on indexer (#9136) (#9139) * Fix reCAPTCHA URL (#9119) * Hide migrated credentials (#9098) * Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085) * Fix password checks on admin create/edit user (#9076) (#9081) * Fix add search as a reserved username (#9063) (#9065) * Fix permission checks for close/reopen from commit (#8875) (#9033) * Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025) * Fix broken link to branch from issue list (#9003) (#9021) * Fix wrong system notice when repository is empty (#9020) * Shadow password correctly for session config (#8984) (#9002) [1.14.2] * Update Gitea to 1.10.2 * Allow only specific Columns to be updated on Issue via API (#9539) (#9580) * Add ErrReactionAlreadyExist error (#9550) (#9564) * Fix bug when migrate from API (#8631) (#9563) * Use default avatar for ghost user (#9536) (#9537) * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528) * Fix deleted branch not removed when push the branch again (#9516) (#9524) * Fix missing repository status when migrating repository via API (#9511) * Trigger webhook when deleting a branch after merging a PR (#9510) * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482) * Fix NewCommitStatus (#9434) (#9435) * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420) * Fix Slack webhook payload title generation to work with Mattermost (#9404) * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359) * Fix issue indexer not triggered when migrating a repository (#9333) * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329) * Fix migration releases (#9319) (#9326) (#9328) * Fix File Edit: Author/Committer interchanged (#9297) (#9300) [1.14.3] * Update Gitea to 1.10.3 * Hide credentials when submitting migration (#9102) (#9704) * Never allow an empty password to validate (#9682) (#9684) * Prevent redirect to Host (#9678) (#9680) * Hide public repos owned by private orgs (#9609) (#9616) * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838) * Fix download file wrong content-type (#9825) (#9835) * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831) * Fix dump non-exist log directory (#9818) (#9820) * Fix compare (#9808) (#9815) * Fix missing msteam webhook on organization (#9781) (#9795) * Fix add team on collaborator page when same name as organization (#9783) * Fix cache problem on dashboard (#9358) (#9703) * Send tag create and push webhook when release created on UI (#8671) (#9702) * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639) [1.15.0] * Update Gitea to 1.11.0 [1.15.1] * Update Gitea to 1.11.1 * Repo name added to automatically generated commit message when merging (#9997) (#10285) * Fix Workerpool deadlock (#10283) (#10284) * Divide GetIssueStats query in smaller chunks (#10176) (#10282) * Fix reply on code review (#10257) * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249) * Fix filter label emoji width (#10241) (#10244) * Fix issue sidebar menus having an infinite height (#10239) (#10240) * Fix commit between two commits calculation if there is only last commit (#10225) (#10226) * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206) * Blacklist manifest.json & milestones user (#10292) (#10293) [1.15.2] * Update Gitea to 1.11.2 [1.15.3] * Update Gitea to 1.11.3 [1.15.4] * Update Gitea to 1.11.4 [1.16.0] * Update Gitea to [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) * Update base image to 2.0.0 [1.16.1] * Update Gitea to 1.11.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683) * Use session for retrieving org teams (#11438) (#11439) * Return json on 500 error from API (#11574) (#11660) * Fix wrong milestone in webhook message (#11596) (#11612) * Prevent (caught) panic on login (#11590) (#11598) * Fix commit page js error (#11527) [1.17.0] * Update Gitea to 1.12.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) [1.18.0] * Add forumUrl and update tags and screenshots [1.18.1] * Update Gitea to 1.12.2 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) [1.18.2] * Update Gitea to 1.12.3 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) * Don't change creation date when updating Release (#12343) (#12351) * Show 404 page when release not found (#12328) (#12332) * Fix emoji detection in certain cases (#12320) (#12327) * Reduce emoji size (#12317) (#12327) * Fix double-indirection bug in logging IDs (#12294) (#12308) * Link to pull list page on sidebar when view pr (#12256) (#12263) * Extend Notifications API and return pinned notifications by default (#12164) (#12232) [1.18.3] * Update Gitea to 1.12.4 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) * Escape provider name in oauth2 provider redirect (#12648) (#12650) * Escape Email on password reset page (#12610) (#12612) * When reading expired sessions - expire them (#12686) (#12690) * StaticRootPath configurable at compile time (#12371) (#12652) * Fix to show an issue that is related to a deleted issue (#12651) (#12692) * Expire time acknowledged for cache (#12605) (#12611) * Fix diff path unquoting (#12554) (#12575) * Improve HTML escaping helper (#12562) * models: break out of loop (#12386) (#12561) * Default empty merger list to those with write permissions (#12535) (#12560) * Skip SSPI authentication attempts for /api/internal (#12556) (#12559) * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550) * Remove hardcoded ES indexername (#12521) (#12526) * Fix bug preventing transfer to private organization (#12497) (#12501) * Keys should not verify revoked email addresses (#12486) (#12495) * Do not add prefix on http/https submodule links (#12477) (#12479) * Fix ignored login on compare (#12476) (#12478) * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422) * Upgrade google/go-github to v32.1.0 (#12361) (#12390) * Render emoji's of Commit message on feed-page (#12373) * Fix handling of diff on unrelated branches when Git 2.28 used (#12370) [1.18.4] * Update Gitea to 1.12.5 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) * Allow U2F with default settings for gitea in subpath (#12990) (#13001) * Prevent empty div when editing comment (#12404) (#12991) * On mirror update also update address in DB (#12964) (#12967) * Allow extended config on cron settings (#12939) (#12943) * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940) * Fix internal server error from ListUserOrgs API (#12910) (#12915) * Update only the repository columns that need updating (#12900) (#12912) * Fix panic when adding long comment (#12892) (#12894) * Add size limit for content of comment on action ui (#12881) (#12890) * Convert User expose ID each time (#12855) (#12883) * Support slashes in release tags (#12864) (#12882) * Add missing information to CreateRepo API endpoint (#12848) (#12867) * On Migration respect old DefaultBranch (#12843) (#12858) * Fix notifications page links (#12838) (#12853) * Stop cloning unnecessarily on PR update (#12839) (#12852) * Escape more things that are passed through str2html (#12622) (#12850) * Remove double escape on labels addition in comments (#12809) (#12810) * Fix "only mail on mention" bug (#12775) (#12789) * Fix yet another bug with diff file names (#12771) (#12776) * RepoInit Respect AlternateDefaultBranch (#12746) (#12751) * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750) [1.18.5] * Update Gitea to 1.12.6 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.6) * Prevent git operations for inactive users (#13527) (#13537) * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525) * API should only return Json (#13511) (#13564) * Fix before and since query arguments at API (#13559) (#13560) * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492) * Fix link detection in repository description with tailing '_' (#13407) (#13408) * Remove obsolete change of email on profile page (#13341) (#13348) * Fix permission check on get Reactions API endpoints (#13344) (#13346) * Add migrated pulls to pull request task queue (#13331) (#13335) * API deny wrong pull creation options (#13308) (#13327) * Fix initial commit page & binary munching problem (#13249) (#13259) * Fix diff parsing (#13157) (#13136) (#13139) * Return error 404 not 500 from API if team does not exist (#13118) (#13119) * Prohibit automatic downgrades (#13108) (#13111) * Fix GitLab Migration Option AuthToken (#13101) * GitLab Label Color Normalizer (#12793) (#13100) * Log the underlying panic in runMigrateTask (#13096) (#13098) * Fix attachments list in edit comment (#13036) (#13097) * Fix deadlock when deleting team user (#13093) * Fix error create comment on outdated file (#13041) (#13042) * Fix repository create/delete event webhooks (#13008) (#13027) * Fix internal server error on README in submodule (#13006) (#13016) [1.19.0] * Update Gitea to 1.13.0 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.0) [1.19.1] * Update Gitea to 1.13.1 * [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.1) * Security: Hide private participation in Orgs (#13994) (#14031) * Security: Fix escaping issue in diff (#14153) (#14154) [1.19.2] * Update Gitea to 1.13.2 * Prevent panic on fuzzer provided string (#14405) (#14409) * Add secure/httpOnly attributes to the lang cookie (#14279) (#14280) * If release publisher is deleted use ghost user (#14375) * Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530) * Set the name Mapper in migrations (#14526) (#14529) * Fix wiki preview (#14515) * Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497) * ChangeUserName: rename user files back on DB issue (#14447) * Fix lfs preview bug (#14428) (#14433) * Ensure timeout error is shown on u2f timeout (#14417) (#14431) * Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425) * Use path not filepath in routers/editor (#14390) (#14396) * Check if label template exist first (#14384) (#14389) * Fix migration v141 (#14387) (#14388) * Use Request.URL.RequestURI() for fcgi (#14347) * Use ServerError provided by Context (#14333) (#14345) * Fix edit-label form init (#14337) * Fix mailIssueCommentBatch for pull request (#14252) (#14296) * Render links for commit hashes followed by comma (#14224) (#14227) * Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221) * Fix avatar bugs (#14217) (#14220) * Ensure that schema search path is set with every connection on postgres (#14131) (#14216) * Fix dashboard issues labels filter bug (#14210) (#14214) * When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213) * Fix branch selector on new issue page (#14194) (#14207) * Check for notExist on profile repository page (#14197) (#14203) [1.20.0] * Use base image v3 [1.20.1] * Update Gitea to 1.13.3 * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675) * Fix paging of file commit logs (#14831) (#14879) * Print useful error if SQLite is used in settings but not supported (#14476) (#14874) * Fix display since time round (#14226) (#14873) * When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842) * Set HCaptchaSiteKey on Link Account pages (#14834) (#14839) * Fix a couple of CommentAsPatch issues. (#14804) (#14820) * Disable broken OAuth2 providers at startup (#14802) (#14811) * Repo Transfer permission checks (#14792) (#14794) * Fix double alert in oauth2 application edit view (#14764) (#14768) * Fix broken spans in diffs (#14678) (#14683) * Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676) * HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649) * Do not assume all 40 char strings are SHA1s (#14624) (#14648) * Allow org labels to be set with issue templates (#14593) (#14647) * Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607) * Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573) * Fix GPG key deletion during account deletion (#14561) (#14569) [1.20.2] * Update Gitea to 1.13.4 * Fix issue popups (#14898) (#14899) * Fix race in LFS ContentStore.Put(...) (#14895) (#14913) * Fix a couple of issues with a feeds (#14897) (#14903) * When transfering repository and database transaction failed, rollback the renames (#14864) (#14902) * Fix race in local storage (#14888) (#14901) * Fix 500 on pull view page if user is not loged in (#14885) (#14886) [1.20.3] * Update Gitea to 1.13.5 * Update to goldmark 1.3.3 (#15059) (#15061) * Another clusterfuzz spotted issue (#15032) (#15034) * Fix set milestone on PR creation (#14981) (#15001) * Prevent panic when editing forked repos by API (#14960) (#14963) * Fix bug when upload on web (#15042) (#15055) * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051) * Fix postgres ID sequences broken by recreate-table (#15015) (#15029) * Fix several render issues (#14986) (#15013) * Make sure sibling images get a link too (#14979) (#14995) * Fix Anchor jumping with escaped query components (#14969) (#14977) * Fix release mail html template (#14976) * Fix excluding more than two labels on issues list (#14962) (#14973) * Don't mark each comment poster as OP (#14971) (#14972) * Add "captcha" to list of reserved usernames (#14930) * Re-enable import local paths after reversion from #13610 (#14925) (#14927) [1.20.4] * Update Gitea to 1.13.6 * Fix bug on avatar middleware (#15124) (#15125) * Fix another clusterfuzz identified issue (#15096) (#15114) * Fix nil exeption for get pull reviews API #15104 (#15106) * Fix markdown rendering in milestone content (#15056) (#15092)